November 2023
Deployment November 30, 2023
IMPROVEMENT Filter by more than one Organizational Unit in the Protected Assets page - 15:30 UTC
Description: When navigating to Assets → Protected Assets page, you can now filter by more than one Organizational Unit.
Case ID: CNAPP-3457, DFR-2706
Known limitations: N/A
Affected Components: PROTECTED ASSETS
feature Generate Protected Assets report without size limitation - 15:00 UTC
Description: Protected Assets report can now be exported by mail without size limitation.
Case ID: CNAPP-3454, DFR-2706
Known limitations: N/A
Affected Components: PROTECTED ASSETS
FIX Favorite Filters in Risk Management pages - 14:00 UTC
Description: Fixed an issue where it was impossible to create favorites filters in all the Risk Management pages (i.e. Protected Assets table and dashboards)
Case ID: CNAPP-5246
Known limitations: Filters saved prior to this fix may no longer work. Please delete the filter and save it again.
Affected Components: EFFECTIVE RISK MANAGEMENT UI
feature Risk Level Calculation for Environments - 14:00 UTC
Description: Added a new column in the Environments list and a new badge in the single environment view that indicates the level of risk presented by the assets in this environment.
Case ID: CNAPP-2948
Known limitations: N/A
Affected Components: EFFECTIVE RISK MANAGEMENT UI
feature Risk Management Assets Support - 11:30 UTC
Description: Added support for new Azure asset types in Risk Management:
MySQLDBSingleServer
MySQLDBFlexibleServer
PostgreSQL
PostgreSQLFlexibleServer
Case ID: CNAPP-3994
Known limitations: N/A
Affected Components: EFFECTIVE RISK MANAGEMENT
feature Compliance Notifications - SNS Integration- 00:40 UTC
Description: SNS payload improvement.
Case ID: DFT-3049, DFT-3051, CNAPP-4796, CNAPP-5019
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment November 29, 2023
FIXED Unable to update CloudGuard permissions from 4.71.1 to 4.71.2 - 13:00 UTC
Description: Add support for updating unified onboarding resources
Case ID: DFT-3128
Known limitations: N/A
Affected Components: onboarding
feature GCP Cloud NAT - 12:15 UTC
Description: Added new Cloud NAT properties to the GCP “Router” entity: nats[].type, nats[].autoNetworkTier, nats[].endpointTypes, nats[].maxPortsPerVm, nats[].enableDynamicPortAllocation, nats[].tcpTimeWaitTimeoutSec, nats[].rules.
Case ID: DFR-2962
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
IMPROVEMENT Azure Virtual Machine - 11:15 UTC
Description: Added a new property "virtualMachineScaleSetId" to "VirtualMachine" entity.
Case ID: DFT-3099
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
IMPROVEMENT Azure Virtual Machine Scale Set Instance - 11:15 UTC
Description: Added a new property "orchestrationMode" to "VMSSInstance" entity.
Case ID: DFT-3099
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature Azure Power BI Embedded - 11:15 UTC
Description: Added support for Azure Power BI Embedded as a new entity: PowerBIEmbeddedCapacity in Compliance Engine and Protected Assets.
Case ID: CNAPP-4224
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature Azure StreamAnalytics Cluster - 11:15 UTC
Description: Added support for Azure StreamAnalytics Cluster in Compliance Engine and Protected Assets.
Case ID: CNAPP-4222
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature GCP Firebase Realtime Database - 11:15 UTC
Description: Added support for GCP Firebase Realtime Database as a new entity: FirebaseRealtimeDatabase.
Case ID: DFR-2966
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
IMPROVEMENT Compliance Rulesets Update - 09:30 UTC
Description: New AWS rules. A complete list can be found here.
