We are excited to announce the release of IriusRisk 4.15 which includes these new enhancements and features:
- Implement security changes faster with bulk edit for issue tracker configuration
- Find and manage templates faster with an improved templates list
- Threat model your application logic with 11 new functional components
Implement security changes faster with bulk edit for issue tracker configuration
Over the past few releases we have been enhancing the Jira issue tracker integration. We recently delivered the ability to configure the issue tracker at the Threats and Countermeasures levels, as well as creating new issues for threats. However, the issue tracker configuration for threats and countermeasures could only be edited on a threat-by-threat, countermeasure-by-countermeasure basis.
As of this release we have enabled bulk editing of threats and countermeasure issue tracker configuration. This means you can quickly select the threats or countermeasures, configure the issue tracker such as sending them to a different project or with a different issue type, then apply the changes to all selected threats or countermeasures.
Bulk issue tracker edit for threats:
Bulk issue tracker edit for countermeasures:
Find and manage templates faster with an improved templates list
We have improved the way you can find and manage Templates in IriusRisk with a new grid table. This allows you to easily and quickly search by column, including tags.
Threat model your application logic with 11 new functional components
When developers threat model, they often need to describe the behavior of the applications, not just the infrastructure it is running on. This requires a different type of component, which we call “functional components”.
In IriusRisk v4.15 we have created 11 new functional components, bringing the total to 23. The new components are:
- Access Token
- Administration interface
- JSON processing service
- JWT token
- Private signature key
- Session identifier
- Subdomain DNS-entry configuration
- URL Redirection
- WYSIWYG editor
- XML processing
- XPATH query
Here is an example threat model created using a mixture of new and existing functional components:
Developers often struggle to implement security-critical capabilities such as the use of JWTs. Luckily IriusRisk provides a comprehensive set of threats and countermeasures that gives the developers the knowledge they need to implement application functions securely.
Other security content changes
This release includes 16 new Cloud components:
- Azure Mobile Apps
- Azure API Apps
- Azure App Service
- Azure Elasticsearch
- Azure Automation
- Azure Media Services
- Azure Managed Resource Groups
- Azure Data Share
- Azure File Sync
- Azure Office 365
- AWS CodeArtifact
- AWS Console Mobile Application
- AWS Timestream
- AWS Transit Gateway
- AWS Location Service
- AWS ParallelCluster
Security Standards Updates:
- CIS Google Cloud Platform Foundations Benchmark updated to 2.0.0
- CIS Microsoft Azure Foundations Benchmark updated to 2.0.0
For more information, see the Version 4.15 Release Notes.
Shape the future of Threat Modeling with us!
Join IriusRisk Horizon
IriusRisk Horizon - Customer Research, Product Discovery, and Early Access. Join today.