If we update a library we may be surprised that when we use the "apply to all projects" button, that the old content may still be in our threat model, even after updating the threat model.
This is a simple fix.
Permissions required (System level):
- SYSTEM_SETTINGS_UPDATE
We have a setting, "Automatically remove threats and countermeasures that no longer apply" that is disabled by default.
Enabling this will allow these outdated threats and countermeasures to be automatically removed from threat models upon update.
The reason this is disabled by default is we may have certain threat models which were accurate at a certain level of time we want to monitor the changes over time, for instance with the use of workflows.
Please note:
this can be applied at a global or project level. Below is the project view of this setting:
Permissions required (Project Level):
- PRODUCT_COMPONENT_SETTINGS_UPDATE
Comments
0 comments
Please sign in to leave a comment.