Release Notes

Improvement Compliance Rulesets Update - 08:00 UTC
Description: General maintenance and content updates, including a new CIS Amazon Web Services Foundations Benchmark v5.0.0 ruleset.
Case ID: CNAPP-16365, DFR-4149
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Compliance Rulesets Update - 06:00 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-16352, DFT-5072
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Compliance Rulesets Update - 13:30 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-16281, DFT-5029
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Azure User - 11:30 UTC
Description: Added support for “AccountEnabled” Property for the Azure User Entity in Compliance Engine and Protected Assets.
Case ID: DFR-4147
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS PROTECTED ASSETS FETCHERS

Improvement Azure Machine Learning Workspace - 13:30 UTC
Description: Added support for the IpAllowList and NetworkAcls Properties for the Azure Machine Learning Workspace Entity.
Case ID: DFR-4148
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS PROTECTED ASSETS FETCHERS

Improvement Compliance Rulesets Update - 10:45 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-16258, DFT-5058
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Compliance Rulesets Update - 13:45 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-16281, DFT-5029
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement GCP Gke Cluster - 11:30 UTC
Description: Added support for ‘Autopilot’ property in GCP Gke Cluster.
Case ID: DFT-5029
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS PROTECTED ASSETS FETCHERS

Improvement Compliance Rulesets Update - 09:30 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-15581, CNAPP-16078, CNAPP-16270, DFR-4084, DFT-5047
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FEATURE AWS WAF Global V2 - 14:30 UTC
Description: Added a ‘Rules[].Statement’ property for the AWS WAF Global V2 entity to allow for better means of distinguishing between enabled enforcement and disabled enforcement.
Case ID: DFT-5000
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS

FEATURE Azure Front Door - 14:30 UTC
Description: Added ‘Endpoints’ Property for the Azure FrontDoor Entity.
Case ID: CNAPP-15579
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

Improvement Compliance Rulesets Update - 11:30 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-16258, DFT-5034
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Compliance Rulesets Update - 09:45 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-16508, DFT-4947
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Compliance Rulesets Update - 10:15 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-16204, CNAPP-16205, DFT-5007, DFT-5008
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement AWS Account Alternate Contact - 14:00 UTC
Description: Add support for AWS AccountAlternateContact in ProtectedAssets.
Case ID: CNAPP-15635
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS PROTECTED ASSETS

Improvement Compliance Rulesets Update - 10:00 UTC
Description: General maintenance and content updates. FISC v12 rulesets for AWS and Azure.
Case ID: CNAPP-15126, DFR-4078
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Azure Front Door - 14:00 UTC
Description: Added support for Front Door secrets and origin Groups properties in compliance engine and protected assets.
Case ID: CNAPP-14577
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS FETCHERS PROTECTED ASSETS

Improvement AWS new regions support - 12:30 UTC
Description: Added support for 3 new AWS Regions: mx_central_1, ap_southeast_5, ap_southeast_7 - across all AWS entities.
Case ID: CNAPP-15014
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS FETCHERS PROTECTED ASSETS

FEATURE Azure Data Factory - 16:00 UTC
Description: Added support for the following properties for the Data Factory entity in Compliance Engine and Protected Assets: GitConfigurations, DataFactoryV2IntegrationRuntime, privateLinkServiceConnectionState, PurviewConfiguration.
Case ID: CNAPP-14566
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED AWS RDS DB Cluster - 14:00 UTC
Description: Fixed an issue that caused the tags of the Aws RDSDBCluster Entity’s tags to incorrectly show as empty.
Case ID: DFT-4965
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS

FIXED AWS S3 Bucket - 18:30 UTC
Description: Added support to new AWS regions, so that S3 bucket will not get missing policy statement, and will show all correct data.
Case ID: DFT-4894
Known Limitations: N/A
Affected Components: FETCHERS

Improvement Compliance Rulesets Update - 10:00 UTC
Description: General maintenance and content updates. Azure CloudGuard Best Practices ruleset Japanese translation. A complete list can be found here.
Case ID: CNAPP-15819, CNAPP-16099, DFT-4881, DFT-4967
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FEATURE AWS Fin Space Kx Environment - 16:00 UTC
Description: Added support for AWS Fin Space Kx Environment entity in compliance engine and protected assets.
Case ID: DFR-4144
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

