.jpg)
Product Release 4.40
Overview
IriusRisk 4.40 has even more improvements, we are thrilled to share this latest update! Some advancements include:
- Filter Current Risk Report
- Expanded Threat Tree by Default
- Add Weakness or Countermeasure in Threats View with one Click
- Threats’ related components and use cases are now shown
Take a look at the full list below, or go directly to the Release Notes.
Filter Current Risk Report
Requirement: Less generic report outputs needed to include information that is only necessary.
Solution: We have added new filter options to the Current Risk report that allows users to select Critical, High, Medium, Low or Very Low risk. As a result, only the selected risk will be shown in the final report. In addition, Risk mitigation filters also lets users select by Mitigated or unmitigated threat, and Mitigation or no mitigation planned. Users can export all the content of the report if no filters are selected.
Threats Tree is Expanded at the Component Level by Default
Requirement: An easier way to expand the threat information as clicking within the row of the component or use case is opening up a window instead of expanding the details within the Threat Tree.
Solution: The Threats Tree is expanded by default and when clicking on the component or use case, this will minimize or expand the section instead. You can still see further info by clicking on the three dots. Finally, on the collapsed threat view the component and use case is also included with the threat description.
Threats’ related components and use cases are now shown
Requirement: Key information on the flattened threats view, such as use cases related to a threat, are not easily visible.
Solution: Components' and use cases' names in each threat are now shown on the threats flattened view to highlight this key information clearly and easily.
Adding countermeasures or weakness to threats is now with one click
Requirement: Adding a new/ existing threat or weakness needs to be simplified.
Solution: Following the changes to the aforementioned Threat Tree, we have added a button here to specifically add weaknesses or countermeasures from the threat row in the threat tree.
New Message for Components Outside of Trust Zones
Requirement: The message is unclear on the required action - applicable to Projects set up to include components within trust zones. This needs to be more explanatory.
Solution: Active only when users do not allow components out of trust-zones in their models. This new pattern is now coherent with the message when people allow components out of trust zones, but in this case, the user cannot update the model until the component is placed in a trust zone.
Deprecations
Postgres version 12 has now reached end of life and is no longer supported. You can find out more here: https://www.postgresql.org/support/versioning/
We currently provide a mechanism to provide some configuration options for SAML via environment variables instead of configuration files, facilitating secure versioning of these configuration files. As part of our initiative to move SAML authentication configuration to an UI-based flow, we will remove these environment variables on 30 March 2025. If you have any questions, please reach out to your Customer Success Manager.
Release Notes and Documentation
For more information, see Version 4.40 Release Notes or check out our Documentation.
Shape the future of Threat Modeling with us!
Join IriusRisk Horizon - Customer Research, Product Discovery, and Early Access. Join today.
Swaggerhub & Github
Find out more of what you need in GitHub and Swaggerhub Repos:
https://app.swaggerhub.com/apis/continuumsecurity/IriusRisk/1.24.0 - We provided this featured API to allow for deeper customer integrations as well as enable very flexible automations within the many varied environments IriusRisk needs to operate.
https://app.swaggerhub.com/apis/iriusrisk/IriusRiskV2/2.0.0-beta.8 - Please note that this version of the API is currently in beta. While it offers advanced features for deeper integrations and flexible automations, we reserve the right to make breaking changes during this phase and encourage caution in production environments.
https://github.com/iriusrisk/IriusRisk-Central - Provides content useful for IriusRisk threat modelling, including templates, API scripts, libraries and more.
