Extended Release Notes

FEATURE AWS SageMakerDomain - 14:30 UTC
Description: Added support for AWS SageMakerDomain in compliance engine and protected assets.
Case ID: CNAPP-14012
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED Azure Key Vault - Improved error handling - 5:00 UTC
Description: Improved error handling in Azure Key Vault
Case ID: CNAPP-15289
Known Limitations: N/A
Affected Components: FETCHERS

INFRA Automatic CNAPP License Accumulator Service Fixed - 12:00 UTC
Description: License Accumulator for CNAPP Fixed and Running Daily
Case ID: CNAPP-13831
Known Limitations: N/A
Affected Components: INFRA

IMPROVEMENT Cloud Account Data Deletion Inventory Seperation - 12:00 UTC
Description: Separated Inventory fetched entities deletion from Backend API to a different separated component.
Case ID: CNAPP-14728
Known Limitations: N/A
Affected Components: DATA PROTECTED ASSETS

improvement Added support for an “IsDeleted” property to AlibabaCloudAccountEntity - 07:30 UTC

Description: Added support for an “IsDeleted” property to AlibabaCloudAccountEntity to allow logical deletion of Alibaba cloud accounts.
Case ID: CNAPP-14532
Known limitations: N/A
Affected Components: fetchers

feature New DevOps Tagging for Inventory Microservices - 13:30 UTC

Description: Added new DevOps tagging to all Inventory microservices
Case ID: CNAPP-14085
Known limitations: N/A
Affected Components: fetchers

improvement AWS Cloud Formation Stack - 13:00 UTC

Description: Reduced the amount of DescribeStack API calls, same data s fetched.
Case ID: DFT-4191
Known limitations: N/A
Affected Components:

IMprovement Risk Management Protected Assets Toxic Combinations column UI change - 16:00 UTC

Description: Changed how the Toxic Combination data is represented in the column.
Case ID: CNAPP-10677
Known limitations:
Affected Components: Risk management

feature Asynchronous Assessment run over multiple cloud accounts - 00:40 UTC

Description: Add new microservice to support asynchronous assessment run for multpile cloud accounts.
Case ID: CNAPP-10241, CNAPP-9993, DFT-3489
Known limitations: Pending UI deployment.
Affected Components: compliance engine

feature Asynchronous Assessment run over multiple cloud accounts - 22:30 UTC

Description: Add new API to support asynchronous assessment run for multpile cloud accounts.
Case ID: CNAPP-10239, CNAPP-10240
Known limitations: N/A
Affected Components: compliance engine

improvement GCP Asset Inventory fetching system - 11:00 UTC

Description: General improvement to the GCP Asset Inventory fetching system, including state machine for flow management and architecture update.
Case ID: CNAPP-9417
Known limitations: N/A
Affected Components:

improvement Teams and Slack immediate finding integrations - 22:20 UTC

Description: Alert ID field added to integrations modal.
Case ID: CNAPP-9370
Known limitations: N/A
Affected Components: integrations

feature GCP Asset Inventory Mongo Updater - 13:00 UTC

Description: New component - GcpAssetInventoryMongoUpdater. Designated to sync Asset Inventory entities with to the latest exported version.
Case ID: CNAPP-7819
Known limitations: Only for Prod EU - Customers may experience duplicated BigQueryTable entities in the following 24h.
Affected Components:

feature GCP Additional fetching system - 13:00 UTC

Description: Some assets are now fetched using a new fetching system.
Case ID: CNAPP-8525
Known limitations: GCP Asset Inventory API permission should be given
Affected Components: protected assets compliance engine fetchers

improvement Minor UI improvements in ERM, CDR, and CIEM areas - 11:00 UTC

Description: Did various minor UI fixes and improvements around the aforementioned areas (e.g. You can now click the environment in the CDE Event popup)
Case ID: CNAPP-7973, CNAPP-7962
Known limitations: N/A
Affected Components: UI

