The February 2023 SaaS Update Release includes the following changes with respect to the previous SaaS product release. Unless otherwise stated, all updates were made available on February 26.


TABLE OF CONTENTS


Aqua Platform


Support of supply chain security triggers in the Response Policy configuration


In the Response Policy configuration > Scan Results trigger selection: 

  • The following predefined triggers from the "Supply Chain Security" module have been added: "Code Repository with Critical IaC Misconfigurations" and "Code Repository with Critical Pipeline Misconfigurations".
  • In the custom trigger selection, a new asset type, "Code Repository" with different attributes, has been added to configure triggering notifications or tickets when security issues are detected in the code repository or pull requests connected to it.


Application scope specification 


RFE SLK-56249: The specification of application scopes has been extended with two new attributes under Infrastructure > Host: "Orchestrator type" and "Orchestrator version".


Supply Chain Security


Enhancements to Assurance Policies


The following controls have been added to Assurance Policies:

  • Release Artifact Code Protection
  • Release Artifact Security Checks
  • SAST Severity
  • Specific SAST Check


Enhancements to the Risks page


In the Risks page, new tabs have been added: SAST and Pipeline Misconfigurations.


Integration with JFrog Artifact registry


You can now integrate with JFrog cloud and on-premises artifact registries to detect security issues in the software supply chain > Artifact stage.


Dependency and Artifact stages have been added to the Tool Chain page


Aqua can now detect security issues in the software supply chain > Dependency and Artifact stages and display them in the Tool Chain page.


Workload Protection


Enhancement to sensitive data scanning


The Sensitive Data control of Image Assurance Policies allows you to specify directories and/or files to be excluded from scanning for sensitive data.


Enhancements to the Incidents page

  • In the configuration window of suppression rules for incidents, the "Suppress Audit Log" toggle has been added to set the suppression of audit logs when incidents are suppressed.
  • In the Incident detailed view > Timeline tab, a graph has been added to show all the incidents by their types detected in the selected time interval.
  • In the Incidents list view, all the incidents reported on the same workload, process, and resource (e.g., file, URL, artifact) are aggregated and displayed as a single incident with number of occurrences.


New field added in the Vulnerability details screen


In the Vulnerability details screen, a new field Fix reported by Aqua displays the date when Aqua reports the fix. Aqua acquires this information from various data sources such as vendors, NVD, etc.


Setting to use NVD scores and severities for evaluating image compliance


In the Settings > Scanning page, you can select "Use NVD as the preferred rating method" to use NVD scores and severities (if available) for evaluating image compliance. (This option is applicable only if you use the Trivy Premium scanner.)


UI display of vulnerability acknowledgment


In the Images screen, both the General tab and the CI/CD Scans tab will show the same acknowledgment status for vulnerabilities, irrespective of which tab they were acknowledged from.


Simplified MicroEnforcer sidecar deployment on AWS Fargate


RFE SLK-46579: When deploying an application container with a MicroEnforcer sidecar container in a Fargate environment, you no longer have to supply the Docker image ID of the application image in the Task Definition. Refer to Step 4: Create a Fargate Task Definition (sub-steps 5-8) in the instructions.