Release Notes


  • SSO using OIDC now supports Multi-tenancy
  • New content format for webhooks: gzip is now selectable aswell as json
  • Modeler canvas performance improvements
  • Modelbuilder-service is no longer used for creating models and is removed
  • Added batch delete on most places were deletion is possible
  • GUI performance improvements in project overview


  • New risk metric: Attack exposure to more accurately quantify the expected attacker effort
    • All risk calculations will use this metric now instead of the previous total success rate (probability)
  • Major overhaul of the report:
    • New feature: View simulated model in the Modeler directly from the report
    • New feature: Print mode. Open the full report in a print-friendly window
    • New report summary section with simulation and model metadata
    • New metric: Attack exposure in the high value assets table
    • New visualizations for MITRE ATT&CK and STRIDE
    • Improved display of additional information to threats to identify mitigations and security information faster
    • Improved look-and-feel on graphs and charts
  • New feature: Split paths in critical paths to see all alternate paths, side-by-side
  • Improved readability and look-and-feel of critical paths
  • Improved sidebar in the Modeler
  • Improved model validation information and parser error messages
  • Improved graphing of large sets of simulation in Scenario overview
  • New feature: Graph type selection for Scenario overview


  • New feature: Default scenarios for AWS users. Choose between predefined attacks scenarios in the scenario wizard
  • New and improved risk matrix for improved readability for large sets of high value assets
  • Scenario insights in the Project overview for direct feedback on your latest simulations as well as how your risk levels are trending
  • Improved Word report export that now includes Suggested mitigations and Threat summaries
  • Improved integration support for third-party data sources
  • AWS domain support:
    • New AWS collector released (2.0.0) and simplified default IAM policy. Check our repo at GitHub or use pip to get the latest version and start simulating in 1.12.2
    • New simplified general format for third-party vulnerabilities and application data
    • New parser for Qualys vulnerability scanner reports
    • New vulnerability system and revamped authentication for applications and instances
    • Support for WAF and Web ACLs with source IP restrictions for Load balancers and API GW
    • Support for resource based policies for source IP restrictions in API GW
    • Support for container vulnerabilities via image scanning in ECR
    • Support for privilege escalation attacks via ECS Task roles and Container instance roles
    • Improved network reachability simulations with the addition of the Discover attack step
    • Improved granularity for privilege escalation attacks via Pass role actions
    • Improved granularity for credentials
    • Updates to Lambda invocation logic
    • Updates to protocol logic in networking simulation


  • New and improved navigation system in the Modeler and Critical Path
    • Select Touch pad or Mouse when interacting with the canvas
  • Improved support for concurrent work
  • Major GUI improvements with a complete overhaul of the look and feel
  • Support for selecting multiple assets and attack steps in the Scenario Wizard
  • New feature that allows the user to obfuscate sensitive data in the Simulation Report and Modeler
  • Added a simulation summary to the report
  • Improved system performance and stability
    • New container-based integration system


  • Export model visualizations to SVG for use in external reports and third party tools
  • New scenario wizard to get started quickly with generated models
  • Toggleable endpoint labels for associations in the web modeler
  • AWS:
    • Support for Attacks via SSM sessions to EC2 Instances



  • Support for Single Sign-On with OpenID Connect
  • Support for multi-factor authentication via SSO
  • Support for Webhooks in Projects to subscribe to simulation results
  • A new endpoint for single-point-of-integration that takes raw data and a set configurations to automatically generate models and start a set of simulations
  • AWS:
    • MITRE ATT&CK mapping for attack steps in AWS
    • New AWS data collector module released on GitHub
    • Added support for HTTP APIs in API GW, User data manipulation in EC2 instances, Transit Gateway and VPC endpoints for API GW
    • New views for ECS, API GW, S3 and DynamoDB
  • Language packs to make it easier to create and update custom integrations
  • Labs are now available via the Enterprise SDK
  • Improved scrolling and filtering of Chokepoints


  • Support for remote database in deployment script
  • Performance improvements for Web modeler and Report


  • Improved performance for large-scale automated modeling and simulations
  • Improved scalability and support for continuous cloud deployments
  • Support for Amazon Linux as deployment platform
  • MAL descriptions in Report and Web modeler
  • Labs available on Project level
  • New model import GUI for automatically generated models
  • Multi-region, multi-account analysis support for AWS


  • Release of securiCAD Enterprise SDK on GitHub
  • Native support for Azure in securiCAD Enterprise
  • New project concept for reporting on continuous automated simulations
  • New model generation framework for automatic modeling across all domains
  • Improved model import in web modeler for large-scale manual modeling
  • Support for automated application threat modeling through integration with third-party dependency tools such as Debricked/Snyk, static code analysis solutions such as SonarQube/Veracode and more
  • Mapping to popular threat modeling and security frameworks in reports