Product Release 4.32

Overview

Release 4.32 contains several changes and enhancements:

• Configure Component Category Visibility
• New Endpoint for Deleting Tags in Dataflows and Risk Pattern
• New File Import Feature
• Automated Component Change Detection

Configure Component Category Visibility

You are now able to configure the visibility of the component categories at a business unit level. This will allow for groups of components to be restricted to the business units of users who need to see them, ensuring that sensitive items remain secure and improving user experience by allowing for more focussed user selection. By default all component categories will be visible.

New Endpoint for Deleting Tags in Dataflows and Risk Pattern

Deleting tags in dataflows and risk patterns is now possible, via the API. Please note that deleting a tag will remove all instances of that tag across all projects. We will be introducing the ability to delete these tags in the UI coming in 4.33.

Endpoint Details:

• DELETE /api/v2/tags/{tag-id}

Unlock Seamless Integration: Introducing IriusRisk’s New File Import Feature

We are thrilled to announce a powerful new enhancement to IriusRisk that will make your experience even more seamless and efficient. Introducing the ability to directly import external files—including Infrastructure as Code (IaC), Visio, LucidChart, and DrawIO diagrams—straight into IriusRisk through the user interface!

Imagine this: you’ve just mapped out a complex threat model in Visio, or you’ve defined your infrastructure in a well-crafted IaC file. Instead of switching gears, firing up an API client, and navigating through endpoint calls, you can now stay in the flow of your work. Simply navigate to the new Import option within IriusRisk’s UI, select your file, and watch as it seamlessly integrates into your project.

Streamline Your Threat Modeling: Automated Component Change Detection

In the ever-evolving world of software development, keeping track of changes is critical. For organizations with large, complex systems, manually reviewing project snapshots to identify component changes can be a time-consuming and error-prone task. We know that threat model practitioners often feel frustrated by the need to manually compare snapshots, especially when dealing with extensive software portfolios.

This addition to IriusRisk is designed to simplify your workflow by instantly providing a list of component changes between any two project versions.

With this feature, you can:

• Save Time: Automatically generate a list of component changes, eliminating the need for manual reviews.
• Reduce Errors: Ensure accuracy by automating the detection process, minimizing the risk of human error.
• Boost Efficiency: Perfect for large-scale projects, where keeping track of every change is crucial.

How It Works

Simply provide two project versions, and our new endpoints will deliver a clear, detailed list of all component changes, including additions, deletions, and modifications. It’s that easy!

New Components and V2 Components

• SRE-436: New components for several libraries and some updates:
  • Client-side
    • WebView
    • Ruby-on-Rails Application
    • Python CLI
  • Functional
    • File
    • Audit Log
    • Shared Memory
    • RPC
    • Named Pipe
    • Folder
    • MTLS
    • IOCTL
  • Generic components
    • Hashicorp Consul
    • Akamai CDN System
    • Cloudflare
    • Terraform HCL
  • SAP Components
    • SAP Hybrid
  • Alibaba Cloud
    • Alibaba Cloud ECS Bare Metal Instance
  • Microsoft Azure
    • Azure AI Studio
    • Azure Copilot
  • Amazon Web Services
    • AWS Elastic Load Balancing API
• SRE-487: New version of IIoT Device components
  • IIoT
    • IIoT Device
• SRE-137: AWS components have been converted to V2 components:
  • Amazon Web Services
    • AWS A2I Augmented AI
    • AWS ACM Certificate Manager        
    • AWS Alexa for Business              
    • AWS Amplify                        
    • AWS Apache Flink                    
    • AWS API Gateway                    
    • AWS Appflow                        
    • AWS Application Discovery Service  
    • AWS Appsync                        
    • AWS Athena                          
    • AWS Auto Scaling                    
    • AWS CodeCommit                      
    • AWS CodeDeploy                      
    • AWS Cognito                        
    • AWS Config                          
    • AWS Console Mobile Application      
    • AWS Control Tower                  
    • AWS Cost Management                
    • AWS Data Exchange                  
    • AWS Data Pipeline                  
    • AWS Data Sync                            
    • AWS DeepComposer                    
    • AWS DeepRacer                      
    • AWS EBS Elastic Block Store        
    • AWS EC2                                  
    • AWS ECS                                  
    • AWS EKS Elastic Kubernetes Service  
    • AWS Elastic Load Balancing ELB      
    • AWS Elasticache                    
    • AWS ELB API                        
    • AWS Fargate                        
    • AWS GuardDuty                      
    • AWS IOT Core                      
    • AWS Kinesis Data Firehose                
    • AWS Lex                            
    • AWS Lightsail                      
    • AWS Macie                          
    • AWS Neptune                              
    • AWS OpsWorks                        
    • AWS Pinpoint                        
    • AWS QuickSight                      
    • AWS RedShift                        
    • AWS Rekognition                    
    • AWS Route 53 DNS Service                  
    • AWS Sagemaker                      
    • AWS Service Catalog                
    • AWS Shield                          
    • AWS SNS Simple Notification Service
    • AWS Step Functions                        
    • AWS Transcribe                      
    • AWS Translate                      
    • AWS VPC                                  
    • AWS WorkSpaces                      
    • AWS X Ray

Deprecations

• None in v4.32

Release Notes

See the full release notes here for 4.32.

‍