Case ID: CNAPP-5159, DFT-3101, DFT-3022
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS
Deployment November 28, 2023
FIXED UI | No status page indication on login page or in application for CP status and dome9 status when we have an open incident - 14:00 UTC
Description: Add an open incident in status page indication in the UI
Case ID: DFT-3007
Known limitations: N/A
Affected Components: ui
FIXED Dashboard | The graph doesn't show all the lines - 14:30 UTC
Description: Trend graph shows all line correctly
Case ID: DFT-3066
Known limitations: N/A
Affected Components: ui
feature AWS Onboarding - Cloudbots - 7:00 UTC
Description: Simplify Cloudbots onboarding to AWS environments
Case ID: CNAPP-331
Known limitations: N/A
Affected Components: Remediation
feature Azure Onboarding - Cloudbots - 7:00 UTC
Description: Simplify Cloudbots onboarding to Azure environments
Case ID: CNAPP-332
Known limitations: N/A
Affected Components: Remediation
feature Fix-it action to remediate findings immediately from the Events menu - 7:00 UTC
Description: Manually run remediation action for findings from the Events menu to reduce risk and security issues.
Case ID: INT-2345
Known limitations: N/A
Affected Components: Remediation
IMPROVEMENT GCP Machine Image API - 06:00 UTC
Description: Added new endpoint "v2/GcpMachineImage"
to get all GCP Machine Image entities.
Case ID: DFR-3133
Known limitations: N/A
Affected Components: api
Deployment November 27, 2023
FIXED SKU isn't recognized by the system - 11:00 UTC
Description: Added support for SKU CP-CGLG-10TB-MLOG-EVAL
Case ID: DFT-2609
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment November 24, 2023
FIXED AWS Alternate Contact - 07:00 UTC
Description: Delete property ‘NextToken’ from the AWS Dax Cluster.
Case ID: IN-8302
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment November 23, 2023
IMPROVEMENT GSL Builder - 15:00 UTC
Description: “New” labels were removed from the GSL builder’s UI, for 30 days old entities.
Case ID: IN-8201
Known limitations: N/A
Affected Components: ui
feature Azure Chaos Studio - 15:00 UTC
Description: Added support for Azure ChaosStudioExperiment entity in Compliance Engine and Protected Assets
Case ID: CNAPP-4221
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature GCP CloudRun - 15:00 UTC
Description: Added support for GCP CloudRun as 2 new entities: CloudRunService, CloudRunJob.
Case ID: DFR-2961
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature GCP Apigee - 15:00 UTC
Description: Added support for GCP Apigee as a new entity: ApigeeApi.
Case ID: DFR-2974
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature Risk Management - Network Exposure - 14:00 UTC
Description: GCP VM Instance Support for Network Exposure in Protected Assets and Compliance Engine.
Case ID: CNAPP-2749
Known limitations: N/A
Affected Components: Risk Management COMPLIANCE ENGINE PROTECTED ASSETS
FEATURE Risk Management - Data Sensitivity - 14:00 UTC
Description: Risk Management supports Data Sensitivity indication for Azure Storage Account and Cosmos DB Account using Azure Purview data.
Case ID: CNAPP-4947
Known limitations: N/A
Affected Components: DSPM EFFECTIVE RISK MANAGEMENT
improvement Compliance Notification 09:40 UTC
Description: Internal Improvement.
Case ID: CNAPP-4857
Known limitations: N/A
Affected Components: Notification
Deployment November 22, 2023
Feature Workload Protection for Kubernetes: helm 2.24.3 14:30 UTC
Description: support Sonatype Nexus Registry scan, Inventory 1.13.0; Image Assurance 2.25.0; Admission Control: enforcer 2.9.0, policy 1.7.0; Runtime Protection: policy 1.7.0; Flow Logs 0.12.0. A complete list can be found here.
Case ID: CON-7488
Known limitations: N/A
Affected Components: containers
IMPROVEMENT Compliance Rulesets Update - 09:30 UTC
Description: New Ruleset ENS 2022 for AWS; New Ruleset ENS 2022 for Azure; New AWS rules. A complete list can be found here.
Case ID: CNAPP-5029, DFT-3079
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS
FIXED Azure Spring Cloud - 09:15 UTC
Description: Azure Spring Cloud
Case ID: IN-5627
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
IMPROVEMENT AWS Glue Data Catalog Encryption Setting entity moved to Region as enrichment - 09:00 UTC
Description: "GlueDataCatalogEncryptionSetting" entity removed from "Analytics" category and added to "Region" entity as property.