improvement Azure SDK Upgrade - 05:40 UTC

Description: Upgraded Azure SDK for Azure Redis.
Case ID: CNAPP-8895
Known limitations: N/A
Affected Components: fetchers

improvement Compliance Engine - 01:05 UTC

Description: Internal Improvement of closing findings.
Case ID: CNAPP-8189, CNAPP-7645
Known limitations: N/A
Affected Components: compliance engine

improvement Azure SDK Upgrade - 05:40 UTC

Description: Upgraded Azure SDK for: Application Gateway & Azure Log Monitor
Case ID: CNAPP-8894
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT AWS Fetchers - 14:30 UTC

Description: Added Azure Token Lambda exception support for Azure fetchers' permission retry mechanism.
Case ID: CNAPP-8664
Known limitations: N/A
Affected Components: fetchers

improvement Azure SDK Upgrade - 06:40 UTC

Description: Upgraded Azure SDK for: Azure WebApp and Azure Function App
Case ID: IN-8043
Known limitations: N/A
Affected Components: fetchers

Improvement Teams and Slack single findings - 00:50 UTC

Description: Added Namespace field for teams and slack single findings.
Case ID: CNAPP-8799, CNAPP-8819
Known limitations: Security Events
Affected Components: compliance engine

Improvement Minor fixes in ERM and Protected Assets UI - 12:00 UTC

Description: Various cosmetic and performance fixes in the UI.
Case ID: CNAPP-8222
Known limitations: N/A
Affected Components: protected assets UI

improvement Azure Fetchers - 10:15 UTC

Description: Updated client initialization on expired token for:

Microservices/AzureActivityLogAlert
Microservices/AzureActivityLogDiagnosticSetting
Microservices/AzureApplicationGateway
Microservices/AzureDataExplorer
Microservices/AzureEventHubNamespace
Microservices/AzureHDInsight
Microservices/AzureKeyVault
Microservices/AzureMySqlDbFlexibleServerConfig
Microservices/AzureRedis
Microservices/AzureServiceFabricCluster
Microservices/AzureSqlServer
Microservices/AzureStorage
Microservices/AzureStorageBlobContainer
Microservices/AzureStorageBlobServices
Microservices/AzureStorageFileServices
Microservices/AzureStorageQueueServices
Microservices/AzureStorageTableServices
Microservices/AzureVirtualMachine
Microservices/AzureVirtualMachineScaleSet
Case ID: CNAPP-8403
Known limitations: N/A
Affected Components: fetchers

improvement Integration Audit Throttler - 02:00 UTC

Description: Add throttling mechanism for integration event auditing
Case ID: CNAPP-8317
Known limitations: N/A
Affected Components: compliance engine

feature Elastic Search Alias Support - 12:00 UTC

Description: Alias support was added for the asset indexer cluster, meaning we are now reading and writing from the alias, and not from the index.
Case ID: CNAPP-8525
Known limitations: N/A
Affected Components: protected assets

IMPROVEMENT FetchingRunStatus - 8:45 UTC

Description: Updated FetchingRunStatus to use sqs-batch-deletion.
Case ID: IN-8648
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Azure Fetchers - 14:00 UTC

Description: Removed ‘clientId’ dependencies from Azure fetchers.
Case ID: CNAPP-8646
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT AWS Fetchers - 9:30 UTC

Description: Updated the AWS fetchers' microservices to use sqs-delete-in-batches.
Case ID: CNAPP-8555
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Azure Fetchers - 8:00 UTC

Description: Updated the Azure fetchers' microservices to use sqs-delete-in-batches.
Case ID: CNAPP-8554
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT GCP Fetchers - 8:00 UTC

Description: Updated the GCP fetchers' microservices to use sqs-delete-in-batches.
Case ID: CNAPP-8553
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Alibaba Fetchers - 8:00 UTC

Description: Updated the following microservices to use sqs-delete-in-batches:

