July 2024
- Guy Shteinberg
Deployment July 31 , 2024
IMPROVEMENT OCI New Regions - 14:00 UTC
Description: Added support for the following regions:
Colombia Central (Bogota)
US Midwest (Chicago)
Chile West (Valparaiso)
Mexico Northeast (Monterrey)
Serbia Central (Jovanovac)
Singapore West (Singapore)
Case ID: CNAPP-10602
Known limitations: N/A
Affected Components: FETCHERS
IMPROVEMENT Azure New Regions - 14:00 UTC
Description: Added support for the following regions:
Spain Central
Italy North
Poland Central
Mexico Central
Case ID: DFR-3320
Known limitations: Currently not supported in Dome9 provider
Affected Components: FETCHERS
IMPROVEMENT AWS New Regions - 14:00 UTC
Description: Added support for the following regions:
Canada West (Calgary)
Case ID: CNAPP-6841
Known limitations: Currently not supported in Dome9 provider
Affected Components: FETCHERS
Deployment July 30 , 2024
IMPROVEMENT Azure Storage - 11:30 UTC
Description: Added support for ‘diagnosticSettings’ property in Azure StorageAccount, StorageAccount.queueServiceProperties, StorageAccount.tableServiceProperties, tableServicePropertiesStorageAccount.fileServiceProperties, StorageAccount.blobServiceProperties in Compliance engine & Protected Assets.
Case ID: DFR-3642, CNAPP-7689
Known limitations:
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS
Deployment July 25, 2024
IMPROVEMENT Toxic Combinations in Protected Assets API - 07:30 UTC
Description: Added Toxic Combinations counters by severity to Protected Assets API. This information is listed under the context field in openSecurityIssues property.
Case ID: CNAPP-8883
Known limitations: N/A
Affected Components: API PROTECTED ASSETS
feature AWS Code Commit Entities - 14:00 UTC
Description: Added support for Aws Code Commit Repository and Approval Template Entities in Compliance Engine and Protected Assets.
Case ID: DFR-3369
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
Deployment July 24, 2024
feature AWP Centralized Scanning mode - 14:00 UTC
Description: Agentless Workload Posture Centralized Scanning mode is now supported in AWS, for more details on AWP for AWS, see our documentation.
Case ID: AL-2060
Known limitations:
Affected Components: AWP
feature AWS Redshift Serverless Namespace - 11:45 UTC
Description: Added support for AWS Redshift Serverless Namespace Entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9503
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS EMR Serverless Application Entity - 11:30 UTC
Description: Added support for AWS EMR Serverless Application Entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9502
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
IMPROVEMENTAWS Backup Vault - 07:30 UTC
Description: Added support for ‘accessPolicy’ property in AWS Backup Vault in Compliance engine & Protected Assets.
Also added API to get AWS backupVault entities.
Case ID: DFR-2929, DFR-2927
Known limitations:
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS
IMPROVEMENTAWS ECS Task- 07:30 UTC
Description: Added support for ‘containers.image’ and ‘containers.imageDigest’ properties in AWS ECS Task in Compliance engine & Protected Assets.
Also added API to get EcsTask entities.
Case ID: DFR-3417
Known limitations:
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS
Deployment July 23, 2024
fixed Bug Fixes - 14:00 UTC
Description: Fixed various issues in the UI
Trendline widget would not show data in the dashboard for some users.
Context graph popups would glitch outside the graph area in full screen mode.
Context graph would show distracting tooltips when hovering over nodes.
Case ID: CNAPP-10332, CNAPP-10309, CNAPP-10291
Known limitations:
Affected Components: UI Risk Management DASHBOARD
Deployment July 21, 2024
feature AWS Well Architected Tool Workload - 11:30 UTC
Description: Added support for AWS Well Architected Tool Workload Entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9462
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Polly Speech Synthesis Task entity - 11:30 UTC
Description: Added support for AWS Polly Speech Synthesis Task entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9463
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Lookout For Vision Project Entity - 11:30 UTC
Description: Added support for AWS Lookout For Vision Project Entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9464
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Lookout For Metrics Anomaly Detector entity - 11:30 UTC
Description: Added support for AWS Lookout For Metrics Anomaly Detector entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9465
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Audit Manager Assessment Entity - 11:30 UTC
Description: Added support for AWS Audit Manager Assessment Entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9465
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Glue Data Brew Job Entity - 11:30 UTC
Description: Added support for AWS Glue Data Brew Job Entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-9504
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
Deployment July 17, 2024
fixed AWS CloudTrail - 11:00 UTC
Description: Fixed an issue that blocked organizational trails from being fetched.
