 |
 |
EAR / Tools / versions Risk Analysis Tools |
Version history
PILAR: 2022.2.2 - 20.2.2023
- bug fixing ens compliance copy administrative and description info in micropilar
PILAR: 2022.2.1 - 15.12.2022
- bug fixing
PILAR: 2022.1.8 - 2.11.2022
- bug fixing xml files remain open after reading car file selection (cancel) update of maturity when valuating by domains
PILAR: 2022.1.7 - 3.10.2022
- roll mgr files
- bug fixing comments in potential 'phase' stabilize frame size in micropilar revise button text
PILAR: 2022.1.6 - 21.7.2022
- bug fixing SQL store of asset valuation refresh of deflected risk on changes of risk mitigation rules
PILAR: 2022.1.5 - 19.7.2022
- bug fixing concurrent access to background evaluations import criteria for asset valuation report templates: print no risk
PILAR: 2022.1.4 - 8.7.2022
- report templates new tags risk tables
- bug fixing blanks in csv and html reports incidents in SQL: ordering
PILAR: 2022.1.3 - 29.6.2022
- report templates format for risk printing
- log: risk [re-]calculations
- bug fixing make robust car reading align log window font to main window preferences revise timestamps for risk [re-]calculations
PILAR: 2022.1.2 - 14.6.2022
- ENS : 2022
- ISO 27002 : 2022 attributes
- URL in descriptions
- bug fixing size of full-screen windows memory of asset positioning in deps graphs import of assets from csv files
PILAR: 2022.1.1 - 26.4.2022
expansion of dependencies
new tags for report personalization
dynamic switch between qualitative and quantitative models
you may specify default options in CAR configuration
import project from csv: column mapping
applicability stages
supplemental measures (additional)
optional references in evl
default sources
emit BOM to csv files
evl to evl mapping
ENS 2022 : beta
AEPD : 2021 risk factors
child windows go to father's display
license control over vpn
PILAR: 2021.2.3 - 21.1.2022
- bug fixing
PILAR: 2021.2.2 - 17.1.2022
- bug fixing
PILAR: 2021.2.1 - 29.12.2021
new log window: errors, warnings and info
detect changes in CAR and referenced configuration files
new comment input interface
applicability stages
expand to doubts (safeguards and controls)
expand to non-evaluated (safeguards and controls)
revise cross-effects between ignored threats and manual threats
bug fixing
PILAR: 2021.1.11 - 24.11.2021
- bug fixing
PILAR: 2021.1.10 - 5.11.2021
- bug fixing
PILAR: 2021.1.9 - 21.10.2021
when a TSV file is not found, just report it
when importing safeguards and controls, use effective maturity
report on elements used for risk mitigation
skip INFO safeguards from searches (find)
allow reference to evl even when these refer to safeguards for risk mitigation
integrity check of configuration files
separate requested applicability vs actual applicability
different information in evl tree
evl travel: back & forth
working with several monitors
bug fixing
bug: robust against CAR file errors
bug: evl recommendations when no safeguards are applied
bug: in risk export to sql
PILAR: 2021.1.8 - 16.7.2021
- bug fixing
PILAR: 2021.1.7 - 9.7.2021
- supplemental controls to database
- definitions in batch plans
- protect against car file errors
- export/import of suplemental and compensatory measures
- present top for controls with metrics
- relevance of extra controls
- rewrite rules for project translation
- zones translation
PILAR: 2021.1.6 - 30.4.2021
- revise calculation of border risk (subset of dimensions)
- 1 line view for safeguards
- separate control of non-valuated safeguards for pilar and nist
- revise control of non-valuated safeguards: panel for edition
- safeguards: apply-only-if and apply-only-if-not
- revise flaws in control and safeguard import
PILAR: 2021.1.5 - 26.3.2021
- control of propagation in evl import
- different types of mandatory
- A.60 for tempest borders
PILAR: 2021.1.4 - 15.3.2021
- dependencies: identify dual paths
- include no-threat assets in risk trees
- push and copy n.a. in countermeasures and evl
PILAR: 2021.1.3 - 12.2.2021
- aggregate all final risks for attack paths
PILAR: 2021.1.2 - 8.2.2021
- bug fixing
PILAR: 2021.1.1 - 1.2.2021
- dots to shorten control names in graphs
PILAR: 2021.1.0 - 1.1.2021
new start and main screens
asset classes: qualifiers section
revision of safeguards tree (new, and relocated safeguards)
car based on car
projects based on templates
asset inventory form
option to reorder security dimensions
compact layer dependency graph
NIST safeguards added to PILAR safeguards
hooks: external links for safeguards and controls
control of visibility of safeguards and security profiles
separate evl structure per projects (compensatory controls)
risk reduction directly based on evl trees
use of labels to associate controls to threats
graph representation for borders
separate valuation of safeguards associated to borders
levels in controls in security profiles (evl)
licensing by means of activation code
quantitative analysis moved to options
csv separator moved to options
forget merge functionality: only plain import
remove KB
remove policies screen
remove procedures screen
PILAR: 7.4.9 - x.5.2021
- bug fixing
- robust when car file is wrong
PILAR: 7.4.8 - 22.4.2021
- bug fixing
- import of countermeasures and security profiles
PILAR: 7.4.7 - 8.2.2021
- bug fixing
PILAR: 7.4.6 - 22.12.2020
- bug fixing
PILAR: 7.4.5 - 28.10.2020
- bug fixing
PILAR: 7.4.4 - 7.9.2020
- bug fixing
PILAR: 7.4.3 - 23.4.2020
- bug fixing
PILAR: 7.4.2 - 28.2.2020
- bug fixing
PILAR: 7.4.1 - 23.1.2020
- bug fixing
PILAR: 7.4.0 - 23.12.2019
- compensatory controls
- phase cloning
- SAD: single asset domains (no more asset specific)
- improvements: dependencies, report templates,
- bug fixing
PILAR: 7.3.4 - 17.9.2019
- bug fixing
PILAR: 7.3.3 - 2.8.2019
- bug fixing
PILAR: 7.3.2 - 8.7.2019
- bug fixing
PILAR: 7.3.1 - 24.6.2019
- bug fixing
PILAR: 7.3.0 - 17.6.2019
- pd risk mitigation revised
- gdpr data
- incidents
- associate a date to phases
- cvss v3
- attack paths revised to count direct impact on perimeter
- applicability map
- comments report (csv)
- questions report
- bug fixing
PILAR: 7.2.7 - 25.3.2019
- bug fixing
PILAR: 7.2.6 - 8.3.2019
- bug fixing
PILAR: 7.2.5 - 25.2.2019
- bug fixing
PILAR: 7.2.4 - 18.2.2019
- bug fixing
PILAR: 7.2.3 - 4.2.2019
- bug fixing
PILAR: 7.2.2 - 24.1.2019
- bug fixing
PILAR: 7.2.1 - 31.12.2018
- bug fixing
PILAR: 7.2.0 - 12.12.2018
- merge in 1 screen safeguards applicability and valuation
- comments: integrated view and edition
- TSV: revised & cleaned; see doc
- EVL for dimensions: selectable
- SQL module: prefix, bugs
- threats mix mode revised: optional threats
- ad-hoc CVEs for pentesting management
- safeguards tree refinement: adequacy for threats
- speed up calculations
- general bug fixing
PILAR: 7.1.9 - 31.5.2018
- mark where there are comments below
- skip dependencies between groups of assets
- bug fixing
PILAR: 7.1.8 - 16.4.2018
- bug fixing
PILAR: 7.1.7 - 19.2.2018
- EVL: control percents
- bug fixing
PILAR: 7.1.6 - 29.1.2018
- GDPR: threats, reports
- bug fixing
PILAR: 7.1.5 - 15.1.2018
- bug fixing
PILAR: 7.1.4 - 23.12.2017
- bug fixing
PILAR: 6.3.4 - 23.12.2017
- bug fixing
- PILAR
- PILAR Basic
- microPILAR
PILAR: 7.1.3 - 18.12.2017
- mix mode: domains and dependencies
- bug fixing
PILAR: 6.3.3 - 18.12.2017
- bug fixing
PILAR: 7.1.1 - 4.12.2017
- bug fixing
PILAR: 6.3.2 - 4.12.2017
- bug fixing
PILAR: 7.1.1 - 30.11.2017
- personal data processing
- security actions
- risk scenarios
PILAR: 6.3.1 - 30.11.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.3.0 - 26.10.2017
- drag & drop for asset moving between zones
- bug fixing
PILAR: 6.2.6 - 24.4.2017
- bug fixing
PILAR: 6.2.5 - 15.3.2017
- bug fixing
PILAR: 6.2.4 - 13.2.2017
- bug fixing
PILAR: 6.2.3 - 10.1.2017
- bug fixing
RMAT: 5.5.0 - 10.1.2017
- bug fixing
- download
PILAR: 5.4.12 - 23.12.2016
- bug fixing
- PILAR
- PILAR Basic
- microPILAR
PILAR: 6.2.2 - 19.12.2016
- bug fixing
PILAR: 6.2.1 - 7.12.2016
- bug fixing
PILAR: 6.2.0 - 26.11.2016
- default TSV simplified
- safeguards reorganized
- TSV uses excel files
- EVL: non aplicability of controls integrated in valuation screen
- EVL: maturity of controls separated from maturity of safeguards
- EVL: aggregate by domain sets
- attack graphs: physical, logical and tempest zones
- physical security: delays in excel
- help to select perimeter protection components
- textual reports revised
- pattern-based reports revised
- suggest evl items in evl views
PILAR: 5.4.11 - 10.9.2016
- bug fixing
PILAR Basic: 5.4.11 - 10.9.2016
- bug fixing
microPILAR: 5.4.11 - 10.9.2016
- bug fixing
PILAR: 5.4.10 - 14.9.2016
- bug fixing
PILAR Basic: 5.4.10 - 14.9.2016
- bug fixing
microPILAR: 5.4.10 - 14.9.2016
- bug fixing
PILAR: 5.4.9 - 18.7.2015
- bug fixing
PILAR Basic: 5.4.9 - 18.7.2015
- bug fixing
microPILAR: 5.4.9 - 18.7.2015
- bug fixing
PILAR: 5.4.8 - 9.3.2015
- bug fixing
PILAR Basic: 5.4.8 - 9.3.2015
- bug fixing
microPILAR: 5.4.8 - 9.3.2015
- bug fixing
PILAR: 5.4.7 - 12.11.2015
- bug fixing
PILAR Basic: 5.4.7 - 12.11.2015
- bug fixing
microPILAR: 5.4.7 - 12.11.2015
- bug fixing
PILAR: 5.4.6 - 26.10.2015
- bug fixing
PILAR Basic: 5.4.6 - 26.10.2015
- bug fixing
microPILAR: 5.4.6 - 26.10.2015
- bug fixing
PILAR: 5.4.5 - 13.3.2015
- bug fixing
PILAR Basic: 5.4.5 - 13.3.2015
- bug fixing
microPILAR: 5.4.5 - 13.3.2015
- bug fixing
PILAR: 5.4.4 - 3.12.2014
- bug fixing
PILAR Basic: 5.4.4 - 3.12.2014
- bug fixing
microPILAR: 5.4.4 - 3.12.2014
- bug fixing
RMAT: 5.4.1 - 31.7.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.4.3 - 18.7.2014
- bug fixing
PILAR Basic: 5.4.3 - 18.7.2014
- bug fixing
microPILAR: 5.4.3 - 18.7.2014
- bug fixing
PILAR: 5.4.2 - 30.6.2014
- bug fixing
PILAR Basic: 5.4.2 - 30.6.2014
- bug fixing
microPILAR: 5.4.2 - 30.6.2014
- bug fixing
PILAR: 5.4.1 - 8.4.2014
- bug fixing
PILAR Basic: 5.4.1 - 8.4.2014
- bug fixing
microPILAR: 5.4.1 - 8.4.2014
- bug fixing
PILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- level to value mapping is loaded from configuration file
- bug fixing
PILAR Basic: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
microPILAR: 5.4.0 - 12.2.2014
- perimeters for safeguards and security profiles
- new templates in document generation
- bug fixing
RMAT: 5.4.0 - 31.1.2014
- perimeters for security profiles
- bug fixing
PILAR: 5.3.2 - 14.1.2014
- bug fixing
PILAR Basic: 5.3.2 - 14.1.2014
- bug fixing
microPILAR: 5.3.2 - 14.1.2014
- bug fixing
RMAT: 5.3.0 - 3.1.2014
- EVL profiles
- new safeguards
- selection criteria
- history
- EVL+ profiles
- new funcionality
- TSV - standard threat values
- new views to edit
- differences between TSV's
PILAR: 5.3.1 - 9.12.2013
- bug fixing
PILAR Basic: 5.3.1 - 9.12.2013
- bug fixing
microPILAR: 5.3.1 - 9.12.2013
- bug fixing
PILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- threats: mix mode: some threats may be manual
- identify risks mitigated by safeguards
- remove/retain risks
- safeguard valuation by security domains
- separate applicability and valuation of security profiles
- EVL: filtering of phases and domains
- EVL: export to CSV
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
- bug: asset specific safeguards
PILAR Basic: 5.3.0 - 12.11.2013
safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
3rd party sevices: asset classes and safeguards
ENS: compliance report
bug fixing
microPILAR: 5.3.0 - 12.11.2013
- safeguard library updated, revised and reordered
- authentication mechanisms
- interconnection architectures
- protection for 3rd party services (e.g. cloud)
- 3rd party sevices: asset classes and safeguards
- ENS: compliance report
- 27002:2013 - draft
- bug fixing
RMAT: 5.2 - 16.12.2012
- visibility on/off [publishes, or not]
