June 2022

Improvement AWS Region - 09:30 UTC

Description: Added MacieSession property to AWS Region in compliance engine and protected assets.
Case ID: IN-4578
Known limitations: Macie is not supported in AWS Gov, and in AWS Chine.
Affected Components: PROTECTED ASSETs compliance engine FETCHERS

FEATURE Serverless - serverless API validate permissions - 17:00 UTC

Description: Serverless API for Validate Permissions which triggers asynchronously the validate permissions lambda.
Missing permissions and Get Account API will now return the validate permissions status and the last validate permissions timestamp.
Case ID: PROT-1170
Known limitations: N/A 
Affected Components: SERVERLESS

FIXED Serverless - rescan on environments layers changes - 17:00 UTC

Description: Modify the rescan function code condition to include also environment and layers changes.
Case ID: PROT-1377
Known limitations: N/A 
Affected Components: SERVERLESS

Improvement Serverless - support environment credentials scan - 17:00 UTC

Description: Extend Credentials scanning support to Environment variable for all runtimes.
Case ID: PROT-1368
Known limitations: N/A 
Affected Components: SERVERLESS

IMPROVEMENT Compliance Rulesets Update - 12:30 UTC

Description: Adding new rules for GCP, AWS and Azure. A complete list can be found here.
Case ID: IN-4606
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

Fixed AWS Security Groups - Protection Mode - 12:30 UTC

Description: After changing AWS Security Group protection mode, the change is not reflected in the Security Groups page filter.
Case ID: DFT-1888
Known limitations: N/A 
Affected Components: API

improved AWS VPN Connection - 08:30 UTC

Description: Converted CustomerGatewayConfiguration property from an XML string to an object
Case ID: DFR-2367
Known limitations: N/A 
Affected Components: PROTECTED ASSETs compliance engine API

Fixed Azure Web App - 08:30 UTC

Description: Fixed bug in ‘HttpsOnly’ property in Azure Web App.
Case ID: DFT-1934
Known limitations: N/A 
Affected Components: FETCHERS

improved Vulnerability Management - 12:45 UTC

Description: Add validation on policy creation input.
Case ID: PLAT-4551
Known limitations: N/A 
Affected Components: vulnerability management

FIXED License activation section missing - 11:30 UTC

Description: Fixed License activation section missing in CG standalone.
Case ID: PLAT-4791
Known limitations: N/A 
Affected Components: UI

improved Security Hub Integration - 08:30 UTC

Description: Add environment name for security hub test response.
Case ID: PLAT-4422
Known limitations: N/A 
Affected Components: compliance integrations

improvement VLM Ruleset - 19:30 UTC

Description: Add VLM Ruleset dataflow.
Case ID: PLAT-4320
Known limitations: N/A 
Affected Components: Vulnerability management

improvement GCP Organization Onboarding - 14:00 UTC

Description: Improve the GCP organization onboarding flow.
Case ID: PLAT-4142
Known limitations: N/A 
Affected Components: UI

fixed Security Hub Backend improvement - 12:00 UTC

Description: Added backend support for a new Security Hub feature.
Case ID: PLAT-4230, PLAT-4231
Known limitations: N/A 
Affected Components: Integrations

fixed Executive Summary Report - 16:00 UTC

Description: Fixed emailed link for executive summary report.
Case ID: PLAT-4690
Known limitations: N/A 
Affected Components: REPORTS

FIXED Cloud Infra navigation links bug 14:15 UTC

Description: Cloud Infra navigation links lead to the wrong CloudGuard pages
Case ID: PLAT-4083
Known limitations: N/A 
Affected Components: UI

FIXED Cloudguard in Safari- 14:15 UTC

Description: Cloudguard in Safari does not load at all
Case ID: PLAT-4721
Known limitations: N/A 
Affected Components: UI

IMPROVEMENT New workflow for add new policy - 14:15 UTC

Description: New workflow and new wizard for creating a new policy.
Case ID: PLAT-2979
Known limitations: N/A 
Affected Components: new policies

Fixed Success / Failure message to sending executive summary report - 14:15 UTC

Description: Now showing a success / failure message on send executive summary report to email module.
Case ID: PLAT-4087
Known limitations: N/A 
Affected Components: reports

Fixed Firefox support for Infinity portal - 14:15 UTC

Description: User was redirected to stand alone login page in infinity portal.
Case ID: PLAT-4713
Known limitations: N/A 
Affected Components: infinity portal

FIXED Serverless - Proact cli tool - CloudFormation Template parser fix - 14:00 UTC

Description: Fix for cli tool Cloudformation parser.
Case ID: PROT-1414
Known limitations: N/A 
Affected Components: SERVERLESS

IMPROVEMENT Compliance Rulesets Update - 11:30 UTC

Description: The first release of the Google Kubernetes Engine (GKE) Benchmark v1.2.0, the AWS Security Risk Management, the Azure Security Risk Management and the GCP Security Risk Management rulesets, new rules for GCP, AWS and K8S. A complete list can be found here.
Case ID: IN-4527
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

Improvement Azure Storage Account - UTC 11:00

Description: Added support for ‘AllowSharedKeyAccess ’ property in Azure Storage Account in Compliance Engine.
Case ID: DFR-2192
Known limitations: N/A 
Affected Components: compliance engine FETCHERS

feature GCP Essential Contact - 09:30 UTC

Description: Added support for GCP Essential Contact in Compliance Engine and Protected Assets.
Case ID: IN-3818
Known limitations: Needs to enable Essential Contacts API on GCP console 
Affected Components: compliance engine PROTECTED ASSETs FETCHERS

Improvement Serverless - Add log subscription error to es fields - 19:30 UTC

Description: Adding log subscription error to es fields (and show in protected assets list)

Adding error reason field.
Case ID: PROT-1139
Known limitations: N/A 
Affected Components: SERVERLESS

Fixed Protected Assets Table - 14:30 UTC

Description: Fixed a bug with entities containing “.” in the id are not displaying
Case ID: DFT-1957
Known limitations: N/A 
Affected Components: UI

FIXED GCP Big Query Table and GCP Project - 13:00 UTC

Description: Fixed a bug in the fetching mechanism of GCP Big Query table and in GCP Project entities.
Case ID: IN-4551
Known limitations: N/A 
Affected Components: FETCHERS

feature Aws Gateway Load Balancer - 13:00 UTC

Description: Added support for AWS Gateway Load Balancer in Compliance Engine, Protected Assets, and AwsLoadBalancersNetworkInterfaces API.
Case ID: IN-4452
Known limitations: N/A 
Affected Components: PROTECTED ASSETs compliance engine API

IMPROVEMENT Compliance Rulesets Update - 12:30 UTC

Description: The first release of the LGPD ruleset for Azure, new rules for GCP and AWS, K8S rules update. A complete list can be found here.
Case ID: IN-4471, DFR-2345, DFT-1967
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

IMPROVEMENT AWS Route53 Hosted Zone - UTC 11:00

Description: Added support for ‘protectedByShield ’ property in AWS Route53 Hosted Zone in compliance engine and protected assets.
Case ID: DFR-2283
Known limitations: N/A
Affected Components: compliance engine PROTECTED ASSETs

IMPROVEMENT AWS Elastic IP - UTC 11:00

Description: Added support for ‘protectedByShield ’ property in AWS Elastic IP in Compliance Engine.
Case ID: DFR-2283
Known limitations: N/A
Affected Components: compliance engine

IMPROVEMENT Added throttling policy to auth server - 16:00 UTC

Description: Added throttling policy to authorization server limiting the number of requests a user can make to our authorization server.
Case ID: PLAT-4207
Known limitations: N/A
Affected Components: auth server

FIXED Updated finding createdTime - 15:40 UTC

Description: Fix bug in createdTime field of updated finding.
Case ID: PLAT-4516
Known limitations: N/A
Affected Components: compliance engine events

IMPROVEMENT Azure Account Onboarding - 14:00 UTC

Description: Improve Azure account onboarding instructions.
Case ID: PLAT-4451
Known limitations: N/A
Affected Components: Onboarding UI

FIXED Protected Assets - 14:00 UTC

Description: fixed wrong icons in the protected assets pages.
Case ID: PLAT-3202
Known limitations: N/A
Affected Components: UI

FIXED AWS Marketplace Integration - 16:00 UTC

Description: Fixed a bug with registering AWS marketplace contract.
Case ID: PLAT-4185
Known limitations: N/A
Affected Components: AWS Marketplace

FIXED Open add policy modal from rulesests - 12:00 UTC

Description: Fixed a bug in rulesets. Couldn’t open the add policy modal.
Case ID: PLAT-4629
Known limitations: N/A
Affected Components: rulesets

FIXED GCP VM Instance - 14:00 UTC

Description: Fixed a bug in GCP VM Instance in Protected Assets where “tags” field was always empty.
Case ID: IN-3987
Known limitations: N/A
Affected Components: FETCHERS

IMPROVEMENT Compliance Rulesets Update - 11:00 UTC

Description: Azure rules removal. A complete list can be found here.
Case ID: IN-4471, DFT-1935
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

FIXED Azure SQL Managed Instance - 8:00 UTC

Description: Fixed a bug in Azure SQL Managed Instance data fetching where “properties.publicDataEndpointEnabled” field wasn’t updated properly.
Case ID: DFT-1951
Known limitations: N/A
Affected Components: FETCHERS

FIXED AWS IAM Role - 12:00 UTC

Description: Fixed a bug in IAM Role data fetching where 'MaxSessionDuration” property was not updated properly.
Case ID: DFT-1946
Known limitations: N/A
Affected Components: FETCHERS

Feature Helm Chart 2.12.0 release - 15:00 UTC

Description:

• Support AWS BottleRocket OS: by using a flag “--set platform=eks.bottlerocket”

• Inventory 1.5.0: Agent status improvement; discovery of missing permissions for Kubernetes API

• Image Assurance 2.12.0: remove fluentbit container

• Admission Control GSL 1.3.3: update packages

• Runtime Protection daemon 0.0.740:

  • Added support for AWS BottleRocket OS

  • Updated procedure for Linux kernel headers installation

Known limitations: N/A
Affected Components: Kubernetes Helm

feature GCP Dataproc Cluster - 9:00 UTC

Description: Added support for GCP Dataproc Cluster in compliance engine and protected assets.
Case ID: IN-1260
Known limitations: N/A 
Affected Components: FETCHERS COMPLIANCE ENGINE PROTECTED ASSETs

IMPROVEMENT Compliance Rulesets Update - 11:15 UTC

Description: New AZURE rules. A complete list can be found here.
Case ID: IN-4380
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

FEATURE Intelligence Pro - GCP Network Traffic - 14:41 UTC

Description: GCP Network Traffic onboarding and ruleset, see here documentation.
Case ID: INT-1473
Affected Components: INTELLIGENCE UI ONBOARDING GCP