InsightCloudSec Release Notes / Jul 30, 2024

Jul 30, 202424.7.30

Release Summary

InsightCloudSec is pleased to announce release version 24.7.30. This release includes several new Query Filters and Insights and improved Azure Autoscaling Groups (Virtual Machine Scale Sets) harvesting.

Details for self-hosted customers
  • Release Availability - Thursday, August 1, 2024
    • The latest Terraform template (static files and modules) can be downloaded here. Modules can be updated with the terraform get -update command.
  • Amazon Elastic Container Repository (ECR) Image Tags - The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using these tags:
  • ECR Build ID - 58858f93ee812a151de1f814d7bb594dbdad0e92

New

  • Added new Query Filters:
    • Database Instance Server Type
    • AI Services With Abuse Monitoring Disabled
    • Access List Exposes Ports to the Public
    • AI Services With A Specified Network Access Rule
  • Added new Insights:
    • Database Instance not Enforcing Transit Encryption (PostgreSQL - Single Server)
    • AI Services With Abuse Monitoring Disabled
    • Access List Exposes SSH or Windows RDP to the Public (NACL)
    • Access List Exposes SSH or Windows RDP to the Public over IPv4 (Security Group)
    • Access List Exposes SSH or Windows RDP to the Public Over IPv6 (Security Group)
    • AI Service Allows Ingress From All IP Addresses
  • Added the ability to filter for core or custom Insights in the Insight Library.
  • Added Source Document and Event-Driven Harvesting Support for Azure Virtual Machine Scale Sets (Autoscaling Groups in InsightCloudSec).
  • Added a namespace_id property for Azure Autoscaling Groups.

Improved

  • Added API documentation for these Container Vulnerability Assessment endpoints. Visit the API documentation for details.
    • Get All Packages
    • List Vulnerabilities
    • Get Resource with vulnerabilities
    • Get vulnerability by CVE ID
    • Set assessment scope
    • Set assessment status
    • Get resource vulnerabilities (supports GET and POST)
    • Get package vulnerabilities
  • Improved the performance of the Identity Analysis page.
  • Increased the maximum page size for the Security > Vulnerabilities > Resources to 1000 resource vulnerabilities.
  • Updated Database Instance Auditing Disabled Insight name to Database Instance Auditing Disabled (SQL Server) to meet CIS recommendations.
  • Updated logic to always store the Cloud Armor policy rule_names property so that relevant Query Filters can be used to search for policy rule names.
  • Updated the CIS - AWS 2.0.0 Compliance Pack:
    • Added Access List Exposes SSH or Windows RDP to the Public (NACL), Access List Exposes SSH or Windows RDP to the Public over IPv4 (Security Group), and Access List Exposes SSH or Windows RDP to the Public Over IPv6 (Security Group) Insights
    • Removed Access List Exposes SSH to the Public (SG) and Access List Exposes Windows RDP to the Public (SG) Insights
  • Updated the CIS - AWS 3.0.0 Compliance Pack:
    • Added Access List Exposes SSH or Windows RDP to the Public (NACL), Access List Exposes SSH or Windows RDP to the Public over IPv4 (Security Group), and Access List Exposes SSH or Windows RDP to the Public Over IPv6 (Security Group) Insights
  • Added these tags for all Insights mapped under controls for Requirement 7 of the PCI DSS v4.0 Compliance pack:
    • PCI DSS v4.0
    • PCI DSS v4.0 - 7.2.3
    • PCI DSS v4.0 - 7.2.5
    • PCI DSS v4.0 - 7.2.6
    • PCI DSS v4.0 - 7.3.1
    • PCI DSS v4.0 - 7.3.3
  • Updated AWS Foundation Bedrock Model harvesting to only include active models. With this change, InsightCloudSec will remove inactive foundation models from the internal database.

Fixed

  • Fixed an issue where resources with more than one artifact may not display all vulnerabilities.
  • Fixed an issue with the GCP Web Application Firewall (WAF) Harvester failing when it encountered Cloud Armor Network Edge policies.
  • Fixed an issue that was preventing GCP CloudSQL Database Snapshots from being harvested.
  • Fixed an issue that was preventing GCP AlloyDB clusters from being harvested if the continuous_backup_config property was not present in the response from GCP.
  • Fixed an issue that was preventing users from searching for Insights on the Infrastructure as Code (IaC) Configuration panel.
  • Fixed an issue that was preventing some users from editing their saved filters.
  • Fixed an issue that was overriding the InsightCloudSec URL if you were not signed in.
  • Fixed a 414 Request-URI Too Large error that occurred when trying to access Insight results.
  • Fixed an issue that was preventing AWS Key Management Service (KMS) encryption key linking.
  • Resolved third-party package security vulnerabilities in accordance with our vulnerability resolution policy.
  • Fixed the create_time property for Azure Autoscaling Groups to accurately reflect the create time for the group.
  • Fixed an issue that was causing Azure Autoscaling Groups to harvest more often than necessary if they had associated Subnets containing more than 1 IP Configuration.
  • Fixed an issue that was preventing the upgrade_policy property for Azure Autoscaling Groups from being harvested.
  • Fixed an issue where Instances associated with Azure Autoscaling Groups were not properly represented in the Related Resources graph.