Invitation only, limited beta. Support for daily host vulnerability assessment for Operating System-managed packages and the reporting of these vulnerabilities via the vulnerabilities/host and vulnerabilities/host/{CveId} API Operations—The vulnerabilities/host operation lists the common vulnerabilities and exposures (CVEs) found on the hosts of your Lacework environment. The vulnerabilities/host/{CveId} operation lists the hosts with the passed in CVS id that are found in your Lacework environment. The following data is returned by these operations: package name, version, CVE, severity, and fix availability. The Lacework API documentation is available directly from your Lacework Application at the following URI: https://YourLacework.lacework.net/api/v1/external/docs, where YourLacework is your Lacework Application.
Support for Datadog in the integrations API operations—Support for creating, enabling, and disabling Datadog integrations using the Lacework API. For more information, see the Lacework API documentation. The POST /api/v1/external/integrations operation has an example invocation for creating a Datadog integration. The Lacework API documentation is available directly from your Lacework Application at the following URI: https://YourLacework.lacework.net/api/v1/external/docs, where YourLacework is your Lacework Application.
Recommendations—Support for the following new recommendations:
LW_AWS_NETWORKING_16—ELB SSL Certificate should expire in 5 Days
LW_AWS_NETWORKING_17—ELB SSL Certificate should expire in 45 Days
LW_AWS_NETWORKING_18—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 23 (Telnet)
LW_AWS_NETWORKING_19—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 135 (Windows RPC)
LW_AWS_NETWORKING_20—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 445 (Windows SMB)
LW_AWS_NETWORKING_21—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 3306 (MySQL)
LW_AWS_NETWORKING_22—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 5432 (PostgreSQL)
LW_AWS_NETWORKING_23—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 1433 (SQLServer)
LW_AWS_NETWORKING_24—Security group attached to EC2 instance should not allow inbound traffic from all to UDP port 1434 (SQLServer)
LW_AWS_NETWORKING_25—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 4333 (MSQL)
LW_AWS_NETWORKING_26—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 5500 (VNC Listener)
LW_AWS_NETWORKING_27—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 5900 (VNC Server)
LW_AWS_NETWORKING_28—Security group attached to EC2 instance should not allow inbound traffic from all to UDP port 137 (NetBIOS)
LW_AWS_NETWORKING_29—Security group attached to EC2 instance should not allow inbound traffic from all to UDP port 138 (NetBIOS)
LW_AWS_NETWORKING_30—Security group attached to EC2 instance should not allow inbound traffic from all to UDP port 445 (CIFS)
LW_AWS_NETWORKING_31—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 21 (FTP)
LW_AWS_NETWORKING_32—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 20 (FTP-Data)
LW_AWS_NETWORKING_33—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 20 (FTP-Data)
LW_AWS_NETWORKING_34—Security group attached to EC2 instance should not allow inbound traffic from all to TCP port 53 (DNS)
LW_AWS_NETWORKING_35—Security group attached to EC2 instance should not allow inbound traffic from all to UDP port 53 (DNS)
LW_AWS_NETWORKING_36—Security group attached to EC2 instance should not allow inbound traffic from all to All Ports
LW_S3_18—Ensure the attached S3 bucket policy does not grant global 'Get' permission.
LW_S3_19—Ensure the attached S3 bucket policy does not grant global 'Delete' permission
LW_S3_20—Ensure the attached S3 bucket policy does not grant global 'List' permission
LW_AWS_IAM_11—Ensure non-root user exists in the account
LW_AWS_SERVERLESS_5—Lambda Function should not have VPC access