Threats and vulnerabilities can now have different severity levels in different risk assessments.
- Adjust threat and vulnerability levels directly within an assessment.
- Assessment-specific levels are reflected in:
- Bowtie analysis
- Probability recommendations
- Risk calculations
- Tables
- PDF reports
Threats and vulnerabilities now support categories.
- New Threat Category and Vulnerability Category registries.
- Categories can be managed in Settings.
- Categories can be assigned directly from threat and vulnerability forms.
- Category information is displayed throughout the platform.
Cybersecurity organizations now receive predefined ISO 27005 threat and vulnerability categories.
- Available immediately in new organizations.
- Existing organizations are upgraded automatically.
- Organizations can add their own custom categories alongside the predefined library.
Treatments can now be reused across multiple risk assessments.
- The same treatment can be connected to multiple causes and consequences.
- Each assessment maintains its own treatment status, responsible person, and due date.
- New "Connect to Risk Assessment" action.
- Improved treatment form layout.
- Added "Applied in Assessments" overview showing where treatments are used.
Applying the same assessment template multiple times no longer creates duplicate treatments.
Existing treatments are automatically reused and connected to new assessments.
- Improved inheritance handling across organizational hierarchies.
- Added bulk inheritance controls for type definitions.
- Threat and vulnerability categories now inherit correctly between organizations.
Several list pages now load significantly faster due to backend performance optimizations.
Affected areas include:
- Treatments
- Causes
- Consequences
- Attachments
- Improved threat and vulnerability forms.
- Threat and vulnerability categories are shown in tables by default.
- Archived items are no longer displayed when selecting threats and vulnerabilities.
- Improved vendor registration workflow.
- Fixed issues that could prevent treatments from loading correctly in risk assessments.
- Fixed risk matrix updates after treatment status changes.
- Fixed cleanup when removing treatments from causes and consequences.
- Fixed creation of new cause and consequence types from dropdowns.
- Fixed an issue where creating or updating processing activities could fail when optional fields were left empty.
- Fixed an error when opening newly created reports without a module assigned.
¶ Authentication & Session Handling
- Improved handling of expired sessions for a smoother login experience.
- Multiple stability, validation, and data integrity improvements across the platform.