IriusRisk Team
|
The Threat Modeling Experts
July 7, 2023

Product Update: Release 4.5

Product Update: Release 4.5

New features and improvements include:

  • The Home Dashboard now shows projects with the highest risk and a gauge of overall risk
  • Create custom icons for component definitions
  • The first release of our Visio import API
  • Performance improvements in the Countermeasures tree view
  • Plus more...

Home Dashboard

In the ongoing series of improvements to the Home Dashboard, IriusRisk 4.5 includes some great new functionality. The dashboard now has a gauge showing the overall risk across project as well as handy at-a-glance cards for the projects with the highest risk, as well as the audit log. The cards show:

  • A thumbnail of the diagram
  • Project name
  • Workflow state
  • Current risk
  • Projected risk
  • Plus indicators for locked and draft projects

Note that the “Threats assigned to me” and “Countermeasures assigned to me” widgets are available in “My portfolio”.

429c929d-4193-4f53-9809-36df3ff0eaac

Custom icons for component definitions

Flexibility has always been a core value of IriusRisk, and we work hard to ensure you can use the platform to meet your organisation's needs. This often includes needing to create threat model components that are unique to your organisation. This release includes the ability to set a custom icon for component definitions, giving you a visual means of easily identifying your unique components within your threat model diagram.

abc63e53-30d6-4f0d-b6f0-1214f14c168e

Visio Import

IriusRisk 4.5 includes a new API end point that lets you turn Visio diagrams into IriusRisk threat models. This first release of the API will take a VSDX file and an optional mapping file and will map components in the diagram to corresponding components in IriusRisk. If you’re using the AWS stencil then this is done automatically for you by the API. If you have generic shapes in your diagram such as a rectangle representing a server, then you can use the optional mapping file to map it to the corresponding IriusRisk component.

d5acf2c6-9f74-4b9a-9272-186871f6e5e8

For more information on Visio import, check out the API documentation on SwaggerHub and the Startleft Visio page.

Performance and other improvements

  • The performance of the Countermeasure tree view has been improved, so you can now explore your countermeasures quickly and without lag
  • A useful “Copy link to project section” option has been added to the dropdown menu for projects, allowing you to quickly share the link to the current section (diagram, threats, countermeasures etc)
  • The word “duplicate” has been replaced by “clone” to provide consistency with the behaviour

Rules and security content

  • New condition for dataflow containing a specific asset
  • CAPEC library updated from 3.4 to 3.7
  • CWE library updated from 4.3 to 4.7

Release notes

For more information, see the Version 4.5 Release Notes.

Shape the future of Threat Modeling with us!

Join IriusRisk Horizon

IriusRisk Horizon - Customer Research, Product Discovery, and Early Access