Case ID: DFT-3598
Known limitations: Customers may experience, findings closure/reopen and missing data in the next 24 hours.
Affected Components: fetchers PROTECTED ASSETS
Deployment July 16, 2024
IMPROVEMENT Added an “Overview” button for Toxic Combinations list - 16:00 UTC
Description:
Added a button to the Toxic Combinations table that allows you to quickly set the grouping of the table in a convenient way.
Case ID: CNAPP-9166
Known limitations: N/A
Affected Components: UI Risk management
Deployment July 15, 2024
fixed AWS Iam Group bug fix - 15:00 UTC
Description: Fixed a bug that saved incorrect GroupInlinePolicy and prevents the Inline policy to appear as property inside the IamGroup entity while running GSL
Case ID: CNAPP-10366
Known limitations: data of type "AWS Iam User Group Inline Policy" may disappear after the first fetching, and appear again in the next fetching.
Also, in case there are findings opened by Inline Policies rule, it may be be closed & reopen.
Affected Components: compliance engine fetchers
Deployment July 14, 2024
feature AWP - Azure Virtual Machines - 16:00 UTC
Description: AWP now support scanning Azure Virtual Machines with all encryption modes in in-account mode (ADE, SSE, PMK...)
Case ID: AL-2452
Known limitations: N/A
Affected Components: AWP
Deployment July 11, 2024
IMPROVEMENT Bug fixes and improvements - 16:00 UTC
Description:
Improved the description in Auzre onboarding wizard to better reflect the required user actions.
Fixed sorting order in grouping by severity in ERM tables.
Fixed an issue where the links in CIEM dashboard would not lead to the events table with the correct filter.
Some other minor fixes.
Case ID: CNAPP-10169, CNAPP-9977, CNAPP-10290
Known limitations: N/A
Affected Components: UI Risk management CIEM
Deployment July 10, 2024
IMPROVEMENT AWS Macie Automated Discovery Configuration - 13:30 UTC
Description: Added “macieAutomatedDiscoveryConfiguration” property to AWS Region entityץ If “region.macieAutomatedDiscoveryConfiguration.status” is “ENABLED” it indicates that Macie Automated Sensitive Data Discovery is enabled for the region.
Case ID: DFR-3657
Known limitations: N/A
Affected Components: fetchers COMPLIANCE ENGINE PROTECTED ASSETS
IMPROVEMENT AWS S3Bucket Macie information update - 13:30 UTC
Description: Added “AutomatedDiscoveryMonitoringStatus“ property to S3Bucket.macieInformation.
Case ID: DFR-3656
Known limitations: N/A
Affected Components: fetchers COMPLIANCE ENGINE PROTECTED ASSETS
IMPROVEMENT Compliance Rulesets Update - 09:30 UTC
Description: New Ruleset CIS Database Benchmark v1.0.0 for Azure; New Azure rule. A complete list can be found here.
Case ID: CNAPP-10130, DFR-3529, DFT-3727
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS
Deployment July 8, 2024
improvement Protected Asset Page - 16:00 UTC
Description: Improved loading time for select entity types.
Case ID: CNAPP-8979
Known limitations:
Affected Components: UI
Deployment July 7, 2024
feature Azure StorageBlobContainer - 12:30
Description: Added support for Azure StorageBlobContainer in Compliance Engine and Protected Assets.
Case ID: DFR-3448
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
improvement Ecosystem - Slack & Teams notifications - 08:30 UTC
Description: New integration with Slack and Teams, enabling to send CDR, Runtime protection and K8 admission control notifications to designated channels.
Case ID: CNAPP-2519
Known limitations: 3rd party rate limitations
Affected Components: notifications
Deployment July 4, 2024
improvement Risk Management - AWS Auto Scaling Group - 12:00 UTC
Description: Added Network Exposure calculation for AWS Auto Scaling Groups.
Case ID: CNAPP-8873
Known limitations: N/A
Affected Components: RISK MANAGEMENT PROTECTED ASSETS
Deployment July 3, 2024
improvement Helm 2.31.0: RP add cgroupv2 support for Docker container Runtime - 11:00 UTC
Description: Runtime Protection daemon 1.16.3: Add cgroupv2 support for docker container runtime.
Case ID: CON-9661
Known limitations: N/A
Affected Components: COntainers
IMPROVEMENT Compliance Rulesets Update - 11:00 UTC
Description: New rules for Azure and GCP. A complete list can be found here.
Case ID: CNAPP-9991, DFR-3530, DFT-3838
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS
feature GCP Identity Aware Proxy Brand - 07:00 UTC
Description: Added support for GCP Identity Aware Proxy Brand Entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-6372
Known limitations:
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS