Skip to main content

October 2019 Platform Releases

New Features

v2.42 Release

  • Container Vulnerability Assessment General Availability—The feature is now in general availability and includes the following updates:
    • Support for Docker V2 Registry integrations—Docker V2 Registry integrations allow you to perform container image scanning for private Docker V2 registries via the Lacework API. To learn about integrating Docker V2 registries with Lacework, see Container Vulnerability Assessments.
    • Support for Ubuntu 19.10
  • Support for Datadog Outgoing Integration—The Datadog integration provides a unified view of your metrics, logs, and performance data combined with your cloud security data. For information about how to incorporate Lacework events into your existing workflow, see https://support.lacework.com/hc/en-us/articles/360036989953.
  • Support for Vulnerability API Operations—Lacework supports the following Vulnerability API operations:
    • GET ​/api​/v1​/external​/vulnerability​/imageDigest​/{image_digest}—Get information about the last scan of a container image by passing in an image digest as a parameter.
    • GET ​/api​/v1​/external​/vulnerability​/imageId​/{image_id}—Get information about the last scan of a container image by passing in an image id as a parameter.
    • POST ​/api​/v1​/external​/vulnerability​/repository​/images​/scan—Request an on-demand vulnerability scan in the specified container image.
    • GET ​/api​/v1​/external​/vulnerability​/reqId​/{request_id}—Track the progress and return data about an on-demand vulnerability scan.

For more information, see the Lacework API documentation which is available from the Lacework Console.

v2.41 Release

  • AWS EBS Recommendations: Support for the following new AWS EBS recommendations:
    • LW_AWS_GENERAL_SECURITY_2—Ensure EBS Volumes are Encrypted
    • LW_AWS_GENERAL_SECURITY_3—Ensure No Public EBS Snapshots
  • Report Type Parameter for GetLatestComplianceReport APIs: Previously only CIS Benchmark and S3 recommendations were returned when running the GetLatestComplianceReport APIs. An optional REPORT_TYPE parameter that supports specify other report types such as PCI Benchmarks for the following APIs:
    * /api/v1/external/compliance/aws/GetLatestComplianceReport
    * /api/v1/external/compliance/azure/GetLatestComplianceReport
    * /api/v1/external/compliance/gcp/GetLatestComplianceReport
    For more information, see the Lacework API documentation. The Lacework API documentation is available directly from your Lacework Application at the following URI: https://YourLacework.lacework.net/api/v1/external/docs, where YourLacework is your Lacework Application.

v2.40 Release

  • New Python Script for Creating GCP Integrations: This new app.py script has the following features:

    * Supports creating Lacework GCP Compliance and Lacework Audit Trail Integrations. A single script run creates a single Lacework GCP Compliance Integration and optionally one or more Lacework Audit Trail Integrations.
    * Supports entering the configuration settings interactively from prompts or by specifying a configuration YAML file.
    * Supports rolling back the changes made in GCP if the script encounters a problem.

    For more information, see GCP Compliance and Audit Log Integration - Run app.py Python Script.

  • Container Vulnerability Assessment is in Public Beta: For more information about Container Vulnerability Assessment, see Container Vulnerability Assessments. In this release, Container Vulnerability Assessment updates include the following:

    • When new CVE updates are released, Lacework reevaluates existing image assessments for newly identified risks.
    • Two new fields are available when adding a new container registry integration:
      • Limit by Repository (optional) - This field allows you to specify a comma-separated list of repositories to discover/scan instead of all repositories in the registry.
      • Limit Number of Images per Repo - This field allows you to set the maximum number of newest container images to discover/scan per repository.
    • The time range filter has the following changes:
      • Removed the Last 2 hours option
      • The Last 24 hours option now displays the last 24 hours up to the current time instead of up to the current start hour
      • The Last 3 days … Last 90 days options now display the last x days up to the current time instead of up to midnight of the current day.
  • Lacework API Documentation Available Directly from Lacework: The Lacework API documentation is available directly from your Lacework Application at the following URI: https://YourLacework.lacework.net/api/v1/external/docs, where YourLacework is your Lacework Application. No login to the Lacework Console is required. However, there is a link to the Lacework API documentation from the Lacework Console. From the Help drop-down, select API Documentation. For more information, see Lacework API.

  • Domain Lookups Table Replacement: In the Machines dossier, the Domain Lookups by Machine table replaces the Domain Lookups table.