- associate controls to safeguards (dynamic safeguards tree extension)
- bug fixing
PILAR: 5.2.9 - 26.12.2012
- warnings
- bug fixing
PILAR: 5.2.8 - 17.12.2012
- bug fixing
PILAR: 5.2.7 - 10.12.2012
- project diff's
- evl: selection: mandatory controls
- graphs to excel
- bug fixing
PILAR: 5.2.6 - 12.11.2012
- subset of asset classes
- saving of subsets to be referenced from .car
- dependencies between groups of assets
- import & merge safeguards and security profiles (evl)
- bug in dependencies around OR-nodes
- trace of sql writing
- option not to save threats in automatic mode
- new "project import" different from "project merge"
- backwards compatibility with 4.4 and 5.1
- three-state boxes in asset selection
- selection of duplicated security profiles
- revise allowed actions in presentation and blocked modes
- ENS annual report
- speed up of tsv application
- bug fixing
PILAR: 5.2.5 - 28.9.2012
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.4 - 18.9.2012
- sources for layers
- separate marking labels
- variable length varchars in db
- ENS annual report (experimental)
- bug fixing
PILAR: 5.2.3 - 28.8.2012
- Bug: value propagation in valuation by domain
- Assets & classes
- Bug: Microsoft SQL Server
- Bug: Oracle
PILAR: 5.2.2 - 6.8.2012
- speed up
- bugs in templates
PILAR: 5.2.1 - 31.7.2012
- speed up
- bugs in templates
PILAR: 5.2 - 23.7.2012
- main screen reordered
- essential info includes personal data
- essential info includes classified information
- extended interface to associate TSV to security domains
- batch mode updated
- database tables updated
- manual addition of cve vulnerabilities
- itemised presentation of deflected risk
- risl filtering by top impact and risk
- classification marking
- report on previously used library and tool
- bulk copy + paste of safeguards' maturity between phases and projects
- bulk copy + paste of evl' maturity between phases and projects
- inform why a safeguard is recommended
- splash is disminished after 5 seconds
- security domains have separate TSV files
- speed up risk calculation
- comments for each phase
- safeguard effectiveness revisited
- pseudo-phase with PILAR recommended maturity levels
- metrics of profile fulfillment w.r.t. PILAR recommendation
- new safeguards
- ens profile revisited
- new patterns for report generation (see documentation)
- optional xdvp (cross-domain value propagation)
- bug fixing
PILAR: 5.1.7 - 26.4.2011
- fixes bugs
PILAR: 5.1.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 4.4.6 - 3.11.2011
- fixes bugs in project merging
PILAR: 5.1.5 - 17.10.2011
- fixes bugs in report generation
- fixes bugs in business continuity: recommendations, and DRP
PILAR: 5.1.4 - 26.9.2011
- bug fixing: report generation
RMAT: 5.1 - 12.8.2011
- EVL revisited
- new panel to edit controls and questions
- detection of loops in links
- url to external information on controls
- TSV revisited
- KB revisited
- new panel to edit measures
- bug fixing
PILAR: 5.1.3 - 13.7.2011
- batch mode: better reporting of configuration errors
- bug fixing: postgresql database
- bug fixing: batch mode
**PILAR Basic: 5.1.3 - 13.7.2011
- bug fixing
microPILAR: 5.1.3 - 13.7.2011
- bug fixing
PILAR: 5.1.2 - 1.6.2011
- bug fixing
**PILAR Basic: 5.1.2 - 1.6.2011
- bug fixing
microPILAR: 5.1.2 - 1.6.2011
- bug fixing
PILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- n.a. does not propagate from controls to safeguards
- reports improved
**PILAR Basic: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
microPILAR: 5.1.1 - 23.5.2011
- bug fixing
- multiline safeguards and controls
- better reports
PILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- families: OR-nodes, essential assets
- domain valuation based on essential assets
- transforms domain values into essential assets
- vulnerabilities
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
