InsightCloudSec Release Notes / Dec 17, 2024

Dec 17, 202424.12.17

Release Summary

InsightCloudSec is pleased to announce release version 24.12.17. This release includes Insights, Query Filters, and Remediation Hub updates.

Limited release for 24.12.24, 24.12.31

As the next two weeks include U.S. federal holidays, there will not be a formal release with release notes on December 24, 2024, or December 31, 2024. Critical issues will receive fixes as necessary. Our next full release will be on January 7, 2025. Reach out to your CSM or support with questions or concerns.

New

  • Added the following Insights:
    • Resources That Should Not Use Basic SKU Tiers That Need To Be Monitored (mapped to CIS Azure 2.1 Recommendation 5.5)
    • Virtual Machines Without Trusted Launch Enabled
    • Ensure that Microsoft Defender External Attack Surface Monitoring (EASM) is enabled (Manual) (mapped to CIS Azure 2.1 Recommendation 2.1.22)
    • Resources That Should Not Use Basic SKU Tiers That Need To Be Monitored (mapped to CIS Azure 2.1 Recommendation 5.5)
    • Cloud Account Without Security Defaults Enabled (mapped to CIS Azure 2.1 Recommendation 1.1.1)
    • Cloud Account With More Than Four Global Administrators
    • Storage Account Without Private Endpoint and Virtual Network for Secure Access
    • Cloud Account Microsoft Defender For Cloud Alert Notifications Not Properly Configured
    • Logic App With Invalid Diagnostic Logging Configuration (Standard)
    • Logic App With Invalid Diagnostic Logging Configuration (Consumption)
  • Added the following Query Filters:
    • Virtual Machines Without Trusted Launch Enabled
    • Security Defaults Are Disabled on Microsoft Entra ID With Disabled Conditional Access Policies
    • Container Registry Host
    • Cloud Account With Number of Global Administrators Above Threshold
    • Storage Account Without Private Endpoint and Virtual Network for Secure Access
    • Distributed Table Without Private Endpoint in Approved State
    • Distributed Table Without Virtual Network Attached
    • Storage Container Without Public Access Prevention (GCP)
    • Cloud Account With/Without Resource Control Policy

Improved

  • Updated the Remediation Hub’s key metrics to improve how we relay the impact of applying remediations. Now, instead of On-Prem Risk and Cloud Risk, Vulnerabilities Remediated and Assets Update will be displayed. These metrics represent the percentage of vulnerabilities that will be remediated when implementing the top 25 solutions and the number of assets that will be updated if the top 25 solutions are implemented. Solution Risk Score will also be recalculated when a filter is applied, providing a more accurate view of the vulnerabilities that need to be prioritized.
  • Added a Scan Outcome filter to the Infrastructure as Code > Scan List page.
  • The Logic App With Invalid Diagnostic Logging Configuration (Azure) Insight and matching Query Filter have been deprecated in favor of the Logic App With Invalid Diagnostic Logging Configuration Insight and matching Query Filter, which resolve issues with the now deprecated Insight and Query Filter.
  • Added a not_in parameter to the Content Delivery Network Not Using WAF Query Filter to assist with filtering Content Deliver Networks (CDNs) that have a Web Application Firewall turned on.
  • Added support for adding and removing tags on QBusiness Application resources.
  • Renamed the Bedrock Job resource to Bedrock Training Job.
  • Added support for displaying the current and next DomainKeys Identified Mail (DKIM) signing key length for AWS Simple Email Service Identity (SES) resources.
  • Improved the bulk delete process for exemptions to prevent accidentally deleting all exemptions.
  • Added a filter for Application Name to the Remediation Hub.
  • Added a direct link to the Google Cloud Platform for Identity Platform Provider resources.

Fixed

  • Fixed an issue that would cause the Service Dataset harvester to fail if a dataset was deleted.
  • Fixed an issue where container resources on the Vulnerabilities page would show no vulnerabilities.
  • Fixed an issue where Cluster Name and Cluster ID columns were empty for Kubernetes resources in Compliance Scorecard Microsoft Excel export.
  • Fixed an issue with the Apply Security Context to Your Pods and Containers Insight where it would incorrectly flag resources as non-compliant.
  • Fixed an issue preventing exemption creation using the API.
  • Fixed an issue that would prevent filtering Kubernetes clusters by cloud service provider.
  • Fixed an issue where the Elasticsearch Serverless Collection harvester would fail to harvest collections with Virtual Private Cloud (VPC) endpoints set.