Release Summary
InsightCloudSec is pleased to announce Release 24.4.9. This release includes GCP host vulnerability assessment updates, a new Attack Path Analysis filter, and Kubernetes Cluster scanning changes.
Details for self-hosted customers
- Release Availability - Thursday, Apr 11, 2024
- The latest Terraform template (static files and modules) can be found here. Modules can be updated with the
terraform get -update
command. - Amazon Elastic Container Repository (ECR) Image Tags - The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):
latest
24.4.9
24.4.9.32cf24937
- ECR Build ID -
32cf249375b2625917bdc83db5e498aa847252ad
New
GCP host assessment snapshots and scans now occur inside GCP, reducing snapshot and data transfer costs for the user. For details, review the GCP HVA documentation.
A new advanced filter "Attack Paths with Vuln Resources containing CVE" has been added to Attack Path Analysis.
Improved
Kubernetes Clusters Now Scanned by Default
Beginning with InsightCloudSec version 24.4.9, Kubernetes clusters will be scanned by default after being harvested. Previously, the default behavior was to harvest them and place them in a Paused state. Kubernetes Clusters that are already paused will need to be paused again manually.
Enrichment API requests will now return data for all valid resources passed to it, even if invalid resources are also present.
Added tags to Insights contained in these compliance packs:
AWS Privilege Escalation Attacks
,AWS Foundational Security Best Practices
, andCIS - AWS 2.0.0
. This update allows users to filter the Insight library to show only the Insights from these packs by applying the pack label in the scope option. The labels added areAWS Privilege Escalation Attacks
andAWS Foundational Security Best Practices
. They can be found under Labels in the scopes button in the Insight library.AWS Load Balancers will now set
waf_enabled
totrue
if there is an associated Web Application Firewall.
Fixed
Fixed an issue causing Host Vulnerability Assessments to snapshot when a re-assessment was possible.
Fixed missing tags filtering for Kubernetes resources.
Attack Paths have been updated to highlight attack paths that can be exploited. Attack paths that cannot be exploited due to a stopped instance on the path are no longer displayed.
Fixed an issue preventing the harvest of some OCI Autonomous Database workload types.
The “Cleanup Resource Access Policy” Bot Action will now update an AWS SNS Topic Access Policy with a default policy if removing public permissions would cause the Access Policy to be empty.
Changed instance agent type Filter to properly filter by Instance agent type.