PILAR Basic: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- domain valuation based on essential assets
- transforms domain values into essential assets
- extended valuation criteria (always 0-10)
- n.a. as valoration criteria
- mark values to trace propagation
- cross-dimension value propagation (e.g. keys)
- one extra decimal in risk below {1}
- policies integrated with safeguards
- procedures integrated with safeguards
- AES 256
microPILAR: 5.1 - 28.3.2011
- esquema nacional de seguridad (rd 3/2010)
- ISO/IEC 27000 (2005)
- Canned reports
- AES 256
- one extra decimal in risk below {1}
PILAR: 4.4.5 - 1.12.2010
- MS SQL Server access
PILAR: 4.4.4 - 16.10.2010
- automatic threats and BCM
RMAT: 4.4 - 16.10.2010
- aligned with PILAR 4.4
PILAR: 4.4.3 - 1.7.2010
- remember node position in dependency graphs
- use ".pilar" to store preferences
- "reset" graphs
- save node position in .mgr (in dependency graphs)
- error fixing
PILAR: 4.4.2 - 24.2.2010
- error fixing
- locking new models
- qualitative / quantitative values
- reoirdering of security domains
PILAR & Pilar Basic: 4.4.1 - 8.2.2010
- error fixing
- locking of read only executions
- icons dor security domains
- reading of threat frequencies
- cost values in DRP
PILAR & Pilar Basic: 4.4 - 1.2.2010
- assets to classes
- tree maps
- labelled safeguards
- applicability revised
- dependency diagrams: buses and blocks
- sliders in refined dependencies
- block movement of assets, domains, sources and phases: using SHIFT + { UP, DOWN, LEFT, RIGHT }
- safeguard (branches) linked to sources of information
- revision of reports for using sources of information as filters
- import / export:** SQL DBMS
- export library to database
- splash screen
- licensee logo
- threats: automatic identification and evaluation
- revise reports driven by template
- panel for security domains
- filtering of safeguards by source of information
- alternative presentation of safeguard maturity
- filtering of controls (in evaluation profiles) by source of information
- DRP revised
- smart deletion of domains
- safeguard inheritance: domains first / phases first
- show maturity range
- bug fixing
PILAR & Pilar Basic: 4.3 - 22.1.2009
- Version 4.3
- independent domains
- look for maturity changes
- look for maturity below threshold
- simplify safeguards
- safeguard selection follows recommendation
- find decreasing maturity in safeguards
- every safeguard may be specific for every asset
- graphs revisited
- new graphs: per aspect / per strategy / per type of protection
- new risk mitigation heuristics
- quantitative impact and risk presented as relative values
- annotations in external file (file-based DB)
- reports from template
- reports revised
- policies into security profiles
- Pilar Basic: valuation criteria
- Pilar Basic: risk graph
- Pilar Basic: reports from template
- security profiles: controls may become safeguards on the fly
RMAT: 4.3 - 22.1.2009
- Version 4.3
PILAR & Pilar Basic: 4.2 - 8.7.2008
- qualitative risk with one decimal
- dependency degree per dimension
- threat models
- independent phases
- safeguard improvement suggestions
- updated library
PILAR & Pilar Basic: 4.1.4 - 4.4.2008
* en / English
* br / Brazilian
* es / Spanish
* fr / French
* it / Italian
* pt / Portuguese
PILAR: 4.1.3 - 31.3.2008
* + Brasileiro
* + Portuguese
PILAR: 4.1.3 - 31.3.2008
- bugs
RMAT: 4.1 - 24.3.2008
- stable version
PILAR: 4.1.2 - 14.3.2008
- bugs
**PILAR & Pilar Basic 4.1.1 - 25.2.2008
- bugs and enhancements
**PILAR & Pilar Basic 4.1 - 27.12.2007
- stable release
PILAR: 3.3 - 10.3.2007
- stable release
PILAR: 3.2 - 5.12.2006
- stable release
PILAR: 3.1 - 20.5.2006
- stable release
PILAR: 2.2.10 - 12.12.2005
- stable release
PILAR: 2.2.9 - 30.11.2005
- stable release
PILAR: 2.2.6 - 11.10.2005
- stable release
PILAR: 2.2.5 - 4.10.2005
- stable release
PILAR: 2.2 - 31.10.2005
- stable release
PILAR: 1.2 - 29.11.2004
- stable release