 |
 |
EAR / Tools / versions Risk Analysis Tools |
Version history
PILAR: 2021.2.0 - xx.6.2021
- supplemental measures (additional)
- review of tempest
- when a TSV file is not found, just report it
- when importing safeguards and controls, use effective maturity
- report on elements used for risk mitigation
- skip INFO safeguards from searches (find)
- allow reference to evl even when these refer to safeguards for risk mitigation
- bug: robust against CAR file errors
- bug: evl recommendations when no safeguards are applied
- bug: in risk export to sql
PILAR: 2021.1.6 - 30.4.2021
- revise calculation of border risk (subset of dimensions)
- 1 line view for safeguards
- separate control of non-valuated safeguards for pilar and nist
- revise control of non-valuated safeguards: panel for edition
- safeguards: apply-only-if and apply-only-if-not
- revise flaws in control and safeguard import
PILAR: 2021.1.5 - 26.3.2021
- control of propagation in evl import
- different types of mandatory
- A.60 for tempest borders
PILAR: 2021.1.4 - 15.3.2021
- dependencies: identify dual paths
- include no-threat assets in risk trees
- push and copy n.a. in countermeasures and evl
PILAR: 2021.1.3 - 12.2.2021
- aggregate all final risks for attack paths
PILAR: 2021.1.2 - 8.2.2021
- bug fixing
PILAR: 2021.1.1 - 1.2.2021
- dots to shorten control names in graphs
PILAR: 2021.1.0 - 1.1.2021
new start and main screens
asset classes: qualifiers section
revision of safeguards tree (new, and relocated safeguards)
car based on car
projects based on templates
asset inventory form
option to reorder security dimensions
compact layer dependency graph
NIST safeguards added to PILAR safeguards
hooks: external links for safeguards and controls
control of visibility of safeguards and security profiles
separate evl structure per projects (compensatory controls)
risk reduction directly based on evl trees
use of labels to associate controls to threats
graph representation for borders
separate valuation of safeguards associated to borders
levels in controls in security profiles (evl)
licensing by means of activation code
quantitative analysis moved to options
csv separator moved to options
forget merge functionality: only plain import
remove KB
remove policies screen
remove procedures screen
PILAR: 7.4.9 - x.5.2021
- bug fixing
- robust when car file is wrong
PILAR: 7.4.8 - 22.4.2021
- bug fixing
- import of countermeasures and security profiles
PILAR: 7.4.7 - 8.2.2021
- bug fixing
PILAR: 7.4.6 - 22.12.2020
- bug fixing
PILAR: 7.4.5 - 28.10.2020
- bug fixing
PILAR: 7.4.4 - 7.9.2020
- bug fixing
PILAR: 7.4.3 - 23.4.2020
- bug fixing
PILAR: 7.4.2 - 28.2.2020
- bug fixing
PILAR: 7.4.1 - 23.1.2020
- bug fixing
PILAR: 7.4.0 - 23.12.2019
- compensatory controls
- phase cloning
- SAD: single asset domains (no more asset specific)
- improvements: dependencies, report templates,
- bug fixing
PILAR: 7.3.4 - 17.9.2019
- bug fixing
PILAR: 7.3.3 - 2.8.2019
- bug fixing
PILAR: 7.3.2 - 8.7.2019
- bug fixing
PILAR: 7.3.1 - 24.6.2019
- bug fixing
PILAR: 7.3.0 - 17.6.2019
- pd risk mitigation revised
- gdpr data
- incidents
- associate a date to phases
- cvss v3
- attack paths revised to count direct impact on perimeter
- applicability map
- comments report (csv)
- questions report
- bug fixing
PILAR: 7.2.7 - 25.3.2019
- bug fixing
PILAR: 7.2.6 - 8.3.2019
- bug fixing
PILAR: 7.2.5 - 25.2.2019
- bug fixing
PILAR: 7.2.4 - 18.2.2019
- bug fixing
PILAR: 7.2.3 - 4.2.2019
- bug fixing
PILAR: 7.2.2 - 24.1.2019
- bug fixing
PILAR: 7.2.1 - 31.12.2018
- bug fixing
PILAR: 7.2.0 - 12.12.2018
- merge in 1 screen safeguards applicability and valuation
- comments: integrated view and edition
- TSV: revised & cleaned; see doc
- EVL for dimensions: selectable
- SQL module: prefix, bugs
- threats mix mode revised: optional threats
- ad-hoc CVEs for pentesting management
- safeguards tree refinement: adequacy for threats
- speed up calculations
- general bug fixing
PILAR: 7.1.9 - 31.5.2018
- mark where there are comments below
