2022 December SaaS Update Release
The December 2022 SaaS Update Release includes the following changes with respect to the previous SaaS product release. Unless otherwise stated, all updates were made available on December 18.
TABLE OF CONTENTS
- Aqua Platform
- Supply Chain Security
- Workload Protection
- Workload Protection and Image Scanning
Enhancement to the Response Policies configuration for the ServiceNow output
- In the Response Policies configuration > Select Action section, for the ServiceNow output, a new Template type: Customized Template is added (in addition to "Default ServiceNow Template") to display Aqua notifications in the ServiceNow Incidents page. The existing "Default ServiceNow Template" has been renamed "JSON Template".
Supply Chain Security
Integration with Jenkins build platform
Integration with Jenkins build platform is supported to detect security issues in the build stage of the software supply chain.
Enhancements to the Risk Assessment (now Tool Chain) page
- The Tool Chain page has been moved out of the Risk Assessment page as an independent page. The Risk Assessment page will be added again to display all the risks detected in the software supply chain.
- The Tool Chain page now displays all the security issues detected in the build stage of the software supply chain.
VMware Tanzu Application Assurance Policies: Vulnerability Exploitability control
VMware Tanzu Application Assurance Policies support the Vulnerability Exploitability control. This control will fail a VMware Tanzu policy if any exploitable vulnerabilities were detected during scanning.
Enhancements to Aqua Trivy Premium scanner
- Aqua Trivy Premium supports Dynamic Threat Analysis (DTA).
- Aqua Trivy Premium supports scanning serverless functions after integrating with the respective cloud accounts. (Previously, Aqua used the Legacy Scanner for function scanning even when the Trivy premium scanner was enabled.)
Cloud Workload Scanning (Agentless): Enhancement to the scan configuration in the cloud connection
When creating or editing a cloud connection, in the Scan Configuration tab > Scan Filters section, you can add the include and exclude tags with one or multiple asterisks (if you do not know the exact tag name in the cloud account) to filter the VMs for scanning.
Workload Protection and Image Scanning
Aqua Trivy Premium scanner supports containerd images
The Aqua Trivy premium scanner supports scanning images built by the containerd container engine on both the Linux and Windows operating systems. For more information, refer to Scan images using the containerd container engine.
Enhanced scheduling control over automatic pull and scan of images
When configuring automatic pulling and scanning for image registries, you can now specify days of the week and the month (in addition to times of the day).
Specify repositories as approved base images
It is possible to specify repositories in the Approved Base Image control of Image Assurance Policies. Nested repositories are allowed.
Did you find it helpful? Yes NoSend feedback