November 2023

IMPROVEMENT Filter by more than one Organizational Unit in the Protected Assets page - 15:30 UTC

Description: When navigating to Assets → Protected Assets page, you can now filter by more than one Organizational Unit.

Case ID: CNAPP-3457, DFR-2706
Known limitations: N/A 
Affected Components: PROTECTED ASSETS

feature Generate Protected Assets report without size limitation - 15:00 UTC

Description: Protected Assets report can now be exported by mail without size limitation.

Case ID: CNAPP-3454, DFR-2706
Known limitations: N/A
Affected Components: PROTECTED ASSETS

FIX Favorite Filters in Risk Management pages - 14:00 UTC

Description: Fixed an issue where it was impossible to create favorites filters in all the Risk Management pages (i.e. Protected Assets table and dashboards)

Case ID: CNAPP-5246
Known limitations: Filters saved prior to this fix may no longer work. Please delete the filter and save it again.
Affected Components: EFFECTIVE RISK MANAGEMENT UI

feature Risk Level Calculation for Environments - 14:00 UTC

Description: Added a new column in the Environments list and a new badge in the single environment view that indicates the level of risk presented by the assets in this environment.

Case ID: CNAPP-2948
Known limitations: N/A
Affected Components: EFFECTIVE RISK MANAGEMENT UI

feature Risk Management Assets Support - 11:30 UTC

Description: Added support for new Azure asset types in Risk Management:

• MySQLDBSingleServer

• MySQLDBFlexibleServer

• PostgreSQL

• PostgreSQLFlexibleServer

Case ID: CNAPP-3994
Known limitations: N/A
Affected Components: EFFECTIVE RISK MANAGEMENT

feature Compliance Notifications - SNS Integration- 00:40 UTC

Description: SNS payload improvement.

Case ID: DFT-3049, DFT-3051, CNAPP-4796, CNAPP-5019
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

FIXED Unable to update CloudGuard permissions from 4.71.1 to 4.71.2 - 13:00 UTC

Description: Add support for updating unified onboarding resources
Case ID: DFT-3128
Known limitations: N/A
Affected Components: onboarding

feature GCP Cloud NAT - 12:15 UTC

Description: Added new Cloud NAT properties to the GCP “Router” entity: nats[].type, nats[].autoNetworkTier, nats[].endpointTypes, nats[].maxPortsPerVm, nats[].enableDynamicPortAllocation, nats[].tcpTimeWaitTimeoutSec, nats[].rules.

Case ID: DFR-2962
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT Azure Virtual Machine - 11:15 UTC

Description: Added a new property "virtualMachineScaleSetId" to "VirtualMachine" entity. 

Case ID: DFT-3099
Known limitations: N/A 
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT Azure Virtual Machine Scale Set Instance - 11:15 UTC

Description: Added a new property "orchestrationMode" to "VMSSInstance" entity.

Case ID: DFT-3099
Known limitations: N/A 
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature Azure Power BI Embedded - 11:15 UTC

Description: Added support for Azure Power BI Embedded as a new entity: PowerBIEmbeddedCapacity in Compliance Engine and Protected Assets.

Case ID: CNAPP-4224
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature Azure StreamAnalytics Cluster - 11:15 UTC

Description: Added support for Azure StreamAnalytics Cluster in Compliance Engine and Protected Assets.

Case ID: CNAPP-4222
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature GCP Firebase Realtime Database - 11:15 UTC

Description: Added support for GCP Firebase Realtime Database as a new entity: FirebaseRealtimeDatabase.

Case ID: DFR-2966
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT Compliance Rulesets Update - 09:30 UTC

Description: New AWS rules. A complete list can be found here.