Improvement Compliance Rulesets Update - 12:30 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-15673, CNAPP-15693, CNAPP-15694, CNAPP-15695, CNAPP-16050, CNAPP-16075, DFT-4942, DFT-4957
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FIXED AWS Secret Manager - 14:00 UTC
Description: Fixed an issue where the AWS Secret Manager Entities got cut off while fetching because of a limit on the results.
Case ID: DFT-4938
Known Limitations: N/A
Affected Components: FETCHERS

Improvement AWS Access Analyzer Finding - 16:00 UTC
Description: Expose AWS Access Analyzer Finding in GSL and Protected Assets.
Case ID: DFR-3557
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FIXED AWS Application & Network Load Balancer - 10:30 UTC
Description: Fixed get by id API call.
Case ID: DFT-4812, DFT-4930
Known Limitations: N/A
Affected Components: api

Improvement Compliance Rulesets Update - 14:30 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-15933, CNAPP-16043, DFT-4939
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

IMPROVEMENT AWS Account Alias - 13:00 UTC
Description: Added support for AWS Account Alias in Compliance Engine: For the RDSDBCluster, S3Bucket and DynamoDbTable.
Case ID: DFT-4794
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

Improvement Compliance Rulesets Update - 11:30 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-15945, DFT-4903, DFT-4923
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

IMPROVEMENT AWS Ebs Snapshot - 16:00 UTC
Description: Improved performance for AWS Ebs Snapshot in compliance engine.
Case ID: DFT-4794
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT AWS Region - 14:30 UTC
Description: Added support for AutomatedDiscoveryAccount in macieAutomatedDiscoveryConfiguration property in AWS Region.
Case ID: DFR-3766
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED Protected Assets Export By Email Timeout - 10:30 UTC
Description: Protected assets export by email got timeout for large exports but the email was sent, now the timeout is fixed.
Case ID: DFT-4815
Known Limitations: N/A
Affected Components: api

FIXED OCI Entities - 07:30 UTC
Description: Resolved an issue that caused non-used services exceptions to be caught as permission issues.
Case ID: DFT-3298
Known Limitations: Existing false-positive permission issues should be resolved by "Reset Permissions".
Affected Components: FETCHERS

IMPROVEMENT Azure VNet - 14:30 UTC
Description: Added support for property “enableDdosProtection” for Azure VNet in Compliance engine & Protected Assets.
Case ID: DFR-4097
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED AWS Iam Policy - 14:30 UTC
Description: Fixed bug in “isAWSManaged” property in AWS Iam Policy.
Case ID: DFT-4776
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS

IMPROVEMENT Azure Event Hub - 14:30 UTC
Description: Added support for property “minimumTlsVersion” for Azure Event Hub in Compliance engine & Protected Assets.
Case ID: DFR-4085
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

Improvement Assessment History Export - 08:00 UTC
Description: Passed entities are now included as part of the assessment history export.
Case ID: DFT-4690, DFT-4772
Known limitations: N/A
Affected Components: ui

Improvement Compliance Rulesets Update - 08:00 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-15685, DFT-4799, DFT-4872, DFT-4888
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FIXED AWS FinSpaceEnvironment & FirewallManagerPolicy - 13:00 UTC
Description: Resolved an issue that caused some exceptions to be classified as permission issues, for AWS FinSpaceEnvironment and FirewallManagerPolicy entities.
Case ID: DFT-3242
Known Limitations: N/A
Affected Components: FETCHERS

Improvement Compliance Rulesets Update - 11:00 UTC
Description: General maintenance and content updates. A complete list can be found here.
Case ID: CNAPP-15821, DFR-4119, DFT-4799, DFT-4834
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

IMPROVEMENT AWS Configuration Setting, AWS Region - 14:00 UTC
Description: Added support for property “exclusionByResourceTypes” for AWS Configuration Setting and AWS Region in Compliance engine & Protected Assets.
Case ID: DFR-4033
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

Improvement Compliance Rulesets Update - 07:30 UTC
Description: Content fixes and updates, including Azure Container Registry public access settings. A complete list can be found here.
Case ID: CNAPP-15770, DFT-4873
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Compliance Rulesets Update - 09:00 UTC
Description: Content fixes and updates, including Azure Storage Account infrastructure encryption setting, and Azure Databricks configuration parameters. A complete list can be found here.
Case ID: CNAPP-15469, CNAPP-15793, DFT-4818, DFT-4853
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Compliance Rulesets Update - 11:45 UTC
Description: Managed list update for ECS agent version tracking.
Case ID: CNAPP-15380, DFT-4805
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FIXED AWS Application Load Balancer - 10:50 UTC
Description: fixed the entity ID format in AWS Application Load Balancer, Network Load Balancer, and Gateway Load Balancer by replacing the Name field with ARN.
Case ID: DFT-4812
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

Improvement Compliance Rulesets Update - 13:07 UTC
Description: New rules for Azure. A complete list can be found here.
Case ID: CNAPP-15623, DFT-4763, DFT-4781
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

ANNOUNCMENT AWS SsmParameter & SsmDocument Entities - 11:30 UTC
Description: Removed the ‘Beta’ tags in the GSL Builder from the following entities: SsmParameter, SsmDocument.
Case ID: CNAPP-14513
Known Limitations: N/A
Affected Components: UI

FEATURE AWA Sage Maker Inference - 13:30 UTC
Description: Added support for AWS Sage Maker Endpoint and Model in compliance engine and protected assets.
Case ID: CNAPP-14005
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT Azure Function App - 11:17 UTC
Description: Added new properties to Azure FunctionApp: keyVaultReferenceIdentity, virtualNetworkSubnetId, applicationSettings, backupInfo, diagnosticSettings , networkSecurityGroup.
Case ID: CNAPP-14601
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT GCP Cloud NAT Gateway - 10:30 UTC
Description: Added support for ‘NatType’ property in GCP Cloud NAT Gateway in compliance engine. Renamed ‘Type’ property to ‘NatType’ in nats at GCP Router.
Case ID: DFR-3811
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

FIXED Include "Azure users" in filtered results for high severity alerts - 16:30 UTC
Description: This update ensures comprehensive user data representation, enhancing monitoring and response capabilities..
Case ID: DFT-3443
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

Improvement Toxic Combination Update - 11:00 UTC
Description: New rules for AWS and Azure. A complete list can be found here.
Case ID: CNAPP-15425
Known limitations: N/A
Affected Components: Toxic Combination

IMPROVEMENT Azure ApplicationGateway - 14:30 UTC
Description: Added two new properties for Azure ApplicationGateway: privateLinkConfigurations, keyVaultSecretId
Case ID: CNAPP-14588
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS

IMPROVEMENT AWS Region - 16:00 UTC
Description: Added properties for AWS Region: cloudFormationStackNames, ec2Settings
Case ID: DFR-3249, DFR-3537
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT Azure Machine Learning Workspace - 14:30 UTC
Description: Added new property for Azure Machine Learning Workspace: Compute
Case ID: CNAPP-14014
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

FEATURE Azure Bot Service - 15:00 UTC
Description: Added support for Azure Bot Service entity in Protected Assets and compliance engine.
Case ID: CNAPP-14013
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIX CDR - Events- 15:00 UTC

Description: Fixed the issue where CDR events would not display correctly if filtered by OU.
Case ID: CNAPP-15311
Known limitations: N/A
Affected Components: CDR UI

FEATURE CDR - Dashboard - 15:00 UTC

Description: Brand new CDR dashboard in the CDR menu. Find all the important CDR related information in one place.
Case ID: CNAPP-15032
Known limitations: N/A
Affected Components: CDR UI

FEATURE Risk Management - Cloud Guard WAF integration - 13:30 UTC

Description: Added information about the benefits of Cloud Guard WAF integration to Risk Management dashboard and protected assets.
Case ID: CNAPP-14952
Known limitations: N/A
Affected Components: RISK MANAGEMENT PROTECTED ASSETS UI

