The April 2022 SaaS Update Release includes the following changes with respect to the previous SaaS product release.


TABLE OF CONTENTS


Image Scanning and Workload Protection



Images screen filtering: new options

The Images screen allows you to filter the list to show:

  • Repositories with non-compliant images
  • Security risks: malware, vulnerabilities, or sensitive data


Vulnerabilities screen filtering improvements

  • Separate tabs are now provided for the Risk-based Insights and All Vulnerabilities display modes, respectively.
  • In All Vulnerabilities mode, a new "filter" icon provides access to a pop-up window, from which you can select or enter the values for all filtering parameters. The search bar for vulnerability ID and/or resource is unaffected by this.
  • These filtering parameters support multi-selection: Vulnerability Severity, vShield Status, and Exploit Type.
  • The Image Name filter drop-down allows both free text entry as well as selection from the values supplied. If you enter free text, Aqua will include all vulnerabilities based on images that contain the text string you have entered.


Google Artifact Registry integration: multi-region support

When integrating with a Google Artifact Registry, it is possible to select one of these regions: asia, europe, or us.


Trivy Premium scanner supports Mariner OS packages

The Trivy Premium scanner detects vulnerabilities in Mariner OS packages contained in images.


Workload Protection



Improvement to KubeEnforcer diagnostic message

The important KubeEnforcer diagnostic message "Failed to find matching registry for container" has been elevated from debug to info level, reducing the likelihood of it being overlooked. The text has also been changed to "The registry could not be found for the container".


Behavioral Detection and Incidents

Aqua offers:

  • Behavioral Detection: runtime monitoring of an environment for any signs of malicious behaviors that may indicate attacks on the environment
  • The Incidents page: displays all behavioral detection events with critical, high, or medium severity