Case ID: CNAPP-5159, DFT-3101, DFT-3022
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

FIXED UI | No status page indication on login page or in application for CP status and dome9 status when we have an open incident - 14:00 UTC

Description: Add an open incident in status page indication in the UI
Case ID: DFT-3007
Known limitations: N/A
Affected Components: ui

FIXED Dashboard | The graph doesn't show all the lines - 14:30 UTC

Description: Trend graph shows all line correctly
Case ID: DFT-3066
Known limitations: N/A
Affected Components: ui

feature AWS Onboarding - Cloudbots - 7:00 UTC

Description: Simplify Cloudbots onboarding to AWS environments

Case ID: CNAPP-331
Known limitations: N/A
Affected Components: Remediation

feature Azure Onboarding - Cloudbots - 7:00 UTC

Description: Simplify Cloudbots onboarding to Azure environments

Case ID: CNAPP-332
Known limitations: N/A
Affected Components: Remediation

feature Fix-it action to remediate findings immediately from the Events menu - 7:00 UTC

Description: Manually run remediation action for findings from the Events menu to reduce risk and security issues.

Case ID: INT-2345
Known limitations: N/A
Affected Components: Remediation

IMPROVEMENT GCP Machine Image API - 06:00 UTC

Description: Added new endpoint "v2/GcpMachineImage" to get all GCP Machine Image entities.

Case ID: DFR-3133
Known limitations: N/A 
Affected Components: api

FIXED SKU isn't recognized by the system - 11:00 UTC

Description: Added support for SKU CP-CGLG-10TB-MLOG-EVAL
Case ID: DFT-2609
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

FIXED AWS Alternate Contact - 07:00 UTC

Description: Delete property ‘NextToken’ from the AWS Dax Cluster.
Case ID: IN-8302
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT GSL Builder - 15:00 UTC

Description: “New” labels were removed from the GSL builder’s UI, for 30 days old entities.

Case ID: IN-8201
Known limitations: N/A 
Affected Components: ui

feature Azure Chaos Studio - 15:00 UTC

Description: Added support for Azure ChaosStudioExperiment entity in Compliance Engine and Protected Assets

Case ID: CNAPP-4221
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature GCP CloudRun - 15:00 UTC

Description: Added support for GCP CloudRun as 2 new entities: CloudRunService, CloudRunJob.

Case ID: DFR-2961
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature GCP Apigee - 15:00 UTC

Description: Added support for GCP Apigee as a new entity: ApigeeApi.

Case ID: DFR-2974
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature Risk Management - Network Exposure - 14:00 UTC

Description: GCP VM Instance Support for Network Exposure in Protected Assets and Compliance Engine.
Case ID: CNAPP-2749
Known limitations: N/A 
Affected Components: Risk Management COMPLIANCE ENGINE PROTECTED ASSETS

FEATURE Risk Management - Data Sensitivity - 14:00 UTC

Description: Risk Management supports Data Sensitivity indication for Azure Storage Account and Cosmos DB Account using Azure Purview data.
Case ID: CNAPP-4947
Known limitations: N/A
Affected Components: DSPM EFFECTIVE RISK MANAGEMENT

improvement Compliance Notification 09:40 UTC

Description: Internal Improvement.
Case ID: CNAPP-4857
Known limitations: N/A 
Affected Components: Notification

Feature Workload Protection for Kubernetes: helm 2.24.3 14:30 UTC

Description: support Sonatype Nexus Registry scan, Inventory 1.13.0; Image Assurance 2.25.0; Admission Control: enforcer 2.9.0, policy 1.7.0; Runtime Protection: policy 1.7.0; Flow Logs 0.12.0. A complete list can be found here.

Case ID: CON-7488
Known limitations: N/A 
Affected Components: containers

IMPROVEMENT Compliance Rulesets Update - 09:30 UTC

Description: New Ruleset ENS 2022 for AWS; New Ruleset ENS 2022 for Azure; New AWS rules. A complete list can be found here.