FEATURE Risk Management - Risk Calculation - 13:30 UTC

Description: Released a new Risk Score formula that includes the addition of Toxic Combinations and Cloud Guard WAF protection.
Case ID: CNAPP-11728
Known limitations: N/A
Affected Components: RISK MANAGEMENT PROTECTED ASSETS

FEATURE CIEM - Identical Identities - 12:00 UTC

Description: Identical identities dialog was added to AWS and Azure environments (within the environment page three dots menu).
Case ID: CNAPP-14952
Known limitations: N/A
Affected Components: CIEM UI

Improvement Compliance Rulesets Update - 10:06 UTC
Description: New Ruleset: AWS CIS Foundations v. 4.0.1, Azure Storage Services CIS Benchmark v1.0.0; New rules for AWS, AZURE. A complete list can be found here.
Case ID: CNAPP-15292
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Toxic Combination Update - 11:00 UTC
Description: New rules for AWS and Azure. A complete list can be found here.
Case ID: CNAPP-15297
Known limitations: N/A
Affected Components: Toxic Combination

IMPROVEMENT New Look - Settings > Email Notification Page - 8:00 UTC
Description: None
Case ID: CNAPP-15392
Known Limitations: N/A
Affected Components: UI

IMPROVEMENT UI > 3rd Party icon in Integration Configuration drawer size change - 14:30 UTC
Description: None
Case ID: CNAPP-13072
Known Limitations: N/A
Affected Components: UI

FIXED Fix MultiSelectListComponent (used in Policy Wizard & Email Notifications) - 15:00 UTC
Description: None
Case ID: CNAPP-15376
Known Limitations: N/A
Affected Components: UI

IMPROVEMENT Supported Missing Regions in OCI - 1:30 UTC
Description: Added support for previously unsupported regions.
Case ID: DFR-4101
Known Limitations: N/A
Affected Components: API FETCHERS

FEATURE Risk Management - IAM Sensitivity - 08:50 UTC

Description: IAM Sensitivity support for Azure Virtual Machine Scale Set.
Case ID: CNAPP-14917
Known limitations: N/A
Affected Components: RISK MANAGEMENT PROTECTED ASSETS

Improvement CDR Rulesets Update - 13:00 UTC
Description: Content updates, enrichment and bug fixes. A complete list can be found here.
Case ID: CNAPP-15308, DFT-4647, DFT-4648
Known Limitations: N/A
Affected Components: INTELLIGENCE RULESETS

IMPROVEMENT Azure CognitiveServices Property - 16:30 UTC
Description: Added property to Azure CognitiveServices: Diagnostic Settings
Case ID: CNAPP-14599
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

Improvement Compliance Rulesets Update - 09:21 UTC
Description: New Ruleset: AWS Generative AI Best Practices Framework v2; New rules for AWS. A complete list can be found here.
Case ID: CNAPP-15160, DFT-4661
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement Toxic Combination Update - 11:00 UTC
Description: New rules for AWS and Azure. A complete list can be found here.
Case ID: CNAPP-15199
Known limitations: N/A
Affected Components: Toxic Combination

FIXED UI | Cannot create policies for some rulesets in Japanese - 16:00 UTC
Description: UI | Cannot create policies for some rulesets in Japanese
Case ID: DFT-4399
Known Limitations: N/A
Affected Components: UI

IMPROVEMENT Azure DataBricksWorkspace Properties - 13:30 UTC
Description: Added properties to Azure DataBricksWorkspace: ManagedServices, ManagedServices
Case ID: CNAPP-14020
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

FIXED Added Missing Permission to Azure Manual Onboarding Instructions - 11:00 UTC
Description: Added Auditlog.Read.All to list of permissions that the user gets prompted to add when manually onboarding an Azure subscription.
Case ID: DFT-3824
Known Limitations: N/A
Affected Components: FETCHERS

