Release Notes - 2024, July
- 5 Minutes to read
- Print
- PDF
Release Notes - 2024, July
- 5 Minutes to read
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
What’s New in Safe?
Release: v4.82
Release: v4.83
Release: v4.84
Release: v4.84
July 29th, 2024
Total: 9 Updates
SAFE One
Findings Prioritization
Introducing a new risk-based approach to prioritize security findings.
All security findings are linked to one or more FAIR-CAM Controls.
Control maturity is dynamically calculated based on these security findings.
This updates Likelihood and Loss Magnitude of Risk Scenarios.
.png?sv=2022-11-02&spr=https&st=2024-07-29T06%3A31%3A59Z&se=2024-07-29T06%3A41%3A59Z&sr=c&sp=r&sig=lgfa%2Fpu6DVPuXUMcrtK5G7WQreXMsTnm%2FlUebOyjT3w%3D "image(98).png")
.png?sv=2022-11-02&spr=https&st=2024-07-29T06%3A31%3A59Z&se=2024-07-29T06%3A41%3A59Z&sr=c&sp=r&sig=lgfa%2Fpu6DVPuXUMcrtK5G7WQreXMsTnm%2FlUebOyjT3w%3D "image(98).png")
Threat Center - Live
Introducing external Threat Feeds.
Threat Feeds now contribute to Threat Event Frequency.
This dynamically updates Likelihood of Risk Scenarios.
.png "image(126).png")
.png "image(126).png")
Refer to the list of all SAFE features that results in Quantification Updates here.
SAFE One - Third-Party Risk Management (TPRM)
IP Attribution for Organization
IP Attribution for Organization
SAFE One now lists IP addresses and network blocks in addition to domains for third parties.
.png "image(100).png")
.png "image(100).png")
Export Organization List
Export Organization List
You can now easily download and share lists of organizations, simplifying collaboration and reporting.
.png "image(101).png")
.png "image(101).png")
Control Recommendations for Risk Scenarios
Control Recommendations for Risk Scenarios
Added What If Analysis for all third-party module users to simulate control recommendation for various Risk scenarios.
.png "image(104).png")
.png "image(104).png")
Miscellaneous
Attack Surface Count for No Assets Group
Attack Surface Count for No Assets Group
You can now specify attack surface counts for groups marked as No Assets, improving Risk Likelihood estimation.
.png "image(102).png")
.png "image(102).png")
Quick Rename of Risk Scenarios
Quick Rename of Risk Scenarios
You can now easily edit the names of risk scenarios.
.png "image(103).png")
.png "image(103).png")
SaaS Assets are marked as Internet Facing
SaaS Assets are marked as Internet Facing
All SaaS applications are now marked as Internet Facing assets to ensure they're appropriately prioritised for risk quantification.
.png "image(122).png")
.png "image(122).png")
System Outage - Loss estimation
System Outage - Loss estimation
Added support for loss estimation of Risk Scenarios having System Outage as an attack outcome.
Release: v4.83
July 15th, 2024
Total: 11 Updates
Questionnaires
NIST 800-53 R5 Questionnaire CMMI-based assessment
FAIR TAM Questionnaire (Top 10 Third-Party Controls)
Insurance Financial Impact Questionnaire
Howden Questionnaire support for Excel uploads
NIST 800-53 R5 Questionnaire CMMI-based assessment
FAIR TAM Questionnaire (Top 10 Third-Party Controls)
Insurance Financial Impact Questionnaire
Howden Questionnaire support for Excel uploads
.png "image(87).png")
Miscellaneous
What-if Analysis for Risk Scenarios
What-if Analysis for Risk Scenarios
Re-apply control recommendation
Reset target Maturities
.png "image(88).png")
.png "image(88).png")
Ability to reset risk treatment target maturities under the treatment plan for a group
Ability to reset risk treatment target maturities under the treatment plan for a group
.png "image(89).png")
Ability to see what changed for Annualized Loss.
Ability to see what changed for Annualized Loss.
Traverse to the Annualized Loss Trend via Risk Scenario.
.png "image(125).png")
.png "image(125).png")
Toggle capability between control and findings under Risk scenarios.
Toggle capability between control and findings under Risk scenarios.
Controls view
.png "image(96).png")
Findings view
.png "image(97).png")
.png "image(96).png")
.png "image(97).png")
Updated Control Description
Updated Control Description
Incorporated descriptions into the controls for improved comprehension (Network Intrusion Detection System) and NDR (Network Detection and Response).
FAIR-CAM mapped to 120+ new Azure Findings.
Threat intel updated with latest Exploitable Vulnerabilities.
Release: v4.82
July 1st, 2024
Total: 5 Updates
Questionnaires
NIST CSF 2.0
NIST 800-53 R5
CIS Top 18 - CMMI
NIST CSF 2.0
NIST 800-53 R5
CIS Top 18 - CMMI
.png "image(92).png")
FAIR MAM & Financial Impact Questionnaire mapping
Easily co-relate the impact of Financial Impact Questionnaire responses with FAIR MAM loss drivers.
Easily co-relate the impact of Financial Impact Questionnaire responses with FAIR MAM loss drivers.
.png "image(93).png")
The option to Edit and Accept the loss driver’s impact is available.
.png "image(94).png")
Also, adding a rationale to justify the change in the default driver values is mandatory.
.png "image(95).png")
Crowdstrike Tags Import
Crowdstrike Falcon integration with SAFE supports Tags. Click here for details.
Note: Crowdstrike Falcon integration must be reconfigured with this release.
Was this article helpful?