The April 2023 SaaS Update Release includes the following changes with respect to the previous SaaS product release. Unless otherwise stated, all updates were made available on April 16.


TABLE OF CONTENTS


Aqua Platform


Auto-Discovery supports GCP cloud accounts

(available April 11)


Auto-Discovery now supports GCP (Google Cloud Platform), in addition to AWS (Amazon Web Services) and Microsoft Azure cloud accounts. Refer to the product documentation to begin your GCP onboarding!


Workload Protection


Image Assurance Policies Vulnerability Score and Severity control


This control checks if images have any vulnerabilities:

  • whose scores are within the configured range

       and

  • whose severity matches or exceeds the configured severity


If any such images are found, the control fails.


v2 API call returns information on images with running workloads


The new v2 API endpoint /api/v2/risks/vulnerabilities/workloads returns the vulnerabilities detected in an image that has running workloads, as well as details of those workloads. Refer to the documentation.


Aqua Enforcer support for scanning programming language packages


Aqua Enforcers can now scan programming language packages on Linux and Windows hosts for vulnerabilities. This feature works only with the Classic scanner; you also need to enable "Scan for CVEs in programming languages packages during host scan" on the Settings > Scanning UI screen.