Case ID: CNAPP-5029, DFT-3079
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

FIXED Azure Spring Cloud - 09:15 UTC

Description: Azure Spring Cloud

Case ID: IN-5627
Known limitations: N/A 
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT AWS Glue Data Catalog Encryption Setting entity moved to Region as enrichment - 09:00 UTC

Description: "GlueDataCatalogEncryptionSetting" entity removed from "Analytics" category and added to "Region" entity as property.

Case ID: DFT-3042
Known limitations: N/A 
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED Correct Trend widget with points with same x axis - 17:15 UTC

Description: Fix trend widget in dashboard to order correctly by x axis values

Case ID: CNAPP-3744
Known limitations: N/A 
Affected Components: ui

FIXED Dashboard | The graph doesn't show all the lines - 14:30 UTC

Description: The fix is to show a legend for compliance in that way the customer can see what ruleset has data and which line refers to each ruleset.

Case ID: DFT-3066
Known limitations: N/A 
Affected Components: ui

IMPROVEMENT Compliance Rulesets Update - 11:00 UTC

Description: New AWS rules. A complete list can be found here.

Case ID: CNAPP-4856, DFT-2866
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

IMPROVEMENT AWS AWS ConfigRule - 09:00 UTC

Description: Added a new property ‘tags’ to the AWS ConfigRule entity.
Case ID: IN-8397
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

FIXED AWS Dax Cluster - 09:00 UTC

Description: Delete property ‘NextToken’ from the AWS Dax Cluster.
Case ID: IN-8302
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT AWS Dax Parameter Group - 09:00 UTC

Description: Added a new property ‘parameters’ to the AWS Dax Parameter Group entity.
Case ID: IN-8353
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

feature GCP Cloud VPN - 9:00 UTC

Description: Added support for GCPCloud VPN as 4 new entities in Compliance Engine and Protected Assets:

• CloudVpnGateway

• CloudVpnTunnel

• ExternalVpnGateway

• TargetVpnGateway

  Case ID: DFR-2960
  Known limitations: N/A
  Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature GCP Security Command Center - 9:00 UTC

Description: Added support for GCP Security Command Center as a new entity: SecurityCenterFinding in Compliance Engine and Protected Assets.
Case ID: DFR-2970
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED UI Dashboard | aggregate data is missing in the filter when going to the events view - 12:30 UTC

Description: Fixed bug in the filter when going to events page when having free text
Case ID: DFT-3065
Known limitations: N/A
Affected Components: ui

FIXED UI Dashboard | Slowness on the dashboard - 12:30 UTC

Description: Fixed bug in the dashboard when calling BE API
Case ID: DFT-3085
Known limitations: N/A
Affected Components: ui

FIXED UI | Security group page - broken link (security group name) - 11:30 UTC

Description: Fixed bug in the security group link
Case ID: DFT-2793
Known limitations: N/A
Affected Components: ui

FIXED UI | Environment permissions: "Update" button blocked by collapsible element being always expanded - 11:30 UTC

Description: Fixed bug in update permissions such that element can be collapsed (and is so by default), “UPDATE” button is accessible
Case ID: DFT-2793
Known limitations: N/A
Affected Components: ui

FIXED Azure Onboarding | getting internal error - 13:30 UTC

Description: Fixed bug in Azure onbaording
Case ID: DFT-3077
Known limitations: N/A
Affected Components: onboarding

IMPROVEMENT Azure Virtual Network Gateway - 10:30 UTC

Description: Added new property support for the Azure VirtualNetworkGateway entity: ‘ipConfigurations[].publicIP’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine

IMPROVEMENT Azure Bastion - 10:30 UTC

Description: Added new property support for the Azure Bastion entity: ‘ipConfigurations[].publicIP’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine

IMPROVEMENT Azure Firewall - 10:30 UTC

Description: Added new property support for the Azure Firewall entity: ‘ipConfigurations[].publicIP’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine

IMPROVEMENT Azure Load Balancer - 10:30 UTC

Description: Added new property support for the Azure LoadBalancer entity: ‘frontendIPConfigurations’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine

IMPROVEMENT Azure Application Gateway - 10:30 UTC

Description: Added new property support for the Azure ApplicationGateway entity: ‘frontendIPConfigurations’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine

IMPROVEMENT AWS FinSpace Environment - 10:30 UTC

Description: Added a new property ‘kms’ to the AWS FinSpaceEnvironment entity.
Case ID: IN-8391
Known limitations: N/A
Affected Components: COMPLIANCE engine

IMPROVEMENT AWS Comprehend Flywheel - 09:00 UTC

Description: Added a new property ‘kms’ to the AWS Comprehend Flywheel entity.
Case ID: IN-8385
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT AWS Cloud Search Domain - 09:00 UTC

Description: Added a new property ‘options’ to the AWS CloudSearchDomain entity.
Case ID: IN-8369
Known limitations: N/A
Affected Components: FETCHERS

FIXED Aws AWS SNS Topic - 10:30 UTC

Description: Fixed bug in 'subscriptions' property in AWS SNS Topic, which caused multiple updates.
Case ID: IN-684
Known limitations: N/A
Affected Components: FETCHERS

FIXED Credentials -- Blank page for Infinity Portal user - 17:30 UTC

Description: Remove the Credentials tab if the logged in user is an Infinity Portal user
Case ID: DFT-2504
Known limitations: N/A
Affected Components: ui

FIXED UI | Mobile devices -- Can not generate token as Infinity Portal user - 17:30 UTC

Description: Remove the Mobile Devices tab if the logged in user is an Infinity Portal user
Case ID: DFT-2506
Known limitations: N/A
Affected Components: ui

IMPROVEMENT Azure Purview Missing Permissions - 13:00 UTC

Description: Added missing permissions indication for Azure Purview data fetching.
Case ID: CNAPP-3127
Known limitations: N/A
Affected Components: DSPM

IMPROVEMENT Compliance Assessment - 01:30 UTC

Description: New Ruleset Add System Audit Logs for Assessment Run Failures.

Case ID: DFT-3025, CNAPP-4337
Known limitations: N/A 
Affected Components: COMPLIANCE engine

IMPROVEMENT Compliance Rulesets Update - 13:00 UTC

Description: New Ruleset Kubernetes CIS Benchmark v1.8.0; New AWS rules. A complete list can be found here.

Case ID: CNAPP-4368, DFT-2917
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

FIXED UI text fix needed for Azure Secret ID - 10:40 UTC

Description: Rename application key to Secret ID to be the same as in Azure portal
Case ID: DFT-2522
Known limitations: N/A
Affected Components: ui

feature AWS Config Rule - 10:30 UTC

Description: Added support for AWS Config Rule in Compliance Engine and Protected Assets.
Case ID: DFR-2895
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature AWS Comprehend - 10:30 UTC

Description: Added support for 2 new entities:

• AWS Comprehend Flywheel

• AWS Comprehend Endpoint

The entities are supported in Compliance Engine and Protected Assets.
Case ID: CNAPP-3514
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature AWS ComputeOptimizer RecommendationSummary - 10:30 UTC

Description: Added support for AWS ComputeOptimizer RecommendationSummary in Compliance Engine and Protected Assets.
Case ID: CNAPP-2151
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature AWS LakeFormation DataLake Settings - 10:30 UTC

Description: Added support for AWS LakeFormation DataLake Settings in Compliance Engine and Protected Assets.
Case ID: CNAPP-3500
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature AWS FinSpace Environment - 10:30 UTC

Description: Added support for AWS Finspace Environment in Compliance Engine and Protected Assets.
Case ID: CNAPP-3499
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature AWS Verified Permissions - 10:30 UTC

Description: Added support for AWS VerifiedPermissionsPolicyStore entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-3515
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

feature AWS Forecast - 10:30 UTC

Description: Added support for 6 new entities:

