August 2022 Platform Releases
Release Notes
Filtering by tags and labels is now possible using the image filter option for proxy scanner integrations - See
image_filter
for details on the newtags
andlabels
options.Inline Scanner support for scanning by image digest - See
image evaluate
for example commands.Proxy Scanner Auto Polling support for Google Container Registry (GCR), Amazon Elastic Container Registry (ECR), and Red Hat Quay (quay.io) - These registry types can now be configured for auto polling when using the Proxy Scanner.
New format options for Inline Scanner evaluaton results - New flags are available to format the evaluation results from the Inline Scanner when viewing on the terminal.
--pretty
renders table borders and adds color to Severity column in the output of the evaluation results:--no-color
stops colors from being rendered in evaluation results when the--pretty
option is used.--simple
displays evaluation results withoutIntroduced in Layer
andFile Path
columns.-j, --json
prints the evaluation results in JSON format (this offers the same output as the-v=false
option).
See Example Outputs for Evaluation Results for further details.
Packages tab for Host & Image vulnerability assessments - View vulnerable packages on the new Packages tab for host and container image vulnerability assessments.
Automated configuration for Amazon ECR Proxy Scanner integrations - If you configure the Proxy Scanner to run on an Amazon EC2/ECS instance, it will attempt to automatically discover and authenticate with the private ECR available to the local IAM role. See Automated Configuration for Private Amazon ECRs for details.
On-demand container image scanning from the Lacework Console - For integrated container registries, you can now scan container images on-demand when viewing Container Image Information in the Containers Dossier.
- This feature will be gradually rolled out to customers during this week.
Infrastructure as Code (IaC) differential analysis - The differential analysis algorithm has changed to include ChangeSets that aim to reduce findings and noise in code review feedback.
Public Preview Features
- Vulnerability Usage is shown on the License page - The Settings > Usage: License page on the Lacework Console now displays a Vulnerability Usage section.