Microservices/AlibabaOssBucket
Microservices/AlibabaRamRole
Microservices/AlibabaRamUser
Microservices/AlibabaSecurityGroup
Microservices/AlibabaSlb
Microservices/AlibabaVpc
Case ID: CNAPP-8552
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Slack Formatter - single findings - 01:00 UTC

Description: Add new MS - SlackFormatter.
Case ID: CNAPP-7276, CNAPP-7497
Known limitations: N/A
Affected Components: compliance engine integrations

IMPROVEMENT Generic Fetchers - 8:00 UTC

Description: Updated the following microservices to use sqs-delete-in-batches:

Microservices/AlibabaGenericEntity
Microservices/AwsGenericEntity
Microservices/AzureGenericEntity
Microservices/GcpGenericEntity
Microservices/OciGenericEntity
Case ID: CNAPP-7889
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENTAzure Token Generator - 06:30 UTC

Description: Updated Azure’s Network Security Group fetcher and Azure’s Virtual Network Peering token generator implementations.
Case ID: CNAPP-8285, CNAPP-8284
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENTAzure Token Generator - 13:00 UTC

Description: Upgraded Azure Storage Account internal client to use Azure Token Generator.
Case ID: CNAPP-8289
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENTAzure Token Generator - 7:15 UTC

Description: Upgraded Azure KeyVault internal client to use Azure Token Generator.
Case ID: CNAPP-8288
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Teams Formatter - single findings - 00:40 UTC

Description: Add new MS - TeamsFormatter.
Case ID: CNAPP-7496
Known limitations: N/A
Affected Components: compliance engine integrations

IMPROVEMENT Minor UI changes in the Security Issues page - 00:40 UTC

Description: Added the table footer and some more minor internal changes.
Case ID: CNAPP-8218
Known limitations: N/A
Affected Components: UI Risk Management

IMPROVEMENT Azure Token Generator - 11:10 UTC

Description: The following microservices' AzureBaseArmClientWrapper were upgraded to use the Azure Token Generator:

Microservices/AzureVirtualNetwork
Microservices/AzureVirtualNetworkGateway
Microservices/AzureFirewall
Microservices/AzureLoadBalancer
Microservices/AzurePrivateEndpoint
Microservices/AzurePublicIPAddress
Microservices/AzureRegionalWAF
Microservices/AzureBastion
Case ID: CNAPP-6773
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Azure Token Generator - 7:25 UTC

Description: The following microservices' AzureBaseClientWrapper were upgraded to use the Azure Token Generator:

Microservices/AzureActivityLogAlert
Microservices/AzureActivityLogDiagnosticSetting
Microservices/AzureApplicationGateway
Microservices/AzureDataExplorer
Microservices/AzureEventHubNamespace
Microservices/AzureHDInsight
Microservices/AzureKeyVault
Microservices/AzureMySqlDbFlexibleServerConfig
Microservices/AzureRedis
Microservices/AzureServiceFabricCluster
Microservices/AzureSqlServer
Microservices/AzureStorage
Microservices/AzureStorageBlobContainer
Microservices/AzureStorageBlobServices
Microservices/AzureStorageFileServices
Microservices/AzureStorageQueueServices
Microservices/AzureStorageTableServices
Microservices/AzureVirtualMachine
Microservices/AzureVirtualMachineScaleSet
Case ID: CNAPP-6775
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Azure Token Generator - 7:05 UTC

Description: Upgraded the following microservices' AzureApiWrapper to use the Azure Token Generator:

Microservices/AzureApplicationGateway
Microservices/AzureApplicationSecurityGroup
Microservices/AzureCosmosDbAccount
Microservices/AzureFunctionApp
Microservices/AzureLocks
Microservices/AzureLogicApp
Microservices/AzureNetworkInterface
Microservices/AzurePostgreSQL
Microservices/AzureResourceGroup
Microservices/AzureRouteTable
Microservices/AzureServiceBus
Microservices/AzureSubnet
Microservices/AzureWebApp
Case ID: CNAPP-6774
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT GCP New Fetching System - 10:00 UTC

