Skip to Content
Release NotesInsightcloudsec24.2.13 Release Notes

Feb 13, 2024

InsightCloudSec is pleased to announce Release 24.2.13

InsightCloudSec Software Release Notice - 24.2.13 Release

Release Highlights (24.2.13)

InsightCloudSec is pleased to announce Release 24.2.13. This release includes UI enhancements, Source Document support for Azure’s Data Lake Storage Gen 1, expanded support for Azure’s Container Registry resource, one new Insight, five updated Query Filters, one new Query Filter, and six bug fixes.

Self-Hosted Deployment Updates (24.2.13)

Release availability for self-hosted customers is Thursday, February 15, 2024. If you’re interested in learning more about becoming a hosted customer, reach out through our Customer Support Portal. Our latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update command. The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):

  1. latest
  2. 24.2.13
  3. 24.2.13.1234ffd95

ECR Build ID: 1234ffd956536d5a227d24abf11f8f7cc380958c

UI Enhancements (24.2.13)

  • Added a Hookpoints column to the Bot event history. [ENG-32547]

  • Added a column in the Exemption Rules view to display the expiration date. When a rule has expired, its font now changes to a red color. [ENG-32340]

Resources (24.2.13)

Azure

  • Added Azure Source Document support for the Data Lake Storage Gen 1 resource. [ENG-19114]

  • Expanded the Container Registry model to include the anonymous_pull_enabled field. Also added a new Insight and a new Query Filter, each named Container Registry With Anonymous Pull Enabled. [ENG-31593]

Insights (24.2.13)

Azure

  • Container Registry With Anonymous Pull Enabled - New Insight identifies Container Registries with anonymous pull enabled. [ENG-31593]

Query Filters (24.2.13)

Azure

  • Container Registry With Anonymous Pull Enabled - New Query Filter identifies Container Registries with anonymous pull enabled [ENG-31593]

  • Load Balancer Type - Updated Query Filter includes support for Azure. [ENG-34763]

MULTI-CLOUD/GENERAL

  • Added the IPv6 address range fc00::/7 to the list of private address ranges used for the following Query Filters:

    • Resource With Public IP Access List Rule

    • Network Resource With Public Address Space

    • Access List Contains Public IPs

    • Access List Contains Public Addresses Outside Of Known IPs [ENG-34261]

Bug Fixes (24.2.13)

  • Fixed tag association for Container Service resources. [ENG-34687]

  • Fixed an issue where Google Managed service accounts were returned by the following Insights: Cloud Role Associated with Unknown Project, Resource with Cross Account Access to Unknown Account, and Cloud Role Trusting Unknown/Third Party Account. [ENG-34011]

  • Fixed a bug with the Override Enabled functionality in the Query Filter Web Application Firewall Contains Managed Rule Names. [ENG-33307]

  • Fixed an issue with BotFactory API endpoints: Enable Bot, Pause Bot, Archive Bot, and Run Bot On-Demand endpoints now respect requests without a body. [ENG-32554]

  • Fixed an issue where the Query Filters Snapshot With Active Share (AWS) and Resource Not In Cloud With Badge Key/Value errored out. [ENG-31728]

  • Fixed issue with attempting to harvest all CodeBuild Project resources when there are more than 100 of them. [ENG-28544]

Required Policies & Permissions (24.2.13)

Required Policies & Permissions

Policies required for individual CSPs are as follows:

Alibaba Cloud

AWS

Azure

GCP

Oracle Cloud Infrastructure

Host Vulnerability Management

For any questions or concerns, reach out to us through your CSM or the Customer Support Portal.