Table of Contents
IriusRisk Team
IriusRisk Team
|
The Threat Modeling Experts
May 15, 2023

Product Update: Release 4.15 - Featuring Bulk Editing for Issue Trackers

Product Update: Release 4.15

We are excited to announce the release of IriusRisk 4.15 which includes these new enhancements and features:

  • Implement security changes faster with bulk edit for issue tracker configuration
  • Find and manage templates faster with an improved templates list
  • Threat model your application logic with 11 new functional components

Implement security changes faster with bulk edit for issue tracker configuration

Over the past few releases we have been enhancing the Jira issue tracker integration. We recently delivered the ability to configure the issue tracker at the Threats and Countermeasures levels, as well as creating new issues for threats. However, the issue tracker configuration for threats and countermeasures could only be edited on a threat-by-threat, countermeasure-by-countermeasure basis.

As of this release we have enabled bulk editing of threats and countermeasure issue tracker configuration. This means you can quickly select the threats or countermeasures, configure the issue tracker such as sending them to a different project or with a different issue type, then apply the changes to all selected threats or countermeasures.

image-20230421-162219

Bulk issue tracker edit for threats:

image-20230421-162151

Bulk issue tracker edit for countermeasures:

image-20230421-162306

Find and manage templates faster with an improved templates list

We have improved the way you can find and manage Templates in IriusRisk with a new grid table. This allows you to easily and quickly search by column, including tags.

image-20230421-162745

Threat model your application logic with 11 new functional components

When developers threat model, they often need to describe the behavior of the applications, not just the infrastructure it is running on. This requires a different type of component, which we call “functional components”.

In IriusRisk v4.15 we have created 11 new functional components, bringing the total to 23. The new components are:

  • Access Token
  • Administration interface
  • JSON processing service
  • JWT token
  • Private signature key
  • Session identifier
  • Subdomain DNS-entry configuration
  • URL Redirection
  • WYSIWYG editor
  • XML processing
  • XPATH query

Here is an example threat model created using a mixture of new and existing functional components:

image-20230421-143732

Developers often struggle to implement security-critical capabilities such as the use of JWTs. Luckily IriusRisk provides a comprehensive set of threats and countermeasures that gives the developers the knowledge they need to implement application functions securely.

image-20230421-143944

Other security content changes

This release includes 16 new Cloud components:

  • Azure Mobile Apps
  • Azure API Apps
  • Azure App Service
  • Azure Elasticsearch
  • Azure Automation
  • Azure Media Services
  • Azure Managed Resource Groups
  • Azure Data Share
  • Azure File Sync
  • Azure Office 365
  • AWS CodeArtifact
  • AWS Console Mobile Application
  • AWS Timestream
  • AWS Transit Gateway
  • AWS Location Service
  • AWS ParallelCluster

Release notes

For more information, see the Version 4.15 Release Notes.

Shape the future of Threat Modeling with us!

Join IriusRisk Horizon

IriusRisk Horizon - Customer Research, Product Discovery, and Early Access. Join today.

Logos of the European Union with text 'Funded by the European Union NextGenerationEU', the Spanish Government Ministry of Economic Affairs and Digital Transformation, red.es, and the Plan de Recuperación, Transformación y Resiliencia.

FAQs

keyboard_arrow_down

keyboard_arrow_down

keyboard_arrow_down

keyboard_arrow_down

keyboard_arrow_down
About the author...

IriusRisk Team

The Threat Modeling Experts
IriusRisk
The IriusRisk Team represents the collective expertise and official voice of the company, driven by security researchers, product managers, and engineering leaders dedicated to the automation of threat modeling. This content is curated by the company's core staff to deliver official news, product roadmaps, and feature updates. The team's mission is to ensure every release and announcement is delivered with transparency, technical accuracy, and strategic alignment with the Secure by Design philosophy.