Description: Added integration between the current GCP project onboarding’s API to the new GCP system fetching system.
Case ID: CNAPP-7761
Known limitations: The new fetching system is not active in US an EU production environments yet.
Affected Components: fetchers api

IMPROVEMENT Risk Management - 12:00 UTC

Description: Internal changes in the way we gather CVEs, Threats and Secrets counters when calculating the risk score of assets.
Case ID: CNAPP-4802
Known limitations: N/A
Affected Components: risk management

IMPROVEMENT Aws ECS Task - 11:00 UTC

Description: Align ECS task data for all clients in Elastic Search with MongoDB data as some entities where deleted but still left in Elastic Search.
Case ID: DFT-3485
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Internal Integrations Improvement - 01:15 UTC

Description: Internal Improvement in the CSPM Integrations Flow.
Case ID: CNAPP-6296
Known limitations: N/A
Affected Components: compliance engine

IMPROVEMENT Azure DDD - 11:30 UTC

Description: Migrate AzureBaseNoResourceGroupFetcher and its dependent micro services together for inventory azure DDD initiative.

Case ID: IN-8559
Known limitations: N/A
Affected Components: fetchers protected assets

FIX Generic Entities - 9:30 UTC

Description: Update entity with new additional fields, not only from generic configuration, but also form handlers in the code.
Case ID: DFT-3217
Known limitations: N/A
Affected Components: PROTECTED ASSETS

IMPROVEMENT Protected Assets API - 11:00 UTC

Description: Internal error handling changes in Protected Assets API.
Case ID: CNAPP-7511
Known limitations: N/A
Affected Components: API

FIX Context graph - 16:00 UTC

Description: Fixed an issue where the context graph for some AWS entities would display an incorrect route table.
Case ID: DFT-3040, CNAPP-4785
Known limitations: N/A
Affected Components: UI

IMPROVEMENT Various UI changes in the Risk Management area - 16:00 UTC

Description: Changed some icons, texts, and spacings.
Case ID: CNAPP-6557
Known limitations: N/A
Affected Components: UI

IMPROVEMENT Internal Improvement - 03:10 UTC

Description: Internal Logging Improvement of Security Event.
Case ID: CNAPP-7547
Known limitations: N/A
Affected Components: compliance engine

IMPROVEMENT Internal Improvement - 02:00 UTC

Description: DDD - Teams and Slack Notifications.
Case ID: CNAPP-7110
Known limitations: N/A
Affected Components: compliance engine

IMPROVEMENT Internal Improvement - 23:45 UTC

Description: DDD - Teams and Slack Notifications.
Case ID: CNAPP-7109
Known limitations: N/A
Affected Components: compliance engine

IMPROVEMENT SyncNow will not trigger AWS generic fetching for excluded vendors - 12:15 UTC

Description: Align the behavior of SyncNow with the regular flow to ignore excluded vendors. For now, the fix will affect only for AWS generic entities.
Case ID: IN-8588
Known limitations: Not working yet in Azure & OCI (not relevant for GCP & Alibaba which have only one cloud vendor), and only for generic entities.
Affected Components: fetchers

IMPROVEMENT Azure DDD - 11:30 UTC

Description: Migrate GenericEntityFetcher and its dependent infra together for inventory azure DDD initiative.

Case ID: IN-8561
Known limitations: N/A
Affected Components: fetchers protected assets

IMPROVEMENT Azure Generic Fetcher - 11:30 UTC

Description: Azure generic fetcher was upgraded. Tokens are now pulled from the AzureTokenGenerator Lambda instead of being issued individually on the microservice.