- skip dependencies between groups of assets
- bug fixing
PILAR: 7.1.8 - 16.4.2018
- bug fixing
PILAR: 7.1.7 - 19.2.2018
- EVL: control percents
- bug fixing
PILAR: 7.1.6 - 29.1.2018
- GDPR: threats, reports
- bug fixing
PILAR: 7.1.5 - 15.1.2018
- bug fixing
PILAR: 7.1.4 - 23.12.2017
- bug fixing
PILAR: 6.3.4 - 23.12.2017
- bug fixing
- PILAR
- PILAR Basic
- microPILAR
PILAR: 7.1.3 - 18.12.2017
- mix mode: domains and dependencies
- bug fixing
PILAR: 6.3.3 - 18.12.2017
- bug fixing
PILAR: 7.1.1 - 4.12.2017
- bug fixing
PILAR: 6.3.2 - 4.12.2017
- bug fixing
PILAR: 7.1.1 - 30.11.2017
- personal data processing
- security actions
- risk scenarios
PILAR: 6.3.1 - 30.11.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.3.0 - 26.10.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.2.6 - 24.4.2017
- bug fixing
PILAR: 6.2.5 - 15.3.2017
- bug fixing
PILAR: 6.2.4 - 13.2.2017
- bug fixing
PILAR: 6.2.3 - 10.1.2017
- bug fixing
RMAT: 5.5.0 - 10.1.2017
- bug fixing
- download
PILAR: 5.4.12 - 23.12.2016
- bug fixing
- PILAR
- PILAR Basic
- microPILAR
PILAR: 6.2.2 - 19.12.2016
- bug fixing
PILAR: 6.2.1 - 7.12.2016
- bug fixing
PILAR: 6.2.0 - 26.11.2016
- default TSV simplified
- safeguards reorganized
- TSV uses excel files
- EVL: non aplicability of controls integrated in valuation screen
- EVL: maturity of controls separated from maturity of safeguards
- EVL: aggregate by domain sets
- attack graphs: physical, logical and tempest zones
- physical security: delays in excel
- help to select perimeter protection components
- textual reports revised
- pattern-based reports revised
- suggest evl items in evl views
PILAR: 5.4.11 - 10.9.2016
- bug fixing
PILAR Basic: 5.4.11 - 10.9.2016
- bug fixing
microPILAR: 5.4.11 - 10.9.2016
- bug fixing
PILAR: 5.4.10 - 14.9.2016
- bug fixing
PILAR Basic: 5.4.10 - 14.9.2016
- bug fixing
microPILAR: 5.4.10 - 14.9.2016
- bug fixing
PILAR: 5.4.9 - 18.7.2015
- bug fixing
PILAR Basic: 5.4.9 - 18.7.2015
- bug fixing
microPILAR: 5.4.9 - 18.7.2015
- bug fixing
PILAR: 5.4.8 - 9.3.2015
- bug fixing
PILAR Basic: 5.4.8 - 9.3.2015
- bug fixing
microPILAR: 5.4.8 - 9.3.2015
- bug fixing
PILAR: 5.4.7 - 12.11.2015
- bug fixing
PILAR Basic: 5.4.7 - 12.11.2015
- bug fixing
microPILAR: 5.4.7 - 12.11.2015
- bug fixing
PILAR: 5.4.6 - 26.10.2015
- bug fixing
PILAR Basic: 5.4.6 - 26.10.2015
- bug fixing
microPILAR: 5.4.6 - 26.10.2015
- bug fixing
PILAR: 5.4.5 - 13.3.2015
- bug fixing
PILAR Basic: 5.4.5 - 13.3.2015
- bug fixing
microPILAR: 5.4.5 - 13.3.2015
- bug fixing
PILAR: 5.4.4 - 3.12.2014
- bug fixing
PILAR Basic: 5.4.4 - 3.12.2014
- bug fixing
microPILAR: 5.4.4 - 3.12.2014
- bug fixing
RMAT: 5.4.1 - 31.7.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.4.3 - 18.7.2014
- bug fixing
PILAR Basic: 5.4.3 - 18.7.2014
- bug fixing
microPILAR: 5.4.3 - 18.7.2014
- bug fixing
PILAR: 5.4.2 - 30.6.2014
- bug fixing
PILAR Basic: 5.4.2 - 30.6.2014
- bug fixing
microPILAR: 5.4.2 - 30.6.2014
- bug fixing
PILAR: 5.4.1 - 8.4.2014
- bug fixing
PILAR Basic: 5.4.1 - 8.4.2014
- bug fixing
microPILAR: 5.4.1 - 8.4.2014
- bug fixing
PILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- level to value mapping is loaded from configuration file
- bug fixing
PILAR Basic: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
microPILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
RMAT: 5.4.0 - 31.1.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.3.2 - 14.1.2014
- bug fixing
PILAR Basic: 5.3.2 - 14.1.2014
- bug fixing
microPILAR: 5.3.2 - 14.1.2014
- bug fixing
RMAT: 5.3.0 - 3.1.2014
- EVL profiles
- new safeguards
- selection criteria
- history
- EVL+ profiles
- new funcionality
- TSV - standard threat values
- new views to edit
- differences between TSV's
PILAR: 5.3.1 - 9.12.2013
- bug fixing
PILAR Basic: 5.3.1 - 9.12.2013
- bug fixing
microPILAR: 5.3.1 - 9.12.2013
- bug fixing
PILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- threats: mix mode: some threats may be manual
- identify risks mitigated by safeguards
- remove/retain risks
- safeguard valuation by security domains
- separate applicability and valuation of security profiles
- EVL: filtering of phases and domains
- EVL: export to CSV
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
- bug: asset specific safeguards
PILAR Basic: 5.3.0 - 12.11.2013
safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
3rd party sevices: asset classes and safeguards
ENS: compliance report
bug fixing
microPILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
RMAT: 5.2 - 16.12.2012
- visibility on/off [publishes, or not]
- associate controls to safeguards (dynamic safeguards tree extension)
- bug fixing
PILAR: 5.2.9 - 26.12.2012
- warnings
- bug fixing
PILAR: 5.2.8 - 17.12.2012
- bug fixing
PILAR: 5.2.7 - 10.12.2012
- project diff's
- evl: selection: mandatory controls
- graphs to excel
- bug fixing
PILAR: 5.2.6 - 12.11.2012
- subset of asset classes
- saving of subsets to be referenced from .car
- dependencies between groups of assets
- import & merge safeguards and security profiles (evl)
- bug in dependencies around OR-nodes
- trace of sql writing
- option not to save threats in automatic mode
- new "project import" different from "project merge"
- backwards compatibility with 4.4 and 5.1
- three-state boxes in asset selection
- selection of duplicated security profiles
- revise allowed actions in presentation and blocked modes
- ENS annual report
- speed up of tsv application
- bug fixing
PILAR: 5.2.5 - 28.9.2012
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.4 - 18.9.2012
- sources for layers
- separate marking labels
- variable length varchars in db
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.3 - 28.8.2012
- Bug: value propagation in valuation by domain
- Assets & classes
- Bug: Microsoft SQL Server
- Bug: Oracle
PILAR: 5.2.2 - 6.8.2012
- speed up
- bugs in templates
PILAR: 5.2.1 - 31.7.2012
- speed up
- bugs in templates
PILAR: 5.2 - 23.7.2012
- main screen reordered
- essential info includes personal data
- essential info includes classified information
- extended interface to associate TSV to security domains
- batch mode updated
- database tables updated
- manual addition of cve vulnerabilities
- itemised presentation of deflected risk
- risl filtering by top impact and risk
- classification marking
- report on previously used library and tool
- bulk copy + paste of safeguards' maturity between phases and projects
- bulk copy + paste of evl' maturity between phases and projects
- inform why a safeguard is recommended
- splash is disminished after 5 seconds
- security domains have separate TSV files
- speed up risk calculation
- comments for each phase
- safeguard effectiveness revisited
- pseudo-phase with PILAR recommended maturity levels
- metrics of profile fulfillment w.r.t. PILAR recommendation
- new safeguards
- ens profile revisited
- new patterns for report generation (see documentation)
- optional xdvp (cross-domain value propagation)
- bug fixing
PILAR: 5.1.7 - 26.4.2011
- fixes bugs
PILAR: 5.1.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 4.4.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 5.1.5 - 17.10.2011
- fixes bugs in report generation
- fixes bugs in business continuity: recommendations, and DRP
PILAR: 5.1.4 - 26.9.2011
- bug fixing: report generation
RMAT: 5.1 - 12.8.2011
- EVL revisited
- new panel to edit controls and questions
- detection of loops in links
- url to external information on controls
- TSV revisited
- KB revisited
- new panel to edit measures
- bug fixing
PILAR: 5.1.3 - 13.7.2011
- batch mode: better reporting of configuration errors
- bug fixing: postgresql database
- bug fixing: batch mode
**PILAR Basic: 5.1.3 - 13.7.2011
- bug fixing
microPILAR: 5.1.3 - 13.7.2011
- bug fixing
PILAR: 5.1.2 - 1.6.2011
- bug fixing
**PILAR Basic: 5.1.2 - 1.6.2011
- bug fixing
microPILAR: 5.1.2 - 1.6.2011
- bug fixing
PILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- n.a. does not propagate from controls to safeguards
- reports improved
**PILAR Basic: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
microPILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- better reports
PILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- families: OR-nodes, essential assets
- domain valuation based on essential assets
- transforms domain values into essential assets
- vulnerabilities
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
PILAR Basic: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- domain valuation based on essential assets
- transforms domain values into essential assets
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
microPILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- ISO/IEC 27000 (2005)
- Canned reports
- AES 256
- one extra decimal in risk below {1}
PILAR: 4.4.5 - 1.12.2010
- MS SQL Server access
PILAR: 4.4.4 - 16.10.2010
- automatic threats and BCM
RMAT: 4.4 - 16.10.2010
- aligned with PILAR 4.4
PILAR: 4.4.3 - 1.7.2010
- remember node position in dependency graphs
- use ".pilar" to store preferences
- "reset" graphs
- save node position in .mgr (in dependency graphs)
- error fixing
PILAR: 4.4.2 - 24.2.2010
- error fixing
- locking new models
- qualitative / quantitative values
- reoirdering of security domains
PILAR & Pilar Basic: 4.4.1 - 8.2.2010
- error fixing
- locking of read only executions
- icons dor security domains
- reading of threat frequencies
- cost values in DRP
PILAR & Pilar Basic: 4.4 - 1.2.2010
- assets to classes
- tree maps
- labelled safeguards
- applicability revised
- dependency diagrams: buses and blocks
- sliders in refined dependencies
- block movement of assets, domains, sources and phases: using SHIFT + { UP, DOWN, LEFT, RIGHT }
- safeguard (branches) linked to sources of information
- revision of reports for using sources of information as filters
- import / export:** SQL DBMS
- export library to database
- splash screen
- licensee logo
- threats: automatic identification and evaluation
- revise reports driven by template
- panel for security domains
- filtering of safeguards by source of information
- alternative presentation of safeguard maturity
- filtering of controls (in evaluation profiles) by source of information
- DRP revised
- smart deletion of domains
- safeguard inheritance: domains first / phases first
- show maturity range
- bug fixing
PILAR & Pilar Basic: 4.3 - 22.1.2009
- Version 4.3
- independent domains
- look for maturity changes
- look for maturity below threshold
- simplify safeguards
- safeguard selection follows recommendation
- find decreasing maturity in safeguards
- every safeguard may be specific for every asset
- graphs revisited
- new graphs: per aspect / per strategy / per type of protection
- new risk mitigation heuristics
- quantitative impact and risk presented as relative values
- annotations in external file (file-based DB)
- reports from template
- reports revised
- policies into security profiles
- Pilar Basic: valuation criteria
- Pilar Basic: risk graph
- Pilar Basic: reports from template
- security profiles: controls may become safeguards on the fly
RMAT: 4.3 - 22.1.2009
- Version 4.3
PILAR & Pilar Basic: 4.2 - 8.7.2008
- qualitative risk with one decimal
- dependency degree per dimension
- threat models
- independent phases
- safeguard improvement suggestions
- updated library
PILAR & Pilar Basic: 4.1.4 - 4.4.2008
* en / English
* br / Brazilian
* es / Spanish
* fr / French
* it / Italian
* pt / Portuguese
PILAR: 4.1.3 - 31.3.2008
* + Brasileiro
* + Portuguese
PILAR: 4.1.3 - 31.3.2008
- bugs
RMAT: 4.1 - 24.3.2008
- stable version
PILAR: 4.1.2 - 14.3.2008
- bugs
**PILAR & Pilar Basic 4.1.1 - 25.2.2008
- bugs and enhancements
**PILAR & Pilar Basic 4.1 - 27.12.2007
- stable release
PILAR: 3.3 - 10.3.2007
- stable release
PILAR: 3.2 - 5.12.2006
- stable release
PILAR: 3.1 - 20.5.2006
- stable release
PILAR: 2.2.10 - 12.12.2005
- stable release
PILAR: 2.2.9 - 30.11.2005
- stable release
PILAR: 2.2.6 - 11.10.2005
- stable release
PILAR: 2.2.5 - 4.10.2005
- stable release
PILAR: 2.2 - 31.10.2005
- stable release
PILAR: 1.2 - 29.11.2004
- stable release