February 2022 Platform Releases

v4.52

• Azure CIS 1.3.1 Compliance Reports display the Resource Group in Resources (where applicable) - When clicking on a Azure CIS 1.3.1 Report rule in Compliance > Azure > Reports, the drop-down Resources column now displays the Azure Resource Group (when applicable to the rule). This appears in the format of ResourceGroup/ResourceName.

  note

  Once v4.52 is released, the first compliance report run for Azure CIS 1.3.1 will report any previously existing violations as new violations. This is due to the name change on the resource.

• Docker image for Inline Scanner - The Inline Scanner is now available as a Docker image for vulnerability scanning in CI systems. This can be used as an alternative to the Inline Scanner binary.

• Improvements to active image counts for containers - Active image counts used by Container Vulnerability (such as KPI statistics) and Containers Dossier are now consistent when using the same time range.

• Vulnerability exceptions quota limit split for hosts and containers - The vulnerability exceptions count has been split for hosts and containers. The quota limit is now 100 for hosts and 150 for containers.

• Policy assessment status filters added to Container Vulnerability - The Container Vulnerability page has two new filters when grouped by image. If Policy assessment: Pass is selected, images with no policy violations are displayed. If Policy assessment: Fail is selected, any images with one or more policy violations are displayed. This is constrained to the latest image assessment.

Public Preview

• Lacework (LW) Risk Score for Host and Container Vulnerability - Lacework provides a risk score for hosts, container images, CVEs, and packages based on discovered vulnerabilities. Risk scores are determined by a number of factors such as the number of hosts/images/packages affected and the CVSS score of the vulnerabilities (CVEs). See LW Risk Score for details.

  info

  LW Risk Score will be rolled out to all Lacework customers over two weeks from the release of v4.52.

Beta Releases

• Vulnerability scanning for Kubernetes - Integrate the Lacework Proxy Scanner and Webhook with your Kubernetes Admission Controller to activate vulnerability scanning on your Kubernetes clusters prior to deployment.
• Container Vulnerability Policies - Create customizable policies that assess container images for vulnerabilities at build or runtime. These policies can also be used to block or allow deployment of Kubernetes clusters (when Lacework is integrated with the Kubernetes Admission Controller).
  • Inline Scanner support for container vulnerability policies is available in this release. This allows the use of exit codes to prevent container image deployment if a policy is breached.

v4.51

• Holistic Vulnerability Export (CSV) - This feature is not enabled by default, contact Lacework Support if you want to enable it. Three download options are now provided for CSV reports allowing customization of the vulnerabilities (CVE IDs) shown. See Container and Host vulnerability for details.
• Container Vulnerability - daily re-evaluations persist active image data - Active image data now persists during daily re-evaluations and not just during the last scan. This improves the accuracy of Container Vulnerability KPIs and reports for a specified time period.
• Vulnerability column for Machine Activity and List of External Facing Server Machines - The "Machine Activity" and "List of External Facing Server Machines" tables in the Machines Dossier now have a vulnerabilities column with a clickable link to view the vulnerability assessment for the host.
• Vulnerability exceptions limit only includes active exceptions - The vulnerability exceptions limit now only counts active exceptions. Expired/disabled exceptions are no longer counted.
• Check against non-CloudTrail and/or non-ControlTower files - Lacework checks for misconfigured integration with non-CloudTrail and/or non-ControlTower files in all AWS integrations. A violation is labeled with an ERROR state in the list of integrations under Settings > Integrations > Cloud Accounts.