Latest (v8)

February 2024 - Console: v8.05.000, Agent: v8.05.000

In this release:

Various Improvements and Bug Fixes

• Retro scans with ScanResult Proactive Notifications now include the VersionId field

• GCP Fixes

• Azure Fixes

• UI Fixes

January 2024 - Console: v8.04.000, Agent: v8.04.000

In this release:

CrowdStrike Engine Removal

• We have removed CrowdStrike as a scanning due to low usage

GCP Object Scheduled Scanning

• Users can now link and perform scheduled and on-demand scans on GCP buckets!

• GCP Scanning supports all scanning engines currently offered

• The Console generates a Terraform file to deploy scanning architecture into GCP

• Learn more about linking your GCP Account(s) here

Daily Email Updates

• Users can set up daily email reports of data scanned

• See findings and problematic at a glance

• Configure in Configuration > Proactive Notifications

SSO User Roles and Groups Assignment

• Users provisioned via SSO can be assigned to a default role and group prior to creation to remove the need of manual configuration

CloudFormation EBS, EFS, FSx Opt-Out

• Added the ability to opt-out of accessing and ingesting EBS, EFS, and FSx volumes

• Configure in the updated CloudFormation Template

Error Log Dashboard Improvement

• Added new Error Logs page to assist with troubleshooting

URL Redirect Prevention

• Added mechanisms preventing Console URL manipulation to guard against user redirect attacks

Various Improvements and Bug Fixes

• For GovCloud deployments launched in AV mode, DC can now be enabled in the License Management page.

• New console deployments will launch with Sophos and CSS Premium as default scanning engines

• Sophos AV Engine updated to 3.92.0

• Fixed a bug where folders were being moved in a 2 bucket system

• Proactive Notification Fixes

• Permissions Fixes

• ClamAV Engine Fixes

• Azure Fixes

• UI Fixes

December 2024 - Console: v8.03.000, Agent: v8.03.000

In this release:

General Availability for Azure Blob Scanning

• You can now scan new and pre-existing files stored in Azure Blobs

• All scanning engines are available to use for Azure blob scanning

• Learn more about linking your Azure account(s) here

New CSS Premium Scanning Engine Available

• We've added a new premium antivirus scanning engine to our solution allowing you to scan files up to 5TB in size

• Use it as your primary scanning engine or as a secondary scanning engine to increase the efficacy of your scan

• This new scanning engine is available for scanning both AWS and Azure storage volumes

Linked Account Role Updates to v1.14.001

• Make sure to update your Linked Account roles to the latest version

Various Improvements and Bug Fixes

• FSx fix

• Sophos definition improvements

• Scan Settings page fix

• API Scanning fix

• EventBridge scanning fix

• AWS MarketplaceMetering improvements

November 2024 - Console: v8.02.001, Agent: v8.02.001

In this release:

Verbose Logs

• Capturing S3 Request IDs can now be activated for troubleshooting purposes

• In the Console's task definition, modifying the LOG_LEVEL environment variable to 'Debug' will now allow the Console to deposit S3 Request IDs into the Console.Buckets log group

Various Improvements and Bug Fixes

• Logging Fixes

• Console UI Fixes and Improvements

• Large File Scanning Fixes

October 2024 - Console: v8.02.000, Agent: v8.02.000

In this release:

Azure Event-based Scanning and Updates (early access)

• Updated Threat Map includes Azure data

• Event protection now enabled in the Console for Blob storage

• Azure event-based containers now have autoscaling capabilities depending on queue size

• Azure event agent settings are now partitioned by accounts

• Agent configuration is now stored in the same storage account to reduce infrastructure costs

Added customization for SNS topic policy

• Terraform module now includes the ability to append statements to the SNS Topic Policy

IAM Improvements

• We've tightened the permissions in the CloudStorageSecRemotePolicy, removing excessive wildcard permissions with more granularity

Various Improvements and Bug Fixes

• ClamAV Private Mirror functionality fixed

• Fixed a bug where lack of ability to reach CloudTrail Lake endpoint was preventing console login

• API agents can now be properly stood up in il-central-1

• Azure fixes and improvements

• UI fixes and improvements

• Event-based scanning fixes

• Retro/on-demand scanning fixes

• Large file scanning fixes

October 2024 - Console: v8.01.001, Agent: v8.01.001

• Security Hub Findings fixes

September 2024 - Console: v8.01.000, Agent: v8.01.000

In this release:

Malware History Report

• For users that want to get a visual understanding of how malware has been found over time, we’ve added a new page in our Console UI to track historic malware findings

• We leverage Amazon Bedrock to interpret the malware finding to provide a human-readable summary and description of the malware found

• As a result, Amazon Bedrock must be enabled for this feature

• You can expand a specific identity and view more information around how often it was found

• At this time, this report pulls data from the last 30 days of enabling it and will show information from that point onwards

Data Classification Quarantine

• You can now quarantine files found to have PII

Reporting Bucket Secure Transport

• We’ve removed HTTP Access to our Console Reporting bucket, which now only accepts HTTPS requests

Azure Improvements

• In v8 we introduced Azure Blob Scheduled Scanning. We have a few improvements and fixes for Azure:

  • Scanning Improvements

  • Linked Account Fix

  • Virus Definition Update Fix

Various Improvements and Bug Fixes

• Console UI Fixes

• Console UI Improvements

• Console API Improvements

• Proactive Notifications Fix

• Proactive Monitor now clean SQS queues left

August 2024 - Console: v8.00.000, Agent: v8.00.000

In this release:

Azure Blob Scheduled Scanning (early access)

• You can now link Azure accounts into your AV console and ingest any Azure blobs you have, allowing you to perform a scheduled retro scan on any pre-existing files stored within your Azure Blobs.

• While we currently only support Retro scanning for Azure Blob we will expand to support event-based scanning in an upcoming release in the near future.

• Want to get early access to Azure Blob scanning? Contact us and we can assist!

Minimized Permissions

• We've updated our CloudFormation template to use customer managed IAM policies vs inline IAM policies. We've done this to ensure we're using the minimum permissions required to deploy our solution.

• If you have IAM policies or Service Control Policies that prevent creating customer managed policies, you'll need an exception for this upgrade. You can refer to Managed policies and inline policies for more information.

Threat Map UI Updates

• Infection and Classification titles on the right panel were changed to "Malware" and "Sensitive Data".

• Legend at the bottom left shows "No Malware or Sensitive Data", " "Malware Found", "Suspicious Files or Sensitive Data Found".

• Legend icons view can be toggled by clicking on it.

• Regional information drill-down option navigates to Problem Files/Findings page w/ filters applied when clicked on

Bucket Size and Object Count Metrics Fixed

• We've improved how we calculate bucket size and object count for each S3 bucket that we ingest on the Bucket Protection page.

Various Improvements and Bug Fixes

• EFS Volume Scanning Fixes

• EBS Volume Fixes

• API Scanning Fixes

• TerraForm Module Fixes