January 2022 Platform Releases
v4.50
Vulnerability Exceptions - You can now create and apply exceptions to vulnerabilities for hosts and containers. This includes a new page in the Lacework Console (Vulnerabilities > Exceptions). See Vulnerability Exceptions for details.
- For inline scanner (v0.2.4 and above), use the
--exceptions
flag with theimage evaluate
command to include exceptions in the evaluation report. - For inline scanner(v0.2.6 and above), specify the registry of the local image that you want to scan by using the
--registry string
flag with theimage evaluate
command.
- For inline scanner (v0.2.4 and above), use the
New Proxy Scanner configuration fields added to support public registries, Amazon ECR, and GCR integrations - The Proxy Scanner configuration now contains new fields that help integrate with public registries, Amazon ECR, and GCR. See Configure the Proxy Scanner for details.
The
auth_header_name
andis_public
fields have been added to help integrate with public registries.The
auth_type
field has been added to support either Amazon ECR or GCR credentials. Thecredentials
field has been expanded to allow Amazon ECR or GCR credentials to be included.The
default_registry
field can be used to define your default registry, which can then be omitted in curl commands for on-demand scans.
Deprecation of Inline Scanner command flag - The
--scan-library-packages
command flag is deprecated from v0.2.4 onwards. The--disable-library-package-scanning
flag is available instead to disable non-OS package scanning of container images (this was enabled by default in the v4.42 release).Lacework API v2 update:
additionalProperties
keyword set totrue
- For all response schemas, theadditionalProperties
keyword is now set totrue
. This means additional fields or properties can be added to responses in the future. For information about theadditionalProperties
keyword, see the JSON Schema online documentation.Additional violation case added to certain Azure CIS 1.3.1 rules - For the Azure CIS 1.3.1 benchmark report, the Lacework Console will warn you if Azure ATP is disabled for the following rules: