Latest (v7)
We will cover a running list of new features and releases with the latest always placed at the top.
**IMPORTANT**
Please upgrade your Linked Account Roles to v1.12 or later BEFORE upgrading your console/agent to v7.
If you do not upgrade your Linked Account Roles then you could experience problems when using EventBridge. Click here to learn more about Linked Account Updates.
Please also note, you'll also need to upgrade your console/agent to the latest current version you're currently on before you can upgrade to the next major version.
For example, if you are on v5, you'll need to upgrade to the latest version of v5, then upgrade to the latest of v6, then finally upgrade to v7.
April 2024 - Console: V7.07.001, Agent: V7.07.001
In this release:
Improved handling for EBS scanning quotas
A fix for EBS volume scanning in GovCloud
v7.07.001 CloudFormation Template
March 2024 - Console: V7.07.000, Agent: V7.07.000
In this release:
Scan Stability Improvements
Handling of S3 rate limiting when scanning a large number of S3 objects
Handling of EBS Service Quotas, ensuring we don’t use all of the customer’s quota, or try to run jobs when we don’t have the space required
Trial Notification Improvements
Data remaining notification 100, 50, 25, 0GB left of free trial data
Expiration notification: 7, 3, 1, 0 days left on free trial
Added support for FSx Lustre volumes
We now support schedule-based virus scanning and data classification for FSx Lustre volumes
Added support for EBS Scan Existing - DC
You can now classify pre-existing data in EBS volumes.
EBS and LFS Scanning Improvements
We've migrated both EBS Scanning and LFS Scanning to leverage the new EBS on Fargate integration
Central Job Networking Configuration page
You can now manage networking configuration for jobs all on one page
V7.07.000 CloudFormation Template
March 2024 - Console: V7.06.004, Agent: V7.06.004
In this release:
A patch to fix an issue related to scanning of FSx volumes
A patch to fix an issue related to deployment of our solution using a private environment with a proxy
v7.06.004 CloudFormation Template
March 2024 - Console: V7.06.003, Agent: NA
In this release:
A patch to fix an issue with SSO functionality communicating with integrated IDPs.
v7.06.003 CloudFormation Template
February 2024 - Console: V7.06.002, Agent: NA
In this release:
A patch to fix an issue with FSx volumes being retrieved and displayed in your AV Console.
v7.06.002 CloudFormation Template
February 2024 - Console: V7.06.001, Agent: V7.06.001
In this release:
A patch to surface logs related to FSx volumes and scanning for those volume types.
v7.06.001 CloudFormation Template
February 2024 - Console: V7.06.000, Agent: V7.06.000
In this release:
API Scanning for Data Classification
You now have the ability to classify text-based documents and scan for PII using API agents.
All you need to do is enable the
Configure Classification
toggle and select the rule set(s) you want to use for classification. After this anytime a file is sent to your API endpoint we will classify it and provide information on whether it contains PII against the rule set(s) you've selected.
FSx OpenZFS volume types
We now support schedule-based virus scanning and data classification for FSx OpenZFS volumes
We will add support for additional FSx file systems in future releases. If you need a specific file system supported sooner please Contact Us.
Console Checker Tool
During deployment of our Management Console we will now perform a series of checks of your environment to ensure that the VPC, Subnets, CIDR range, etc. have been set properly and are compatible with our deployment.
Proactive Notifications for Data Consumed
We have added a Proactive Notification Type which you can use to notify when you are running low on prepaid data.
Scan using multiple engines via API
You can now use multiple engines to perform API scans either by using the default configuration you've set on the Scan Settings page or by setting API specific engines.
Use pre-existing Load Balancers for Management Console
If you would like to use a Load Balancer for your Management Console you can now assign a pre-existing LB that you have stood up instead of creating a new one from scratch through the CFT.
Our CloudFormation Template now allows specifying the existing target group ARN. If the ARN value is specified, the CFT will register the ECS Console Service with that Target Group instead of creating a new LB.
v7.06.000 CloudFormation Template
January 2024 - Console: V7.05.000, Agent: V7.05.000
In this release:
Classify pre-existing objects in S3 buckets
We've added the ability to scan pre-existing objects stored in S3 buckets against user-selected classification rule sets by selecting Scan Existing - DC
through the Actions menu on the Bucket Protection page.
Advanced Scan Setting: Files to process in parallel
This setting controls how many files are scanned at the same time by your scanning agent(s), when using Sophos or CrowdStrike. It is designed to be used in scenarios where small, compressed files are unexpectedly triggering Large File Scans.
We recommend that you do not modify this setting, and use the default value. It should only be changed in the scenario where you are scanning small, compressed files resulting in unnecessary Large File Scans being initiated.
Various Bug Fixes:
Improvements to Unhealthy Event Agent SNS Topic Proactive Monitor
Eliminated false-positives when detecting unhealthy Event Agent topics, and improved the message body when delivering notifications
Resolved issue with Smart Scan sometimes deleting the SNS subscription
Resolved an issue where S3 buckets in linked accounts were not showing the proper protection status in the console
v7.05.000 CloudFormation Template
December 2023 - Console: V7.04.004, Agent: V7.04.002
**VERY IMPORTANT** Critical to update your Console If you are running a previous version of v7.04 we recommed that you upgrade to this latest patch immediately.
In this release:
A patch to resolve an AWS Marketplace billing issue we identified that may affect a small number of customers running previous versions of v7.04.
v7.04.004 CloudFormation Template
December 2023 - Console: V7.04.002, Agent: V7.04.001
The Scan Existing function for our API scanning model was not metered correctly through AWS Marketplace and you may not have been previously charged for retro data scanning. We introduced a fix in this version to resolve this so you may see your scanning bill increase depending on if you are using the Scan Existing function through our API scanning model.
In this release:
Scheduled Scanning for FSx Volumes
We now support schedule-based virus scanning and data classification for FSx volumes.
Currently we only support the NetApp ONTAP file system, however we will add support for additional file systems in future releases. If you need a specific file system supported please Contact Us.
Universal Gigabyte Scanning
Soon you will be able to purchase data for any scan type (new data, pre-existing data) without having to worry about what type of data you are scanning.
Job Monitoring Insights
We now show additional details for each scan job you start including account, container, results, and job logs directly in your Management Console.
Various Bug Fixes:
Fixed EFS job networking
Resolved issue with schedules if Data Classification custom rule sets have been deleted
November 2023 - Console: V7.03.000, Agent: V7.03.001
In this release:
AV Two-Bucket System Configuration
The Two-Bucket System allows moving objects to a different bucket and/or prefix after being successfully scanned as Clean. All other result types -- Infected, Error, Unscannable -- remain in the protected source bucket
This system can be configured within Configuration > Scan Settings
When leveraging this capability, the promotion of the clean files is handled directly within the agent and eliminates the need for a Lambda Function to promote the files
EBS Scanning for Linked Accounts
We now support schedule-based virus scanning and data classification for the EBS volumes within your linked accounts
The volumes from your linked accounts will appear within your EBS Protection page as well as the Schedule creation interface
Please note that you must first update the Linked Account CFT for each of your linked accounts to take advantage of this capability
EFS Volume Inventory for Linked Accounts
We will not display the EFS volumes that reside within your linked accounts by default. If you would like to display volumes that reside in linked account, there is a toggle within the EFS Protection page to show/hide these volumes
The ability to scan these volumes will be included in a future update
Please note that you must first update the Linked Account CFT for each of your linked accounts to take advantage of this capability
Refresh List of EBS and EFS Volumes
Using the Actions dropdown within both the EBS and EFS Protection pages, you can now manually refresh the list of volumes
Unique Job IDs
Each Job will now display a unique ID within the Monitoring > Jobs page
This ID will also be present within the CloudWatch logs, allowing you to easily link logs to specific jobs that have run
Changes to default date range when loading date-based reports
When loading reports that display data based on date, the report will now default to showing the full previous day and full current day. Prior to this change it would default to the previous 24 hours from when the report was viewed
Reports updated: Problem Files, Jobs, Notifications
EventBridge Notifications
Added the possibility to send proactive notifications to EventBridge in Console Settings > AWS EventBridge Proactive Notifications
This will send the notifications to the selected event bus, where you can create rules to send the notification somewhere else. e.g. CloudWatch
Management API
Additional function to allowing assigning Linked Accounts to Groups on creation
Added Manage Groups endpoints
Various Bug Fixes:
Fixed EventBridge Scanning for linked accounts
Fixed Cognito issue breaking Manage Users and Manage Groups pages
Maximize the amount of buckets and capacity of protection
Improved clean up for stale jobs (retro, LFS, etc.)
v7.03.000 CloudFormation Template
October 2023 - Console: V7.02.002, Agent: NA
In this release:
Allow assigning Linked Accounts to Groups on creation
v7.02.002 CloudFormation Template
October 2023 - Console: V7.02.000, Agent: V7.02.000
In this release:
Problem Files/Findings Page Improvements
Unclassifiable results now show in the DC findings as a Classification Result Type
Retrying Static & Dynamic Analysis
You can now retry performing a Static or Dynamic Analysis
Sophos updates their Static and Dynamic analysis library periodically and retrying an analysis at a later time can yield a different or more informative result. If an analysis failed the first time around you can also retry it.
Rescanning for large files is now available
Multi-engine rescan
When rescanning files you can now select the engine to rescan with and perform the rescan with multiple engines.
API Agent Allowed Request Origins Configuration (CORS)
If you are embedding our scan API within a web app, you can now specify the web app domain(s).
Various Bug Fixes:
EBS Data Classification fixes and improvements
Monitoring page fixes
v7.02.000 CloudFormation Template
September 2023 - Console: V7.01.001, Agent: V7.01.001
In this release:
EBS and EFS Scheduled Scanning
We now support schedule-based virus scanning and data classification for EBS volumes and EFS volumes
EBS Virus Scanning and Classification supports Linux and Windows (FAT4, XFS, NTFS, exFAT. FileSystems)
You can now have a schedule that scans and classifies a mixture of S3 buckets, EBS and EFS volumes
Please note that you must first stage a region to run a scan on any EBS volume within that region, if you have not already deployed a scanner within that region.
This will be corrected in a patch, afterwhich you will be prompted to configure the region when activating your schedule.
Problem Files Rescan Functionality
You now have the ability to rescan any problem files that are found to be infected, unscannable, suspicious, or have an error.
If a file is found to be unscannable or produces an error upon being scanned, we will not charge you for the data that scan used. Once you rescan, if the file is scanned successfully and is found to be clean, infected, or suspicious the scan will count towards your scanning data.
Proactive Monitoring
This is the first version of our Proactive Monitoring functionality. This will be part of a larger release where we will implement modules to monitor certain parts of your deployment
Your Console and Agent will detect issues and create CloudWatch alarms to notify you of a broken deployment. This iteration monitors the following:
Event Agent SNS Topic or Access Policy doesn't exist
Re-create SNS topic and automatically fix Access Policy
Invalid ECS Task Running
Performs an analysis on resources to determine if the Task is running when it should not.
Unhealthy status means:
ScanQueue job status is not running
SQS Queue is missing
A notification email will be sent informing you of an unhealthy region
Console Health Check
If the Console is found to be unhealthy we will send a notification when the CloudWatch Alarm Status changes
Updated Protection Section in Management Console Navigation
Protection now links to pages for your S3 Buckets, EBS Volumes, EFS Volumes, and WorkDocs Connections
Various Bug Fixes:
API Agent Cross Region Scanning Fix
Scan Now improvement on scan schedules
WorkDocs icon in Problem Files table
CloudTrail Integration Fix
Large File Scanning improvements and fixes
v7.01.001 CloudFormation Template
August 2023 - Console: V7.00.004, Agent: NA
In this release:
Various Bug Fixes:
Extra large file scanning and EC2 error
v7.00.004 CloudFormation Template
August 2023 - Console: V7.00.003, Agent: NA
In this release:
Various Bug Fixes:
AWS Marketplace metering reporting
v7.00.003 CloudFormation Template
July 2023 - Console: v7.00.002, Agent: v7.00.000
In this release:
New Premium Scan Engine Added - CrowdStrike
Introducing the CrowdStrike File Analyzer Software Development Kit (SDK) scanning engine, which uses market-leading machine learning technology and CrowdStrike’s massive corpus of malware samples to scan for malicious code
Available for event-based, retro-based (both on-demand and schedule), and API-based scanning
Get more details by visiting the Scan Engines section of the Architecture Overview page
Read our blog post announcement
Secure Your Managed File Transfer: Cloud Storage Security + AWS Transfer Family
Ensure the data that is moved into Amazon S3 via AWS Transfer Family is free of ransomware, viruses, trojans and other payloads by scanning it inline with Antivirus for Amazon S3
Integrated AWS Partner Solution created for simple, single-click install of both solutions. Be up and running with both solutions in under 15 minutes
Check out the Integrations page for more details
Event Bridge Support in Console
In November of 2022 we released Event Bridge support through our management API. As of v7.00.000, you can now protect your buckets with Event Bridge or with S3 Event Notifications protection through the Console and if there is a conflict we will best match protection method to resolve the conflict
For example, if you select multiple buckets to protect with event-based. scanning and some of them contain conflicts we will protect the conflict buckets with Event Bridge (after you acknowledge this in the popup modal) and the rest will be protected with S3 Event Notifications. If you decline in the modal we will not protect those conflicted buckets.
If
Protect with Event Bridge
is enabled globally from Scan Settings then we will protect all selected buckets with Event Bridge without acknowledgment.Learn more on the Bucket Protection and Scan Settings pages on how Event Bridge helps to resolve event-based scanning on conflicted buckets
Protecting buckets with Event Bridge will incur additional AWS charges. If enabled globally, we will not go back to currently protected buckets and switch their current protection method.
API Scanning Agent
Updated Load Balancer SSL certificate from TLS 1.2 to 1.3
Additional engine choices for scanning now include CrowdStrike and ClamAV
Multi-engine API scanning will be coming in a future release.
Please note, that if the application you have integrated API scanning into only supports TLS 1.2 you will need to upgrade it to support TLS 1.3. Otherwise your application will not be able to successfully communicate with our API Scanning Agent.
Problem Files
Pagination Improvements
CSV export improvements
Various Bug Fixes
Better character handling for file paths
Resolved problem file allow once/permanently error when infected file handling is set to Keep
Scanning agent logging and updates improvements
SQS Queue messages handling
v7.00.002 CloudFormation Template
Last updated