24.3.12 Release Notes
InsightCloudSec Software Release Notice - 24.3.12 Release
Release Highlights (24.3.12)
InsightCloudSec is pleased to announce Release 24.3.12. This release includes Azure Container Vulnerability Assessment support, enhanced reporting for AWS Web Application Firewall Rules and Rule Groups, improved Attack Path grouping navigation, and several user experience improvements.
In addition, 24.3.12 includes one updated Insight, one new Insight, one updated Query Filter, five new Query Filters, four bug fixes, and multiple vulnerability fixes.
- Contact us through the unified Customer Support Portal with any questions.
Self-Hosted Deployment Updates (24.3.12)
Release availability for self-hosted customers is Thursday, March 14, 2024. If you’re interested in learning more about becoming a hosted customer, reach out through our Customer Support Portal. Our latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update
command. The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):
latest
24.3.12
24.3.12.028248ac5
ECR Build ID: 028248ac573f3937d203cb13718adef0f0609ca3
Features & Enhancements (24.3.12)
Added the ability for users to navigate between instances of an Attack Path from the graph view, allowing them to swap between attack paths without leaving the group context. [ENG-30493]
Enabled Container Vulnerability Assessment for Azure-based containers and images. [ENG-35437, ENG-35055]
Enabled sorting for the Status, Region, and Resource Type columns in the EDH Producers table. [ENG-33729]
Added text to clarify that Attack Path remediation details are available upon drop-down expansion. [ENG-34559]
Resources (24.3.12)
AWS
- We have enabled Web Application Firewall Rules and Web Application Firewall Rule Groups in the UI. AWS Classic Web Application Firewall (WAF) Rules and Rule Groups can be viewed under these new resource types in the Network category of the Resource Inventory. No additional permissions are required at this time. We have also updated columns in the WAF Resources table to more accurately the relationship between WAFs, Rules, and Rule Groups. [ENG-35854]
Insights (24.3.12)
GCP
Database Instance Flag 'user options' Enabled
- Updated Insight includes new Query FilterDatabase Instance with/without Required Flag and Integer Value
. [ENG-34542]Load Balancer With Insecure Ciphers (GCP)
- New Insight matches load balancers that have insecure ciphers associated with the security policy. [ENG-32664]
Query Filters (24.3.12)
AWS
API Accounting With/Without Data Events
- New Query Filter identifies API accounting configurations which don't include data events. [ENG-32008]API Accounting With/Without S3 Data Events
- New Query Filter identifies API accounting configurations which don't include S3 data events. [ENG-32008]
GCP
Database Instance with/without Required Flag and Integer Value
- New Query Filter matches database instances with or without the specified flag in place configured with the appropriate integer value, and allows for the use of mathematical operators on these flag values. [ENG-34542]Load Balancer SSL Protocol Version (GCP)
- New Query Filter matches load balancers (GCP) based on the SSL protocol version(s) that they support. [ENG-32622]Load Balancer With Insecure Ciphers (GCP)
- New Query Filter matches load balancers that have insecure ciphers associated with the security policy. [ENG-32664]
MULTI-CLOUD/GENERAL
Parent Resource Not in Resource Group
- Updated Query Filter now supports Container Deployment. [ENG-35122]
Bug Fixes (24.3.12)
Fixed a bug where Account ID and Cloud Provider columns were not present in the Tag Explorer export. [ENG-35538]
Fixed bug for GCP Cloud SQL instances (of type Postgres and MySQL) incorrectly showing in the Query Filter
Database Instance Without SSL Enforced
. [ENG-35459]Fixed a bug where third-party Managed Rule Groups were causing an AccessDenied issue with AWS. [ENG-35042]
Fixed a bug with the default subnet on GCP Attack Paths. [ENG-33823]
Resolved package security vulnerabilities in accordance with our vulnerability resolution policy. [ENG-35550, ENG-35455, ENG-35454, ENG-35453, ENG-34459, ENG-34318, ENG-33950, ENG-33192]
Required Policies & Permissions (24.3.12)
Required Policies & Permissions
Policies required for individual CSPs are as follows:
Alibaba Cloud
AWS
- Commercial
- Read Only Policy
- Power User Policy
- GovCloud
- Read Only Policy
- Power User Policy
- China
Azure
- Commercial
- GovCloud
GCP
- For GCP, since permissions are tied to APIs, there is no policy file to maintain. Refer to our list of Recommended APIs, which is maintained as part of our GCP coverage.
Oracle Cloud Infrastructure
Host Vulnerability Management
For any questions or concerns, reach out to us through your CSM or the Customer Support Portal.