• AWS Forecast Dataset

• AWS Forecast Dataset Group

• AWS Forecast

• AWS Forecast Monitor

• AWS Forecast Explainability

• AWS Forecast Predictor

The entities are supported in Compliance Engine and Protected Assets.
Case ID: CNAPP-1447
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED Aws AppRunner - 10:30 UTC

Description: 2 redundant properties were removed from the “AppRunnerAutoScalingConf” entity: configurationDescription.autoScalingConfigurationName & configurationDescription.autoScalingConfigurationRevision.
Case ID: IN-8371
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS

feature GCP Machine Image - 10:30 UTC

Description: Added support for GCP Machine Image in Compliance Engine and Protected Assets.
Case ID: CNAPP-4735
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT GCP Virtual Machine Instance - 10:30 UTC

Description: Added a new property to the “VMInstance” entity: sourceMachineImage.
Case ID: CNAPP-4737
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

FIXED AWS ElastiCache - 10:30 UTC

Description: AwsElasticCache Fetcher now supports China region
Case ID: IN-1907
Known limitations: N/A
Affected Components: Fetchers

FIXED Azure Virtual Machine - 08:00 UTC

Description: Fixed the type of "publicIpAllocationMethod" from int to string. This issue caused failures in GSL queries.
Case ID: DFT-848
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE api PROTECTED ASSETS

FIXED Entity Viewer | CIEM permission boundary is missing in the entity viewer (inconsistent bug) - 12:40 UTC

Description: Adding CIEM permission boundary to the entity viewer
Case ID: DFT-2911
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

FIXED New Infinity Portal tenants comes with old IaC GSL enabled - 15:40 UTC

Description: Fix the case where a new tenant, even without onboarding anything, the old GLS options get shown.
Case ID: DFT-2397
Known limitations: N/A
Affected Components: ui

FIXED New http://gsl.dome9.com doesn't render backslashes in GSL correctly - 16:40 UTC

Description: Fix display of backslash in GSL site
Case ID: DFT-2654
Known limitations: N/A
Affected Components: ui

FIXED New http://gsl.dome9.com doesn't render * in GSL logic block correctly - 16:40 UTC

Description: Fix display of * in GSL site
Case ID: DFT-3001
Known limitations: N/A
Affected Components: ui

FIXED New Dashboard - Change Severity order within widgets - 13:30 UTC

Description: Change order to be by severity
Case ID: DFT-2999
Known limitations: N/A
Affected Components: ui

IMPROVEMENT Effective Risk Management Business Priority can be set at the OU level - 11:00 UTC

Description: You can now assign Business Priority at the Organizational Unit level (previously highest level was Environment).
Case ID: CNAPP-175
Known limitations: N/A 
Affected Components: Effective risk management UI

FIXED Risk Management - 09:30 UTC

Description: Fixed an issue with Kubernetes workloads CVEs / Threats / Secrets counters.
Case ID: CNAPP-4371
Known limitations: N/A
Affected Components: EFFECTIVE RISK MANAGEMENT

fixed Protected assets/ Favorites on right no longer works - 13:30 UTC

Description: : Fixed a bug where Favorite didn’t work in Protected assets
Case ID: DFT-2884
Known limitations: N/A
Affected Components: ui

fixed AWS SES - 12:30 UTC

Description: : Fixed a bug IN AWS SES that caused assessments failures
Case ID: DFT-3018
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT Compliance Rulesets Update - 11:00 UTC

Description: New Ruleset APRA CPS 234 for GCP; New Ruleset APRA CPS 234 for Azure; New Ruleset MPLS 2.0 for Azure;New AWS rules. A complete list can be found here.

Case ID: CNAPP-4258, DFR-2891, , DFR-2941, DFT-2887
Known limitations: N/A 
Affected Components: COMPLIANCE RULESETS

feature AWS CloudHSM - 8:30 UTC

Description: Added support for AWS CloudHSMCluster and CloudHSMBackup entities in Compliance Engine and Protected Assets
Case ID: CNAPP-3503
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS