InsightCloudSec Release Notes / Oct 01, 2024

Oct 01, 202424.10.1

Release Summary

InsightCloudSec is pleased to announce release version 24.10.1. This release includes a new Azure resource, expanded AWS region support, and interface modernization updates.

New Permissions: Microsoft Azure

These permissions support the Microsoft Azure AI (Cognitive) Services Model Deployments resource. All permissions have been added to the appropriate onboarding user roles.

For Microsoft Azure Read-Only Users:

  • "Microsoft.CognitiveServices/accounts/deployments/read"

Base image upgrade

With this release, InsightCloudSec is upgrading the base image for the instances hosting the application from Ubuntu 20.04 to Amazon Linux 2023 for all SaaS customers. There will be no self-hosted release this week. The base image change will go into effect for all customers with the v. 24.10.8 release.

Python upgrade

In late October, InsightCloudSec will be upgrading our Python to version 3.10. Custom Plugins may be affected, so you should contact your Customer Success Manager or Support for help upgrading your plugins. At a later date, we will provide a more concrete timeline.

New

  • The ca-west-1 AWS region is now supported.
  • Added support for the Azure AI (Cognitive) Services Model Deployments resource.
  • Added a new version of the Harvesting Strategies interface that improves the harvesting strategy navigation, filtering, configuration, and management experiences. The old interface is on by default, but you can click the Switch to Modern UI button to test out the new interface. In the new interface, read only admin users will not be able to set a harvesting strategy as default.
  • Added a new unified vulnerability report available for download from the Resources tab of the Vulnerability Management feature. The report lists all filtered vulnerabilities across your environment along with relevant information, including risk score, remediation details, proof data, and more.

Improved

  • Turned on the new Cloud Detail Settings interface by default. The old interface is still accessible by using the Switch to Legacy UI toggle.
  • Turned on the new Scheduled Events interface by default and removed the old interface.
  • Replaced the AI Services With Invalid Diagnostic Logging Configuration Query Filter with the AI Services Without Diagnostic Logging Configuration Query Filter. The old Query Filter will be available for 6 months, after which it will be removed.

Fixed

  • Fixed an issue that required the description field when adding or editing a Data Collection.
  • Fixed false positives occurring with the Resource Encrypted With Cloud Managed Key Query Filter.
  • Fixed an issue that was preventing admin details from being harvested for Azure Database for MySQL flexible server resources. This corrects related issues with the Database Instance Azure Active Directory Admin not Configured (Azure) Insight.
  • Fixed issues within the Instance Interface harvester that was preventing relationship creation between Instance, Subnet, and Security Group resources.
  • Fixed an issue with detecting network information attached to Scale Set Instances.
  • Fixed an issue that caused Scale Set Instances to duplicate on harvest.
  • Fixed a casing issue when associating Azure Subnets to Azure Virtual Machines.
  • Resolved package security vulnerabilities in accordance with our vulnerability resolution policy.
  • Fixed an issue where Windows virtual machines in Azure were flagged as not exporting logs to a Log Analytics Workspace even if configured to do so.
  • Fixed an issue where occasionally exempted resources were not dropped from non-compliance.
  • Fixed an issue where exemptions created by exemption rules are activated a few microseconds after they should in some rare cases.