 |
 |
EAR / Tools / versions
Risk Analysis Tools
|
Version history
PILAR: 2022.2.2 - 20.2.2023
- bug fixing
ens compliance
copy administrative and description info in micropilar
PILAR: 2022.2.1 - 15.12.2022
PILAR: 2022.1.8 - 2.11.2022
- bug fixing
xml files remain open after reading
car file selection (cancel)
update of maturity when valuating by domains
PILAR: 2022.1.7 - 3.10.2022
- roll mgr files
- bug fixing
comments in potential 'phase'
stabilize frame size in micropilar
revise button text
PILAR: 2022.1.6 - 21.7.2022
- bug fixing
SQL store of asset valuation
refresh of deflected risk on changes of risk mitigation rules
PILAR: 2022.1.5 - 19.7.2022
- bug fixing
concurrent access to background evaluations
import criteria for asset valuation
report templates: print no risk
PILAR: 2022.1.4 - 8.7.2022
- report templates
new tags
risk tables
- bug fixing
blanks in csv and html reports
incidents in SQL: ordering
PILAR: 2022.1.3 - 29.6.2022
- report templates
format for risk printing
- log: risk [re-]calculations
- bug fixing
make robust car reading
align log window font to main window preferences
revise timestamps for risk [re-]calculations
PILAR: 2022.1.2 - 14.6.2022
- ENS : 2022
- ISO 27002 : 2022
attributes
- URL in descriptions
- bug fixing
size of full-screen windows
memory of asset positioning in deps graphs
import of assets from csv files
PILAR: 2022.1.1 - 26.4.2022
expansion of dependencies
new tags for report personalization
dynamic switch between qualitative and quantitative models
you may specify default options in CAR configuration
import project from csv: column mapping
applicability stages
supplemental measures (additional)
optional references in evl
default sources
emit BOM to csv files
evl to evl mapping
ENS 2022 : beta
AEPD : 2021
risk factors
child windows go to father's display
license control over vpn
PILAR: 2021.2.3 - 21.1.2022
PILAR: 2021.2.2 - 17.1.2022
PILAR: 2021.2.1 - 29.12.2021
new log window: errors, warnings and info
detect changes in CAR and referenced configuration files
new comment input interface
applicability stages
expand to doubts (safeguards and controls)
expand to non-evaluated (safeguards and controls)
revise cross-effects between ignored threats and manual threats
bug fixing
PILAR: 2021.1.11 - 24.11.2021
PILAR: 2021.1.10 - 5.11.2021
PILAR: 2021.1.9 - 21.10.2021
when a TSV file is not found, just report it
when importing safeguards and controls, use effective maturity
report on elements used for risk mitigation
skip INFO safeguards from searches (find)
allow reference to evl even when these refer to safeguards for risk mitigation
integrity check of configuration files
separate requested applicability vs actual applicability
different information in evl tree
evl travel: back & forth
working with several monitors
bug fixing
bug: robust against CAR file errors
bug: evl recommendations when no safeguards are applied
bug: in risk export to sql
PILAR: 2021.1.8 - 16.7.2021
PILAR: 2021.1.7 - 9.7.2021
- supplemental controls to database
- definitions in batch plans
- protect against car file errors
- export/import of suplemental and compensatory measures
- present top for controls with metrics
- relevance of extra controls
- rewrite rules for project translation
- zones translation
PILAR: 2021.1.6 - 30.4.2021
- revise calculation of border risk (subset of dimensions)
- 1 line view for safeguards
- separate control of non-valuated safeguards for pilar and nist
- revise control of non-valuated safeguards: panel for edition
- safeguards: apply-only-if and apply-only-if-not
- revise flaws in control and safeguard import
PILAR: 2021.1.5 - 26.3.2021
- control of propagation in evl import
- different types of mandatory
- A.60 for tempest borders
PILAR: 2021.1.4 - 15.3.2021
- dependencies: identify dual paths
- include no-threat assets in risk trees
- push and copy n.a. in countermeasures and evl
PILAR: 2021.1.3 - 12.2.2021
- aggregate all final risks for attack paths
PILAR: 2021.1.2 - 8.2.2021
PILAR: 2021.1.1 - 1.2.2021
- dots to shorten control names in graphs
PILAR: 2021.1.0 - 1.1.2021
new start and main screens
asset classes: qualifiers section
revision of safeguards tree (new, and relocated safeguards)
car based on car
projects based on templates
asset inventory form
option to reorder security dimensions
compact layer dependency graph
NIST safeguards added to PILAR safeguards
hooks: external links for safeguards and controls
control of visibility of safeguards and security profiles
separate evl structure per projects (compensatory controls)
risk reduction directly based on evl trees
use of labels to associate controls to threats
graph representation for borders
separate valuation of safeguards associated to borders
levels in controls in security profiles (evl)
licensing by means of activation code
quantitative analysis moved to options
csv separator moved to options
forget merge functionality: only plain import
remove KB
remove policies screen
remove procedures screen
PILAR: 7.4.9 - x.5.2021
- bug fixing
- robust when car file is wrong
PILAR: 7.4.8 - 22.4.2021
- bug fixing
- import of countermeasures and security profiles
PILAR: 7.4.7 - 8.2.2021
PILAR: 7.4.6 - 22.12.2020
PILAR: 7.4.5 - 28.10.2020
PILAR: 7.4.4 - 7.9.2020
PILAR: 7.4.3 - 23.4.2020
PILAR: 7.4.2 - 28.2.2020
PILAR: 7.4.1 - 23.1.2020
PILAR: 7.4.0 - 23.12.2019
- compensatory controls
- phase cloning
- SAD: single asset domains (no more asset specific)
- improvements: dependencies, report templates,
- bug fixing
PILAR: 7.3.4 - 17.9.2019
PILAR: 7.3.3 - 2.8.2019
PILAR: 7.3.2 - 8.7.2019
PILAR: 7.3.1 - 24.6.2019
PILAR: 7.3.0 - 17.6.2019
- pd risk mitigation revised
- gdpr data
- incidents
- associate a date to phases
- cvss v3
- attack paths revised to count direct impact on perimeter
- applicability map
- comments report (csv)
- questions report
- bug fixing
PILAR: 7.2.7 - 25.3.2019
PILAR: 7.2.6 - 8.3.2019
PILAR: 7.2.5 - 25.2.2019
PILAR: 7.2.4 - 18.2.2019
PILAR: 7.2.3 - 4.2.2019
PILAR: 7.2.2 - 24.1.2019
PILAR: 7.2.1 - 31.12.2018
PILAR: 7.2.0 - 12.12.2018
- merge in 1 screen safeguards applicability and valuation
- comments: integrated view and edition
- TSV: revised & cleaned; see doc
- EVL for dimensions: selectable
- SQL module: prefix, bugs
- threats mix mode revised: optional threats
- ad-hoc CVEs for pentesting management
- safeguards tree refinement: adequacy for threats
- speed up calculations
- general bug fixing
PILAR: 7.1.9 - 31.5.2018
- mark where there are comments below
- skip dependencies between groups of assets
- bug fixing
PILAR: 7.1.8 - 16.4.2018
PILAR: 7.1.7 - 19.2.2018
- EVL: control percents
- bug fixing
PILAR: 7.1.6 - 29.1.2018
- GDPR: threats, reports
- bug fixing
PILAR: 7.1.5 - 15.1.2018
PILAR: 7.1.4 - 23.12.2017
PILAR: 6.3.4 - 23.12.2017
PILAR: 7.1.3 - 18.12.2017
- mix mode: domains and dependencies
- bug fixing
PILAR: 6.3.3 - 18.12.2017
PILAR: 7.1.1 - 4.12.2017
PILAR: 6.3.2 - 4.12.2017
PILAR: 7.1.1 - 30.11.2017
- personal data processing
- security actions
- risk scenarios
PILAR: 6.3.1 - 30.11.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.3.0 - 26.10.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.2.6 - 24.4.2017
PILAR: 6.2.5 - 15.3.2017
PILAR: 6.2.4 - 13.2.2017
PILAR: 6.2.3 - 10.1.2017
RMAT: 5.5.0 - 10.1.2017
PILAR: 5.4.12 - 23.12.2016
PILAR: 6.2.2 - 19.12.2016
PILAR: 6.2.1 - 7.12.2016
PILAR: 6.2.0 - 26.11.2016
- default TSV simplified
- safeguards reorganized
- TSV uses excel files
- EVL: non aplicability of controls integrated in valuation screen
- EVL: maturity of controls separated from maturity of safeguards
- EVL: aggregate by domain sets
- attack graphs: physical, logical and tempest zones
- physical security: delays in excel
- help to select perimeter protection components
- textual reports revised
- pattern-based reports revised
- suggest evl items in evl views
PILAR: 5.4.11 - 10.9.2016
PILAR Basic: 5.4.11 - 10.9.2016
microPILAR: 5.4.11 - 10.9.2016
PILAR: 5.4.10 - 14.9.2016
PILAR Basic: 5.4.10 - 14.9.2016
microPILAR: 5.4.10 - 14.9.2016
PILAR: 5.4.9 - 18.7.2015
PILAR Basic: 5.4.9 - 18.7.2015
microPILAR: 5.4.9 - 18.7.2015
PILAR: 5.4.8 - 9.3.2015
PILAR Basic: 5.4.8 - 9.3.2015
microPILAR: 5.4.8 - 9.3.2015
PILAR: 5.4.7 - 12.11.2015
PILAR Basic: 5.4.7 - 12.11.2015
microPILAR: 5.4.7 - 12.11.2015
PILAR: 5.4.6 - 26.10.2015
PILAR Basic: 5.4.6 - 26.10.2015
microPILAR: 5.4.6 - 26.10.2015
PILAR: 5.4.5 - 13.3.2015
PILAR Basic: 5.4.5 - 13.3.2015
microPILAR: 5.4.5 - 13.3.2015
PILAR: 5.4.4 - 3.12.2014
PILAR Basic: 5.4.4 - 3.12.2014
microPILAR: 5.4.4 - 3.12.2014
RMAT: 5.4.1 - 31.7.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.4.3 - 18.7.2014
PILAR Basic: 5.4.3 - 18.7.2014
microPILAR: 5.4.3 - 18.7.2014
PILAR: 5.4.2 - 30.6.2014
PILAR Basic: 5.4.2 - 30.6.2014
microPILAR: 5.4.2 - 30.6.2014
PILAR: 5.4.1 - 8.4.2014
PILAR Basic: 5.4.1 - 8.4.2014
microPILAR: 5.4.1 - 8.4.2014
PILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- level to value mapping is loaded from configuration file
- bug fixing
PILAR Basic: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
microPILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
RMAT: 5.4.0 - 31.1.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.3.2 - 14.1.2014
PILAR Basic: 5.3.2 - 14.1.2014
microPILAR: 5.3.2 - 14.1.2014
RMAT: 5.3.0 - 3.1.2014
- EVL profiles
- new safeguards
- selection criteria
- history
- EVL+ profiles
- TSV - standard threat values
- new views to edit
- differences between TSV's
PILAR: 5.3.1 - 9.12.2013
PILAR Basic: 5.3.1 - 9.12.2013
microPILAR: 5.3.1 - 9.12.2013
PILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- threats: mix mode: some threats may be manual
- identify risks mitigated by safeguards
- remove/retain risks
- safeguard valuation by security domains
- separate applicability and valuation of security profiles
- EVL: filtering of phases and domains
- EVL: export to CSV
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
- bug: asset specific safeguards
PILAR Basic: 5.3.0 - 12.11.2013
microPILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
RMAT: 5.2 - 16.12.2012
- visibility on/off [publishes, or not]
- associate controls to safeguards (dynamic safeguards tree extension)
- bug fixing
PILAR: 5.2.9 - 26.12.2012
PILAR: 5.2.8 - 17.12.2012
PILAR: 5.2.7 - 10.12.2012
- project diff's
- evl: selection: mandatory controls
- graphs to excel
- bug fixing
PILAR: 5.2.6 - 12.11.2012
- subset of asset classes
- saving of subsets to be referenced from .car
- dependencies between groups of assets
- import & merge safeguards and security profiles (evl)
- bug in dependencies around OR-nodes
- trace of sql writing
- option not to save threats in automatic mode
- new "project import" different from "project merge"
- backwards compatibility with 4.4 and 5.1
- three-state boxes in asset selection
- selection of duplicated security profiles
- revise allowed actions in presentation and blocked modes
- ENS annual report
- speed up of tsv application
- bug fixing
PILAR: 5.2.5 - 28.9.2012
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.4 - 18.9.2012
- sources for layers
- separate marking labels
- variable length varchars in db
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.3 - 28.8.2012
- Bug: value propagation in valuation by domain
- Assets & classes
- Bug: Microsoft SQL Server
- Bug: Oracle
PILAR: 5.2.2 - 6.8.2012
- speed up
- bugs in templates
PILAR: 5.2.1 - 31.7.2012
- speed up
- bugs in templates
PILAR: 5.2 - 23.7.2012
- main screen reordered
- essential info includes personal data
- essential info includes classified information
- extended interface to associate TSV to security domains
- batch mode updated
- database tables updated
- manual addition of cve vulnerabilities
- itemised presentation of deflected risk
- risl filtering by top impact and risk
- classification marking
- report on previously used library and tool
- bulk copy + paste of safeguards' maturity between phases and projects
- bulk copy + paste of evl' maturity between phases and projects
- inform why a safeguard is recommended
- splash is disminished after 5 seconds
- security domains have separate TSV files
- speed up risk calculation
- comments for each phase
- safeguard effectiveness revisited
- pseudo-phase with PILAR recommended maturity levels
- metrics of profile fulfillment w.r.t. PILAR recommendation
- new safeguards
- ens profile revisited
- new patterns for report generation (see documentation)
- optional xdvp (cross-domain value propagation)
- bug fixing
PILAR: 5.1.7 - 26.4.2011
PILAR: 5.1.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 4.4.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 5.1.5 - 17.10.2011
- fixes bugs in report generation
- fixes bugs in business continuity: recommendations, and DRP
PILAR: 5.1.4 - 26.9.2011
- bug fixing: report generation
RMAT: 5.1 - 12.8.2011
- EVL revisited
- new panel to edit controls and questions
- detection of loops in links
- url to external information on controls
- TSV revisited
- KB revisited
- new panel to edit measures
- bug fixing
PILAR: 5.1.3 - 13.7.2011
- batch mode: better reporting of configuration errors
- bug fixing: postgresql database
- bug fixing: batch mode
**PILAR Basic: 5.1.3 - 13.7.2011
microPILAR: 5.1.3 - 13.7.2011
PILAR: 5.1.2 - 1.6.2011
**PILAR Basic: 5.1.2 - 1.6.2011
microPILAR: 5.1.2 - 1.6.2011
PILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- n.a. does not propagate from controls to safeguards
- reports improved
**PILAR Basic: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
microPILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- better reports
PILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- families: OR-nodes, essential assets
- domain valuation based on essential assets
- transforms domain values into essential assets
- vulnerabilities
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
PILAR Basic: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- domain valuation based on essential assets
- transforms domain values into essential assets
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
microPILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- ISO/IEC 27000 (2005)
- Canned reports
- AES 256
- one extra decimal in risk below {1}
PILAR: 4.4.5 - 1.12.2010
PILAR: 4.4.4 - 16.10.2010
- automatic threats and BCM
RMAT: 4.4 - 16.10.2010
PILAR: 4.4.3 - 1.7.2010
- remember node position in dependency graphs
- use ".pilar" to store preferences
- "reset" graphs
- save node position in .mgr (in dependency graphs)
- error fixing
PILAR: 4.4.2 - 24.2.2010
- error fixing
- locking new models
- qualitative / quantitative values
- reoirdering of security domains
PILAR & Pilar Basic: 4.4.1 - 8.2.2010
- error fixing
- locking of read only executions
- icons dor security domains
- reading of threat frequencies
- cost values in DRP
PILAR & Pilar Basic: 4.4 - 1.2.2010
- assets to classes
- tree maps
- labelled safeguards
- applicability revised
- dependency diagrams: buses and blocks
- sliders in refined dependencies
- block movement of assets, domains, sources and phases: using SHIFT + { UP, DOWN, LEFT, RIGHT }
- safeguard (branches) linked to sources of information
- revision of reports for using sources of information as filters
- import / export:** SQL DBMS
- export library to database
- splash screen
- licensee logo
- threats: automatic identification and evaluation
- revise reports driven by template
- panel for security domains
- filtering of safeguards by source of information
- alternative presentation of safeguard maturity
- filtering of controls (in evaluation profiles) by source of information
- DRP revised
- smart deletion of domains
- safeguard inheritance: domains first / phases first
- show maturity range
- bug fixing
PILAR & Pilar Basic: 4.3 - 22.1.2009
- Version 4.3
- independent domains
- look for maturity changes
- look for maturity below threshold
- simplify safeguards
- safeguard selection follows recommendation
- find decreasing maturity in safeguards
- every safeguard may be specific for every asset
- graphs revisited
- new graphs: per aspect / per strategy / per type of protection
- new risk mitigation heuristics
- quantitative impact and risk presented as relative values
- annotations in external file (file-based DB)
- reports from template
- reports revised
- policies into security profiles
- Pilar Basic: valuation criteria
- Pilar Basic: risk graph
- Pilar Basic: reports from template
- security profiles: controls may become safeguards on the fly
RMAT: 4.3 - 22.1.2009
PILAR & Pilar Basic: 4.2 - 8.7.2008
- qualitative risk with one decimal
- dependency degree per dimension
- threat models
- independent phases
- safeguard improvement suggestions
- updated library
PILAR & Pilar Basic: 4.1.4 - 4.4.2008
* en / English
* br / Brazilian
* es / Spanish
* fr / French
* it / Italian
* pt / Portuguese
PILAR: 4.1.3 - 31.3.2008
* + Brasileiro
* + Portuguese
PILAR: 4.1.3 - 31.3.2008
RMAT: 4.1 - 24.3.2008
PILAR: 4.1.2 - 14.3.2008
**PILAR & Pilar Basic 4.1.1 - 25.2.2008
**PILAR & Pilar Basic 4.1 - 27.12.2007
PILAR: 3.3 - 10.3.2007
PILAR: 3.2 - 5.12.2006
PILAR: 3.1 - 20.5.2006
PILAR: 2.2.10 - 12.12.2005
PILAR: 2.2.9 - 30.11.2005
PILAR: 2.2.6 - 11.10.2005
PILAR: 2.2.5 - 4.10.2005
PILAR: 2.2 - 31.10.2005
PILAR: 1.2 - 29.11.2004