FIXED AWS Macie - 12:30 UTC
Description: Resolved an issue where disabled service exceptions were incorrectly classified as permission errors.
Case ID: DFR-4076
Known Limitations: Previously misclassified exceptions should be reset using the 'Validate Permissions' function.
Affected Components: FETCHERS

IMPROVEMENT Removed system ruleset dependencies from home, AWS, Azure and GCP dashboards - 17:00 UTC
Description: Removed system rulesets filtering on specific widgets on the above dashboards and removed empty score widget.
Case ID: CNAPP-14873
Known Limitations: N/A
Affected Components: Compliance Engine

FIXED Fix rulesets filtering - 20:00 UTC
Description: Fix rulesets filtering
Case ID: CNAPP-15145
Known Limitations: N/A
Affected Components: UI

FEATURE Risk Management - Azure Virtual Machine Scale Set - 13:30 UTC

Description: Risk Management support for Azure VMSS.
Case ID: CNAPP-14915
Known limitations: Network Exposure and IAM Sensitivity information will be supported in future releases.
Affected Components: RISK MANAGEMENT PROTECTED ASSETS

IMPROVEMENT Azure RedisCache DiagnosticSettings - 12:30 UTC
Description: Added new property for Azure RedisCache -DiagnosticSettings
Case ID: CNAPP-14592
Known Limitations: N/A
Affected Components: API COMPLIANCE ENGINE FETCHERS

FEATURE Alibaba Dedicated Host entities - 15:00 UTC
Description: Added support for Alibaba Dedicated Host entities.
Case ID: CNAPP-11638
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE PROTECTED ASSETS

IMPROVEMENT Azure Service Bus - 16:00 UTC
Description: Added support for a new property in Azure Service Bus - ‘encryption’ in Compliance Engine.
Case ID: CNAPP-14600
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE

IMPROVEMENT GCP VMInstance new Property - 12:30 UTC
Description: Added support for a new property in GCP VMInstance - ‘DiskId’
Case ID: DFR-3671
Known Limitations: N/A
Affected Components: API COMPLIANCE ENGINE

Improvement Compliance Rulesets Update - 09:26 UTC
Description: New rules for AWS. A complete list can be found here.
Case ID: CNAPP-15002
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

Improvement GCP onboarding process has been updated with a new design and flow - 13:30 UTC
Description: This update introduces several improvements and functionalities that simplify the onboarding journey for GCP accounts.
With several improvements and functionalities that simplify the onboarding journey for GCP accounts.
Case ID: CNAPP-12865
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE gcp

Improvement Update GCP Permissions using a Script - 13:30 UTC
Description: The process for updating GCP permissions has been enhanced to utilize a script-based approach.
This improvement streamlines the permissions configuration process, reduces manual effort, and ensures accuracy when managing GCP roles and permissions.
Case ID: CNAPP-15002
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE gcp

Improvement Organizational Units page has been redesigned - 13:30 UTC
Description: The Organizational Units page has been redesigned with a new look and enhanced functionality, including the addition of an ID column.
Case ID: CNAPP-13974
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE

Improvement Toxic Combination Update - 15:00 UTC
Description: New rules for AWS and Azure. A complete list can be found here.
Case ID: CNAPP-14954
Known limitations: N/A
Affected Components: Toxic Combination

ANNOUNCMENT Deprecated AWS Nimble Studio and Elastic Transcoder - 13:30 UTC
Description: Removed AWS Nimble Studio and Elastic Transcoder from Compliance Engine and Protected Assets
Case ID: CNAPP-13957
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

IMPROVEMENT Azure CognitiveService - 13:30 UTC
Description: Added support for a new properties in Azure CognitiveService: “privateEndpointConnections”, “disableLocalAuth”.
Case ID: CNAPP-14018
Known Limitations: N/A
Affected Components: FETCHERS

FIXED Azure Storage account - Blob container public access is empty - 15:30 UTC
Description: Fixed an issue where the publicAccess property is empty when there is a value- in Azure Storage Blob Container entity.
Case ID: DFT-4729
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FEATURE Risk Management - Network Exposure - 09:00 UTC

Description: Network Exposure support for Azure SQL Managed Instance.
Case ID: CNAPP-14204
Known limitations: N/A 
Affected Components: RISK MANAGEMENT PROTECTED ASSETS COMPLIANCE ENGINE

FIXED Environments page | Validate all environments cause rate limits and fails many environments - 17:00 UTC
Description: Environments page | Validate all environments cause rate limits and fails many environments
Case ID: DFT-4628
Known Limitations: N/A
Affected Components: UI

Improvement Compliance Rulesets Update - 15:00 UTC
Description: New rules for AWS, AZURE. A complete list can be found here.
Case ID: CNAPP-14843
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FEATURE Azure Compute Images - 10:00 UTC
Description: * A new field, ‘machineImage.exactVersion', has been added to the Azure VirtualMachine entity.
* This field is also reflected in the AzureVirtualMachine API and has been added to the Protected Assets Search API as and additional field: 'MachineImageExactVersion’
* A new API, ‘AzureComputeGalleryImage’, has been introduced for Azure Compute Gallery Images.
Case ID: DFR-3929
Known Limitations: N/A
Affected Components: API COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED UI| Inventory | Broken Properties page - 11:00 UTC
Description: UI| Inventory | Broken Properties page
Case ID: DFT-4672
Known Limitations: N/A
Affected Components: UI

FEATURE AWS OpenSearchServerless collection new Entity - 9:00 UTC
Description: Added support for Aws Entity OpenSearchSLCollection in Compliance Engine and Protected Assets.
Case ID: DFR-3882
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

FIXED Azure Active Directory (tenant level) assets - 12:00 UTC
Description: Fixed an issue where sometimes azure cloud accounts with permission issues showed an error message containing different cloud account id. 
This behavior is now fixed and permission error message for tenant level entities will not contain cloud account specific id.
Case ID: DFT-4715
Known Limitations: N/A
Affected Components: UI

FEATURE Feature AWS Quick Sight Data Source - 10:00 UTC
Description: Added support for AWS Quick Sight Data Source Entity.
Case ID: DFR-3246
Known Limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS

ANNOUNCMENT Deprecated labels in GSL Builder - 10:00 UTC
Description: Added support for “Deprecated” labels in the GSL Builder.
Case ID: CNAPP-14757
Known Limitations: N/A
Affected Components: UI

Improvement Compliance Rulesets Update - 09:20 UTC
Description: Japanese version of FISC for AWS and Azure, General maintenance and content updates.
Case ID: CNAPP-14722
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS

FEATURE IMPROVEMENT 2.34.0: Image Assurance Docker Hub Registry Scanning, AppArmor for K8s 1.30+, affinity improvement
Description:

• Image Assurance 2.38.0: Docker Hub Container Registry Scanning support

• Support AppArmor for Kubernetes 1.30+

• Remove duplicate node affinity for some environments

• Enhancements: Inventory 1.16.0, Flow Logs 0.16.0, Admission Control policy 1.10.0, Admission Control enforcer 2.14.0

Case ID: CON-10776
Affected Components: Workload Protection AGents

FIXED AWS Organization Account - 12:00 UTC
Description: Fixed a bug where accounts that were organizations and then moved to a be part of another organization were not deleted from the database
Case ID: DFT-4650
Known Limitations: N/A
Affected Components: Fetchers

FIXED Protected Assets search request - 9:30 UTC
Description: Fixed issue with protected assets search request, where not all assets returned in the query.
Case ID: DFT-4664, CNAPP-14492, CNAPP-13293
Known Limitations: N/A
Affected Components: Protected Assets

FEATURE Azure Serial Console - 9:00 UTC
Description: Added support for Azure Serial Console Entity in Compliance Engine and Protected Assets.
Case ID: DFR-2940
Known Limitations: N/A
Affected Components: Fetchers Compliance Engine Protected Assets

fixed AWS Iam Role - 10:30 UTC
Description: Fixed a bug that prevented update of roles with a policy that defines “DateLessThan” condition, this bug is now fixed and the role should be updated.
Case ID: DFT-4700
Known Limitations: N/AAffected Components: