Product Release 4.31: Featuring User Collabortion in Community Edition

Overview

Release 4.31 contains several changes and enhancements:

• Importing OTM YAML files through the UI
• Revamped Technical Countermeasures Report
• User Collaboration now available in Community Edition

Importing OTM YAML files through the UI

You can now import OTM (Open Threat Model)YAML files through the IriusRisk UI instead of needing to use an API platform such as Postman to complete this request. This is so an API call doesn't have to be made to import your files. Giving an easier route to importing your files. Even more improvements will follow in subsequent releases.

‍

Revamped Technical Countermeasures Report

Newly designed with a new HTML format replacing the less standardized DOCX. Spreadsheet formats (CSV, XLS, XLSX) have been adapted to contain more precise information.

New HTML format

As part of the available formats, we now offer an HTML version. This format is set to replace the old DOCX format because it is less portable and can be easily integrated into various tools, such as email platforms.

Report Structure Enhancements

• Sleeker Tables: Revamped table structures to ensure clear and easy comprehension.
• Enhanced Tracking: added identifiers (e.g., Req 1) within the document for better tracking across different sections.
• Countermeasure References: Included specific references to countermeasures for more detailed insights.
• Prioritization: Each item now comes with a priority tag, helping you focus on what's most important.

‍

More Fashion-Forward Detailed Content in the Test Results Breakdown

• Non-Tested Countermeasures: Now clearly listed for transparency.
• Clear Icons: Distinct icons based on test results for quick visual reference.
• Testing Steps Section: A dedicated section to detail each step of the testing process clearly.

‍

Appendix Improvements

• Improved Table Readability: Tables are now more readable and user-friendly.
• Component Context: More context about where each component is placed, including:
  • Trust Zone Location
  • Data Flow Source
  • Data Flow From

Total Countermeasures: Clear display of the total countermeasures.

‍

User Collaboration now available in Community Edition

We’re excited to announce that in version 4.31 we are introducing a new feature: User Invitations to Projects for Community users! This is the first phase of a broader rollout, allowing our users to invite others to collaborate on their projects directly and effortlessly.

Main workflows of the feature:

Logged-in User: Users logged into the platform can send invitations directly from the project dashboard.

‍

Logged-out User: If the invited user has an account but isn't logged in, they’ll receive a link to log in and join the project right away.

Unregistered User: If the invitee has no account, the invitation link will allow them to register for the Community Edition and access the project immediately.

‍

Key Points:

• Exclusivity: This function is exclusively available to users of the Community Edition.
• Project Limitation: Each user can have up to three active projects. An invitation to a project counts towards this limit.

This is just the beginning! In subsequent phases, the modal will display a list of users sharing the project, and additional security functionalities will be introduced to restrict access by specific emails.

Fixed component permissions in Microsoft Threat Modeling Tool imports

Previously, imports from Microsoft Threat Modeling Tool (MTMT) contained multiple tabs that were being mixed in the same OTM. It contained line trust zones that prevented the original components' coordinates from being preserved.

This has now been solved by introducing a new process which uses only the first tab to create the OTM when a multi-tab MTMT file is received. It then preserves the original coordinates of the MTMT project in the OTM.

Release Notes

View the full list of updates and changes in the Release Notes 4.31.0.

Deprecations

• None in v4.31

‍