Release 4.23
Release date: March 23, 2026
Key benefitsβ
- Continuous Living Threat Modeling: Experience a total shift from static security projects to dynamic, versioned artifacts driven by architectural diagrams. Keep security requirements in sync with your architecture through a unified, automated update process.
- Defect Trackers Visibility: New dedicated recent deliveries for defect trackers to monitor and troubleshoot the synchronization of vulnerabilities in real-time.
Introductionβ
Release 4.23 marks a strategic milestone in operationalizing "Secure by Design." We are moving beyond the era of static security documentation. By launching Continuous Living Threat Modeling, we are providing teams with a persistent, evolving artifact that keeps pace with modern development velocity.
This release unifies our architectural automation with a new persistence engine, ensuring that threat models are no longer "one-off" hurdles but a continuous source of truth for your application's security posture.
Continuous Living Threat Modelingβ
We have redesigned the Threat Modeling module to function as a living record of your applicationβs security design. Instead of a project that "closes," a Living Artifact remains active and evolves throughout the entire lifecycle of the software.
The core of this experience is a unified Diagram-Driven Automation. By using diagrams, users drive the security requirements of the living model directly. When you update your architectural design, the platform automatically generates and refreshes the corresponding security requirements within the same artifact. Every change triggers a Native Versioning event, providing a complete historical audit trail of how your security design has matured over time.
Key capabilities of this unified experience:
- Persistent Architecture-as-Code: Use visual diagrams as the primary driver to update your living security model without starting from scratch.
- Automated Requirement Sync: Instantly translate architectural changes into actionable security controls.
- Historical Traceability: Access a versioned history of every design shift, ensuring full compliance and governance.
Defect Trackers Recent Deliveriesβ
To support the reliability of your automated security pipeline, Release 4.23 introduces Defect Trackers Recent Deliveries for Defect Trackers (such as Jira, ClickUp, ServiceNow, etc.).
Users now have a transparent view of the last 1,000 synchronization events between the Conviso Platform and their development tools. These recent deliveries show the status of the synchronization, empowering teams to troubleshoot integration issues independently and ensuring that no vulnerability is lost between security and engineering workflows.
- Self-Service Troubleshooting: Resolve sync issues quickly with detailed context and system messages.
- End-to-End Visibility: Monitor the exact flow of findings from the platform to your developer backlogs.
π Access the Conviso Platform to explore these updates.
Contribute to the Docs
Found something outdated or missing? Help us improve the documentation with a quick suggestion or edit.
How to contributeResources
By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.
Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.
Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.