Versions Compared

Old Version 1

changes.mady.by.user Guy Shteinberg

Saved on

compared with

New Version Current

changes.mady.by.user Guy Shteinberg

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Deployment March 31, 2024

Info

Status
colourGreen
titleIMPROVEMENT
CG API Keys - Last used info - 2:00 UTC
Description: CG now displays API keys with the information about when were they last been used.
Case ID: DFR-2953
Known limitations: N/A
Affected Components:
Status
titleApi Keys

Info

Status
colourGreen
titleIMPROVEMENT
AWS Code Build Project - 10:00 UTC
Description: Reduced fetching frequency for Aws Code Build Project to once a day to avoid throttling.
Case ID: DFT-3574
Known limitations: N/A
Affected Components:
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
GCP BigQueryTable, GCP DataprocCluster - 10:00 UTC
Description: GCP BigQueryTable and GCP DataprocCluster are now fetched with a new mechanism and containing more fields (fields that are not configured will contain null). Relevant to Singapore, Mumbai and Canada DCs only.

Case ID: CNAPP-7749, CNAPP-7750, CNAPP-7751
Known limitations: Relevant to Singapore, Mumbai, Canada DC only
Affected Components:

Status
titleFETCHERS

Deployment March 28, 2024

Info

Status
colourGreen
titleIMPROVEMENT
AWS Organization Account - 15:30 UTC
Description: Add SCP account policies that are inherited from OU.
Case ID: DFR-2256
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titleCOMPLIANCE ENGINE

Deployment March 27, 2024

Info

Status
colourRed
titleFIXED
Risk Management - Azure SQL Server Network Exposure - 11:30 UTC

Description: Treating the build it firewall rule that allows traffic from Azure services as partially public.
Case ID: CNAPP-7702
Known limitations: N/A 
Affected Components:

Status
titleRISK MANAGEMENT
Status
titlePROTECTED ASSETS

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 09:30 UTC

Description: General maintenance and content updates. A complete list can be found here.

Case ID: CNAPP-7825, DFT-3536
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Deployment March 26, 2024

Info

Status
colourGreen
titlefeature
CIEM label can be added to CSPM rules - 11:00 UTC
Description: Adding support for adding CIEM label to custom CPSM rule, findings with that label will show up under CIEM\Findings.
Case ID: DFR-3257
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titleCIEM

Info

Status
colourGreen
titlefeature
Multi entities selection on CSPM exclusions - 10:00 UTC
Description: Added support for multi entities selection on CSPM exclusion, entities can be selected from a list or by using a wildcard
Case ID: DFR-3422, DFR-2327
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE

Deployment March 25, 2024

Info

Status
colourGreen
titleIMPROVEMENT
AWS Region - 11:00 UTC
Description: Added support for Organization Access Analyzers Type under the “accessAnalyzers” field.
Case ID: DFR-3185
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titleCOMPLIANCE ENGINE

Info

Status
colourGreen
titlefeature
AWS Organization Unit - 10:00 UTC
Description: Added support for AWS Organization Unit in compliance engine and protected assets.
Case ID: DFR-2914
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titleFETCHERS
Status
titlePROTECTED ASSETS

Deployment March 24, 2024

Info

Status
colourRed
titleFIXED
Risk Management - Azure SQL Server Network Exposure - 13:25 UTC

Description: Ignoring firewall rule that allows traffic from Azure services when calculating external public exposure.
Case ID: CNAPP-7702
Known limitations: N/A 
Affected Components:

Status
titleRISK MANAGEMENT
Status
titlePROTECTED ASSETS

Info

Status
colourGreen
titleIMPROVEMENT
Azure Load Balancer 11:00
Description: Added outbound rules support for the ‘LoadBalancer’ entity as a new property: ‘outboundRules’.
Case ID: DFR-2352
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titleCOMPLIANCE ENGINE

Deployment March 19, 2024

Info

Status
colourGreen
titleIMPROVEMENT
AWS CloudWatch Events - 11:10 UTC
Description: Added support for ECS parameters as new property 'targets[].ecsParameters' for the ‘CloudWatchEventsRule’ entity.
Case ID: DFR-3372
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titleCOMPLIANCE ENGINE

Info

Status
colourGreen
titleIMPROVEMENT
AWS Security Group - 11:10 UTC
Description: Added support in the ‘SecurityGroup’ entity for ‘EcsSchduledTask’ under the ‘networkAssetsStats’ property.
Case ID: DFR-3372
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titleCOMPLIANCE ENGINE

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 10:30 UTC

Description: New Ruleset CIS Amazon EKS Benchmark v1.4.0, New Ruleset CIS GKE Benchmark v1.5.0, New Ruleset CIS Microsoft Kubernetes Engine (AKS) Benchmark v1.4.0; New AWS,OCI, Alibaba ,GCP and Kubernetes rules. A complete list can be found here.

Case ID: CNAPP-7660, DFT-3455
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Deployment March 19, 2024

Info

Status
colourGreen
titleIMPROVEMENT
AWS S3 Bucket - 12:00 UTC
Description: Avoid deleting previous data of AWS S3 Bucket when not receiving new data (due to missing permissions or other reasons).
Case ID: DFR-2952
Known limitations: N/A
Affected Components:
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
AWS Account - 10:30 UTC
Description: Added support for ‘Contact Information’ property in AWS Account in Compliance engine & Protected Assets.
Case ID: DFR-2383
Known limitations: N/A
Affected Components:
Status
titleFETCHERS

Info

Status
colourGreen
titleIMPROVEMENT
OCI VNIC - 9:30 UTC
Description: Expose public & private IP in OCI VNIC in Protected Assets page
Case ID: DFT-3217
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titlePROTECTED ASSETS

Deployment March 18, 2024

Info

Status
colourGreen
titleIMPROVEMENT
Sydney - GCP BigQueryTable, GCP DataprocCluster - 10:00 UTC
Description: GCP BigQueryTable and GCP DataprocCluster are now containing more fields (fields that are not configured will contain null). Relevant to Sydney DC only.
Case ID: CNAPP-7553
Known limitations: N/A
Affected Components:
Status
titleFETCHERS

Info

Status
colourRed
titlefixed
AWS Credential Report API - 9:00 UTC

Description: Fixed an issue that caused the presentation of old data in the 'CloudIamCredentialReport' API.

Case ID: DFT-3454
Known limitations: N/A 
Affected Components:

Status
titlefetchers

Deployment March 17, 2024

Info

Status
colourRed
titlefixed
GSL Builder Export | OU Path set to N/A while running a GSL rule - 15:00 UTC

Description: Fixed missing OU path when exporting from GSL builder

Case ID: DFT-3339
Known limitations: N/A 
Affected Components:

Status
titleui

Info

Status
colourRed
titlefixed
UI | Unable to associate Ali baba cloud to another OU - 11:00 UTC

Description: Fixed failure to associate Ali baba cloud to OU

Case ID: DFT-3496
Known limitations: N/A 
Affected Components:

Status
titleui

Info

Status
colourRed
titlefixed
Azure PostgreSQL - 10:50 UTC

Description: Fixed an issue that caused partial fetching for ‘PostgreSQL’ entities.

Case ID: DFT-3466
Known limitations: N/A 
Affected Components:

Status
titlefetchers

Deployment March 14, 2024

Info

Status
colourGreen
titlefeature
GCP Identity Platform - 13:00 UTC
Description: Added support for GCP Identity Platform Entities: IdentityPlatformTenant and IdentityPlatformUser.
Case ID: CNAPP-1463
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titleFETCHERS
Status
titlePROTECTED ASSETS

Info

Status
colourGreen
titleIMPROVEMENT
Azure Network Security Groups Management - 11:30 UTC
Description: Internal change in the way we generate tokens to access Azure APIs. The change affects services that manage the network security groups in Azure.
Case ID: CNAPP-7585
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titleAPI

Info

Status
colourGreen
titleFEATURE
Risk Management - Network Exposure - 11:30 UTC

Description: Network Exposure support for Azure SQL Server. Available in Protected Assets and as part of the risk score calculation.
Case ID: CNAPP-7064
Known limitations: N/A 
Affected Components:

Status
titleRISK MANAGEMENT
Status
titlePROTECTED ASSETS

Info

Status
colourRed
titlefixed
AWS VPC\KMS\Route table shown incorrectly in Protected Assets - 10:00 UTC

Description: Fixed a bug where AWS VPC\KMS was shown as Alibaba VPC\KMS in the protected assets table, and AWS route table was shown as Azure route table in the protected assets table.

Case ID: DFT-3458, DFT-3510, DFT-3452, DFT-3508
Known limitations: N/A 
Affected Components:

Status
titleui

Deployment March 13, 2024

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 10:00 UTC

Description: New AWS, OCI, Alibaba, and GCP rules; DFTs fixes. A complete list can be found here.

Case ID: CNAPP-7557, DFT-3484, DFT-3447
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Info

Status
colourRed
titlefixed
UI | Missing permissions | Key vault seems to be duplicated on the amount of entities that have an issue- 10:00 UTC

Description: Remove duplication of key vault

Case ID: DFT-3408
Known limitations: N/A 
Affected Components:

Status
titleui

Deployment March 12, 2024

Info

Status
colourRed
titlefixed
UI | Reporting | when we download the report from CIEM somehow don't get the label column on the export file- 14:00 UTC

Description: Lable was added to CIEM findings

Case ID: DFT-2551
Known limitations: N/A 
Affected Components:

Status
titleui

Deployment March 10, 2024

Info

Status
colourGreen
titlefeature
GCP Cloud Source Repository 13:00 UTC
Description: Added support for GCP Cloud Source Repository entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-1467
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titleFETCHERS
Status
titlePROTECTED ASSETS

Deployment March 07, 2024

Info

Status
colourGreen
titleIMPROVEMENT
Azure Network Security Groups Management - 13:25 UTC
Description: Internal change in the way we generate tokens to access Azure APIs. The change affects services that manage the network security groups in Azure.
Case ID: CNAPP-7491
Known limitations: N/A
Affected Components:
Status
titleFETCHERS
Status
titleAPI

Info

Status
colourGreen
titleIMPROVEMENT
Azure User - 12:30 UTC
Description: Added support for ‘assignmentRoles’ property in Azure User in Compliance Engine and Protected Assets.
Case ID: DFT-3348
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titleFETCHERS
Status
titlePROTECTED ASSETS

Info

Status
colourGreen
titleIMPROVEMENT
Azure Cosmos DB Account - 11:15 UTC
Description: Added support for ‘minimalTlsVersion’ property in Azure Cosmos DB Account in Compliance Engine and Protected Assets.
Case ID: DFR-2932
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titleFETCHERS
Status
titlePROTECTED ASSETS

Deployment March 06, 2024

Info

Status
colourRed
titlefixed
UI | MSP | Cannot switch roles on FireFox - 14:00 UTC

Description: Fixed issue of switching logs in MSP in Firefox

Case ID: DFT-3430
Known limitations: N/A 
Affected Components:

Status
titleui

Info

Status
colourGreen
titleIMPROVEMENT
Compliance Rulesets Update - 11:00 UTC

Description: DFTs fixes. A complete list can be found here.

Case ID: CNAPP-7453, DFT-3455, DFT-3381
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Info

Status
colourGreen
titleIMPROVEMENT
GCP GKE Cluster - 10:00 UTC
Description: Added support for ‘networkConfig’ property in GCP GkeCluster.
Case ID: DFR-2663
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titlefetchers

Info

Status
colourRed
titlefixed
AWS Kinesis Firehose - 06:00 UTC

Description: Fixed rate limit issue in AWS Kinesis Firehose.

Case ID: DFT-3432
Known limitations: N/A 
Affected Components:

Status
titlefetchers

Deployment March 05, 2024

Info

Status
colourGreen
titlefeature
GCP Cloud Armor Security Policy entity - 13:00 UTC
Description: Added support for GCP Cloud Armor Security Policy entity in Compliance Engine and Protected Assets.
Case ID: DFR-2968
Known limitations: N/A
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titleFETCHERS
Status
titlePROTECTED ASSETS

Deployment March 04, 2024

Info

Status
colourRed
titlefixed
UI | Typo in Role Creation Screen - 18:00 UTC

Description: Fix typo in role creation screen

Case ID: DFT-3483
Known limitations: N/A 
Affected Components:

Status
titleui

Deployment March 04, 2024

Info

Status
colourRed
titlefixed
Slack and Teams Notification - 18:00 UTC

Description: Bug fix in Slack and Teams Notifications.

Case ID: CNAPP-8613
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS

Deployment March 02, 2024

Info

Status
colourGreen
titleIMPROVEMENT
AWS S3 Bucket - 17:30 UTC
Description: Added support for ‘encryption.serverSideEncryptionRules.serverSideEncryptionByDefault.isCrossAccountKey’ and ‘encryption.serverSideEncryptionRules.serverSideEncryptionByDefault.kmsKey' properties in AWS S3 Bucket in Compliance engine & Protected Assets.
Case ID: DFR-2482
Known limitations: Keys which are cross account will be seen in the 'kmsKey’ property - only if belongs to a cloud account which was on boarded to the same CloudGuard account as the S3Bucket’s cloud account, and only if the client has approved account data sharing.
Affected Components:
Status
titleCOMPLIANCE ENGINE
Status
titlePROTECTED ASSETS

Deployment March 01, 2024

Info

Status
colourRed
titlefixed
Slack and Teams Notification - 23:00 UTC

Description: Bug fix in Slack and Teams Notifications.

Case ID: CNAPP-8613
Known limitations: N/A 
Affected Components:

Status
titleCOMPLIANCE RULESETS