24.3.26 Release Notes
InsightCloudSec Software Release Notice - 24.3.26 Release
Release Highlights (24.3.26)
InsightCloudSec is pleased to announce Release 24.3.26. This release includes vulnerability assessments for Windows hosts, new AWS Network Firewall resources, and a new compliance pack. In addition, 24.3.26 includes two updated Insights, four new Insights, one new Query Filter, seven bug fixes, and several vulnerability fixes.
- Contact us through the unified Customer Support Portal with any questions.
Self-Hosted Deployment Updates (24.3.26)
Release availability for self-hosted customers is Thursday, March 28, 2024. If you’re interested in learning more about becoming a hosted customer, reach out through our Customer Support Portal. Our latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update
command. The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):
latest
24.3.26
24.3.26.c7bae0d5f
ECR Build ID: c7bae0d5faedcc937086bce092139c1ff856bd5a
Features & Enhancements (24.3.26)
Enabled vulnerability assessments for hosts using a Windows Operating System (OS). Windows OS is supported across AWS, Azure, and GCP for any customer that has host vulnerability assessment enabled in their environment.
Added the "Type" and "Technology" columns to the Software tab of the Vulnerabilities feature. The "Type" column is used to differentiate between Operating System (OS) , Language, and software packages. The "Technology" column provides additional metadata to help identify the package source. [ENG-36065]
Added new 'insight_ids' column to Insight Overview pages. [ENG-34183]
Resources (24.3.26)
AWS
Added support for harvesting AWS Network Firewall Rules and Network Firewall Rule Groups (stored as Resource Types Network Firewall Rule and Network Firewall Rule Lists, respectively, both in the Network category). [ENG-35362]
AWS Serverless Functions and Layers will now display their relationship if they are associated with one another. [ENG-33577]
AZURE
- Added the "Resource Locks" tab to the Resource Details pane for Azure resources. [ENG-33370]
Compliance Packs & Insights (24.3.26)
- Added a new compliance pack,
PCI DSS v4.0
, to accommodate the latest Payment Card Industry (PCI) Data Security Standard (DSS) version. [ENG-34183]
MULTI-CLOUD/GENERAL
Cloud Account Password Policy Age too Long
- Updated Insight’s remediation steps and reference links. [ENG-36008]Cloud Account Password Policy does not Enforce Maximum Login Attempts (CIS)
- Insight renamed fromCloud Account Password Policy does not Enforce Maximum Login Attempts
; formatting of this Insight has been updated and the correct operator is now provided to the Query Filter it uses. [ENG-36131]Cloud Account Password Policy does not Enforce Maximum Login Attempts (PCI)
- New Insight identifies cloud accounts that do not enforce a maximum of ten incorrect logon attempts before blocking the account. [ENG-36131]Cloud Account Password Policy does not Prevent Password Reuse (PCI)
- New Insight identifies cloud accounts with a password policy that does not properly enforce PCI password reuse protection. [ENG-36008]Cloud Account Password Policy Does Not Require Letters and Numbers
- New Insight identifies Cloud Accounts that do not require both letters and numbers. [ENG-36008]Cloud Account Password Policy Length too Short (PCI)
- New Insight identifies cloud accounts where the defined minimum password length is less than 12 characters. [ENG-36008
Query Filters (24.3.26)
MULTI-CLOUD/GENERAL
Cloud Account Password Policy Does Not Require Letters and Numbers
- New Query Filter identifies cloud accounts which do not require letters and numbers in its password policy. [ENG-36008]
Bug Fixes (24.3.26)
Resolved package security vulnerabilities in accordance with our vulnerability resolution policy. [ENG-34943, ENG-34927]
Fixed a bug where CVA didn't retry image downloads for images at certain hostnames and for certain images hosted in one cloud account and used in another. [ENG-36149]
Fixed an issue with Harvesting 'max_login_attempts' within the Alibaba CloudLI PasswordPolicyHarvester. [ENG-36131]
Added missing permissions to the onboarding script:"route53:ListQueryLoggingConfigs" and "elasticmapreduce:GetBlockPublicAccessConfiguration". Rescans will now show missing permissions for a cloud.. [ENG-35585]
Fixed a problem with scaling down AWS Autoscaling Group via BotAction. [ENG-35017]
Added missing 'description' field to the
Cloud Account without Macie Enabled (AWS)
andMessage Broker Publicly Accessible with Attached Exposed Security Group (AWS)
Insights. [ENG-34183]Fixed a bug in the
Resource In/Not In Cloud Account
Query Filter that could lead to false negatives when filtering on multiple account IDs or account display names. [ENG-31550]
Required Policies & Permissions (24.3.26)
Required Policies & Permissions
Policies required for individual CSPs are as follows:
Alibaba Cloud
AWS
- Commercial
- Read Only Policy
- Power User Policy
- GovCloud
- Read Only Policy
- Power User Policy
- China
Azure
- Commercial
- GovCloud
GCP
- For GCP, since permissions are tied to APIs, there is no policy file to maintain. Refer to our list of Recommended APIs, which is maintained as part of our GCP coverage.
Oracle Cloud Infrastructure
Host Vulnerability Management
For any questions or concerns, reach out to us through your CSM or the Customer Support Portal.