24.3.12 Release Notes

InsightCloudSec Software Release Notice - 24.3.12 Release

Release Highlights (24.3.12)

InsightCloudSec is pleased to announce Release 24.3.12. This release includes Azure Container Vulnerability Assessment support, enhanced reporting for AWS Web Application Firewall Rules and Rule Groups, improved Attack Path grouping navigation, and several user experience improvements.

In addition, 24.3.12 includes one updated Insight, one new Insight, one updated Query Filter, five new Query Filters, four bug fixes, and multiple vulnerability fixes.

• Contact us through the unified Customer Support Portal with any questions.

Features & Enhancements (24.3.12)

• Added the ability for users to navigate between instances of an Attack Path from the graph view, allowing them to swap between attack paths without leaving the group context. [ENG-30493]

• Enabled Container Vulnerability Assessment for Azure-based containers and images. [ENG-35437, ENG-35055]

• Enabled sorting for the Status, Region, and Resource Type columns in the EDH Producers table. [ENG-33729]

• Added text to clarify that Attack Path remediation details are available upon drop-down expansion. [ENG-34559]

Resources (24.3.12)

AWS

• We have enabled Web Application Firewall Rules and Web Application Firewall Rule Groups in the UI. AWS Classic Web Application Firewall (WAF) Rules and Rule Groups can be viewed under these new resource types in the Network category of the Resource Inventory. No additional permissions are required at this time. We have also updated columns in the WAF Resources table to more accurately the relationship between WAFs, Rules, and Rule Groups. [ENG-35854]

Insights (24.3.12)

GCP

• Database Instance Flag 'user options' Enabled - Updated Insight includes new Query Filter Database Instance with/without Required Flag and Integer Value. [ENG-34542]

• Load Balancer With Insecure Ciphers (GCP) - New Insight matches load balancers that have insecure ciphers associated with the security policy. [ENG-32664]

Query Filters (24.3.12)

AWS

• API Accounting With/Without Data Events - New Query Filter identifies API accounting configurations which don't include data events. [ENG-32008]

• API Accounting With/Without S3 Data Events - New Query Filter identifies API accounting configurations which don't include S3 data events. [ENG-32008]

GCP

• Database Instance with/without Required Flag and Integer Value - New Query Filter matches database instances with or without the specified flag in place configured with the appropriate integer value, and allows for the use of mathematical operators on these flag values. [ENG-34542]

• Load Balancer SSL Protocol Version (GCP) - New Query Filter matches load balancers (GCP) based on the SSL protocol version(s) that they support. [ENG-32622]

• Load Balancer With Insecure Ciphers (GCP) - New Query Filter matches load balancers that have insecure ciphers associated with the security policy. [ENG-32664]

MULTI-CLOUD/GENERAL

• Parent Resource Not in Resource Group - Updated Query Filter now supports Container Deployment. [ENG-35122]

Bug Fixes (24.3.12)

• Fixed a bug where Account ID and Cloud Provider columns were not present in the Tag Explorer export. [ENG-35538]

• Fixed bug for GCP Cloud SQL instances (of type Postgres and MySQL) incorrectly showing in the Query Filter Database Instance Without SSL Enforced. [ENG-35459]

• Fixed a bug where third-party Managed Rule Groups were causing an AccessDenied issue with AWS. [ENG-35042]

• Fixed a bug with the default subnet on GCP Attack Paths. [ENG-33823]

• Resolved package security vulnerabilities in accordance with our vulnerability resolution policy. [ENG-35550, ENG-35455, ENG-35454, ENG-35453, ENG-34459, ENG-34318, ENG-33950, ENG-33192]

Required Policies & Permissions (24.3.12)