Skip to Content
Release NotesInsightcloudsecIndex

Sep 17, 2024

This release includes a new Microsoft Azure resource, expanded IaC support, and changes to Kubernetes CVE reporting.

Release Summary

InsightCloudSec is pleased to announce release version 24.9.17. This release includes a new Microsoft Azure resource, expanded IaC support, and changes to Kubernetes CVE reporting.

Future base image upgrade

In late September, InsightCloudSec will be upgrading the base image for the instances hosting the application from Ubuntu 20.04 to Amazon Linux 2023. We will provide a more concrete timeline at a later date.

Details for self-hosted customers

Redis 7.1 required

Beginning with release 24.9.3, InsightCloudSec requires Redis 7.1. Ensure Redis has been upgraded prior to upgrading InsightCloudSec to version 24.9.3 or later. Visit Upgrading InsightCloudSec - AWS Terraform for details.

  • Release Availability - Friday, September 20, 2024

    • The latest Terraform template (static files and modules) can be downloaded here. Modules can be updated with the terraform get -update command.

  • Amazon Elastic Container Repository (ECR) Image Tags - You can obtain the ECR build images for this version of InsightCloudSec by using these tags:

    • latest
    • 24.9.17
    • 24.9.17.39a3d0e9f

    You can find all available versions in the InsightCloudSec ECR Gallery.

  • ECR Build ID - 39a3d0e9fbdcf9eeef75dd5856cd55b3eebef783

New

  • Added support for the Microsoft Azure AI Studio Compute resource. This resource does not require any new permissions.
  • Added Infrastructure as Code (IaC) support for Microsoft Azure Route Tables.
  • Added support for Kubernetes Common Vulnerabilities and Exposures (CVEs) to the Vulnerabilities page. Risk scores may decrease slightly because of this change. To simplify tracking these CVEs, Kubernetes CVE-related Insights have been removed from the following Compliance Packs:
    • CVEs for Kubernetes and ISTIO (this Compliance Pack has been renamed to CVEs for ISTIO)
    • Canadian Centre for Cyber Security
    • CIS Controls v8
    • FedRAMP Low Controls
    • FedRAMP Moderate Controls
    • ISO 27001:2022
    • ISO 27017:2015
    • ISO 27001:2013
    • Kubernetes Security Recommended
    • MITRE Att&ck Mitigation Pack
    • NIST 800-171
    • NSA and CISA Kubernetes Hardening Guide 1.1
    • NYDFS NYCCR 500
    • PCI DSS v4.0

Improved

  • Improved metric gathering for Host Vulnerability Assessments (HVA).
  • Improved performance for the Unused Permission Distribution widget on the Identity Analysis page.
  • Updated the Cloud Resource Enrichment API response objects to include attack path details grouped by severity.
  • Reorganized the vulnerability data Cloud Resource Enrichment API response objects to be grouped by severity.
  • Turned on the new Insights interface by default and removed the old interface.
  • Improved HVA API performance.
  • Improved latency for scheduled events API endpoints.
  • Added the option to show scheduled events for deleted resources.

Fixed

  • Resolved issues with deprecated Insight Packs affecting the Compliance Overview Summary page.
  • Resolved an issue with the Access List Exposes Non Web Ports (Security Groups) Query Filter where Security Groups were being returned even if their whole port range was added to the Ignore Ports field.
  • Resolved a Terraform AWS modeling issue where AWS roles and principals were not being correctly associated with each other.