Case ID: CNAPP-6772
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Azure DDD - 12:15 UTC

Description: Migrated all the Micro Services that are related to the AzureBaseFetcherV3 fetcher to use new inventory tenant level fetcher (with DDD approach):

Case ID: IN-8560
Known limitations: N/A
Affected Components: fetchers protected assets

IMPROVEMENT Azure DDD - 12:15 UTC

Description: Migrated all the Micro Services that are related to the IConsumer fetcher to use new inventory tenant level fetcher (with DDD approach):

Case ID: IN-8562
Known limitations: N/A
Affected Components: fetchers protected assets

IMPROVEMENT Azure Fetchers - 09:30 UTC

Description: Azure fetchers were upgraded for 28 entities - All that are using Inventory's AzureRestApi/AzureGraphApi wrappers.
Tokens are now pulled from the AzureTokenGenerator Lambda instead of being issued individually on each MS .

Case ID: CNAPP-6771
Known limitations: N/A
Affected Components: fetchers

fixed Azure MySQL Flexible Server - 08:20 UTC

Description: Update API version and Schema of Azure MySQL Flexible Server.
Case ID: IN-8094
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Azure DDD - 09:30 UTC

Description: Migrated all the Micro Services that are related to the AzureBaseNoResourceGroupFetcherV2 base fetcher to use new inventory tenant level fetcher (with DDD approach):

Case ID: IN-8534
Known limitations: N/A
Affected Components: fetchers protected assets

IMPROVEMENT Azure DDD - 14:30 UTC

Description: Migrated all the Micro Services that are related to the base fetcher listed below to use new inventory tenant level fetcher (with DDD approach):

• AzureRestApiFetcher

• AzureBaseFetcher

• AzureBaseFetcherV2

Case ID: IN-8500, IN-8501, IN-8518
Known limitations: N/A
Affected Components: fetchers protected assets

IMPROVEMENT Update support in China for Azure services - 10:15 UTC

Description: Update Azure unsupported services - all China or specific regions in China.
Case ID: CNAPP-5048
Known limitations: N/A
Affected Components: fetchers

IMPROVEMENT Rearrange AWS Read Only On-Boarding IAM Policy - 11:00 UTC

Description: Remove redundant permissions that are already included in Security Audit IAM policy.
Case ID: IN-8506
Known limitations: N/A
Affected Components: oboarding

IMPROVEMENT Azure DDD - 14:30 UTC

Description: Migrated all the Micro Services that are related to the base fetcher listed below to use new inventory tenant level fetcher (with DDD approach):

• AzureEnrichedBaseFetcher

• AzureRestApiFetcherV2

• AzureRestApiFetcherV3

Case ID: IN-8450, IN-8452, IN-8451
Known limitations: N/A
Affected Components: fetchers protected assets

fixed AwsEc2Instance api get-by-id - 08:20 UTC

Description: Fixed query of AwsEc2Instance api get-by-id to get the correct account ID.
Case ID: IN-3351
Known limitations: N/A
Affected Components: api

IMPROVEMENT Account / Environment Deletion - 09:30 UTC

Description: Internal notification changes for account and environment deletion APIs.
Case ID: CNAPP-5605
Known limitations: N/A
Affected Components: API MSP

fixed AWS Generic Fetcher - 10:40 UTC

Description: Throw an error on unsupported property type in AWS fetcher
Case ID: IN-5317
Known limitations: N/A
Affected Components: FETCHERS

fixed Basic Enrichment - 10:45 UTC

Description: Added support for {resourceGroupName} in basic enrichment.
Case ID: IN-8449
Known limitations: N/A
Affected Components: FETCHERS

fixed Azure Generic Fetcher - 10:45 UTC

Description: Added Null Check in Bson Document manipulation.
Case ID: IN-8467
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Compliance Integrations - Log Additional Information - 00:30 UTC

Description: Additional Information for compliacne integrations logs was added.
Case ID: DFT-3051, CNAPP-5019
Known limitations: N/A
Affected Components: notification

