InsightCloudSec Release Notes / Apr 23, 2024

Apr 23, 202424.4.23

Release Summary

InsightCloudSec is pleased to announce Release 24.4.23. This release includes added support for GCP Organization Policies, an improved Executive Risk View, and several new Query Filters and Insights.

Details for self-hosted customers
  • Release Availability - Thursday, Apr 25, 2024
  • The latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update command.
  • Amazon Elastic Container Repository (ECR) Image Tags - The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):
  • latest
  • 24.4.23
  • 24.4.23.3a077330d
  • ECR Build ID - 3a077330d76deb38f64a1d817696230ae0a5dbf6

New

  • The Compliance Scorecard Cloud Storage subscription now has an option to send an unzipped export in .xlsx (Excel) format to the selected S3 bucket.

  • Added EKS clusters to Attack Path Analysis (APA) for existing attack path types.

  • We have added visibility and support for GCP Organization Policies. This resource can be found under the new Resource Type, Control Policy, in the Identity and Management category of the Resources Inventory. To support this new resource, we have added two new Query Filters:

    • Control Policy Enforcement Status - Identifies the enforcement status of the Control Policy.

    • Cloud Account By Minimum TLS Version Permitted - Identifies cloud accounts by the minimum TLS Version permitted.

  • Task Definition Resource Has Host Process Namespace - New Insight identifies Task Definitions (ECS) that share their host's process namespace.

  • Task Definition PID Mode - New Query Filter identifies Task Definitions (ECS) based on their configured PID Mode.

  • Cloud User with/without Console Access or Access Key - New Query Filter identifies cloud users that have Console Access or an associated Access Key. Updated Insights Cloud User without Activity in Past 45 days and Cloud User without Activity in Past 90 days to use this new Query Filter.

  • We have created a demo for the Cloud Anomaly Detection feature. Review the documentation for more information.

Improved

  • We’ve updated the underlying data source used by Executive Risk View (ERV) and improved asset categorization. ERV now pulls data from our shared data platform instead of pulling separately from InsightVM and InsightCloudSec. Benefits of this update include:

    • Accurate representation of cloud and on-prem assets using identifiers from AWS, Azure, and GCP

    • Better performance for larger data sets

    • Synchronization with our agent-based policy Bulk Export API

  • Added Source Documents and Event-Driven Harvesting (EDH) support for Azure Container Instances.

Fixed

  • Fixed an issue to enable the Public Access tab in the Resource Blade to be opened from the Resources Page.

  • Fixed a bug where Bot actions would send emails even if there were no new noncompliant resources to report.

  • Updated Volume Harvesting to correctly link GCP Volumes with custom encryption keys.

  • Fixed an issue with the Cloud Listing page count. Cloud selections now reset anytime a filter or search text is changed.

  • Removed the Contact Us option from the main navigation menu to simplify support request streams. All support requests are now handled using Insight Platform Support or the Customer Support portal. Review the documentation for more information.