Case ID: DFT-3042
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
Deployment November 19, 2023
FIXED Correct Trend widget with points with same x axis - 17:15 UTC
Description: Fix trend widget in dashboard to order correctly by x axis values
Case ID: CNAPP-3744
Known limitations: N/A
Affected Components: ui
Deployment November 15, 2023
FIXED Dashboard | The graph doesn't show all the lines - 14:30 UTC
Description: The fix is to show a legend for compliance in that way the customer can see what ruleset has data and which line refers to each ruleset.
Case ID: DFT-3066
Known limitations: N/A
Affected Components: ui
IMPROVEMENT Compliance Rulesets Update - 11:00 UTC
Description: New AWS rules. A complete list can be found here.
Case ID: CNAPP-4856, DFT-2866
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS
IMPROVEMENT AWS AWS ConfigRule - 09:00 UTC
Description: Added a new property ‘tags’ to the AWS ConfigRule entity.
Case ID: IN-8397
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
FIXED AWS Dax Cluster - 09:00 UTC
Description: Delete property ‘NextToken’ from the AWS Dax Cluster.
Case ID: IN-8302
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
IMPROVEMENT AWS Dax Parameter Group - 09:00 UTC
Description: Added a new property ‘parameters’ to the AWS Dax Parameter Group entity.
Case ID: IN-8353
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
feature GCP Cloud VPN - 9:00 UTC
Description: Added support for GCPCloud VPN as 4 new entities in Compliance Engine and Protected Assets:
CloudVpnGateway
CloudVpnTunnel
ExternalVpnGateway
TargetVpnGateway
Case ID: DFR-2960
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature GCP Security Command Center - 9:00 UTC
Description: Added support for GCP Security Command Center as a new entity: SecurityCenterFinding in Compliance Engine and Protected Assets.
Case ID: DFR-2970
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
Deployment November 14, 2023
FIXED UI Dashboard | aggregate data is missing in the filter when going to the events view - 12:30 UTC
Description: Fixed bug in the filter when going to events page when having free text
Case ID: DFT-3065
Known limitations: N/A
Affected Components: ui
FIXED UI Dashboard | Slowness on the dashboard - 12:30 UTC
Description: Fixed bug in the dashboard when calling BE API
Case ID: DFT-3085
Known limitations: N/A
Affected Components: ui
FIXED UI | Security group page - broken link (security group name) - 11:30 UTC
Description: Fixed bug in the security group link
Case ID: DFT-2793
Known limitations: N/A
Affected Components: ui
FIXED UI | Environment permissions: "Update" button blocked by collapsible element being always expanded - 11:30 UTC
Description: Fixed bug in update permissions such that element can be collapsed (and is so by default), “UPDATE” button is accessible
Case ID: DFT-2793
Known limitations: N/A
Affected Components: ui
Deployment November 13, 2023
FIXED Azure Onboarding | getting internal error - 13:30 UTC
Description: Fixed bug in Azure onbaording
Case ID: DFT-3077
Known limitations: N/A
Affected Components: onboarding
Deployment November 12, 2023
IMPROVEMENT Azure Virtual Network Gateway - 10:30 UTC
Description: Added new property support for the Azure VirtualNetworkGateway entity: ‘ipConfigurations[].publicIP’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine
IMPROVEMENT Azure Bastion - 10:30 UTC
Description: Added new property support for the Azure Bastion entity: ‘ipConfigurations[].publicIP’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine
IMPROVEMENT Azure Firewall - 10:30 UTC
Description: Added new property support for the Azure Firewall entity: ‘ipConfigurations[].publicIP’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine
IMPROVEMENT Azure Load Balancer - 10:30 UTC
Description: Added new property support for the Azure LoadBalancer entity: ‘frontendIPConfigurations’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine
IMPROVEMENT Azure Application Gateway - 10:30 UTC
Description: Added new property support for the Azure ApplicationGateway entity: ‘frontendIPConfigurations’.
Case ID: DFR-2750
Known limitations: N/A
Affected Components: COMPLIANCE engine
IMPROVEMENT AWS FinSpace Environment - 10:30 UTC
Description: Added a new property ‘kms’ to the AWS FinSpaceEnvironment entity.
Case ID: IN-8391
Known limitations: N/A
Affected Components: COMPLIANCE engine
IMPROVEMENT AWS Comprehend Flywheel - 09:00 UTC
Description: Added a new property ‘kms’ to the AWS Comprehend Flywheel entity.
Case ID: IN-8385
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
IMPROVEMENT AWS Cloud Search Domain - 09:00 UTC
Description: Added a new property ‘options’ to the AWS CloudSearchDomain entity.
Case ID: IN-8369
Known limitations: N/A
Affected Components: FETCHERS
FIXED Aws AWS SNS Topic - 10:30 UTC
Description: Fixed bug in 'subscriptions' property in AWS SNS Topic, which caused multiple updates.
Case ID: IN-684
Known limitations: N/A
Affected Components: FETCHERS
FIXED Credentials -- Blank page for Infinity Portal user - 17:30 UTC
Description: Remove the Credentials tab if the logged in user is an Infinity Portal user
Case ID: DFT-2504
Known limitations: N/A
Affected Components: ui
FIXED UI | Mobile devices -- Can not generate token as Infinity Portal user - 17:30 UTC
Description: Remove the Mobile Devices tab if the logged in user is an Infinity Portal user
Case ID: DFT-2506
Known limitations: N/A
Affected Components: ui
Deployment November 9, 2023
IMPROVEMENT Azure Purview Missing Permissions - 13:00 UTC
Description: Added missing permissions indication for Azure Purview data fetching.
Case ID: CNAPP-3127
Known limitations: N/A
Affected Components: DSPM
IMPROVEMENT Compliance Assessment - 01:30 UTC
Description: New Ruleset Add System Audit Logs for Assessment Run Failures.
Case ID: DFT-3025, CNAPP-4337
Known limitations: N/A
Affected Components: COMPLIANCE engine
Deployment November 8, 2023
IMPROVEMENT Compliance Rulesets Update - 13:00 UTC
Description: New Ruleset Kubernetes CIS Benchmark v1.8.0; New AWS rules. A complete list can be found here.
Case ID: CNAPP-4368, DFT-2917
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS
FIXED UI text fix needed for Azure Secret ID - 10:40 UTC
Description: Rename application key to Secret ID to be the same as in Azure portal
Case ID: DFT-2522
Known limitations: N/A
Affected Components: ui
feature AWS Config Rule - 10:30 UTC
Description: Added support for AWS Config Rule in Compliance Engine and Protected Assets.
Case ID: DFR-2895
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Comprehend - 10:30 UTC
Description: Added support for 2 new entities:
AWS Comprehend Flywheel
AWS Comprehend Endpoint
The entities are supported in Compliance Engine and Protected Assets.
Case ID: CNAPP-3514
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS ComputeOptimizer RecommendationSummary - 10:30 UTC
Description: Added support for AWS ComputeOptimizer RecommendationSummary in Compliance Engine and Protected Assets.
Case ID: CNAPP-2151
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS LakeFormation DataLake Settings - 10:30 UTC
Description: Added support for AWS LakeFormation DataLake Settings in Compliance Engine and Protected Assets.
Case ID: CNAPP-3500
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS FinSpace Environment - 10:30 UTC
Description: Added support for AWS Finspace Environment in Compliance Engine and Protected Assets.
Case ID: CNAPP-3499
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Verified Permissions - 10:30 UTC
Description: Added support for AWS VerifiedPermissionsPolicyStore entity in Compliance Engine and Protected Assets.
Case ID: CNAPP-3515
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
feature AWS Forecast - 10:30 UTC
Description: Added support for 6 new entities:
AWS Forecast Dataset
AWS Forecast Dataset Group
AWS Forecast
AWS Forecast Monitor
AWS Forecast Explainability
AWS Forecast Predictor
The entities are supported in Compliance Engine and Protected Assets.
Case ID: CNAPP-1447
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
FIXED Aws AppRunner - 10:30 UTC
Description: 2 redundant properties were removed from the “AppRunnerAutoScalingConf” entity: configurationDescription.autoScalingConfigurationName & configurationDescription.autoScalingConfigurationRevision.
Case ID: IN-8371
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS
feature GCP Machine Image - 10:30 UTC
Description: Added support for GCP Machine Image in Compliance Engine and Protected Assets.
Case ID: CNAPP-4735
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS
IMPROVEMENT GCP Virtual Machine Instance - 10:30 UTC
Description: Added a new property to the “VMInstance” entity: sourceMachineImage.
Case ID: CNAPP-4737
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
FIXED AWS ElastiCache - 10:30 UTC
Description: AwsElasticCache Fetcher now supports China region
Case ID: IN-1907
Known limitations: N/A
Affected Components: Fetchers
FIXED Azure Virtual Machine - 08:00 UTC
Description: Fixed the type of "publicIpAllocationMethod" from int to string. This issue caused failures in GSL queries.
Case ID: DFT-848
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE api PROTECTED ASSETS
Deployment November 7, 2023
FIXED Entity Viewer | CIEM permission boundary is missing in the entity viewer (inconsistent bug) - 12:40 UTC
Description: Adding CIEM permission boundary to the entity viewer
Case ID: DFT-2911
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
Deployment November 6, 2023
FIXED New Infinity Portal tenants comes with old IaC GSL enabled - 15:40 UTC
Description: Fix the case where a new tenant, even without onboarding anything, the old GLS options get shown.
Case ID: DFT-2397
Known limitations: N/A
Affected Components: ui
FIXED New http://gsl.dome9.com doesn't render backslashes in GSL correctly - 16:40 UTC
Description: Fix display of backslash in GSL site
Case ID: DFT-2654
Known limitations: N/A
Affected Components: ui
FIXED New http://gsl.dome9.com doesn't render * in GSL logic block correctly - 16:40 UTC
Description: Fix display of * in GSL site
Case ID: DFT-3001
Known limitations: N/A
Affected Components: ui
Deployment November 5, 2023
FIXED New Dashboard - Change Severity order within widgets - 13:30 UTC
Description: Change order to be by severity
Case ID: DFT-2999
Known limitations: N/A
Affected Components: ui
Deployment November 2, 2023
IMPROVEMENT Effective Risk Management Business Priority can be set at the OU level - 11:00 UTC
Description: You can now assign Business Priority at the Organizational Unit level (previously highest level was Environment).
Case ID: CNAPP-175
Known limitations: N/A
Affected Components: Effective risk management UI
FIXED Risk Management - 09:30 UTC
Description: Fixed an issue with Kubernetes workloads CVEs / Threats / Secrets counters.
Case ID: CNAPP-4371
Known limitations: N/A
Affected Components: EFFECTIVE RISK MANAGEMENT
Deployment November 1, 2023
fixed Protected assets/ Favorites on right no longer works - 13:30 UTC
Description: : Fixed a bug where Favorite didn’t work in Protected assets
Case ID: DFT-2884
Known limitations: N/A
Affected Components: ui
fixed AWS SES - 12:30 UTC
Description: : Fixed a bug IN AWS SES that caused assessments failures
Case ID: DFT-3018
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE
IMPROVEMENT Compliance Rulesets Update - 11:00 UTC
Description: New Ruleset APRA CPS 234 for GCP; New Ruleset APRA CPS 234 for Azure; New Ruleset MPLS 2.0 for Azure;New AWS rules. A complete list can be found here.
Case ID: CNAPP-4258, DFR-2891, , DFR-2941, DFT-2887
Known limitations: N/A
Affected Components: COMPLIANCE RULESETS
feature AWS CloudHSM - 8:30 UTC
Description: Added support for AWS CloudHSMCluster and CloudHSMBackup entities in Compliance Engine and Protected Assets
Case ID: CNAPP-3503
Known limitations: N/A
Affected Components: COMPLIANCE ENGINE FETCHERS PROTECTED ASSETS