New features and improvements include:
- The Home Dashboard now shows projects with the highest risk and a gauge of overall risk
- Create custom icons for component definitions
- The first release of our Visio import API
- Performance improvements in the Countermeasures tree view
- Plus more...
In the ongoing series of improvements to the Home Dashboard, IriusRisk 4.5 includes some great new functionality. The dashboard now has a gauge showing the overall risk across project as well as handy at-a-glance cards for the projects with the highest risk, as well as the audit log. The cards show:
- A thumbnail of the diagram
- Project name
- Workflow state
- Current risk
- Projected risk
- Plus indicators for locked and draft projects
Note that the “Threats assigned to me” and “Countermeasures assigned to me” widgets are available in “My portfolio”.
Custom icons for component definitions
Flexibility has always been a core value of IriusRisk, and we work hard to ensure you can use the platform to meet your organisation's needs. This often includes needing to create threat model components that are unique to your organisation. This release includes the ability to set a custom icon for component definitions, giving you a visual means of easily identifying your unique components within your threat model diagram.
IriusRisk 4.5 includes a new API end point that lets you turn Visio diagrams into IriusRisk threat models. This first release of the API will take a VSDX file and an optional mapping file and will map components in the diagram to corresponding components in IriusRisk. If you’re using the AWS stencil then this is done automatically for you by the API. If you have generic shapes in your diagram such as a rectangle representing a server, then you can use the optional mapping file to map it to the corresponding IriusRisk component.
Performance and other improvements
- The performance of the Countermeasure tree view has been improved, so you can now explore your countermeasures quickly and without lag
- A useful “Copy link to project section” option has been added to the dropdown menu for projects, allowing you to quickly share the link to the current section (diagram, threats, countermeasures etc)
- The word “duplicate” has been replaced by “clone” to provide consistency with the behaviour
Rules and security content
- New condition for dataflow containing a specific asset
- CAPEC library updated from 3.4 to 3.7
- CWE library updated from 4.3 to 4.7
For more information, see the Version 4.5 Release Notes.
Shape the future of Threat Modeling with us!
Join IriusRisk Horizon
IriusRisk Horizon - Customer Research, Product Discovery, and Early Access
Bringing you the latest on all things threat modeling and architectural security.