2023 May SaaS Update Release
The May 2023 SaaS Update Release includes the following changes with respect to the previous SaaS product release. Unless otherwise stated, all updates were made available on May 14.
TABLE OF CONTENTS
Aqua Platform
Support of supply chain security triggers in the Response Policy configuration
In the Response Policy configuration > Scan Results trigger selection:
- The following predefined triggers from the "Supply Chain Security" module have been added: Code Repository with Critical IaC Misconfigurations and Code Repository with Critical Pipeline Misconfigurations.
- In the custom trigger selection, the new asset type Code Repository with different attributes has been added to configure triggering notifications or tickets when security issues are detected in the code repository or pull requests connected to it.
Documentation
Response Policies and Notification System Integrations
The documentation for Response Policies and Notification System Integrations has been expanded and improved.
Update to list of sub-processors
(available May 31)
As a side effect of using Aqua Platform, your data may be processed by one or more third-party businesses or contractors, known as sub-processors. The list of sub-processors has been updated on the Aqua Security Data Processing documentation page.
Workload Protection
Use of vendor vulnerability publication dates
- In the Vulnerabilities page and Image detailed view > Vulnerabilities tab > vulnerability detailed view, the vendor's vulnerability publication date (instead of the NVD publication date) is shown if available. If it is not available, the NVD publication date is shown (as previously).
- In Image Assurance Polices, the exception "Ignore vulnerabilities that were published in the last [nn] days" takes into account the vendor's vulnerability publication date (instead of the NVD publication date).
Documentation
Create a VM Enforcer Group and VM Enforcer
The contents of Create a VM Enforcer Group and VM Enforcer have been reorganized, improved, and updated.
Block Container Exec
It is noted that on Windows, the "Block Container Exec" control of Container Runtime Policies does not work for containers that are already running.
Supply Chain Security
Vulnerability reachability
In the vulnerability detailed view and Risks UI page, the new Reachability tab is displayed for vulnerabilities that are reachable by packages in your code repository. This can help you prioritize remediating vulnerabilities that can impact your applications.
Enhancements to the Build Pipeline detailed view
In the Build Pipeline detailed view, the following tabs have been added:
- Suspicious Behavior: shows suspicious behavior findings observed in the pipeline, such as different activity patterns or changes from previous scans
- Activity: shows different activities monitored in the pipeline, such as exfiltration of secrets and code tampering
Security findings in the tabs above are displayed upon integrating the activity monitoring feature with the pipeline. For more information, refer to Build Pipelines.
Enhancements to Assurance Policies
The following controls related to build pipeline activity monitoring have been added to Assurance Policies:
- Pipeline Container Activity
- Pipeline File Changes Activity
- Pipeline Network Call Port Activity
- Pipeline Network Call URL Activity
- Suspicious Behavior in Pipelines
- Suspicious Behavior in Pipelines by Severity
Enhancements to Suppression Rules
The following controls related to build pipeline activity monitoring have been added to Suppression Rules:
- Pipeline Container Activity
- Pipeline File Changes Activity
- Pipeline Network Call Port Activity
- Pipeline Network Call URL Activity
- Suspicious Behavior in Pipelines
- Suspicious Behavior in Pipelines by Severity
Did you find it helpful? Yes No
Send feedback