The May 2023 SaaS Update Release includes the following changes with respect to the previous SaaS product release. Unless otherwise stated, all updates were made available on May 14.


TABLE OF CONTENTS


Aqua Platform


Support of supply chain security triggers in the Response Policy configuration


In the Response Policy configuration > Scan Results trigger selection: 

  • The following predefined triggers from the "Supply Chain Security" module have been added: Code Repository with Critical IaC Misconfigurations and Code Repository with Critical Pipeline Misconfigurations.
  • In the custom trigger selection, the new asset type Code Repository with different attributes has been added to configure triggering notifications or tickets when security issues are detected in the code repository or pull requests connected to it.


Supply Chain Security


Vulnerability reachability


In the vulnerability detailed view and Risks UI page, the new Reachability tab is displayed for vulnerabilities that are reachable by packages in your code repository. This can help you prioritize remediating vulnerabilities that can impact your applications.


Enhancements to the Build Pipeline detailed view


In the Build Pipeline detailed view, the following tabs have been added: 

  • Suspicious Behavior: shows suspicious behavior findings observed in the pipeline, such as different activity patterns or changes from previous scans
  • Activity: shows different activities monitored in the pipeline, such as exfiltration of secrets and code tampering

  

Security findings in the tabs above are displayed upon integrating the activity monitoring feature with the pipeline. For more information, refer to Build Pipelines.


Enhancements to Assurance Policies


The following controls related to build pipeline activity monitoring have been added to Assurance Policies:

  • Pipeline Container Activity
  • Pipeline File Changes Activity
  • Pipeline Network Call Port Activity
  • Pipeline Network Call URL Activity
  • Suspicious Behavior in Pipelines
  • Suspicious Behavior in Pipelines by Severity


Enhancements to Suppression Rules


The following controls related to build pipeline activity monitoring have been added to Suppression Rules:

  • Pipeline Container Activity
  • Pipeline File Changes Activity
  • Pipeline Network Call Port Activity
  • Pipeline Network Call URL Activity
  • Suspicious Behavior in Pipelines
  • Suspicious Behavior in Pipelines by Severity


Workload Protection


Use of vendor vulnerability publication dates

  • In the Vulnerabilities page and Image detailed view > Vulnerabilities tab > vulnerability detailed view, the vendor's vulnerability publication date (instead of the NVD publication date) is shown if available. If it is not available, the NVD publication date is shown (as previously).
  • In Image Assurance Polices, the exception "Ignore vulnerabilities that were published in the last [nn] days" takes into account the vendor's vulnerability publication date (instead of the NVD publication date).