 |
 |
EAR / Tools / versions
Risk Analysis Tools
|
PILAR & RMAT versions
[ beta ]
PILAR: 7.4.8 - 22.4.2021
PILAR: 7.4.7 - 8.2.2021
PILAR: 7.4.6 - 22.12.2020
PILAR: 7.4.5 - 28.10.2020
PILAR: 7.4.4 - 7.9.2020
PILAR: 7.4.3 - 23.4.2020
PILAR: 7.4.2 - 28.2.2020
PILAR: 7.4.1 - 23.1.2020
PILAR: 7.4.0 - 23.12.2019
- compensatory controls
- phase cloning
- SAD: single asset domains (no more asset specific)
- improvements: dependencies, report templates,
- bug fixing
PILAR: 7.3.4 - 17.9.2019
PILAR: 7.3.3 - 2.8.2019
PILAR: 7.3.2 - 8.7.2019
PILAR: 7.3.1 - 24.6.2019
PILAR: 7.3.0 - 17.6.2019
- pd risk mitigation revised
- gdpr data
- incidents
- associate a date to phases
- cvss v3
- attack paths revised to count direct impact on perimeter
- applicability map
- comments report (csv)
- questions report
- bug fixing
PILAR: 7.2.7 - 25.3.2019
PILAR: 7.2.6 - 8.3.2019
PILAR: 7.2.5 - 25.2.2019
PILAR: 7.2.4 - 18.2.2019
PILAR: 7.2.3 - 4.2.2019
PILAR: 7.2.2 - 24.1.2019
PILAR: 7.2.1 - 31.12.2018
PILAR: 7.2.0 - 12.12.2018
- merge in 1 screen safeguards applicability and valuation
- comments: integrated view and edition
- TSV: revised & cleaned; see doc
- EVL for dimensions: selectable
- SQL module: prefix, bugs
- threats mix mode revised: optional threats
- ad-hoc CVEs for pentesting management
- safeguards tree refinement: adequacy for threats
- speed up calculations
- general bug fixing
PILAR: 7.1.9 - 31.5.2018
- mark where there are comments below
- skip dependencies between groups of assets
- bug fixing
PILAR: 7.1.8 - 16.4.2018
PILAR: 7.1.7 - 19.2.2018
- EVL: control percents
- bug fixing
PILAR: 7.1.6 - 29.1.2018
- GDPR: threats, reports
- bug fixing
PILAR: 7.1.5 - 15.1.2018
PILAR: 7.1.4 - 23.12.2017
PILAR: 6.3.4 - 23.12.2017
PILAR: 7.1.3 - 18.12.2017
- mix mode: domains and dependencies
- bug fixing
PILAR: 6.3.3 - 18.12.2017
PILAR: 7.1.1 - 4.12.2017
PILAR: 6.3.2 - 4.12.2017
PILAR: 7.1.1 - 30.11.2017
- personal data processing
- security actions
- risk scenarios
PILAR: 6.3.1 - 30.11.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.3.0 - 26.10.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.2.6 - 24.4.2017
PILAR: 6.2.5 - 15.3.2017
PILAR: 6.2.4 - 13.2.2017
PILAR: 6.2.3 - 10.1.2017
RMAT: 5.5.0 - 10.1.2017
PILAR: 5.4.12 - 23.12.2016
PILAR: 6.2.2 - 19.12.2016
PILAR: 6.2.1 - 7.12.2016
PILAR: 6.2.0 - 26.11.2016
- default TSV simplified
- safeguards reorganized
- TSV uses excel files
- EVL: non aplicability of controls integrated in valuation screen
- EVL: maturity of controls separated from maturity of safeguards
- EVL: aggregate by domain sets
- attack graphs: physical, logical and tempest zones
- physical security: delays in excel
- help to select perimeter protection components
- textual reports revised
- pattern-based reports revised
- suggest evl items in evl views
PILAR: 5.4.11 - 10.9.2016
PILAR Basic: 5.4.11 - 10.9.2016
microPILAR: 5.4.11 - 10.9.2016
PILAR: 5.4.10 - 14.9.2016
PILAR Basic: 5.4.10 - 14.9.2016
microPILAR: 5.4.10 - 14.9.2016
PILAR: 5.4.9 - 18.7.2015
PILAR Basic: 5.4.9 - 18.7.2015
microPILAR: 5.4.9 - 18.7.2015
PILAR: 5.4.8 - 9.3.2015
PILAR Basic: 5.4.8 - 9.3.2015
microPILAR: 5.4.8 - 9.3.2015
PILAR: 5.4.7 - 12.11.2015
PILAR Basic: 5.4.7 - 12.11.2015
microPILAR: 5.4.7 - 12.11.2015
PILAR: 5.4.6 - 26.10.2015
PILAR Basic: 5.4.6 - 26.10.2015
microPILAR: 5.4.6 - 26.10.2015
PILAR: 5.4.5 - 13.3.2015
PILAR Basic: 5.4.5 - 13.3.2015
microPILAR: 5.4.5 - 13.3.2015
PILAR: 5.4.4 - 3.12.2014
PILAR Basic: 5.4.4 - 3.12.2014
microPILAR: 5.4.4 - 3.12.2014
RMAT: 5.4.1 - 31.7.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.4.3 - 18.7.2014
PILAR Basic: 5.4.3 - 18.7.2014
microPILAR: 5.4.3 - 18.7.2014
PILAR: 5.4.2 - 30.6.2014
PILAR Basic: 5.4.2 - 30.6.2014
microPILAR: 5.4.2 - 30.6.2014
PILAR: 5.4.1 - 8.4.2014
PILAR Basic: 5.4.1 - 8.4.2014
microPILAR: 5.4.1 - 8.4.2014
PILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- level to value mapping is loaded from configuration file
- bug fixing
PILAR Basic: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
microPILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