IMPROVEMENT Compliance Notifications - Send Finding On Each Occurrence For Security Event- 01:40 UTC

Description: Add functionality to support security events from non-posture flows (without assessments), to send findings to notification integrations for each occurrence
Case ID: DFR-2773, CNAPP-4858
Known limitations: Protected by feature flag and will be opened to single account for Intelligence flow.
Affected Components: eventsnotification

IMPROVEMENT Azure DDD - Tenant Level Fetcher - 14:30 UTC

Description: Migrated azure Tenant Level Micro Services to use new inventory tenant level fetcher (with DDD approach)
Case ID: IN-8220
Known limitations: N/A
Affected Components: fetchers compliance engineprotected assets

IMPROVEMENT Azure Network Exposure - 10:00 UTC

Description: Internal changes in Azure Network Exposure calculation. Preparation to support FunctionApp.
Case ID: CNAPP-4802
Known limitations: N/A
Affected Components: RISK MANAGEMENT

IMPROVEMENT Azure DDD - Access Review Schedule Migration- Tenant Level Fetcher - 10:00 UTC

Description: Migrated Azure Access Review Schedule Micro Service to use new inventory tenant level fetcher.
Case ID: IN-8218
Known limitations: N/A
Affected Components: fetchers compliance engineprotected assets

FIX Minor UI adjustments and fixes in Risk Management - 13:00 UTC

Description: Fixed the behavior of the “favorites” button in all the risk management pages and some other minor fixes.
Case ID:
Known limitations: N/A
Affected Components: UI

IMPROVEMENT Minor UI adjustments in Risk Management Dashboard - 10:00 UTC

Description: Changed the order between critical and high colored bars, and some other fixes.
Case ID: CNAPP-3778
Known limitations: N/A
Affected Components: UI

IMPROVEMENT Fetchers - Improve SumoLogic Terraform - 8:30 UTC

Description: Improved SumoLogic components Terraform structure.
Case ID: CNAPP-2492
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Azure AD Cond Access Named Location, Azure AD Access Reviews Schedule Definition, Azure AD Cond Access Policy - 10:00 UTC

Description: Fixed a JsonSerializationException in AzureADCondAccessNamedLocation, AzureADAccessReviewsScheduleDefinition, AzureADCondAccessPolicy.
Case ID: IN-8103
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Supported classic builder for Azure Generic Entity framework - 10:00 UTC

Description: Added support for classic builder in AzureGenericEntity framework.
Case ID: IN-8178
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT AWS Generic Fetcher - 12:00 UTC

Description: Added support for not matching request and response pagination parameters.
Case ID: IN-8204
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Permission error classification - 11:00 UTC

Description: Classified “is not authorized to perform assume role” error as permission error
Case ID: IN-7931
Known limitations: N/A
Affected Components:

fixed Generic entity - Allowed exceptions - 14:30 UTC

Description: Added allowed exception configuration to the generic entity scheme.
Case ID: IN-8125
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT GSL field rename - 11:00 UTC

Description: Renamed the field riskModifiers to additionalInfo in all relevant entities.
Case ID: CNAPP-1694
Known limitations: N/A
Affected Components: ERM

IMPROVEMENT Migrate AzureSubnet to Inventory azure domain - 11:00 UTC

Description: Migrate first Azure MS to Inventory azure domain - AzureSubnet
Case ID: IN-8064
Known limitations: N/A
Affected Components: FETCHERS

fixed Azure ADCondAccessNamedLocation - 18:00 UTC

Description: Fixed a JsonSerializationException in AzureADCondAccessNamedLocation.
Case ID: IN-8057
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Support China - Fix .NET Code self-built ARNs - 14:15 UTC

Description: Fix self-built ARNs in MSs' .NET Code, to support Cloud Guard on China.
Case ID: CNAPP-1142
Known limitations: N/A
Affected Components: FETCHERS compliance engine protected assets

