Page Comparison

Description: Added new property "SecurityHubEnabled" for AWS Region in compliance engine and protected assets.
Case ID: DFR-2413
Known limitations:
Affected Components:

Description: JIT(Just in time) User using CloudGuard SSO or coming from Infinity Portal are now allowed to onboard their Cloud Accounts to CloudGuard with the Onboarding Permission.
Case ID: DFT-2491, PLAT-8011
Known limitations: Onboarding Permission doesn't include View or Manage Permission to the onboarded Cloud Account.
Affected Components:

Description: Fix for 'Risk Score' filter in Protected Assets page under Risk Management
Case ID: PLAT-7895
Known limitations: N/A
Affected Components:

Description: Added "attributes" property to target group
Case ID: DFR-2662
Known limitations:
Affected Components:

Description: Added support for "AWS Security Hub" in compliance engine and protected assets.
Case ID: DFR-2416
Known limitations: N/A
Affected Components:

Description: Added support for "AWS S3 Glacier Vault" in compliance engine and protected assets.
Case ID: DFR-442
Known limitations: N/A
Affected Components:

Description: Added dashboard structure under active feature
Case ID: PLAT-7397
Known limitations: N/A
Affected Components:

Description: Added ERM widgets with data to New Dashboard in React
Case ID: PLAT-7929
Known limitations: N/A
Affected Components:

Description: A DFT on Oracle Cloud Ruleset was fixed. A complete list can be found here.
Case ID: IN-7585, DFT-2511
Known limitations: N/A 
Affected Components:

Description: Image Assurance, Runtime Protection. A complete list can be found here.
Case ID: CON-5149
Known limitations: N/A 
Affected Components:

Description: Update for AWS rule. A list can be found here.
Case ID: IN-7211
Known limitations: N/A 
Affected Components:

Description: New Alibaba cloud rules, new OCI rule, new AWS rules; rule improvement. A complete list can be found here.
Case ID: IN-7365
Known limitations: N/A 
Affected Components:

Description: Replaced Azure icon to newer design in all pages
Case ID: PLAT-7793
Known limitations: N/A
Affected Components:

Description: Added support for "AWS Glue Job" in compliance engine and protected assets.
Case ID: DFR-2486
Known limitations: N/A
Affected Components:

Description: Added support for "AWS Glue Crawler" in compliance engine and protected assets.
Case ID: DFR-2487
Known limitations: N/A
Affected Components:

Description: Added support for "AWS Glue Data Catalog Encryption Setting" in compliance engine and protected assets.
Case ID: DFR-2488
Known limitations: N/A
Affected Components:

Description: Added support for "AWS Glue Dev Endpoint" in compliance engine and protected assets.
Case ID: DFR-2489
Known limitations: N/A
Affected Components:

Description: Added support for "AWS Glue ML Transform" in compliance engine and protected assets.
Case ID: DFR-2490
Known limitations: N/A
Affected Components:

Description: Fixed wrong classification of MFA devices where root user virtual MFA device was classified as physical.
Case ID: DFT-2450
Known limitations: N/A
Affected Components:

Description: Added Network Exposure support for Azure Virtual Machines in ERM. We currently identify publicly exposed Virtual Machines via direct access using public IPs. Additional use cases will be supported in later releases.
Case ID: SEC-871
Known limitations: N/A 
Affected Components:

Description: Added support for Azure Global WAF connector for FrontDoor in compliance engine
Case ID: DFR-2544
Known limitations: N/A
Affected Components:

Description: Added support for field 'vendorIdentifier' property in compliance engine and protected assets for all the AWS & Azure this data is available for (ARN for AWS, ResourceURI for Azure). Field will be missing if data is not available.
Case ID: DFT-2390
Known limitations: N/A
Affected Components:

Description: AWS Region Dome9Id was changed to a unique value over different cloud accounts.
Case ID: DFR-2625
Known limitations: N/A
Affected Components:

Description: Added support for new assets in Risk Management: AWS KMS, AWS EKS Cluster, Azure WebApp.
Case ID: SEC-593, SEC-778, SEC-588
Known limitations: N/A
Affected Components:

Description: The first release of the Azure CIS v2 ruleset;
Case ID: IN-7140
Known limitations: N/A 
Affected Components:

Description: Added missing entities; Azure Postgre SQL Flexible Service, AWS IAM Policy, AWS Subnet and AWS Network Access Control List to new protected assets table
Case ID: DFT-2439
Known limitations: N/A
Affected Components:

Description: Added support for "Azure Front Door" in Compliance Engine and Protected Assets.
Case ID: IN-6327
Known limitations: N/A
Affected Components:

Description: Added support for "OCI Vault" in Compliance Engine and Protected Assets.
Case ID: IN-6592
Known limitations: N/A
Affected Components:

Description: Added support for Oracle Cloud Infrastructure (OCI) in CloudGuard.
Case ID:
Known limitations: N/A
Affected Components:

Description: AWS RDS is now supported in Risk Management section. This includes the calculation of Network Exposure fields for all RDS types.
Case ID: SEC-637, SEC-638, SEC-640
Known limitations: An RDS may be marked as Public in case it is in a Public VPC but in a Private subnet.
Affected Components:

Description: The first release of the Oracle CIS v1.2 ruleset; The first release of the GCP MITRE ATT&CK v12.1 ruleset; rule improvement. A complete list can be found here.
Case ID: IN-7163, DFT-2420
Known limitations: N/A 
Affected Components:

Description: Allow users to search menu items from the main page.
Case ID: PLAT-7130
Known limitations: Shiftleft and Spectral pages are not included in the search
Affected Components:

Description: Idle session timeout is reached while being active in CloudGuard Posture.
Case ID: DFT-2300, PLAT-6833
Known limitations: N/A
Affected Components:

Description: Disable Terraform platform for new rulesets creation.
Case ID: PALT-7642, DFT-2417
Known limitations: Account with Classic shiftleft flow won’t be affected.
Affected Components:

Description: Added support for “key1CreationTime” and "key2CreationTime" properties.
Case ID: DFR-2687
Known limitations: N/A 
Affected Components:

Description: Changed "listeners" field structure for "OCI Network Load Balancer" in compliance engine.
Case ID: DFR-2618
Known limitations: N/A 
Affected Components:

Description: Added support for "ServiceAccounts" target when building Firewall rules for GCP security group.
Case ID: DFT-2432
Known limitations: N/A 
Affected Components:

Description: Dotnet6 support has been added to the function scanning and proact tool,
Case ID: PROT-1510
CloudFormationTemplate version has been changed. the new version: 28
Known limitations: N/A 
Affected Components:

Description: Update future 0.17.1 in order to fix CVE-2022-40899
Case ID: PROT-1092
Known limitations: N/A 
Affected Components:

Description: The first release of the AWS default ruleset; severity change to 24 AWS rules, new rules and rules improvements. A complete list can be found here.
Case ID: IN-7112, DFT-2361, DFT-2403, DFT-2362
Known limitations: N/A 
Affected Components:

Description: Fixed a problem where "containerinstance" field shows non-existing instances.
Case ID: DFT-2405
Known limitations: N/A 
Affected Components:

Description: Improve running time of GSL's on both AWS WAFRegional and AWS WAFRegionalV2.
Case ID: DFT-2350
Known limitations: N/A 
Affected Components:

Description: Fixed the "kmsAssetsStats" attribute in AWS KMS entity to support the multi region keys.
Case ID: IN-5902
Known limitations: N/A 
Affected Components:

Description: Changed Tenable vulnerabilities ID to fix an issue that caused resolved vulnerabilities to stay open.
Case ID: SEC-573
Known limitations:
Affected Components:

Description: The “Risk Management” main menu item was moved to the second position within the menu.
Case ID: SEC-785
Known limitations:
Affected Components:

Description: The “Unknown” network exposure value of protected assets will not be displayed in the filters and the protected assets table.
Case ID: SEC-751
Known limitations:
Affected Components:

Description: The email content of a scheduled report notification (Summary, Detailed, CSV, Zipped CSV), will be also sent as an attachment to the email, as an html file for local usage. The file’s name is “Report.html”
Case ID: PLAT-5703, DFT-2090
Known limitations: Executive reports won’t be sent as attachment.
Affected Components:

Description: Added support for “Azure Blueprint Assignment” in Compliance engine and Protected Assets.
Case ID: INT-2178
Known limitations: N/A
Affected Components:

Description: CloudGuard Terraform module version 1.28.6 has been released, adding support for Image Assurance rulesets in the Dome9_ruleset resource.
Case ID: DFT-2055
Known limitations: N/A 
Affected Components:

Description: New Intelligence rules for Azure & AWS. A list can be found here here.
Case ID: IN-6990
Known limitations: N/A 
Affected Components:

Description: Changed Network Exposure filter string representation from “Partial“ to “Partially Public”, to match the actual value on the assets.
Case ID: SEC-670
Known limitations: N/A 
Affected Components:

Description: The first release of the EKS CIS v1.2 ruleset. AWS Hi-Trust v11 and AWS SOC2 rulesets, rules improvements. A complete list can be found here.
Case ID: IN-7032, DFT-2348
Known limitations: N/A 
Affected Components: