Page Comparison

Description: Added support for "Azure Subscription Policy" in compliance engine and protected assets.
Case ID: IN-7480
Known limitations: N/A
Affected Components:

Description: Unable to use Unified Onboarding in AWS China

Case ID: DFT-2409
Known limitations: N/A 
Affected Components:

Description: New GCP rules; DFT fix. A complete list can be found here.

Case ID: IN-7774, DFT-7498
Known limitations: N/A 
Affected Components:

Description: Including "Data Sensitivity" information as part of the risk score calculation for AWS S3 Buckets.
Case ID: SEC-912
Known limitations: N/A
Affected Components:

Description: Added Network Exposure support for Azure Virtual Machines via Load Balancer.
Case ID: SEC-762
Known limitations: N/A 
Affected Components:

Description: Added a new flag for filtering findings based on customer policies that allows filter findings based on policy types
Case ID: PLAT-7819
Known limitations: N/A
Affected Components:

Description: Initializations for the “createdTime” and “updatedTime” properties were fixed for the AWS' Application Load Balancer entity.
In addition, support for 6 listener rule’s header values were added: HostHeaderConfig, PathPatternConfig, HttpHeaderConfig, QueryStringConfig, HttpRequestMethodConfig and SourceIpConfig in ‘listeners.rules.conditions’.
Case ID: DFT-2503
Known limitations: N/A
Affected Components:

Description: Added a new flag for filtering findings based on customer policies that allows filter findings based on policy types
Case ID: PLAT-7819
Known limitations: N/A
Affected Components:

Description: Added support for "Azure Application Insights" in compliance engine and protected assets.
Case ID: IN-7748
Known limitations: N/A
Affected Components:

Description: Added a new flag for filtering findings based on customer policies that allows filter findings based on policy types
Case ID: PLAT-8118
Known limitations: N/A
Affected Components:

Description: New integration with AWS Macie for S3 Buckets sensitive data discovery. Added "Data Sensitivity" information in Risk Management protected assets page.
Case ID: SEC-913
Known limitations: N/A
Affected Components:

Description: AWS New EKS Rules, AWS Rules Removal, and 2 DFTs were fixed. A complete list can be found here.

D9.AWS.IAM.42 - deprecated due to redundancy

D9.AWS.IAM.70 - can’t be triggered anymore (AWS fix)
Case ID: IN-7719, DFT-2513,DFT-2559
Known limitations: N/A 
Affected Components:

Description: Added support for "Azure Defender Server Vulnerability Assessment" in compliance engine and protected assets.
Case ID: IN-7477
Known limitations: N/A
Affected Components:

Description: Added support for new region in AWS - UAE (me-central-1) in compliance engine and protected assets.
Case ID: DFT-2536
Known limitations: N/A
Affected Components:

Description: Added new property "replication.rules.destination.accountId" for AWS S3Bucket in compliance engine.
Case ID: DFR-2641
Known limitations: N/A
Affected Components:

Description: Added new property "ReplicationGroup" for AWS ElastiCache in compliance engine and protected assets.
Case ID: DFR-2590
Known limitations: N/A
Affected Components:

Description: Added a Context Graph to the Azure Virtual Machine's Protected Asset Page. The Context Graph will display the asset exposure to the Internet.
Case ID: SEC-931
Known limitations: N/A
Affected Components:

Description: Added support for new assets in Risk Management: AWS SQS, AWS DynamoDB Table, AWS Redshift, AWS SNS Topic, AWS ECR Repository, Azure FunctionApp, Azure Storage Account.
Case ID: SEC-875, SEC-802
Known limitations: N/A
Affected Components:

Description: Fix a bug with a certain GSL for the Compliance Engine.
Case ID: IN-7673
Known limitations: N/A
Affected Components:

Description: Events page - group by category show irrelevant events under category with empty value
Case ID: PLAT-7661
Known limitations: N/A
Affected Components:

Description: Fixed edit role page loading stuck when user with millions of records
Case ID: PLAT-7365
Known limitations: N/A
Affected Components:

Description: Fixed edit role page loading stuck when user with millions of records
Case ID: DFT-2449, PLAT-7846
Known limitations: N/A
Affected Components:

Description: Added support for "AWS CodeBuild Project" in compliance engine and protected assets.
Case ID: DFR-2479
Known limitations:
Affected Components:

Description: New AWS and Azure rules; AWS CIS v1.5 ruleset enrichment; Azure CIS v2 ruleset enrichment; A complete list can be found here.
Case ID: IN-7682, DFT-2534, DFT-2286, DFT-2499
Known limitations: N/A 
Affected Components:

Description: Added new property "dbInstanceParameter" for Alibaba RdsDbInstance in compliance engine and protected assets.
Case ID: IN-7590
Known limitations: N/A
Affected Components:

Description: OCI onboarding doesn't work if only "root" OrganizationUnit exists
Case ID: DFT-2521
Known limitations: N/A
Affected Components:

Description: Added new properties to Azure VirtualMachineScaleSet Entity, “OrchestrationMode”, “Instances.SecurityProfile“, “VirtualMachineProfile.SecurityProfile“.
Case ID: DFR-2671, IN-7156
Known limitations: N/A
Affected Components:

Description: Added new properties to Azure VM entity “SecurityProfile“, “StorageProfile”.
Case ID: DFR-2671, IN-7156
Known limitations: N/A
Affected Components:

Description: Added “Serverless” cluster type support the AWS “MskCluster” entity.
Case ID: IN-7626
Known limitations: N/A
Affected Components:

Description: A new look and feel for Protected Asset details page. The new Protected Asset page includes a new Overview tab that displays Risk Management information in a much clearer way. The new area includes the Context Graph (for selected assets) that provides insights into the asset exposure to the Internet as well as the potential blast radius in case of exploit, both from an IAM and network perspective.

Case ID: SEC-900
Known limitations: N/A 
Affected Components:

Description: Add new button was missing in case the user delete all his environments
Case ID: DFT-2545
Known limitations: N/A
Affected Components:

Description: Third party label was missing in protected asset details page
Case ID: DFT-2550
Known limitations: N/A
Affected Components:

Description: New tenant not getting landing page on Infinity Portal
Case ID: PLAT-8131
Known limitations: N/A
Affected Components:

Description: Support GKE Autopilot clusters (version 1.25 and above), Allow specifying priority class per agent, Autopilot Supported Blades: Inventory, Compliance, Image Assurance, Admission Controller and Threat Intelligence. A complete list can be found here.
Case ID: CON-5622
Known limitations: N/A 
Affected Components:

Description: Added support for Alibaba Security Center Edition Center Config in compliance engine and protected assets.
Case ID: IN-7595
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Webshell Config in compliance engine and protected assets.
Case ID: IN-7593
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Notification Config in compliance engine and protected assets.
Case ID: IN-7597
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Log Analysis Config in compliance engine and protected assets.
Case ID: IN-7596
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Linux Vulnerability in compliance engine and protected assets.
Case ID: IN-7598
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Linked Role Statusin compliance engine and protected assets.
Case ID: IN-7592
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Asset Security Info in compliance engine and protected assets.
Case ID: IN-7599
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Vulnerability Scan Config in compliance engine and protected assets.
Case ID: IN-7591
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for Alibaba Security Center Anti Virus Config in compliance engine and protected assets.
Case ID: IN-7594
Known limitations: Currently the icon is missing from the GSL playground and protected assets
Affected Components:

Description: Added support for new entity in AWS GuardDutyDetector in compliance engine and protected assets.
Case ID: DFR-2573
Known limitations: N/A 
Affected Components:

Description: Added support for "terminationProtectionEnabled" property for AWS “Instance” entity in compliance engine.
Case ID: DFR-2228, DFR-248
Known limitations: N/A
Affected Components:

Description: Added new property "FlowLogs" for Alibaba VPC in compliance engine and protected assets.
Case ID: IN-7345
Known limitations: N/A
Affected Components:

Description: New AWS rules; AWS PCI-DSS ruleset enrichment; AWS rules deprecation. A complete list can be found here.
Case ID: IN-7640
Known limitations: N/A 
Affected Components:

Description: Some asset properties have the indication External, for example, ExternalObject, ExternalArray. These properties are brought by GloudGuard from another entity to help you write GSL rules easier.
Case ID: IN-6677
Known limitations: N/A 
Affected Components:

Description: New infrastructure for future configuration of key vaults onboarding: Azure Key vault data will now be fetch from specific IP.
Case ID: IN-7643
Known limitations: N/A 
Affected Components:

Description: Add "AssetLables" field to entity view in playground
Case ID: IN-4859
Known limitations: N/A 
Affected Components:

Description: Added Network Exposure support for Azure Virtual Machines via Application Gateway.
Case ID: SEC-760
Known limitations: N/A 
Affected Components:

Description: Removed the following redundant properties from Azure Network Security Group entity, as they are not in use anymore - "InboundRules" "OutboundRules" "DefaultInboundRules" "DefaultOutboundRules"
Case ID: DFT-2396
Known limitations:
Affected Components:

Description: Removed "new" label for entities that are supported for more than a month
Case ID: IN-6995
Known limitations: N/A 
Affected Components:

Description: The first release of the Admission Control default ruleset; New AWS encryption rules, new Azure CIS rules; rule improvement; ERM rulesets update. A complete list can be found here.
Case ID: IN-7365
Known limitations: N/A 
Affected Components:

Description: Fixed compliance for Alibaba NAS entity.
Case ID: DFT-2435
Known limitations:
Affected Components:

Description: Risk Management dashboard is now available in the Overview menu as “Risk Management”. The Risk Management welcome page was removed.
Case ID: SEC-945
Known limitations: N/A
Affected Components:

Description: Add VendorIdentifier field to posture fidnings, this data is available for (ARN for AWS, ResourceURI for Azure). Field will be missing if data is not available
Case ID: DFT-2390, PLAT-7909
Known limitations: N/A
Affected Components:

Description: Network exposure for AWS ECS Service is now more accurate and includes the “Private” classification.
Case ID: SEC-841
Known limitations: N/A
Affected Components:

Description: Added S3 Bucket policy status enrichment in the data fetcher. Using GetBucketPolicyStatus API.
Case ID: SEC-468
Known limitations: N/A
Affected Components:

Description: Fixed inconsistence of "IsOwnedByUserFlag" field in EC2 Image entity, this issue also caused inconsistence response of CloudAmi API where some Images ami where missing randomly
Case ID: DFT-2342
Known limitations:
Affected Components: