Versions Compared

Old Version 1

changes.mady.by.user Guy Shteinberg

Saved on

compared with

New Version Current

changes.mady.by.user Guy Shteinberg

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Deployment January 31, 2023

Info

Status
colourGreen
titleFEATURE
Azure User Assigned Identity - 12:00 UTC

Description: Added support for Azure User Assigned Identity in compliance engine and protected assets.
Case ID: INT-2177
Known limitations: N/A
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titlefetchers

Deployment January 26, 2023

Info

Status
colourRed
titlefixed
AWS IAM Role, AWS IAM User and AWS IAM Group - 4:10 UTC

Description: Fixed bug in 'combinedPolicies' property in AWS IAM Role, AWS IAM User and AWS IAM Group in Compliance Engine & Protected Assets.
Case ID: DFT-1159
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets

Deployment January 25, 2023

Info

Status
colourGreen
titleIMPROVEMENT
AWS ECS Cluster - 12:30 UTC

Description: Added "Tags" property to AWS ECS Cluster in Compliance Engine & Protected Assets.
Case ID: IN-6474, DFR-2559
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
AWS WAF Regional V2 - 12:30 UTC

Description: Added "Tags" property to AWS WAF Regional V2 in Compliance Engine & Protected Assets.
Case ID: IN-6474
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
AWS IAM Server Certificate - 12:30 UTC

Description: Added "Tags" property to AWS IAM Server Certificate in Compliance Engine & Protected Assets.
Case ID: IN-6474
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
AWS DMS Endpoint - 12:30 UTC

Description: Added "Tags" property to AWS DMS Endpoint in Compliance Engine & Protected Assets.
Case ID: IN-6474
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 10:30 UTC

Description: The first release of the AWS PCI-DSS v4.0 Ruleset. AWS and GCP rules improvements. AZURE rules deprecation (due to refactoring). A complete list can be found here.
Case ID: IN-6644
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Deployment January 18, 2023

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 10:30 UTC

Description: The first release of the GCP CIS v2.0 Ruleset. AWS and AZURE rules improvements. AWS rules deprecation (due to duplication). A complete list can be found here.
Case ID: IN-6530
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Deployment January 16, 2023

Info

Status
colourGreen
titleIMPROVEMENT
Intelligence Rulesets Update - 10:30 UTC

Description: Updating Severity to Intelligence rules. A list can be found here
Case ID: IN-4677
Known limitations: N/A
Affected Components:

Status
titleINTELLIGENCE RULESETS

Deployment January 15, 2023

Info

Status
colourGreen
titleIMPROVEMENT
Intelligence Rulesets Update - 15:00 UTC

Description: Updating Intelligence rules for Azure and Kubernetes. A list can be found here
Case ID: IN-6372
Known limitations: N/A
Affected Components:

Status
titleINTELLIGENCE RULESETS

Deployment January 11, 2023

Info

Status
colourGreen
titleIMPROVEMENT
AWS RDS DB Snapshot - 16:00 UTC

Description: Added "dbSnapshotAttributes" property to AWS RDS DB Snapshot in Compliance Engine & Protected Assets.
Case ID: DFR-2167
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
AWS RDS DB Cluster Snapshot - 16:00 UTC

Description: Added "dbClusterSnapshotAttributes" property to AWS RDS DB Cluster Snapshot in Compliance Engine & Protected Assets.
Case ID: DFR-2167
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titleFETCHERS

Info

Status
colourGreen
titleFEATURE
Azure Active Directory Access Reviews Schedule Definition - 13:00 UTC

Description: Added support for Azure Active Directory Access Reviews Schedule Definition in compliance engine and protected assets.
Case ID: IN-5927
Known limitations: N/A
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titlefetchers

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 12:00 UTC

Description: New Kubernetes rules; AWS and AZURE and Kubernetes rules improvements. 1 Azure rules was deprecated. A complete list can be found here.

D9.AZU.AKS.03 - The Pod security feature for Azure Kubernetes Service (AKS) service was deprecated
Case ID: IN-6479, DFT-2292
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Deployment January 8, 2023

Info

Status
colourRed
titlefixed
Service Account Details - 17:00 UTC

Description: Fix Service Account’s ‘Last Used’ column change on details update in the UI.
Case ID: DFT-2243,PLAT-6628
Known limitations: N/A
Affected Components:

Status
titleservice account

Info

Status
colourGreen
titleIMPROVEMENT
AWS EBS Snapshot - 16:00 UTC

Description: Added "CreateVolumePermissions" property to AWS EBS Snapshot in Compliance Engine & Protected Assets.
Case ID: DFR-1644
Known limitations: The property is currently being updated once in 6 hours, due to performance issue.
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titleFETCHERS

Deployment January 4, 2023

Info

Status
colourGreen
titleFEATURE
Azure Active Directory Security Defaults - 13:30 UTC

Description: Added support for Azure Active Directory Security Defaults in compliance engine and protected assets.
Case ID: IN-5899
Known limitations: N/A
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titlefetchers

Info

Status
colourGreen
titleFEATURE
Azure Active Directory Authorization Policy - 13:30 UTC

Description: Added support for Azure Active Directory Authorization Policy in compliance engine and protected assets.
Case ID: IN-5897
Known limitations: N/A
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets
Status
titlefetchers

Info

Status
colourGreen
titleIMPROVEMENT
Risk Management - IAM Sensitivity - 14:00 UTC

Description:

  • Added CIEM 'IAM Sensitivity' score into the Risk Score calculation for AWS EC2 Instance, Lambda and IAM Role.

  • IAM Sensitivity is a number from 0 - 100 and represents the potential damage caused to the cloud environment due to IAM permissions granted.

  • This number will modify the asset's risk score as it relates to the impact of a potential attack on the asset.

Case ID: SEC-397
Known limitations: N/A 
Affected Components:

Status
titleERM

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 11:00 UTC

Description: AWS and AZURE rules improvements. A complete list can be found here.
Case ID: IN-6408, DFT-2307
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Deployment January 3, 2023

Info

Status
colourGreen
titleIMPROVEMENT
AWS Security Group - 12:30 UTC

Description: Added "ownerId" property to AWS Security Group in Compliance Engine & Protected Assets.
Case ID: DFR-2574
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE ENGINE
Status
titleprotectd assets