24.3.26 Release Notes

InsightCloudSec Software Release Notice - 24.3.26 Release

Release Highlights (24.3.26)

InsightCloudSec is pleased to announce Release 24.3.26. This release includes vulnerability assessments for Windows hosts, new AWS Network Firewall resources, and a new compliance pack. In addition, 24.3.26 includes two updated Insights, four new Insights, one new Query Filter, seven bug fixes, and several vulnerability fixes.

Self-Hosted Deployment Updates (24.3.26)

Release availability for self-hosted customers is Thursday, March 28, 2024. If you’re interested in learning more about becoming a hosted customer, reach out through our Customer Support Portal. Our latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update command. The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):

latest
24.3.26
24.3.26.c7bae0d5f

ECR Build ID: c7bae0d5faedcc937086bce092139c1ff856bd5a

Features & Enhancements (24.3.26)

Enabled vulnerability assessments for hosts using a Windows Operating System (OS). Windows OS is supported across AWS, Azure, and GCP for any customer that has host vulnerability assessment enabled in their environment.
Added the "Type" and "Technology" columns to the Software tab of the Vulnerabilities feature. The "Type" column is used to differentiate between Operating System (OS) , Language, and software packages. The "Technology" column provides additional metadata to help identify the package source. [ENG-36065]
Added new 'insight_ids' column to Insight Overview pages. [ENG-34183]

Resources (24.3.26)

AWS

Added support for harvesting AWS Network Firewall Rules and Network Firewall Rule Groups (stored as Resource Types Network Firewall Rule and Network Firewall Rule Lists, respectively, both in the Network category). [ENG-35362]
AWS Serverless Functions and Layers will now display their relationship if they are associated with one another. [ENG-33577]

AZURE

Added the "Resource Locks" tab to the Resource Details pane for Azure resources. [ENG-33370]

Compliance Packs & Insights (24.3.26)

Added a new compliance pack, PCI DSS v4.0, to accommodate the latest Payment Card Industry (PCI) Data Security Standard (DSS) version. [ENG-34183]

MULTI-CLOUD/GENERAL

Cloud Account Password Policy Age too Long - Updated Insight’s remediation steps and reference links. [ENG-36008]
Cloud Account Password Policy does not Enforce Maximum Login Attempts (CIS) - Insight renamed from Cloud Account Password Policy does not Enforce Maximum Login Attempts; formatting of this Insight has been updated and the correct operator is now provided to the Query Filter it uses. [ENG-36131]
Cloud Account Password Policy does not Enforce Maximum Login Attempts (PCI) - New Insight identifies cloud accounts that do not enforce a maximum of ten incorrect logon attempts before blocking the account. [ENG-36131]
Cloud Account Password Policy does not Prevent Password Reuse (PCI) - New Insight identifies cloud accounts with a password policy that does not properly enforce PCI password reuse protection. [ENG-36008]
Cloud Account Password Policy Does Not Require Letters and Numbers - New Insight identifies Cloud Accounts that do not require both letters and numbers. [ENG-36008]
Cloud Account Password Policy Length too Short (PCI) - New Insight identifies cloud accounts where the defined minimum password length is less than 12 characters. [ENG-36008

Query Filters (24.3.26)

MULTI-CLOUD/GENERAL

Cloud Account Password Policy Does Not Require Letters and Numbers - New Query Filter identifies cloud accounts which do not require letters and numbers in its password policy. [ENG-36008]

Bug Fixes (24.3.26)

Resolved package security vulnerabilities in accordance with our vulnerability resolution policy. [ENG-34943, ENG-34927]
Fixed a bug where CVA didn't retry image downloads for images at certain hostnames and for certain images hosted in one cloud account and used in another. [ENG-36149]
Fixed an issue with Harvesting 'max_login_attempts' within the Alibaba CloudLI PasswordPolicyHarvester. [ENG-36131]
Added missing permissions to the onboarding script:"route53:ListQueryLoggingConfigs" and "elasticmapreduce:GetBlockPublicAccessConfiguration". Rescans will now show missing permissions for a cloud.. [ENG-35585]
Fixed a problem with scaling down AWS Autoscaling Group via BotAction. [ENG-35017]
Added missing 'description' field to the Cloud Account without Macie Enabled (AWS) and Message Broker Publicly Accessible with Attached Exposed Security Group (AWS) Insights. [ENG-34183]
Fixed a bug in the Resource In/Not In Cloud Account Query Filter that could lead to false negatives when filtering on multiple account IDs or account display names. [ENG-31550]

Required Policies & Permissions (24.3.26)

Required Policies & Permissions

Policies required for individual CSPs are as follows:

Alibaba Cloud

Read Only Policy

AWS

Commercial
- Read Only Policy
- Power User Policy
GovCloud
- Read Only Policy
- Power User Policy
China
- Read Only Policy

Azure

Commercial
GovCloud
- Custom Reader User Role
- Power User Role

GCP

For GCP, since permissions are tied to APIs, there is no policy file to maintain. Refer to our list of Recommended APIs, which is maintained as part of our GCP coverage.

Oracle Cloud Infrastructure

Host Vulnerability Management

AWS Host VM User Policy

For any questions or concerns, reach out to us through your CSM or the Customer Support Portal.

Release Notes

Insight Product Release Notes

More Release Notes