November 2021 Platform Releases
v4.40
- Resource Management version 2 - A new version of Resource Management (version 2) supports better handling of your account rate limiting, and allows the rest of the platform to automatically consume Resource Management data when a collection cycle has completed.
- As a result of version 2 upgrade changes, you will notice changes to resource formatting, as well as the configuration diff displaying a large amount of updates upon the first collection. For a detailed list of migration considerations, see Migration Considerations for Resource Management Version 2 Upgrade
- Azure CIS 1.3.1 benchmark report updates - The PCI and SOC2 report types have been updated to include many of the new Azure CIS 1.3.1 benchmark rules. New report types have also been added: HIPAA, ISO 27001, and NIST CSF. See Azure Report Types for all available reports.
- Three custom rules are now provided by Lacework to help automate some of the "manual" CIS rules. See Lacework Custom Rules for Azure Compliance for details.
- Host vulnerability - Public Facing filter - A new filter (Public Facing) is available on the Host vulnerability page. When active, this filter shows hosts that have a public facing IP address in the Group by Host view.
- Container registry integration - limit increased to 2000 repositories - Lacework now supports up to 2000 repositories within a single registry integration (increased from 1000).
- Amazon ECR's limit remains at 1000 due to set limitations with the Docker V2 APIs.
v4.32
Azure CIS 1.3.1 benchmark version now available - The compliance policies for Azure now include CIS version 1.3.1. See Azure CIS 1.3.1 Benchmark Report for detailed information.
- If you are an existing customer and you've integrated through Lacework Terraform provider, we recommend that you upgrade your integration with the new 1.0 terraform module. See the Prerequisites section in Azure CIS 1.3.1 Benchmark Report for guidance options.
Polygraph Alerts for GCP UX - This feature generates alerts for GCP customers based on anomalous events detected through GCP Polygraph. Anomaly detection uses machine learning to determine any changes in behavior that could result in compromised security posture. See Understand the GCP Audit Log Page.