Deployment September 12, 2024
IMPROVEMENT Risk Management Protected Assets Toxic Combinations column UI change - 16:00 UTC
Description: Changed how the Toxic Combination data is represented in the column.
Case ID: CNAPP-10677
Known limitations:
Affected Components: RISK MANAGEMENT
Deployment August 01, 2024
FEATURE Asynchronous Assessment run over multiple cloud accounts - 00:40 UTC
Description: Add new microservice to support asynchronous assessment run for multpile cloud accounts.
Case ID: CNAPP-10241, CNAPP-9993, DFT-3489
Known limitations: Pending UI deployment.
Affected Components: COMPLIANCE ENGINE
Deployment July 10, 2024
FEATURE Asynchronous Assessment run over multiple cloud accounts - 22:30 UTC
Description: Add new API to support asynchronous assessment run for multpile cloud accounts.
Case ID: CNAPP-10239, CNAPP-10240
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment July 09, 2024
IMPROVEMENT GCP Asset Inventory fetching system - 11:00 UTC
Description: General improvement to the GCP Asset Inventory fetching system, including state machine for flow management and architecture update.
Case ID: CNAPP-9417
Known limitations: N/A
Affected Components:
Deployment June 10, 2024
IMPROVEMENT Teams and Slack immediate finding integrations - 22:20 UTC
Description: Alert ID field added to integrations modal.
Case ID: CNAPP-9370
Known limitations: N/A
Affected Components: INTEGRATIONS
FEATURE GCP Asset Inventory Mongo Updater - 13:00 UTC
Description: New component - GcpAssetInventoryMongoUpdater. Designated to sync Asset Inventory entities with to the latest exported version.
Case ID: CNAPP-7819
Known limitations: Only for Prod EU - Customers may experience duplicated BigQueryTable entities in the following 24h.
Affected Components:
FEATURE GCP Additional fetching system - 13:00 UTC
Description: Some assets are now fetched using a new fetching system.
Case ID: CNAPP-8525
Known limitations: GCP Asset Inventory API permission should be given
Affected Components: PROTECTED ASSETS COMPLIANCE ENGINE FETCHERS
Deployment June 06, 2024
IMPROVEMENT Minor UI improvements in ERM, CDR, and CIEM areas - 11:00 UTC
Description: Did various minor UI fixes and improvements around the aforementioned areas (e.g. You can now click the environment in the CDE Event popup)
Case ID: CNAPP-7973, CNAPP-7962
Known limitations: N/A
Affected Components: UI
Deployment June 05, 2024
IMPROVEMENT Azure SDK Upgrade - 05:40 UTC
Description: Upgraded Azure SDK for Azure Redis.
Case ID: CNAPP-8895
Known limitations: N/A
Affected Components: FETCHERS
Deployment June 01, 2024
IMPROVEMENT Compliance Engine - 01:05 UTC
Description: Internal Improvement of closing findings.
Case ID: CNAPP-8189, CNAPP-7645
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment May 29, 2024
IMPROVEMENT Azure SDK Upgrade - 05:40 UTC
Description: Upgraded Azure SDK for: Application Gateway & Azure Log Monitor
Case ID: CNAPP-8894
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 26, 2024
IMPROVEMENT AWS Fetchers - 14:30 UTC
Description: Added Azure Token Lambda exception support for Azure fetchers' permission retry mechanism.
Case ID: CNAPP-8664
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 22, 2024
IMPROVEMENT Azure SDK Upgrade - 06:40 UTC
Description: Upgraded Azure SDK for: Azure WebApp and Azure Function App
Case ID: IN-8043
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 17, 2024
IMPROVEMENT Teams and Slack single findings - 00:50 UTC
Description: Added Namespace field for teams and slack single findings.
Case ID: CNAPP-8799, CNAPP-8819
Known limitations: Security Events
Affected Components: COMPLIANCE ENGINE
Deployment May 15, 2024
IMPROVEMENT Minor fixes in ERM and Protected Assets UI - 12:00 UTC
Description: Various cosmetic and performance fixes in the UI.
Case ID: CNAPP-8222
Known limitations: N/A
Affected Components: PROTECTED ASSETS UI
IMPROVEMENT Azure Fetchers - 10:15 UTC
Description: Updated client initialization on expired token for:
Microservices/AzureActivityLogAlert
Microservices/AzureActivityLogDiagnosticSetting
Microservices/AzureApplicationGateway
Microservices/AzureDataExplorer
Microservices/AzureEventHubNamespace
Microservices/AzureHDInsight
Microservices/AzureKeyVault
Microservices/AzureMySqlDbFlexibleServerConfig
Microservices/AzureRedis
Microservices/AzureServiceFabricCluster
Microservices/AzureSqlServer
Microservices/AzureStorage
Microservices/AzureStorageBlobContainer
Microservices/AzureStorageBlobServices
Microservices/AzureStorageFileServices
Microservices/AzureStorageQueueServices
Microservices/AzureStorageTableServices
Microservices/AzureVirtualMachine
Microservices/AzureVirtualMachineScaleSet
Case ID: CNAPP-8403
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 9, 2024
IMPROVEMENT Integration Audit Throttler - 02:00 UTC
Description: Add throttling mechanism for integration event auditing
Case ID: CNAPP-8317
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment May 8, 2024
FEATURE Elastic Search Alias Support - 12:00 UTC
Description: Alias support was added for the asset indexer cluster, meaning we are now reading and writing from the alias, and not from the index.
Case ID: CNAPP-8525
Known limitations: N/A
Affected Components: PROTECTED ASSETS
Deployment May 7, 2024
IMPROVEMENT FetchingRunStatus - 8:45 UTC
Description: Updated FetchingRunStatus to use sqs-batch-deletion.
Case ID: IN-8648
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 5, 2024
IMPROVEMENT Azure Fetchers - 14:00 UTC
Description: Removed ‘clientId’ dependencies from Azure fetchers.
Case ID: CNAPP-8646
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 1, 2024
IMPROVEMENT AWS Fetchers - 9:30 UTC
Description: Updated the AWS fetchers' microservices to use sqs-delete-in-batches.
Case ID: CNAPP-8555
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Azure Fetchers - 8:00 UTC
Description: Updated the Azure fetchers' microservices to use sqs-delete-in-batches.
Case ID: CNAPP-8554
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 30, 2024
IMPROVEMENT GCP Fetchers - 8:00 UTC
Description: Updated the GCP fetchers' microservices to use sqs-delete-in-batches.
Case ID: CNAPP-8553
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 28, 2024
IMPROVEMENT Alibaba Fetchers - 8:00 UTC
Description: Updated the following microservices to use sqs-delete-in-batches:
Microservices/AlibabaOssBucket
Microservices/AlibabaRamRole
Microservices/AlibabaRamUser
Microservices/AlibabaSecurityGroup
Microservices/AlibabaSlb
Microservices/AlibabaVpc
Case ID: CNAPP-8552
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 27, 2024
IMPROVEMENT Slack Formatter - single findings - 01:00 UTC
Description: Add new MS - SlackFormatter.
Case ID: CNAPP-7276, CNAPP-7497
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE INTEGRATIONS
Deployment April 25, 2024
IMPROVEMENT Generic Fetchers - 8:00 UTC
Description: Updated the following microservices to use sqs-delete-in-batches:
Microservices/AlibabaGenericEntity
Microservices/AwsGenericEntity
Microservices/AzureGenericEntity
Microservices/GcpGenericEntity
Microservices/OciGenericEntity
Case ID: CNAPP-7889
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 14, 2024
IMPROVEMENTAzure Token Generator - 06:30 UTC
Description: Updated Azure’s Network Security Group fetcher and Azure’s Virtual Network Peering token generator implementations.
Case ID: CNAPP-8285, CNAPP-8284
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 10, 2024
IMPROVEMENTAzure Token Generator - 13:00 UTC
Description: Upgraded Azure Storage Account internal client to use Azure Token Generator.
Case ID: CNAPP-8289
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENTAzure Token Generator - 7:15 UTC
Description: Upgraded Azure KeyVault internal client to use Azure Token Generator.
Case ID: CNAPP-8288
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Teams Formatter - single findings - 00:40 UTC
Description: Add new MS - TeamsFormatter.
Case ID: CNAPP-7496
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE INTEGRATIONS
Deployment April 9, 2024
IMPROVEMENT Minor UI changes in the Security Issues page - 00:40 UTC
Description: Added the table footer and some more minor internal changes.
Case ID: CNAPP-8218
Known limitations: N/A
Affected Components: UI RISK MANAGEMENT
Deployment April 8, 2024
IMPROVEMENT Azure Token Generator - 11:10 UTC
Description: The following microservices' AzureBaseArmClientWrapper were upgraded to use the Azure Token Generator:
Microservices/AzureVirtualNetwork
Microservices/AzureVirtualNetworkGateway
Microservices/AzureFirewall
Microservices/AzureLoadBalancer
Microservices/AzurePrivateEndpoint
Microservices/AzurePublicIPAddress
Microservices/AzureRegionalWAF
Microservices/AzureBastion
Case ID: CNAPP-6773
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Azure Token Generator - 7:25 UTC
Description: The following microservices' AzureBaseClientWrapper were upgraded to use the Azure Token Generator:
Microservices/AzureActivityLogAlert
Microservices/AzureActivityLogDiagnosticSetting
Microservices/AzureApplicationGateway
Microservices/AzureDataExplorer
Microservices/AzureEventHubNamespace
Microservices/AzureHDInsight
Microservices/AzureKeyVault
Microservices/AzureMySqlDbFlexibleServerConfig
Microservices/AzureRedis
Microservices/AzureServiceFabricCluster
Microservices/AzureSqlServer
Microservices/AzureStorage
Microservices/AzureStorageBlobContainer
Microservices/AzureStorageBlobServices
Microservices/AzureStorageFileServices
Microservices/AzureStorageQueueServices
Microservices/AzureStorageTableServices
Microservices/AzureVirtualMachine
Microservices/AzureVirtualMachineScaleSet
Case ID: CNAPP-6775
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 7, 2024
IMPROVEMENT Azure Token Generator - 7:05 UTC
Description: Upgraded the following microservices' AzureApiWrapper to use the Azure Token Generator:
Microservices/AzureApplicationGateway
Microservices/AzureApplicationSecurityGroup
Microservices/AzureCosmosDbAccount
Microservices/AzureFunctionApp
Microservices/AzureLocks
Microservices/AzureLogicApp
Microservices/AzureNetworkInterface
Microservices/AzurePostgreSQL
Microservices/AzureResourceGroup
Microservices/AzureRouteTable
Microservices/AzureServiceBus
Microservices/AzureSubnet
Microservices/AzureWebApp
Case ID: CNAPP-6774
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 3, 2024
IMPROVEMENT GCP New Fetching System - 10:00 UTC
Description: Added integration between the current GCP project onboarding’s API to the new GCP system fetching system.
Case ID: CNAPP-7761
Known limitations: The new fetching system is not active in US an EU production environments yet.
Affected Components: FETCHERS API
Deployment March 28, 2024
IMPROVEMENT Risk Management - 12:00 UTC
Description: Internal changes in the way we gather CVEs, Threats and Secrets counters when calculating the risk score of assets.
Case ID: CNAPP-4802
Known limitations: N/A
Affected Components: RISK MANAGEMENT
Deployment March 25, 2024
IMPROVEMENT Aws ECS Task - 11:00 UTC
Description: Align ECS task data for all clients in Elastic Search with MongoDB data as some entities where deleted but still left in Elastic Search.
Case ID: DFT-3485
Known limitations: N/A
Affected Components: FETCHERS
Deployment March 23, 2024
IMPROVEMENT Internal Integrations Improvement - 01:15 UTC
Description: Internal Improvement in the CSPM Integrations Flow.
Case ID: CNAPP-6296
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment March 20, 2024
IMPROVEMENT Azure DDD - 11:30 UTC
Description: Migrate AzureBaseNoResourceGroupFetcher and its dependent micro services together for inventory azure DDD initiative.
Case ID: IN-8559
Known limitations: N/A
Affected Components: FETCHERS PROTECTED ASSETS
Deployment March 17, 2024
FIX Generic Entities - 9:30 UTC
Description: Update entity with new additional fields, not only from generic configuration, but also form handlers in the code.
Case ID: DFT-3217
Known limitations: N/A
Affected Components: PROTECTED ASSETS
Deployment March 17, 2024
IMPROVEMENT Protected Assets API - 11:00 UTC
Description: Internal error handling changes in Protected Assets API.
Case ID: CNAPP-7511
Known limitations: N/A
Affected Components: API
Deployment March 11, 2024
FIX Context graph - 16:00 UTC
Description: Fixed an issue where the context graph for some AWS entities would display an incorrect route table.
Case ID: DFT-3040, CNAPP-4785
Known limitations: N/A
Affected Components: UI
IMPROVEMENT Various UI changes in the Risk Management area - 16:00 UTC
Description: Changed some icons, texts, and spacings.
Case ID: CNAPP-6557
Known limitations: N/A
Affected Components: UI
Deployment March 07, 2024
IMPROVEMENT Internal Improvement - 03:10 UTC
Description: Internal Logging Improvement of Security Event.
Case ID: CNAPP-7547
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment March 01, 2024
IMPROVEMENT Internal Improvement - 02:00 UTC
Description: DDD - Teams and Slack Notifications.
Case ID: CNAPP-7110
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment February 26, 2024
IMPROVEMENT Internal Improvement - 23:45 UTC
Description: DDD - Teams and Slack Notifications.
Case ID: CNAPP-7109
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment February 14, 2024
IMPROVEMENT SyncNow will not trigger AWS generic fetching for excluded vendors - 12:15 UTC
Description: Align the behavior of SyncNow with the regular flow to ignore excluded vendors. For now, the fix will affect only for AWS generic entities.
Case ID: IN-8588
Known limitations: Not working yet in Azure & OCI (not relevant for GCP & Alibaba which have only one cloud vendor), and only for generic entities.
Affected Components: FETCHERS
Deployment February 07, 2024
IMPROVEMENT Azure DDD - 11:30 UTC
Description: Migrate GenericEntityFetcher and its dependent infra together for inventory azure DDD initiative.
Case ID: IN-8561
Known limitations: N/A
Affected Components: FETCHERS PROTECTED ASSETS
IMPROVEMENT Azure Generic Fetcher - 11:30 UTC
Description: Azure generic fetcher was upgraded. Tokens are now pulled from the AzureTokenGenerator Lambda instead of being issued individually on the microservice.
Case ID: CNAPP-6772
Known limitations: N/A
Affected Components: FETCHERS
Deployment January 31, 2024
IMPROVEMENT Azure DDD - 12:15 UTC
Description: Migrated all the Micro Services that are related to the AzureBaseFetcherV3 fetcher to use new inventory tenant level fetcher (with DDD approach):
Case ID: IN-8560
Known limitations: N/A
Affected Components: FETCHERS PROTECTED ASSETS
IMPROVEMENT Azure DDD - 12:15 UTC
Description: Migrated all the Micro Services that are related to the IConsumer fetcher to use new inventory tenant level fetcher (with DDD approach):
Case ID: IN-8562
Known limitations: N/A
Affected Components: FETCHERS PROTECTED ASSETS
Deployment January 24, 2024
IMPROVEMENT Azure Fetchers - 09:30 UTC
Description: Azure fetchers were upgraded for 28 entities - All that are using Inventory's AzureRestApi/AzureGraphApi wrappers.
Tokens are now pulled from the AzureTokenGenerator Lambda instead of being issued individually on each MS .
Case ID: CNAPP-6771
Known limitations: N/A
Affected Components: FETCHERS
Deployment January 21, 2024
FIXED Azure MySQL Flexible Server - 08:20 UTC
Description: Update API version and Schema of Azure MySQL Flexible Server.
Case ID: IN-8094
Known limitations: N/A
Affected Components: FETCHERS
Deployment January 12, 2024
IMPROVEMENT Azure DDD - 09:30 UTC
Description: Migrated all the Micro Services that are related to the AzureBaseNoResourceGroupFetcherV2 base fetcher to use new inventory tenant level fetcher (with DDD approach):
Case ID: IN-8534
Known limitations: N/A
Affected Components: FETCHERS PROTECTED ASSETS
Deployment January 8, 2024
IMPROVEMENT Azure DDD - 14:30 UTC
Description: Migrated all the Micro Services that are related to the base fetcher listed below to use new inventory tenant level fetcher (with DDD approach):
AzureRestApiFetcher
AzureBaseFetcher
AzureBaseFetcherV2
Case ID: IN-8500, IN-8501, IN-8518
Known limitations: N/A
Affected Components: FETCHERS PROTECTED ASSETS
Deployment December 27, 2023
IMPROVEMENT Update support in China for Azure services - 10:15 UTC
Description: Update Azure unsupported services - all China or specific regions in China.
Case ID: CNAPP-5048
Known limitations: N/A
Affected Components: FETCHERS
Deployment December 24, 2023
IMPROVEMENT Rearrange AWS Read Only On-Boarding IAM Policy - 11:00 UTC
Description: Remove redundant permissions that are already included in Security Audit IAM policy.
Case ID: IN-8506
Known limitations: N/A
Affected Components: OBOARDING
Deployment December 21, 2023
IMPROVEMENT Azure DDD - 14:30 UTC
Description: Migrated all the Micro Services that are related to the base fetcher listed below to use new inventory tenant level fetcher (with DDD approach):
AzureEnrichedBaseFetcher
AzureRestApiFetcherV2
AzureRestApiFetcherV3
Case ID: IN-8450, IN-8452, IN-8451
Known limitations: N/A
Affected Components: FETCHERS PROTECTED ASSETS
FIXED AwsEc2Instance api get-by-id - 08:20 UTC
Description: Fixed query of AwsEc2Instance api get-by-id to get the correct account ID.
Case ID: IN-3351
Known limitations: N/A
Affected Components: API
IMPROVEMENT Account / Environment Deletion - 09:30 UTC
Description: Internal notification changes for account and environment deletion APIs.
Case ID: CNAPP-5605
Known limitations: N/A
Affected Components: API MSP
Deployment December 13, 2023
FIXED AWS Generic Fetcher - 10:40 UTC
Description: Throw an error on unsupported property type in AWS fetcher
Case ID: IN-5317
Known limitations: N/A
Affected Components: FETCHERS
Deployment December 06, 2023
FIXED Basic Enrichment - 10:45 UTC
Description: Added support for {resourceGroupName} in basic enrichment.
Case ID: IN-8449
Known limitations: N/A
Affected Components: FETCHERS
FIXED Azure Generic Fetcher - 10:45 UTC
Description: Added Null Check in Bson Document manipulation.
Case ID: IN-8467
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Compliance Integrations - Log Additional Information - 00:30 UTC
Description: Additional Information for compliacne integrations logs was added.
Case ID: DFT-3051, CNAPP-5019
Known limitations: N/A
Affected Components: NOTIFICATION
Deployment December 02, 2023
IMPROVEMENT Compliance Notifications - Send Finding On Each Occurrence For Security Event- 01:40 UTC
Description: Add functionality to support security events from non-posture flows (without assessments), to send findings to notification integrations for each occurrence
Case ID: DFR-2773, CNAPP-4858
Known limitations: Protected by feature flag and will be opened to single account for Intelligence flow.
Affected Components: EVENTSNOTIFICATION
Deployment November 30, 2023
IMPROVEMENT Azure DDD - Tenant Level Fetcher - 14:30 UTC
Description: Migrated azure Tenant Level Micro Services to use new inventory tenant level fetcher (with DDD approach)
Case ID: IN-8220
Known limitations: N/A
Affected Components: FETCHERS COMPLIANCE ENGINEPROTECTED ASSETS
IMPROVEMENT Azure Network Exposure - 10:00 UTC
Description: Internal changes in Azure Network Exposure calculation. Preparation to support FunctionApp.
Case ID: CNAPP-4802
Known limitations: N/A
Affected Components: RISK MANAGEMENT
Deployment November 22, 2023
IMPROVEMENT Azure DDD - Access Review Schedule Migration- Tenant Level Fetcher - 10:00 UTC
Description: Migrated Azure Access Review Schedule Micro Service to use new inventory tenant level fetcher.
Case ID: IN-8218
Known limitations: N/A
Affected Components: FETCHERS COMPLIANCE ENGINEPROTECTED ASSETS
Deployment November 7, 2023
FIX Minor UI adjustments and fixes in Risk Management - 13:00 UTC
Description: Fixed the behavior of the “favorites” button in all the risk management pages and some other minor fixes.
Case ID:
Known limitations: N/A
Affected Components: UI
Deployment October 5, 2023
IMPROVEMENT Minor UI adjustments in Risk Management Dashboard - 10:00 UTC
Description: Changed the order between critical and high colored bars, and some other fixes.
Case ID: CNAPP-3778
Known limitations: N/A
Affected Components: UI
IMPROVEMENT Fetchers - Improve SumoLogic Terraform - 8:30 UTC
Description: Improved SumoLogic components Terraform structure.
Case ID: CNAPP-2492
Known limitations: N/A
Affected Components: FETCHERS
Deployment September 27, 2023
IMPROVEMENT Azure AD Cond Access Named Location, Azure AD Access Reviews Schedule Definition, Azure AD Cond Access Policy - 10:00 UTC
Description: Fixed a JsonSerializationException in AzureADCondAccessNamedLocation, AzureADAccessReviewsScheduleDefinition, AzureADCondAccessPolicy.
Case ID: IN-8103
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Supported classic builder for Azure Generic Entity framework - 10:00 UTC
Description: Added support for classic builder in AzureGenericEntity framework.
Case ID: IN-8178
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment September 13, 2023
IMPROVEMENT AWS Generic Fetcher - 12:00 UTC
Description: Added support for not matching request and response pagination parameters.
Case ID: IN-8204
Known limitations: N/A
Affected Components: FETCHERS
Deployment September 3, 2023
IMPROVEMENT Permission error classification - 11:00 UTC
Description: Classified “is not authorized to perform assume role” error as permission error
Case ID: IN-7931
Known limitations: N/A
Affected Components:
Deployment August 27, 2023
FIXED Generic entity - Allowed exceptions - 14:30 UTC
Description: Added allowed exception configuration to the generic entity scheme.
Case ID: IN-8125
Known limitations: N/A
Affected Components: FETCHERS
Deployment August 3, 2023
IMPROVEMENT GSL field rename - 11:00 UTC
Description: Renamed the field riskModifiers to additionalInfo in all relevant entities.
Case ID: CNAPP-1694
Known limitations: N/A
Affected Components: ERM
Deployment July 30, 2023
IMPROVEMENT Migrate AzureSubnet to Inventory azure domain - 11:00 UTC
Description: Migrate first Azure MS to Inventory azure domain - AzureSubnet
Case ID: IN-8064
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 26, 2023
FIXED Azure ADCondAccessNamedLocation - 18:00 UTC
Description: Fixed a JsonSerializationException in AzureADCondAccessNamedLocation.
Case ID: IN-8057
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Support China - Fix .NET Code self-built ARNs - 14:15 UTC
Description: Fix self-built ARNs in MSs' .NET Code, to support Cloud Guard on China.
Case ID: CNAPP-1142
Known limitations: N/A
Affected Components: FETCHERS COMPLIANCE ENGINE PROTECTED ASSETS
IMPROVEMENT API Calls Spreading - 09:00 UTC
Description: Producers' WorkItems are now published with an account offset which spreads the workload across time, preventing the high peaks we had due to the different polling mechanisms that we have.
Case ID: IN-1328, IN-7795
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 23, 2023
IMPROVEMENT Support China - Fix Terraform self-built ARNs - 07:00 UTC
Description: Fix self-built ARNs in MSs' Terraform, to support CloudGuard on China.
Case ID: CNAPP-843
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 19, 2023
IMPROVEMENT Azure SDK version upgrade - 12:25 UTC
Description: Upgraded the SDK to retrieve information from Azure for the mentioned services.
AzureBastion, AzureFirewall, AzureLoadBalancer, AzurePrivateEndpoint, AzurePublicIPAddress, AzureRegionalWAF, AzureStorage, AzureVirtualMachine, AzureVirtualNetworkGateway
Case ID: IN-7936
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 13, 2023
IMPROVEMENT Missing Permissions - 14:25 UTC
Description: Internal improvement, cleanup and testing, for ignorable missing permissions.
Case ID: PLAT-8492
Known limitations: N/A
Affected Components: MISSING PERMISSIONS
Deployment July 12, 2023
IMPROVEMENT Fetchers - Read from secondary Mongo in same AZ only - Prod - 11:45 UTC
Description: Added mechanism to use secondary Mongo in same availability zone.
Case ID: IN-8044
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 9, 2023
FIXED AWS VPC Flow Log 15:00 UTC
Description: Fixed an issue where NullExceptions were preventing new AwsVpcFlowLog entities from being added to the DB.
Case ID: IN-5440
Known limitations: N/A
Affected Components:
IMPROVEMENT Code decupling - Removed old files of Inventory from legacy projects 10:15 UTC
Description: Code decupling - removed old files of Inventory from legacy projects and added references to Inventory new libraries or to the CGN.Common libraries.
Case ID: IN-7772
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 5, 2023
IMPROVEMENT Fetchers - Split Sumo SourceCategory into several fields in SumoLogic - 16:00 UTC
Description: Changed sourceCategory to be identical for all Inventory Components, and added three new filterable fields: microserviceName, businessFlow & Vendor.
Case ID: IN-7339
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Fetchers - Read from secondary Mongo in same AZ only - Stage testing - 16:00 UTC
Description: Added mechanism to use secondary Mongo in same availability zone.
Case ID: IN-3851
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 2, 2023
FIXED AwsIamUserAttachedPolicyRelation - 07:00 UTC
Description: A migration was done to AwsIamUserAttachedPolicyRelation entities, old entities that were holding AwsIamRoleAttachedPolicyRelation SRLs were migrated to hold the new SRL form.
Case ID: IN-8018
Known limitations: N/A
Affected Components:
Deployment June 29, 2023
FIXED Minor UI fixes in Risk Management pages - 14:30 UTC
Description: Fixed various display issues mainly in the Protected Assets table and the Protected Asset page of Risk Management
Case ID: SEC-1076, SEC-1115, SEC-1108
Known limitations: N/A
Affected Components: ERM
Deployment June 28, 2023
FIXED AwsIamUserAttachedPolicyRelation - 11:30 UTC
Description: An issue where AwsIamUserAttachedPolicyRelation entities were issued with AwsIamRoleAttachedPolicyRelation’s SRLs was fixed.
Case ID: IN-7756
Known limitations: N/A
Affected Components: FETCHERS
FIXED Deprecated API for GCP Essential contact - 07:30 UTC
Description: Changed deprecated API for GCP Essential contact.
Case ID: IN-7952
Known limitations: N/A
Affected Components: FETCHERS
FIXED AzureADCondAccessPolicy - 07:30 UTC
Description: Fixed a JsonSerializationException in AzureADCondAccessPolicy.
Case ID: IN-7993
Known limitations: N/A
Affected Components:
IMPROVEMENT GSL2 Connectors - 07:30 UTC
Description: Updates to the rule parser to log connectors at the bundle level instead of the rule level, to reduce logs
Case ID: IN-7697
Known limitations: N/A
Affected Components: COMPLIANCE ENGINECOMPLIANCE RULESET
IMPROVEMENT Azure Storage - 07:30 UTC
Description: Upgraded the SDK to retrieve advanced threat protection settings for Azure storage accounts.
Case ID: IN-7080
Known limitations: N/A
Affected Components: FETCHERS
Deployment June 22, 2023
IMPROVEMENT Enable health check in all fetchers - 14:00 UTC
Description: Enable health check with self healing in all fetchers.
Case ID: IN-7195
Known limitations: N/A
Affected Components: FETCHERS
Deployment June 22, 2023
FIXED Minor UI fixes in ERM Dashboard - 14:20 UTC
Description: Fixed title and By Type chart sort
Case ID: SEC-1010
Known limitations: N/A
Affected Components:
Deployment June 18, 2023
IMPROVEMENT AWS Generic Fetcher 9:30 UTC
Description: The "StringsListResponsePropertyToInitiate" property was deprecated from ApiConfig configurations for AWS Generic Fetcher.
Case ID: IN-7740
Known limitations: N/A
Affected Components: FETCHERS
Deployment June 15, 2023
FEATURE Added Network Exposure to GSL - 09:20 UTC
Description: The Network Exposure property is now supported in GSL queries.
Case ID: SEC-990
Known limitations: N/A
Affected Components: GSL
Deployment June 14, 2023
FIXED Azure App Registration Bug fix - 17:20 UTC
Description: Fixed null reference
Case ID: IN-7911
Known limitations: N/A
Affected Components:
FIXED health check for all fetchers - 17:20 UTC
Description: Fix parameters for health check with self healing in all fetchers.
Case ID: IN-7195
Known limitations: N/A
Affected Components: FETCHERS
Deployment June 13, 2023
FEATURE Assets with open findings report OCI support - 13:00 UTC
Description: Added support for OCI entities with open findings, now the assets with open findings report will include them as well.
Case ID: IN-6641, IN-7680, DFR-2526
Known limitations: N/A
Affected Components:
Deployment June 11, 2023
IMPROVEMENT Add health check for all fetchers - 14:00 UTC
Description: Added ability to health check with self healing in all fetchers.
Case ID: IN-7195
Known limitations: N/A
Affected Components: FETCHERS
Deployment June 8, 2023
FIXED Assets With Open Findings Report - 11:00 UTC
Description: Fixed assets with open findings report bad gateway exception
Case ID: IN-7789
Known limitations: N/A
Affected Components:
Deployment June 7, 2023
FIXED AccountsPollingInterval - 11:00 UTC
Description: Fixed a bug related to the decrement of the polling interval for customers which renewed their plan after their polling frequency was already reduced.
Case ID: IN-7866
Known limitations: N/A
Affected Components: FETCHERS
Deployment June 6, 2023
IMPROVEMENT Migrated bulk of Aws MS to Inventory Domain - 11:30 UTC
Description: Migrated the following bulk of Aws MS to Inventory Domain: AwsAccessAnalyzer, AwsAccessAnalyzerFinding, AwsAccountAlternateContact, AwsApplicationAutoScalingPolicy, AwsAutoScalingGroup, AwsConfigSettings, AwsCustomerGateway, AwsEc2Images, AwsEcrRepository, AwsEcsCluster, AwsEcsService, AwsEcsTask, AwsEcsTaskDefinition, AwsEcsTaskDefinitionTags, AwsElasticIP, AwsElasticLoadBalancer, AwsElasticsearch, AwsEmrCluster, AwsGuardDutyDetector, AwsIamAccountSummary, AwsIamInstanceProfile, AwsIamPasswordPolicy, AwsIamRoleAttachedPolicies, AwsIamRoleInlinePolicies, AwsIamServerCertificate, AwsInternetGateway, AwsInspector, AwsLookupEvent, AwsMetricAlarm, AwsMqBroker, AwsNatGateway, AwsOrganizationAccount, AwsOrganizations, AwsOrganizationUnit, AwsPersonalize, AwsRds, AwsRdsDbSnapshot, AwsRdsOptionGroup, AwsRdsParameterGroup, AwsRedShift, AwsRoute53Domains, AwsRoute53HostedZones, AwsSes, AwsTransfer, AwsTransitGateway, AwsTranslationJob, AwsTranslationTerminology, AwsVirtualMfaDevices, AwsVpcEndpoint, AwsVpcFirewall, AwsVPNConnection, AwsVpnGateway, AwsWAFRegional, AwsWAFRegionalV2, AwsSnsSubscription, AwsGlueConnection, AwsGlueSecurityConfiguration, AwsSagemaker, AwsSageMakerTrainingJob, AwsSnsPlatformApplication, AwsTranscribeJob, AwsTranscribeMedicalJob, AwsWorkspace, AwsWorkspaceDirectory.
Case ID: IN-7773
Known limitations: N/A
Affected Components: FETCHERS
FEATURE External API| Azure Org onboarding create and read API - 14:00 UTC
Description: External API| Azure Org onboarding create and read API
This is under feature flag
Case ID: PLAT-8209
Known limitations: N/A
Affected Components: ONBOARDING
Deployment June 5, 2023
FIXED AzureSubscriptionPolicy cron schedule - 08:30 UTC
Description: Enabled cron expression to execute on proper time slot.
Case ID: IN-7864
Known limitations: N/A
Affected Components: INFRA
Deployment June 1, 2023
FIX Minor bug fixes with regards to the Context Graph in the Protected Asset page - 12:00 UTC
Description: Various bug fixes in the presentation on the graph on the page.
Case ID: SEC-1034
Known limitations: N/A
Affected Components: UI
Deployment May 29, 2023
IMPROVEMENT AWS bulk migration to new Inventory Domain design - 13:00 UTC
Description: Migrated the following microservices: AwsEventRule, AwsLogGroups, AwsRouteTable, AwsSqs, AwsStepFunctionStateMachine, AwsSystemManagerDocument, AwsSystemManagerParameter, AwsDmsEndpoint, AwsEfs, AwsVolume, AwsAcmCertificate, AwsEbsSnapshot, AwsEbsSnapshotCreateVolumePermissions, AwsSecretManager
Case ID: IN-7723
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 24, 2023
IMPROVEMENT AWS Org onboarding improvements - 13:00 UTC
Description: Improvement for wizard and internal improvement of scaling of onboarding
AWS org onboarding is under feature flag
Case ID: PLAT-8230, PLAT-8232, PLAT-7923, PLAT-8212
Known limitations: N/A
Affected Components: UI ONBOARDING
Deployment May 23, 2023
IMPROVEMENT AWS EC2 Instance - 13:00 UTC
Description: Internal improvement to better fetch Aws Ec2 images.
Case ID: IN-7218
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 21, 2023
IMPROVEMENT Upgrade AWS SDK Core to latest stable - 13:00 UTC
Description: AWSSDK.Macie2 was upgraded from 3.7.10.15 to 3.7.101.15 or newer
Case ID: IN-7510
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Upgrade AWS SDK Core to latest stable - 13:00 UTC
Description: Upgraded the AWS SDK Core to the next stable major version (3.7.13.11 to 3.7.106.35).
Case ID: IN-7509
Known limitations: N/A
Affected Components: All backend components
Deployment May 18, 2023
IMPROVEMENT Internal Improvement - 22:35 UTC
Description: Add notification support for closed alerts.
Case ID: PLAT-8257
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
IMPROVEMENT Various bug fixes and enhancements in the Protected Asset Page - 13:00 UTC
Description: Fixed various issues and did minor enhancements in the Protected Asset Page.
Case ID: SEC-975, SEC-994, SEC-939, SEC-981
Known limitations: N/A
Affected Components: UI
Deployment May 17, 2023
IMPROVEMENT AWS bulk migration to new Inventory Domain design - 13:00 UTC
Description: Migrated the following microservices: AwsApiGatewayV2, AwsAthenaWorkGroup, AwsCognitoIdentityPool, AwsCognitoUserPool, AwsSnsTopic, AwsIamUserAccessKey, AwsIamUserAttachedPolicies, AwsIamUserEnrichments, AwsIamUserGroups, AwsIamUserInlinePolicies, AwsIamUserSSHPublicKeys
Case ID: IN-7684
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 16, 2023
IMPROVEMENT Internal Infrastructure Upgrade - 08:45 UTC
Description: Upgrade NodeJS version for some supporting Lambdas to 16.
Case ID: PLAT-8213
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE RLM
Deployment May 15, 2023
IMPROVEMENT Changed Inventory libraries to .net standard 2.0 - 07:00 UTC
Description: Changed Inventory libraries to .net standard 2.0
Case ID: IN-7685
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 14, 2023
IMPROVEMENT GSL 2.0 - Compliance Configurations Lambda - 09:00 UTC
Description: Upgrade lambda to supported nodeJS version 16.
Case ID: IN-5475
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment May 10, 2023
IMPROVEMENT AWS bulk migration to new Inventory Domain design - 09:00 UTC
Description: Migrated the following microservices: AwsCloudTrail, AwsDynamodb, AwsIamPolicyGlobal, AwsIamPolicyLocal, AwsIamRole, AwsIamUser, AwsKinesisStream, AwsKms, AwsKmsAlias, AwsNacl, AwsRegion, AwsSecurityGroup, AwsSubnet, AwsVpc, AwsVpcFlowLog, AwsVpcPeeringConnection
Case ID: IN-7653
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 7, 2023
IMPROVEMENT AWS AwsGenericEntity migrated to new Inventory Domain design - 09:00 UTC
Description: The Microservice AwsGenericEntity was migrated to new design as part of the inventory code decoupling.
Case ID: IN-7440
Known limitations: N/A
Affected Components: FETCHERS
Deployment May 1, 2023
IMPROVEMENT AWS LambdaFunction migrated to new Inventory Domain design - 09:00 UTC
Description: The Microservice LambdaFunction migrated to new design as part of the inventory code decoupling.
Case ID: IN-7366
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT AWS AwsIamRoleEnrichments migrated to new Inventory Domain design - 09:00 UTC
Description: The Microservice AwsIamRoleEnrichments migrated to new design as part of the inventory code decoupling.
Case ID: IN-7370
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 27, 2023
IMPROVEMENT Add Support for AWS Classic Builder For Generic Entities - 11:00 UTC
Description: Adding an AWS Classic Builder for a generic entity is now possible.
Case ID: IN-7458
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment April 11, 2023
IMPROVEMENT AWS EksCluster migrated to new Inventory Domain design - 09:00 UTC
Description: The Microservice AwsEksCluster migrated to new design as part of the inventory code decoupling.
Case ID: IN-7200
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 5, 2023
IMPROVEMENT AWS S3Bucket migrated to new Inventory Domain design - 09:00 UTC
Description: The Microservice AwsS3Bucket migrated to new design as part of the inventory code decoupling.
Case ID: IN-7369
Known limitations: N/A
Affected Components: FETCHERS
Deployment April 4, 2023
IMPROVEMENT AWS CloudFrontDistribution migrated to new Inventory Domain design - 08:30 UTC
Description: The Microservice AwsCloudFrontDistribution was migrated to new design as part of the inventory code decoupling.
Case ID: IN-7368
Known limitations: N/A
Affected Components: FETCHERS
Deployment March 29, 2023
IMPROVEMENT AwsApiGatway migrated to new Inventory Domain design - 08:30 UTC
Description: The Microservice AwsApiGatway was migrated to new design as part of the inventory code decoupling.
Case ID: IN-6393
Known limitations: N/A
Affected Components: FETCHERS
Deployment March 27, 2023
IMPROVEMENT OCI User- 13:30 UTC
Description: Added support for “groupMemberships" property.
Case ID: DFR-2614
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment March 23, 2023
FEATURE OCI Generic Entity - 13:30 UTC
Description: Implemented tags aggregation for all entities in OCI Generic Entity Fetcher.
Case ID: IN-7065
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FIXED OCI Analytics Instance - 13:30 UTC
Description: Removed the redundant 'Tags' property from OCI Analytics Instance
Case ID: IN-7162
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
FIXED OCI Compartment - 13:30 UTC
Description: Removed the redundant 'Tags' property from OCI Compartment
Case ID: IN-7162
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
FIXED generic-entity-configurations lambda - 13:30 UTC
Description: Fixed the generic-entity-configurations lambda handler to remove any outdated schema files from DynamoDB
Case ID: IN-7161
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
FEATURE OCI Event Rule - 13:30 UTC
Description: Added support for EventRule Entity in OCI.
Case ID: DFR-2611
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment March 22, 2023
IMPROVEMENT Support Risk Score in Protected Assets API - 10:10 UTC
Description: Support Risk Score in protected-asset API.
Case ID: SEC-650
Known limitations: N/A
Affected Components: PROTECTED ASSETS ERM API
Deployment March 16, 2023
IMPROVEMENT Framework configure upgrade - 17:10 UTC
Description: Internal framework configuration - Part 2.
Case ID: PLAT-7715
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment March 16, 2023
IMPROVEMENT Framework configure upgrade - 20:55 UTC
Description: Internal framework configuration.
Case ID: PLAT-7715
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
FEATURE AWS Org Onboarding - 17:05 UTC
Description: Add labling for cloud accounts that were onboarded with Organization Onboarding process.
Case ID: PLAT-7276
Known limitations: N/A
Affected Components: ORGANIZATION ONBOARDING
Deployment March 15, 2023
FEATURE OCI Cloud Guard Configuration - 09:00 UTC
Description: Added support for "OCI Cloud Guard Configuration" in Compliance Engine and Protected Assets.
Case ID: DFR-2561
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment March 9, 2023
FIXED OCI Fix freeformTags structure - 08:30 UTC
Description: Fixed the freeformTags property to be presented as an array instead of an object in all OCI entities
Case ID: IN-6812
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
FEATURE OCI Ons Topic - 08:30 UTC
Description: Added support for "OCI Ons Topic" in Compliance Engine and Protected Assets.
Case ID: DFR-2655
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment March 2, 2023
IMPROVEMENT Minor changes to the Protected Asset page - 13:00 UTC
Description: Minor bug fixes for a very rare case where tab name was not provided as part of the URL.
Case ID: SEC-3
Known limitations: N/A
Affected Components: UI
Deployment March 1, 2023
FEATURE OCI Dynamic Group - 08:30 UTC
Description: Added support for "OCI Dynamic Group" in Compliance Engine and Protected Assets.
Case ID: DFR-2652
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Analytics Instance - 08:30 UTC
Description: Added support for "OCI Analytics Instance" in Compliance Engine and Protected Assets.
Case ID: DFR-2649
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment February 22, 2023
IMPROVEMENT Compartment - 14:00 UTC
Description: Added an entity that represents the root compartment (Tenancy) in OCI Compartment
Case ID: IN-6967
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
IMPROVEMENT OciGenericEntity - 11:00 UTC
Description: Added support for "ResponsePropertyToUse" in OciGenericEntity.
Case ID: IN-6951
Known limitations: N/A
Affected Components: FETCHERS
FEATURE Support OCI in protected assets table - 11:00 UTC
Description: Add support to protected assets table for OCI
Case ID: IN-6950
Known limitations: N/A
Affected Components: UI
FEATURE OCI Load Balancer - 11:00 UTC
Description: Added support for "Load Balancer" in Compliance Engine and Protected Assets.
Case ID: DFR-2618
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Network Load Balancer - 11:00 UTC
Description: Added support for "Network Load Balancer" in Compliance Engine and Protected Assets.
Case ID: DFR-2596
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Integration Instance - 11:00 UTC
Description: Added support for "OCI Integration Instance" in Compliance Engine and Protected Assets.
Case ID: DFR-2653
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Tag Default - 11:00 UTC
Description: Added support for "OCI Tag Default" in Compliance Engine and Protected Assets.
Case ID: IN-6587
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Tenancy - 11:00 UTC
Description: Added support for "OCI Tenancy" in Compliance Engine and Protected Assets.
Case ID: IN-6965
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment February 16, 2023
FEATURE OCI Authentication Policy - 14:00 UTC
Description: Added support for "OCI Authentication Policy" in Compliance Engine and Protected Assets.
Case ID: IN-2616
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI User - 14:00 UTC
Description: Added support for "OCI User" in Compliance Engine and Protected Assets.
Case ID: IN-2615
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Group - 14:00 UTC
Description: Added support for "OCI Group" in Compliance Engine and Protected Assets.
Case ID: IN-6564
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Classic Builders Support - 12:40 UTC
Description: Added support for OCI Classic Builder in Compliance Engine and Protected Assets.
Case ID: IN-6687
Known limitations: N/A
Affected Components: COMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Log Groups - 12:40 UTC
Description: Added support for "OCI Log Groups" in Compliance Engine and Protected Assets.
Case ID: IN-6590
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment February 9, 2023
FEATURE OCI Kubernetes Engine Cluster - 12:00 UTC
Description: Added support for "OCI Kubernetes Engine Cluster" in Compliance Engine and Protected Assets.
Case ID: DFR-2597
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI VCN - 12:00 UTC
Description: Added support for "OCI VCN" (Virtual Cloud Network) in Compliance Engine and Protected Assets.
Case ID: IN-6747
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI File System - 12:00 UTC
Description: Added support for "OCI File System" in Compliance Engine and Protected Assets.
Case ID: IN-6595
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
FEATURE OCI Autonomous Database - 12:00 UTC
Description: Added support for "OCI Autonomous Database" in Compliance Engine and Protected Assets.
Case ID: IN-6585
Known limitations: N/A
Affected Components: FETCHERSCOMPLIANCE ENGINEPROTECTED ASSETS
Deployment February 8, 2023
FEATURE AWS Iam Role internal labels - 5:30 UTC
Description: Added internal label support for AWS Iam Role in Compliance Engine.
Case ID: IN-6724
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment February 5, 2023
IMPROVEMENT AWS KMS GSL 2.0 Connectors for S3Bucket, RDSDBCluster, DynamoDb, Personalize, CloudTrail - 14:30 UTC
Description: Added support for ‘kms’ property in S3Bucket, RDSDBCluster, DynamoDb, Personalize, CloudTrail in Compliance engine using GSL 2.0.
Case ID: IN-5991
Known limitations: Only when using Active Feature "gsl2-accounts".
Affected Components: COMPLIANCE ENGINE
Deployment January 31, 2023
IMPROVEMENT Assests With Open Findings API Rate Limit & Active Feature - 12:00 UTC
Description: Added to the Assests With Open Findings API rate limit of one request per hour and Active Feature per account.
Case ID: IN-6180
Known limitations: N/A
Affected Components: API
Deployment January 23, 2023
FIXED Azure AzureKubernetesCluster- 11:00 UTC
Description: Added "'ExternalObject.Identity.UserAssignedIdentities”" property to Azure AzureKubernetesClusterEntity in mongo only (for internal use)
Case ID: INT-2181
Known limitations: N/A
Affected Components: FETCHERS
FIXED Azure VirtualMachine- 10:00 UTC
Description: Added "'Identity”" property to Azure VirtualMachineEntity in mongo only (for internal use)
Case ID: INT-2182
Known limitations: N/A
Affected Components: FETCHERS
Deployment January 22, 2023
IMPROVEMENT Compliance Engine - 14:00 UTC
Description: Enabled internal mechanism in the Compliance Engine to enhance GSL capabilities in future releases.
Case ID: SEC-578
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment January 16, 2023
FIXED Azure FunctionApp - 10:00 UTC
Description: Added "'inner.identity.userAssignedIdentities”" property to Azure FunctionApp in mongo only (for internal use)
Case ID: INT-2180
Known limitations: N/A
Affected Components: FETCHERS
Deployment January 11, 2023
IMPROVEMENT Azure Active Directory Authorization Policy enrichment - 12:00 UTC
Description: Optimized enrichment API call for "Azure Active Directory Authorization Policy".e.
Case ID: IN-6523
Known limitations: N/A
Affected Components: FETCHERS
Deployment November 30, 2022
FIXED XSS Vulnerability in AG grid text fields - 11:00 UTC
Description: Fix possible XSS vulnerabilities exploitation in AG grid table text fields across CloudGuard platform.
Case ID: PLAT-6672
Known limitations: N/A
Affected Components: UI
Deployment November 30, 2022
FIXED Azure VM Builder - 13:00 UTC
Description: Handled case where VM's nic has no ipConfigurations.
Case ID: IN-6055
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS
IMPROVEMENT Compliance Engine - Internal Changes - 12:30 UTC
Description: Resiliency improvements in the Compliance Engine.
Case ID: IN-5903
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment November 29, 2022
GSL containSecrets() function is more lax - 12:00 UTC
Description: containSecrets() function was adjusted to find only secrets relevant to cloud assets.
Case ID: PLAT-6492, PLAT-6408
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
GSL Minor adjustment to how results of GSL tester on List<> entities are displayed - 12:00 UTC
Description: The result will show the List as the tested entity and not the entities in the list.
Case ID: PLAT-6525
Known limitations: N/A
Affected Components: UI
Deployment November 28, 2022
INFRA Assessment Cleaner- 18:00 UTC
Description: Update Assessment cleaner infrastructure.
Case ID: PLAT-5799
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
INFRA Intercom Sync - 16:40 UTC
Description: Update Intercom infrastructure.
Case ID: PLAT-6109
Known limitations: N/A
Affected Components: INTERCOM
Deployment November 24, 2022
IMPROVEMENT Azure Network Interface - 14:25 UTC
Description: Infrastructure Improvement
Case ID: IN-5406
Known limitations: N/A
Affected Components: PROTECTED ASSETSCOMPLIANCE ENGINEFETCHERS
Deployment November 20, 2022
IMPROVEMENT The implementation of the main menu of the application was changed- 20:40 UTC
Description: The main menu logic was re-written to be more robust, fixing several issues.
Case ID: PLAT-6370
Known limitations: N/A
Affected Components: UI
Deployment November 16, 2022
FEATURE Azure Global WAF connector for FrontDoor Classic - 09:40 UTC
Description: Added support for Azure Global WAF connector for Azure FrontDoor Classic in compliance engine. (Part of GSL 2.0 effort)
Case ID: IN-5574, DFR-2164
Known limitations: N/A
Affected Components: COMPLIANCE ENGINEFETCHERS
Deployment November 14, 2022
IMPROVMENT Asset Labels Support - 15:00 UTC
Description: Add AssetsIndexer support to "AssetLabelsEntity"
Case ID: IN-4847
Known limitations: N/A
Affected Components: PROTECTED ASSETS
Deployment November 13, 2022
IMPROVMENT Risk Management - 15:00 UTC
Description: Internal ERM API changes in order to support future enhancements.
Case ID: IN-5645
Known limitations: N/A
Affected Components: ERM API
IMPROVMENT Internal API Changes - 15:00 UTC
Description: Internal changes in the following APIs:
/v2/Compliance/Finding/search
/v2/ContinuousCompliancePolicyV2
Case ID: IN-5435
Known limitations: N/A
Affected Components: API
FIXED Azure Null reference Exceptions-15:00 UTC
Description: Azure MS that use "Dome9.AzureInventoryWrappers.AzureExceptionsFactory.CreateAzureException" function caused null reference exceptions
Case ID: IN-3808, IN-5763
Known limitations: N/A
Affected Components: FETCHERS
Deployment November 09, 2022
IMPROVEMENT Internal Performance Improvements - 15:00 UTC
Description: Internal performance improvements.
Case ID: IN-4531
Known limitations: N/A
Affected Components: FETCHERS
Deployment November 03, 2022
IMPROVEMENT Improvement - 20:40 UTC
Description: Allow parallel loading of findings table and filter for large accounts to improve interactivity of the table.
Case ID: DFT-2206, PLAT-6319
Known limitations: Filters may take some time to load.
Affected Components: UI
IMPROVEMENT Internal Improvement - 16:40 UTC
Description: Improve assessment history querying performance, for Image Assurance flow, within compliance flow.
Case ID: PLAT-6122
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment November 02, 2022
IMPROVEMENT Risk Management - Misconfiguration - 17:00 UTC
Description: Using all Posture Findings of assets as Misconfigurations.
Case ID: IN-5154
Known limitations: N/A
Affected Components: ERM
Deployment October 26, 2022
IMPROVEMENT Delete CFT files for inventory microservices - 12:00 UTC
Description: Deleted old unused "microserviceInfra.json" files for all inventory faregate microservices ..
Case ID: IN-5514
Known limitations: N/A
Affected Components: N/A
Deployment October 24, 2022
IMPROVEMENT Compliance Engine Infrastructure - 13:00 UTC
Description: Internal enhancements in the Compliance Engine in order to support future capabilities.
Case ID: IN-5248
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment October 23, 2022
IMPROVEMENT Azure Tenant Level - 09:00 UTC
Description: Azure tenant level infrastructure changes - Change tenant work item to be account specific.
Case ID: IN-5565
Known limitations: N/A
Affected Components: FETCHERS
Deployment October 20, 2022
IMPROVEMENT AWS Core SDK Upgrade - 09:00 UTC
Description: Upgraded AWSSDK.Core and dependent packages to latest version.
Case ID: IN-4785
Known limitations: N/A
Affected Components: FETCHERS API PROTECTED ASSETS
Deployment October 06, 2022
IMPROVEMENT Protected Assets - 12:50 UTC
Description: Extended Protected Assets APIs to support additional parameters for future use.
Case ID: IN-5326
Known limitations: N/A
Affected Components: API
FIXED Risk Management - 08:15 UTC
Description: Fixed an issue that caused ERM to consider two different posture findings as duplications.
Case ID: IN-5376
Known limitations: N/A
Affected Components: ERM
FIXED AWS Inspector - 08:15 UTC
Description: Internal bug fix in AWS Inspector vulnerabilities fetching process.
Case ID: IN-5460
Known limitations: N/A
Affected Components: FETCHERS
FIXED Protected Assets and Posture Findings - 08:15 UTC
Description: Internal bug fix in GroupsByProperties APIs.
Case ID: IN-5218
Known limitations: N/A
Affected Components: API
Deployment October 02, 2022
IMPROVEMENT GenericEntityConfigurationWriter lambda update - 13:00 UTC
Description: Upgraded the Node.js runtime from 12 to 16 LTS
Case ID: IN-5449
Known limitations: N/A
Affected Components: FETCHERS
Deployment September 29, 2022
IMPROVEMENT AWS Lambda Function and AWS Inspector2 - 13:00 UTC
Description: Upgraded AWSSDK.Core and dependent packages to latest version for AWS Lambda Function and AWS Inspector2.
Case ID: IN-5509
Known limitations: N/A
Affected Components: FETCHERS
FIX Azure Exception - 13:00 UTC
Description: Fixed bug on Azure Exception, in order to catch "DisallowedProvider" as a permission error.
Case ID: IN-3729
Known limitations: N/A
Affected Components: FETCHERS
FIX AWS EC2 Instance - 13:00 UTC
Description: Changed the value of "Dome9Id" field from an empty string to its correct value.
Case ID: IN-4984
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS
Deployment September 22, 2022
IMPROVEMENT Remove port for magellan logicWebserverUrl - 14:00 UTC
Description: Fixed the Grunt file to run correctly against remote webserver
Case ID: PLAT-5886
Known limitations: N/A
Affected Components: WEBAPP
IMPROVEMENT Update the dependencies in FrontEnd to latest versions - 14:00 UTC
Description: Removed connected-react-router. Its not maintained and we cannot npm install anymore
Case ID: PLAT-5692
Known limitations: N/A
Affected Components: WEBAPP
FIXED Risk Management - 13:15 UTC
Description: Fixed an issue with AWS Lambda CVEs and Secrets counters.
Case ID: IN-5499
Known limitations: N/A
Affected Components: ERM
Deployment September 20, 2022
IMPROVEMENT AWS Credentials Validation - 09:30 UTC
Description: Internal change in AWS Credentials Validation service.
Case ID: IN-655
Known limitations: N/A
Affected Components: NETWORK SECURITY
Deployment September 14, 2022
IMPROVEMENT Risk Management - Internal Changes - 08:00 UTC
Description: Internal changes in Risk Management service.
Case ID: IN-5239
Known limitations: N/A
Affected Components: ERM API
Deployment September 13, 2022
IMPROVEMENT Risk Management - Internal Changes - 13:00 UTC
Description: Internal changes in Risk Management service.
Case ID: IN-5223
Known limitations: N/A
Affected Components: ERM
IMPROVEMENT GFI - Internal Improvement - 02:25 UTC
Description: Improved GFI performance.
Case ID: PLAT-5580
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment September 12, 2022
FIXED Protected Assets - 14:20 UTC
Description: Remove reorder icons from the new table of protected assets
Case ID: PLAT-5424
Known limitations: N/A
Affected Components: PROTECTED ASSETS
Deployment September 09, 2022
FIXED Internal Improvement - 21:00 UTC
Description: Internal improvement.
Case ID: PLAT-0000_Remove-DbAccess-From-AssessmentHistorySrvc
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment September 07, 2022
FIXED Azure MySQL Flexible Server - 10:30 UTC
Description: Modified Azure MySQL Flexible Server model to avoid Serialization errors.
Case ID: IN-5302
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS
Deployment September 05, 2022
FIXED Azure Storage - 11:30 UTC
Description: Modified Azure Storage Eqauls and GetHashCode methods to avoid false updates
Case ID: IN-5215
Known limitations: N/A
Affected Components: FETCHERS
Deployment September 04, 2022
FIXED Alibaba Fetchers - 08:30 UTC
Description: Alibaba fetchers can now handle error responses that do not return in JSON format as well.
