InsightCloudSec Release Notes / Apr 09, 2024

Apr 09, 202424.4.9

Release Summary

InsightCloudSec is pleased to announce Release 24.4.9. This release includes GCP host vulnerability assessment updates, a new Attack Path Analysis filter, and Kubernetes Cluster scanning changes.

Details for self-hosted customers
  • Release Availability - Thursday, Apr 11, 2024
  • The latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update command.
  • Amazon Elastic Container Repository (ECR) Image Tags - The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):
  • latest
  • 24.4.9
  • 24.4.9.32cf24937
  • ECR Build ID - 32cf249375b2625917bdc83db5e498aa847252ad

New

  • GCP host assessment snapshots and scans now occur inside GCP, reducing snapshot and data transfer costs for the user. For details, review the GCP HVA documentation.

  • A new advanced filter "Attack Paths with Vuln Resources containing CVE" has been added to Attack Path Analysis.

Improved

Kubernetes Clusters Now Scanned by Default

Beginning with InsightCloudSec version 24.4.9, Kubernetes clusters will be scanned by default after being harvested. Previously, the default behavior was to harvest them and place them in a Paused state. Kubernetes Clusters that are already paused will need to be paused again manually.

  • Enrichment API requests will now return data for all valid resources passed to it, even if invalid resources are also present.

  • Added tags to Insights contained in these compliance packs: AWS Privilege Escalation Attacks , AWS Foundational Security Best Practices, and CIS - AWS 2.0.0. This update allows users to filter the Insight library to show only the Insights from these packs by applying the pack label in the scope option. The labels added are AWS Privilege Escalation Attacks and AWS Foundational Security Best Practices. They can be found under Labels in the scopes button in the Insight library.

  • AWS Load Balancers will now set waf_enabled to true if there is an associated Web Application Firewall.

Fixed

  • Fixed an issue causing Host Vulnerability Assessments to snapshot when a re-assessment was possible.

  • Fixed missing tags filtering for Kubernetes resources.

  • Attack Paths have been updated to highlight attack paths that can be exploited. Attack paths that cannot be exploited due to a stopped instance on the path are no longer displayed.

  • Fixed an issue preventing the harvest of some OCI Autonomous Database workload types.

  • The “Cleanup Resource Access Policy” Bot Action will now update an AWS SNS Topic Access Policy with a default policy if removing public permissions would cause the Access Policy to be empty.

  • Changed instance agent type Filter to properly filter by Instance agent type.