IMPROVEMENT API Calls Spreading - 09:00 UTC

Description: Producers' WorkItems are now published with an account offset which spreads the workload across time, preventing the high peaks we had due to the different polling mechanisms that we have.
Case ID: IN-1328, IN-7795
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Support China - Fix Terraform self-built ARNs - 07:00 UTC

Description: Fix self-built ARNs in MSs' Terraform, to support CloudGuard on China.
Case ID: CNAPP-843
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Azure SDK version upgrade - 12:25 UTC

Description: Upgraded the SDK to retrieve information from Azure for the mentioned services.
AzureBastion, AzureFirewall, AzureLoadBalancer, AzurePrivateEndpoint, AzurePublicIPAddress, AzureRegionalWAF, AzureStorage, AzureVirtualMachine, AzureVirtualNetworkGateway
Case ID: IN-7936
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Missing Permissions - 14:25 UTC

Description: Internal improvement, cleanup and testing, for ignorable missing permissions.
Case ID: PLAT-8492
Known limitations: N/A
Affected Components: missing permissions

IMPROVEMENT Fetchers - Read from secondary Mongo in same AZ only - Prod - 11:45 UTC

Description: Added mechanism to use secondary Mongo in same availability zone.
Case ID: IN-8044
Known limitations: N/A
Affected Components: FETCHERS

fixed AWS VPC Flow Log 15:00 UTC

Description: Fixed an issue where NullExceptions were preventing new AwsVpcFlowLog entities from being added to the DB.
Case ID: IN-5440
Known limitations: N/A
Affected Components:

IMPROVEMENT Code decupling - Removed old files of Inventory from legacy projects 10:15 UTC

Description: Code decupling - removed old files of Inventory from legacy projects and added references to Inventory new libraries or to the CGN.Common libraries.
Case ID: IN-7772
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Fetchers - Split Sumo SourceCategory into several fields in SumoLogic - 16:00 UTC

Description: Changed sourceCategory to be identical for all Inventory Components, and added three new filterable fields: microserviceName, businessFlow & Vendor.
Case ID: IN-7339
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Fetchers - Read from secondary Mongo in same AZ only - Stage testing - 16:00 UTC

Description: Added mechanism to use secondary Mongo in same availability zone.
Case ID: IN-3851
Known limitations: N/A
Affected Components: FETCHERS

fixed AwsIamUserAttachedPolicyRelation - 07:00 UTC

Description: A migration was done to AwsIamUserAttachedPolicyRelation entities, old entities that were holding AwsIamRoleAttachedPolicyRelation SRLs were migrated to hold the new SRL form.
Case ID: IN-8018
Known limitations: N/A
Affected Components:

fixed Minor UI fixes in Risk Management pages - 14:30 UTC

Description: Fixed various display issues mainly in the Protected Assets table and the Protected Asset page of Risk Management
Case ID: SEC-1076, SEC-1115, SEC-1108
Known limitations: N/A
Affected Components: ERM

fixed AwsIamUserAttachedPolicyRelation - 11:30 UTC

Description: An issue where AwsIamUserAttachedPolicyRelation entities were issued with AwsIamRoleAttachedPolicyRelation’s SRLs was fixed.
Case ID: IN-7756
Known limitations: N/A
Affected Components: FETCHERS

fixed Deprecated API for GCP Essential contact - 07:30 UTC

Description: Changed deprecated API for GCP Essential contact.
Case ID: IN-7952
Known limitations: N/A
Affected Components: FETCHERS

fixed AzureADCondAccessPolicy - 07:30 UTC

Description: Fixed a JsonSerializationException in AzureADCondAccessPolicy.
Case ID: IN-7993
Known limitations: N/A
Affected Components:

IMPROVEMENT GSL2 Connectors - 07:30 UTC

Description: Updates to the rule parser to log connectors at the bundle level instead of the rule level, to reduce logs
Case ID: IN-7697
Known limitations: N/A
Affected Components: compliance engine