RMAT: 5.4.0 - 31.1.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.3.2 - 14.1.2014
PILAR Basic: 5.3.2 - 14.1.2014
microPILAR: 5.3.2 - 14.1.2014
RMAT: 5.3.0 - 3.1.2014
- EVL profiles
- new safeguards
- selection criteria
- history
- EVL+ profiles
- TSV - standard threat values
- new views to edit
- differences between TSV's
PILAR: 5.3.1 - 9.12.2013
PILAR Basic: 5.3.1 - 9.12.2013
microPILAR: 5.3.1 - 9.12.2013
PILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- threats: mix mode: some threats may be manual
- identify risks mitigated by safeguards
- remove/retain risks
- safeguard valuation by security domains
- separate applicability and valuation of security profiles
- EVL: filtering of phases and domains
- EVL: export to CSV
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
- bug: asset specific safeguards
PILAR Basic: 5.3.0 - 12.11.2013
microPILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
RMAT: 5.2 - 16.12.2012
- visibility on/off [publishes, or not]
- associate controls to safeguards (dynamic safeguards tree extension)
- bug fixing
PILAR: 5.2.9 - 26.12.2012
PILAR: 5.2.8 - 17.12.2012
PILAR: 5.2.7 - 10.12.2012
- project diff's
- evl: selection: mandatory controls
- graphs to excel
- bug fixing
PILAR: 5.2.6 - 12.11.2012
- subset of asset classes
- saving of subsets to be referenced from .car
- dependencies between groups of assets
- import & merge safeguards and security profiles (evl)
- bug in dependencies around OR-nodes
- trace of sql writing
- option not to save threats in automatic mode
- new "project import" different from "project merge"
- backwards compatibility with 4.4 and 5.1
- three-state boxes in asset selection
- selection of duplicated security profiles
- revise allowed actions in presentation and blocked modes
- ENS annual report
- speed up of tsv application
- bug fixing
PILAR: 5.2.5 - 28.9.2012
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.4 - 18.9.2012
- sources for layers
- separate marking labels
- variable length varchars in db
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.3 - 28.8.2012
- Bug: value propagation in valuation by domain
- Assets & classes
- Bug: Microsoft SQL Server
- Bug: Oracle
PILAR: 5.2.2 - 6.8.2012
- speed up
- bugs in templates
PILAR: 5.2.1 - 31.7.2012
- speed up
- bugs in templates
PILAR: 5.2 - 23.7.2012
- main screen reordered
- essential info includes personal data
- essential info includes classified information
- extended interface to associate TSV to security domains
- batch mode updated
- database tables updated
- manual addition of cve vulnerabilities
- itemised presentation of deflected risk
- risl filtering by top impact and risk
- classification marking
- report on previously used library and tool
- bulk copy + paste of safeguards' maturity between phases and projects
- bulk copy + paste of evl' maturity between phases and projects
- inform why a safeguard is recommended
- splash is disminished after 5 seconds
- security domains have separate TSV files
- speed up risk calculation
- comments for each phase
- safeguard effectiveness revisited
- pseudo-phase with PILAR recommended maturity levels
- metrics of profile fulfillment w.r.t. PILAR recommendation
- new safeguards
- ens profile revisited
- new patterns for report generation (see documentation)
- optional xdvp (cross-domain value propagation)
- bug fixing
PILAR: 5.1.7 - 26.4.2011
PILAR: 5.1.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 4.4.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 5.1.5 - 17.10.2011
- fixes bugs in report generation
- fixes bugs in business continuity: recommendations, and DRP
PILAR: 5.1.4 - 26.9.2011
- bug fixing: report generation
RMAT: 5.1 - 12.8.2011
- EVL revisited
- new panel to edit controls and questions
- detection of loops in links
- url to external information on controls
- TSV revisited
- KB revisited
- new panel to edit measures
- bug fixing
PILAR: 5.1.3 - 13.7.2011
- batch mode: better reporting of configuration errors
- bug fixing: postgresql database
- bug fixing: batch mode
