Release Notes

1.11.0

  • Export model visualizations to SVG for use in external reports and third party tools
  • New scenario wizard to get started quickly with generated models
  • Toggleable endpoint labels for associations in the web modeler
  • AWS:
    • Support for Attacks via SSM sessions to EC2 Instances

1.10.3

1.10.0

  • Support for Single Sign-On with OpenID Connect
  • Support for multi-factor authentication via SSO
  • Support for Webhooks in Projects to subscribe to simulation results
  • A new endpoint for single-point-of-integration that takes raw data and a set configurations to automatically generate models and start a set of simulations
  • AWS:
    • MITRE ATT&CK mapping for attack steps in AWS
    • New AWS data collector module released on GitHub
    • Added support for HTTP APIs in API GW, User data manipulation in EC2 instances, Transit Gateway and VPC endpoints for API GW
    • New views for ECS, API GW, S3 and DynamoDB
  • Language packs to make it easier to create and update custom integrations
  • Labs are now available via the Enterprise SDK
  • Improved scrolling and filtering of Chokepoints

1.9.3

  • Support for remote database in deployment script
  • Performance improvements for Web modeler and Report

1.9.0

  • Improved performance for large-scale automated modeling and simulations
  • Improved scalability and support for continuous cloud deployments
  • Support for Amazon Linux as deployment platform
  • MAL descriptions in Report and Web modeler
  • Labs available on Project level
  • New model import GUI for automatically generated models
  • Multi-region, multi-account analysis support for AWS

1.8.0

  • Release of securiCAD Enterprise SDK on GitHub
  • Native support for Azure in securiCAD Enterprise
  • New project concept for reporting on continuous automated simulations
  • New model generation framework for automatic modeling across all domains
  • Improved model import in web modeler for large-scale manual modeling
  • Support for automated application threat modeling through integration with third-party dependency tools such as Debricked/Snyk, static code analysis solutions such as SonarQube/Veracode and more
  • Mapping to popular threat modeling and security frameworks in reports