24.2.27 Release Notes

InsightCloudSec Software Release Notice - 24.2.27 Release

Release Highlights (24.2.27)

InsightCloudSec is pleased to announce Release 24.2.27. This release includes the overhauled Container Vulnerability Assessments feature and user experience improvements to Host Vulnerability Assessments, Attack Paths, and Query Filters that support Data Collections. In addition, 24.2.27 includes one new Insight, six updated Query Filters, two new Query Filters, and three bug fixes.

• Contact us through the unified Customer Support Portal with any questions.

Features & Enhancements (24.2.27)

• Released the overhauled Container Vulnerability Assessments feature, which includes performance optimizations, risk prioritization capabilities, enhanced visibility, simplified remediation, and an improved filtering and sorting experience. The Vulnerabilities page is now a unified dashboard containing both host and container vulnerability assessments, which will enable you to quickly and efficiently prioritize and respond to CVEs found in your cloud environments. For details on support and configuration, review the documentation. [ENG-35099]

• Host Vulnerability Assessments that have been in progress two or more days will now automatically fail. [ENG-35390]

• Added the ability to filter by resource type and account badge on the Attack Paths page. [ENG-35018, ENG-34311]

• When configuring a Query Filter on the Resource page, there is now an option to view the contents of the selected Data Collection in a new tab. [ENG-32914]

Resources (24.2.27)

AWS

• InsightCloudSec now harvests CORS details from AWS S3 buckets. Added new Query Filter Storage Container With/Without CORS to identify Storage Containers that have CORS configurations. [ENG-33013]

• Added the following relations to the Related Resources feature under the resources detailed view:

  • AWS Glue Crawler and AWS Glue Connection [ENG-34842]

  • AWS Glue Job and AWS Glue Security Config [ENG-33246]

  • AWS Glue Crawler and AWS Glue Security Configuration [ENG-33245]

  • AWS Glue Connection and VPC Subnet [ENG-34841]

• Enabled Event-Driven Harvesting (EDH) for AWS Glue Job resource. [ENG-34603]

Insights (24.2.27)

MULTI-CLOUD/GENERAL

• Vertex Custom Job Encrypted Using Cloud Managed Key Instead Of Customer Managed Key - New Insight identifies Vertex jobs that are configured to use cloud managed keys for encryption. [ENG-35209]

Query Filters (24.2.27)

AWS

• Resource Specific Policy Conditions by PrincipalOrgID (AWS) - New Query Filter identifies any Resource that has a value within the conditions section of its policy. Alternatively you can return every resource with a value excluding the one stated. [ENG-35213]

• Storage Container With/Without CORS - New Query Filter identifies Storage Containers that have CORS configurations. [ENG-33013]

MULTI-CLOUD/GENERAL

• Added Vertex Job support to the following Query Filters:
  • Resource Encrypted With Key
  • Resource Encrypted With Cloud Managed Key
  • Resource Encrypted With Customer Managed Key
  • Resource Not Encrypted Or Encrypted With Cloud Managed Key
  • Resource Using Encryption Key Without Rotation Enabled
  • Resource Encryption Key Name Regular Expression (Regex) [ENG-35209]

Bug Fixes (24.2.27)

• Corrected the displayed CVSS vector in the Vulnerabilities table. [ENG- 35472]

• Fixed a bug where applying Query Filter Resources containing Package Version contains "amd64" returns duplicate entries in Layered Context. [ENG-35130]

• Fixed an issue involving display of legacy clouds and removed unsupported clouds from System Admin/Harvesting Strategy. [ENG-35053]

Required Policies & Permissions (24.2.27)