**PILAR Basic: 5.1.3 - 13.7.2011
microPILAR: 5.1.3 - 13.7.2011
PILAR: 5.1.2 - 1.6.2011
**PILAR Basic: 5.1.2 - 1.6.2011
microPILAR: 5.1.2 - 1.6.2011
PILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- n.a. does not propagate from controls to safeguards
- reports improved
**PILAR Basic: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
microPILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- better reports
PILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- families: OR-nodes, essential assets
- domain valuation based on essential assets
- transforms domain values into essential assets
- vulnerabilities
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
PILAR Basic: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- domain valuation based on essential assets
- transforms domain values into essential assets
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
microPILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- ISO/IEC 27000 (2005)
- Canned reports
- AES 256
- one extra decimal in risk below {1}
PILAR: 4.4.5 - 1.12.2010
PILAR: 4.4.4 - 16.10.2010
- automatic threats and BCM
RMAT: 4.4 - 16.10.2010
PILAR: 4.4.3 - 1.7.2010
- remember node position in dependency graphs
- use ".pilar" to store preferences
- "reset" graphs
- save node position in .mgr (in dependency graphs)
- error fixing
PILAR: 4.4.2 - 24.2.2010
- error fixing
- locking new models
- qualitative / quantitative values
- reoirdering of security domains
PILAR & Pilar Basic: 4.4.1 - 8.2.2010
- error fixing
- locking of read only executions
- icons dor security domains
- reading of threat frequencies
- cost values in DRP
PILAR & Pilar Basic: 4.4 - 1.2.2010
- assets to classes
- tree maps
- labelled safeguards
- applicability revised
- dependency diagrams: buses and blocks
- sliders in refined dependencies
- block movement of assets, domains, sources and phases: using SHIFT + { UP, DOWN, LEFT, RIGHT }
- safeguard (branches) linked to sources of information
- revision of reports for using sources of information as filters
- import / export:** SQL DBMS
- export library to database
- splash screen
- licensee logo
- threats: automatic identification and evaluation
- revise reports driven by template
- panel for security domains
- filtering of safeguards by source of information
- alternative presentation of safeguard maturity
- filtering of controls (in evaluation profiles) by source of information
- DRP revised
- smart deletion of domains
- safeguard inheritance: domains first / phases first
- show maturity range
- bug fixing
PILAR & Pilar Basic: 4.3 - 22.1.2009
- Version 4.3
- independent domains
- look for maturity changes
- look for maturity below threshold
- simplify safeguards
- safeguard selection follows recommendation
- find decreasing maturity in safeguards
- every safeguard may be specific for every asset
- graphs revisited
- new graphs: per aspect / per strategy / per type of protection
- new risk mitigation heuristics
- quantitative impact and risk presented as relative values
- annotations in external file (file-based DB)
- reports from template
- reports revised
- policies into security profiles
- Pilar Basic: valuation criteria
- Pilar Basic: risk graph
- Pilar Basic: reports from template
- security profiles: controls may become safeguards on the fly
RMAT: 4.3 - 22.1.2009
PILAR & Pilar Basic: 4.2 - 8.7.2008
- qualitative risk with one decimal
- dependency degree per dimension
- threat models
- independent phases
- safeguard improvement suggestions
- updated library
PILAR & Pilar Basic: 4.1.4 - 4.4.2008
* en / English
* br / Brazilian
* es / Spanish
* fr / French
* it / Italian
* pt / Portuguese
PILAR: 4.1.3 - 31.3.2008
* + Brasileiro
* + Portuguese
PILAR: 4.1.3 - 31.3.2008
RMAT: 4.1 - 24.3.2008
PILAR: 4.1.2 - 14.3.2008
**PILAR & Pilar Basic 4.1.1 - 25.2.2008
**PILAR & Pilar Basic 4.1 - 27.12.2007
PILAR: 3.3 - 10.3.2007
PILAR: 3.2 - 5.12.2006
PILAR: 3.1 - 20.5.2006
PILAR: 2.2.10 - 12.12.2005
PILAR: 2.2.9 - 30.11.2005
PILAR: 2.2.6 - 11.10.2005
PILAR: 2.2.5 - 4.10.2005
PILAR: 2.2 - 31.10.2005
PILAR: 1.2 - 29.11.2004