Case ID: IN-5196
Known limitations: N/A
Affected Components: FETCHERS
Deployment September 01, 2022
FIXED Azure Generic Entity Fetcher - 08:30 UTC
Description: Azure Generic Entity Fetcher can now handle responses of json array format as well
Case ID: IN-5227
Known limitations: N/A
Affected Components: FETCHERS
Deployment August 30, 2022
INFRA OpenSearch Security Groups - 09:40 UTC
Description: Update relation of new openSearch SGs and their consuming MSs.
Case ID: PLAT-5160
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment August 29, 2022
FIXED Compliance Dispatcher - 14:30 UTC
Description: GcpGenericEntityFetcher now get the right number of Max Pages from the GCP generic configuration instead of a fixed value.
Case ID: IN-3407
Known limitations: N/A
Affected Components: FETCHERS
Deployment August 28, 2022
FIXED Compliance Dispatcher - 14:30 UTC
Description: Added two GCP permission errors (storage.buckets.list access and The requested project was not found)
Case ID: IN-5229
Known limitations: N/A
Affected Components: FETCHERS
Deployment August 25, 2022
IMPROVEMENT Compliance Dispatcher - 10:00 UTC
Description: Improve compliance dispatcher’s performance and change log.
Case ID: PLAT-3627
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment August 23, 2022
IMPROVEMENT GSL Runner infrastructure update - 13:00 UTC
Description: Upgraded the Node.js runtime from 12 to 16 LTS
Case ID: PLAT-5193
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment August 17, 2022
IMPROVEMENT Azure Security Center Integration - 13:00 UTC
Description: Add Unauthorized exception to circuit braker.
Case ID: PLAT-5422
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment August 17, 2022
FIXED Generic Fetchers Collapse Properties - 13:30 UTC
Description: Generic Fetchers Collapse Properties can now handle BsonNull values as well. Also, fixed AwsS3BucketMacieJobInformation configuration.
Case ID: IN-4905
Known limitations: N/A
Affected Components: FETCHERS
Deployment August 16, 2022
IMPROVEMENT GFI Internal Improvement - 9:30 UTC
Description: Internal Improvement of GFI.
Case ID: PLAT-5338
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment August 11, 2022
PERFORMANCE GCP Generic Fetcher - 8:30 UTC
Description: Reduce GcpGenericFetcher high memory consumption by removing the large "schema" field from Gcp Big Query Table entity, and reduced the amount of data being handled each fetcher run.
Case ID: IN-4501
Known limitations: N/A
Affected Components: FETCHERS COMPLIANCE ENGINE
Deployment August 10, 2022
IMPROVEMENT Aws App Load Balancer Target Group - 10:30 UTC
Description: Aws App Load Balancer Target Group now publising messages to AssetsIndexer SNS Topic.
Case ID: IN-5019
Known limitations: N/A
Affected Components: FETCHERS
Deployment August 7, 2022
FIXED Rule Target Type Internal bug - 10:30 UTC
Description: Fix some of the collection names in the Rule Target type json.
Case ID: IN-5076
Known limitations: N/A
Affected Components: N/A
Deployment August 3rd, 2022
IMPROVEMENT Rule Target Type Improvement - 15:00 UTC
Description: Created a new RuleTargetType table, where the primary key is the rule target type, and the sort key is the vendor. Two new fields were added: "Vendor" and "collection name".
Case ID: IN-4958
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE COMPLIANCE RULESETS
Deployment August 2nd, 2022
IMPROVEMENT CIEM Entitlement Map - 11:00 UTC
Description: In the entitlement map, the consolidated policy is now shown in a table format and not in JSON anymore. The consolidated policy reflects the effective set of permissions granted to the entity when taking into account all policies directly or indirectly attached to it.
Case ID: INT-1438
Known limitations: N/A
Affected Components: CIEM
Deployment July 31, 2022
IMPROVEMENT Feature integration - 12:30 UTC
Description: Create NONCE token to connect to Spectral platform
new api for spectral integration: getting the model based on nonce
generating nonce flow for spectral
new dynamo db table to map nonce to user info, for spectral integration
Case ID: PLAT-4393
Known limitations: N/A
Affected Components: SPECTRAL
Deployment July 27, 2022
IMPROVEMENT Internal Improvement - 16:50 UTC
Description: Move “v2/Compliance/Exclusion” API to new machine.
Case ID: PLAT-4284
Known limitations: N/A
Affected Components: API COMPLIANCE ENGINE
Deployment July 26, 2022
FIXED Omit Private APIs - 11:40 UTC
Description: Fix functionality for omitting controllers from PRODs swagger UI.
Case ID: PLAT-5060
Known limitations: N/A
Affected Components: API DOCUMENTATIONS
IMPROVEMENT CIEM Entitlement Map - 10:15 UTC
Description: Organizations SCPs policies are now shown in the entitlement map.
Case ID: INT-1379
Known limitations: N/A
Affected Components: UI CIEM
IMPROVEMENT CIEM Entitlement Map - 10:15 UTC
Description: Several UI improvements in the entitlement map.
Case ID: INT-1551
Known limitations: N/A
Affected Components: UI CIEM
FIXED CIEM IAM Role Overview - 10:15 UTC
Description: Fix issue with IAM Role overview tab where activity graph was showing system events.
Case ID: INT-1154
Known limitations: N/A
Affected Components: UI CIEM
Deployment July 24th, 2022
IMPROVED Generic Findings Importer - 15:30 UTC
Description: Add custom support for K8S flow via GFI.
Case ID: PLAT-4021
Known limitations: N/A
IMPROVEMENT AWS Application Load Balancer Target Group - 14:00 UTC
Description: Initialized value to uninitialized TimeStamp field of the AwsAppLoadBalancerTargetGroupEntity.
Case ID: IN-4744
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 20th, 2022
FIXED Continuous Posture - 12:00 UTC
Description: Fix archiving of alerts for deleted policies.
Case ID: PLAT-5018, DFT-2005
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE EVENTS
FIXED Swagger Documentation - 09:00 UTC
Description: Fix swagger documentation.
Case ID: PLAT-4686
Known limitations: N/A
Affected Components: API
Deployment July 13th, 2022
IMPROVEMENT Protected Assets - 14:00 UTC
Description: Internal changes in order to support future enhancements in Protected Assets.
Case ID: IN-4045
Known limitations: N/A
Affected Components: API PROTECTED ASSETS
Deployment July 12th, 2022
FIXED Protected Asset Entity Viewer- 09:50 UTC
Description: Internal performance improvement of SpecificEntityBuilder.
Case ID: PLAT-4684
Known limitations: N/A
Affected Components: APIPROTECTED ASSETES
Deployment July 7th, 2022
IMPROVEMENT AWS Inspector - 11:50 UTC
Description: Internal performance improvements in AWS Inspector Data Fetcher.
Case ID: IN-3003
Known limitations: N/A
Affected Components: FETCHERS
Deployment July 5th, 2022
IMPROVEMENT CIEM Entitlement Map - 12:00 UTC
Description: The CIEM Entitlement Map now shows policies that are obtained via trust relationships with other IAM Roles (and not directly attached to the context role).
Case ID: INT-1424
Known limitations: N/A
Affected Components: CIEM
IMPROVEMENT Timeline improvements and fix - 12:00 UTC
Description: Timeline Events
Case ID: INT-414, INT-1564
Known limitations: N/A
Affected Components: INTELLIGENCE
Deployment July 4rd, 2022
IMPROVEMENT Internal Deployment - 19:30 UTC
Description: Internal deployment for new infrastructure.
Case ID: PLAT-4870
Known limitations: N/A
Affected Components:
Deployment July 3rd, 2022
IMPROVEMENT Compliance Engine - 14:00 UTC
Description: Internal changes in the Compliance Engine in order to support future enhancements.
Case ID: IN-4635
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
IMPROVEMENT Protected Assets / Findings APIs - 09:30 UTC
Description: Internal changes in the GroupsByProperties APIs.
Case ID: IN-4245
Known limitations: N/A
Affected Components: API
IMPROVEMENT Protected Assets - 07:30 UTC
Description: Internal changes in order to support future enhancements in Protected Assets.
Case ID: IN-4496
Known limitations: N/A
Affected Components: API PROTECTED ASSETS
Deployment July 1th, 2022
IMPROVEMENT Internal Deployment- 10:30 UTC
Description: Internal deployment for new infrastructure.
Case ID: PLAT-4204
Known limitations: N/A
Affected Components: