Links

Release Notes

We will cover a running list of new features and releases with the latest always placed at the top.

May 2023 - Console v6.05.004, Agent: NA

In this release:
  • Various Bug Fixes:
    • Fix for bucket protection failing after console reboot

April 2023 - Console: 6.05.003, Agent: 6.05.002

In this release:
  • Various Bug Fixes:
    • Linked Account improvements
    • AWS Marketplace metering

April 2023 - Console: 6.05.002, Agent: NA

In this release:
  • Various Bug Fixes:
    • Fix API Agent security group deployment issue - when upgrading an existing API Endpoint the agent security group was modified to have no inbound rules (introduced in 6.05.001) - this release fixes that
v6.05.002 CloudFormation Template

April 2023 - Console: 6.05.001, Agent: 6.05.001

For those that have a larger ProblemFiles table in DynamoDB you may notice that this update will take longer than regular. Please DO NOT restart the console or disrupt the update as that may cause damage to your deployment.
In this release:
  • Specify your own Security Groups at deployment
    • We have had a number of requests to leverage existing Security Groups rather than having the solution create its own
    • You can now specify Security Groups when deploying from the CloudFormation Template
  • New Console User Role: Read-only
    • You can now create console users that have read-only permissions throughout the console
    • These users will not be able to make any changes to any functioning aspect of the deployment
    • They will be able to download reporting information from: Results, Usage and Problem Files reporting
  • API Endpoint UI Enhancement
    • You can now easily specify separate sets of Subnets for the Load Balancer and the Scanning Agent independently
  • Event-based Scanning for Data Classification is now available
    • Long-awaited request delivered. On top of schedule based data classification, real-time event-based classification is publicly released
    • Simply click the shield to turn on event driven, rules-based classification of files
    • Pair AV and data classification scanning together off of the same event driven scanning
    • Create a 3 bucket system where you AV scan first, chain classification onto the clean files and after that only promote clean, non-sensitive files to production for consumption
  • Archive Handling Enhancements
    • No longer run into archive file issues where the archive uncompresses to larger than the available disk
    • True archive file size evaluated before scanning takes place - if true size is found to be too big it can trigger the Large File Scanning process or simply tag the file as unscannable-too large
    • This is applicable to zip, 7zip and gz files as this time - reach out to us if more file types need to be supported sooner
  • Improved scanning performance with the Sophos engine
    • On average 3x faster than previous throughput
  • Updated SSL certificate for console when using default DNS
The current SSL certificate for the console will expire in June 2023. We suggest upgrading your console to avoid any expired SSL certificate errors.
v6.05.001 CloudFormation Template

March 2023 - Console: 6.04.007, Agent: 6.04.008

In this release:
  • Improved directions for setting up WorkDocs connections
  • Handling inability to connect to AWS Marketplace when looking for license
  • Fixed IDP support for Cognito in GovCloud
  • Fixed issue where included monthly GB is not properly provisioned
  • Handle Sophos error code 0070 disk full
    • For zip and 7z files when 0070 is found the scanner will either mark the file a unscannable - too large or send the file off for Large File Scanning (if enabled)
  • Improved logging on scanning Agent shutdown
v6.04.007 CloudFormation Template

March 2023 - Console: NA, Agent: 6.04.006

In this release:
Critical to update your scanning agent - Started March 2, 2023
Please upgrade your scanning agent to avoid scanning down time. If you are on Scanning Agent v6.04.000 or newer, you must upgrade your agent to avoid scanning down time.
If you think you have had a lapse of scanning, you can easily go back and scan data from the missing time frame with an On-demand Scan. It is easy to configure for a specific time frame and only scan the files that haven't already been scanned.
  • Various Bug Fixes
    • Addressed an update bug where the Sophos scan engine would crash after the signature update halting scanning.

March 2023 - Console: 6.04.006, Agent: 6.04.005

In this release:
  • Various Bug Fixes
    • ResultKind (sub scan result) added to the API response
    • Fixed a scheduled scanning bug caused by an out of band process deleting a bucket and the schedule not being updated accordingly causing the scheduled scan to error
    • Storage Assessment - new deployments will not automatically create disabled inventory configs on every bucket
    • Storage Assessment - defaulted to off for new installs and upgrades (will remain on if already on)
    • Fixed a strange/rare billing bug
v6.04.006 CloudFormation Template

February 2023 - Console NA, Agent: 6.04.004

In this release:
Upgrade your scanning agent.
  • A patch for the ClamAV scanning engine to address the following vulnerability - CVE-2023-20032. You can learn more about the upgrade on ClamAV's blog.
If you are using ClamAV we recommend you perform an upgrade of the agent immediately.

February 2023 - Console v6.04.005, Agent: NA

In this release:
  • License Mode Switcher
    • You now have the ability to change from BYOL <--> PAYG mode
    • For those times you started with one billing model and wanted to switch to the other without re-deploying the solution and losing the history
You must subscribe to the corresponding AWS Marketplace listing so the entitlement check passes appropriately. If you were on BYOL and want to switch to PAYG, you must subscribe to the PAYG listing.
  • Various Bug Fixes
    • Multi-region bucket crawling in Schedules
    • Storage Assessment fix for Linked Accounts
v6.04.005 CloudFormation Template

January 2023 - Console v6.04.004, Agent: NA

In this release:
  • CloudTrail Lake Integration released
    • With the newly launched PutAuditEvents API for AWS CloudTrail Lake, CSS has created a simple integration for you to capture user activity and events from the CSS console. In just a few steps, you can consolidate CSS activity logs together with AWS activity logs in CloudTrail Lake without having to build or manage the event data pipeline.
    • Check out the Integrations page for more details
  • Various Bug Fixes
v6.04.004 CloudFormation Template

January 2023 - Console: v6.04.003, Agent: v6.04.003

In this release:
  • Patch build to correct found vulnerabilities
    • Management Console moved to CentOS Stream 9
  • Various Bug Fixes
v6.04.003
v6.04.003 CloudFormation Template

January 2023 - Console: v6.04.002, Agent: v6.04.002

In this release:
  • EC2 Tagging
    • The EC2 instances that run for Large File Scanning can now be tagged
    • Tags are manually defined (at this time) by running a Stack update and filling in the EC2 Tags field
  • Export Problem Files report
    • Problem Files reporting can now be exported from the Problem Files page within the Console
  • Various Bug Fixes
    • read-only root file system fixes
    • crawling improvements
    • API scaling thresholds - reduced thresholds from 1000 to 200
v6.04.002 CloudFormation Template

January 2023 - Agent: v6.04.001

In this release:
Upgrade your Scanning Agents
Agent-only release
Fixed Storage Assessment data gathering bug where it would crawl and perform S3 Get calls more often than it should causing an increase in logging and potentially higher AWS costs

December 2022 - Console: v6.04.001, Agent: v6.04.000

In this release:
Must Upgrade Linked Account Role Please upgrade to the latest Linked Account Role. If you are prior to version 1.11.000, then you will have to upgrade each linked account's role manually (sorry). Going forward you will be able to update through the console.
  • Storage Assessment
    • The new Storage Assessment feature is the start of additional functionality we are adding to give you better intelligence around your data
    • This new functionality helps you answer the questions: what do I have? where is it located? what are my data trends? what coverage for scanning and encryption do I have for my storage?
Additional Costs - This feature is automatically turned on when you upgrade to this release through the standard console upgrade process. You can disable this feature at upgrade by manually updating the stack and turning the drop down selection to False.
This feature will start by crawling all of your data to give you an initial overview to all of the files you have stored in Amazon S3. After that initial crawl, Storage Assessment will leverage S3 Inventory to continue to assess the data. Both the crawl and S3 Inventory have minimal charges associated with them.
Percent Scanned requires the checking of S3 Tags to determine if the scan-result tags exist on the objects. GetObjectTagging calls will be made against every inventoried S3 bucket
  • read-only root file system fix
    • Made it so the Fargate container root file systems are read-only
  • Various Bug Fixes
    • Improved unusual character handling in object key values - specifically those files that happen to have // in the key itself
v6.04.000 and v6.04.001 CloudFormation Template v6.04.001 CFT v6.04.000 CFT

November 2022 - Console: v6.03.000, Agent: v6.03.000

In this release:
  • EventBridge integration to solve event conflicts on buckets
    • There are 3 conflicts that can occur in respect to Amazon S3 bucket notifications: lambda, queue, and topics. Lambda and SQS created a scenario where the scanning engine and the existing workflow could not share events.
    • The EventBridge integration will allow existing Lambdas and Queues and AVforS3 to each receive the All Object Create event and perform the work needed.
    • A new attribute, 'useEventBridge`, has been added to the Bucket-->Protect API call to allow you to specify whether or not to use EventBridge with a given bucket.
    !!! note "Setting this up" The UI will allow you to simply protect a conflicted bucket as you do any other bucket, but in this release you must activate protection through the Management API. This is a very simple process by using the Swagger documentation we have attached to the AVforS3 Console (https://consoleURL/swagger)
Setting This Up
The UI will allow you to simply protect a conflicted bucket as you do any other bucket, but in this release you must activate protection through the Management API. This is a very simple process by using the Swagger documentation we have attached to the AVforS3 Console (https://consoleURL/swagger)
![bucket protection api](./img/releasenotes-protectbucket-api.png)
  • Object Key added to the Scan Result filterable attributes
    • With the Key added to the Message Attributes, you can now filter the message by path or entire file name for advanced filtering
    • This is a great set of AWS doc pages that show the power of how message filtering can work: Amazon SNS subscription filter policies
  • Various bug fixes and improvements
    • Job crawling improvements - crawling in parallel and scanning is kicked off immediately as opposed to when crawling completed
    • Fixe public IP override for task definitions
    • Improve S3 registration with SNS Topic
    • Jobs status cleanup
    • Dashboard custom date selection fix
    • Deregister all task definitions upon service termination
    • Cleanup Notifications
    • AppConfig resources now created and cleaned up by the CFT
    • Permissions updates

October 2022 - Console: v6.02.005, Agent: v6.02.005

In this release:
  • Various bug fixes and improvements
    • Multiple proxy deployment related adjustments and fixes

September 2022 - Console: v6.02.002, Agent: v6.02.003

In this release:
  • Scanning Agents check updates over proxy
    • Private Mirror was required when deployed in proxy mode
    • With this release the scanning agents can check for signature updates over the proxy
    !!! note Ensure you have the proxy open to allow for the ClamAV traffic
    `https://database.clamav.net`
  • Better handling for encrypted files
    • With this release we will identify more encrypted file types and mark them as unscannable - encrypted rather than letting them pass through
    • Sophos Engine Only - ClamAV will still pass most of these through as clean
    !!! note SafeGuard encrypted file (self-extracting) Microsoft Office 2007 Encrypted Package (password protected) Microsoft Excel 2007 onwards [encrypted] Microsoft PowerPoint 2007 onwards [encrypted] Microsoft Word 2007 onwards [encrypted] Open Packaging Convention file format (OPC) [encrypted] Open Document Format for Office Applications [encrypted] PK ZIP archive [encrypted] SafeGuard encrypted file ACE archive [encrypted] Kremlin encrypted file xBase Database File (DBF) [encrypted] PGP encrypted file (binary) OpenPGP/GPG encrypted file AxCrypt Encrypted File SecurityBox encrypted file PGP encrypted message (ASCII-Armored)
  • Various bug fixes and improvements
    • Addressed inconsistency with establishing the S3 Client for us-east-1

September 2022 - Console: v6.02.000, Agent: v6.02.000

In this release:
  • Bucket Configuration Remediation
    bucket settings remediation menu
  • Help enforce best practices throughout your Amazon S3 buckets:
    • Block Public Access - allows you to turn off the public access settings
    • Reconcile Encryption - allows you to determine whether the objects in your bucket are encrypted or not and remediate by specifying an encryption key if so desired. Otherwise it will simply output the list of files that are not encrypted
    • Enable Logging - turn on logging for select Amazon S3 buckets
  • Deployment Improvements
    • One of the most secure ways to deploy any solution is to air-gap it as much as you can. Restrict the access in and even the access out. We fully support this option with the use of VPC Endpoints, a Proxy Server (of your choice) to limit the outbound and the ability to Private Mirror the signature updates
    • This update fully makes this a reality with a documented approach on how to do it
  • Admin API Additions
    • Added more functionality to simplify solution management: deployment, tear down, protection, etc
    • Type /swagger to the end of your deployment base URL for all the details on the available APIs
  • Object Tagging for Errors
    • Added details to objects there were unscannable due to error
  • Various bug fixes and improvements

June 2022 - Console: v6.01.000, Agent: v6.01.000

In this release:
  • Amazon WorkDocs Scanning
    • We're happy to announce event-based scanning for Amazon WorkDocs
    • Following our simple-to-protect philosophy, you will easily be able to enable protection and quarantining of files stored and managed within Amazon WorkDocs
    • More details to come, look under Configuration-->WorkDocs Connections to configure within your Console
  • Various bug fixes and improvements
    • Fix race condition on v6 upgrade with entitlement
    • Fix uploadedBy required in the scan API
    • Fix API data tracking in dashboard and reports

June 2022 - Console: v6.00.001, Agent: v6.00.002

In this release:
  • SSL Certificate Update
    • Console and API Agent updates to support updated built-in SSL certificate

May 2022 - Console: v6.00.000, Agent: v6.00.001

In this release:
  • API bug fix introduced in v6.00.000
    • Agent-only release

May 2022 - Console: v6.00.000, Agent: v6.00.000

In this release:
  • Data Classification for Amazon S3
    • The initial release of our new sensitive data discovery functionality
    • Data Classification for Amazon S3 is a cloud-based in-tenant solution that leverages the power of Sophos to identify sensitive data at petabyte scale across all S3 buckets. Knowing what sensitive data exists and where it exists enables you to proactively manage data privacy and protection as well as compliance with frameworks such as SOC 2, PCI DSS, and HIPAA.
      • Identifies hundreds of sensitive data types across a variety of file types and 11 regional localizations; looks at bucket configurations
      • Pinpoint Personally Identifiable Information (PII), financial data, health care information, government ID numbers and more, as well as where it resides, at scale
    • DC for Amazon S3 can be run stand-alone or in tandem with AV for Amazon S3
    • Free Trial - give it a go for 30 days! Trial extensions available when needed.
  • Various bug fixes and improvements
v5.x Releases

March 2022 - Console: v5.11.000, Agent: v5.10.000

In this release:
  • Notification Bell and Page
    • Centralized visual to monitor all proactive notifications and AWS Security Hub findings
    • Allows to more easily track activity without having to subscribe to notifications
    • Allows you to determine which notifications you should be subscribing to
  • Enhanced AWS Security Hub Integration
    • Added the ability to ingest findings from AWS Security Hub
    • Findings can be leveraged for actions taken as part of Proactive Notifications responses
  • True File Type
    • Each Scan Result now includes what the scanning engine has determined as the actual file type being scanned
    • Allows you to take action based on the "real" file type no matter the naming
    • This is a filterable value in the Proactive Notifications
  • Improved Special Character Handling
    • AWS APIs handle special characters in Buckets / Paths / File Names inconsistently
    • Changed the way we are handling files so all Keys can be handled in the same way and fewer to no errors are encountered when processing files
  • New Proactive Notification Type - job
    • Tracking by job is now available via Proactive Notifications
!!! warning "Notification Type Removal" We have removed bucketCrawling and extraLargeFile filterable messages and now labeled those as the job notification type.
  • Various bug fixes and improvements
    • Unscannable results from API Scanning now have a message indicating why
    • Scan Results page charts were incorrectly reflecting the results

March 2022 - Console: v5.11.000, Agent: v5.10.000

In this release:
  • Notification Bell and Page
    • Centralized visual to monitor all proactive notifications and AWS Security Hub findings
    • Allows to more easily track activity without having to subscribe to notifications
    • Allows you to determine which notifications you should be subscribing to
  • Enhanced AWS Security Hub Integration
    • Added the ability to ingest findings from AWS Security Hub
    • Findings can be leveraged for actions taken as part of Proactive Notifications responses
  • True File Type
    • Each Scan Result now includes what the scanning engine has determined as the actual file type being scanned
    • Allows you to take action based on the "real" file type no matter the naming
    • This is a filterable value in the Proactive Notifications
  • Improved Special Character Handling
    • AWS APIs handle special characters in Buckets / Paths / File Names inconsistently
    • Changed the way we are handling files so all Keys can be handled in the same way and fewer to no errors are encountered when processing files
  • New Proactive Notification Type - job
    • Tracking by job is now available via Proactive Notifications
!!! warning "Notification Type Removal" We have removed bucketCrawling and extraLargeFile filterable messages and now labeled those as the job notification type.
  • Various bug fixes and improvements
    • Unscannable results from API Scanning now have a message indicating why
    • Scan Results page charts were incorrectly reflecting the results

February 2022 - Console: v5.10.003, Agent: v5.09.001

In this release:
  • Various bug fixes and improvements
    • API Endpoint - replaced port 80 with port 443 for the Target Groups health check (scanning traffic is always secure)
      • Newly installed API endpoints only
      • For existing endpoints, you'll have to remove and reinstall (unfortunately)
    • Sophos engine update

January 2022 - Console: v5.10.002, Agent: v5.09.000

In this release:
  • Deployment Improvements
    • You can now add/remove the Load Balancer at any time. Previously you had to completely reinstall the product to add a load balancer.
    • Upgrade to this version, then simply run a stack update (from the AWS CloudFormation page) and enter or remove the load balancer information
  • Single Sign On Support
    • We are taking advantage of Amazon Cognito's inherent support for SAML Identity Providers you can now add support to leverage SSO providers like Okta to sign in to the console
    • Get more details by visiting the ==SSO FAQ==
  • Various bug fixes and improvements
    • Replaced port 80 with port 443 for the Target Groups
    • Upped the Static and Dynamic Analysis file size limit to 100MB
    • Chrome browser javascript fix (introduced in January 4 Chrome update)

December 2021 - Console: v5.10.001, Agent: v5.09.000

In this release:
  • Extra Large File Scanning
  • Performance improvements
  • Various bug fixes and improvements

November 2021 - Console: v5.09.000, Agent: v5.08.000

In this release:
  • Automatic Bucket Protection
    • This feature leverages tags on buckets to identify and automatically provision event-based scanning on bucket(s). Any time a bucket is discovered with the specified tag it will be protected. The system checks for bucket information every 30 minutes. In this check we will look at the bucket configuration and tags and respond accordingly
    • To support this feature we've added the ability to "stage" regions with run configuration information. Check out ==Event Agent Settings== page for these details
    • Get more details by visiting the ==Console Settings help== page
  • Proactive Notifications Subscription UI
    • Antivirus for Amazon S3 provides real-time notifications for many aspects of the system including: scan results, bucket characteristics (like public/private), system characteristics and more. Up to this point you were required to subscribe to an SNS Topic inside of the AWS Console
    • This feature provides a page where you can setup and manage the subscriptions to the notifications
    • Get more details by visiting the ==Proactive Notifications help== page
  • API Endpoint Enhancements
    • 1 new APIs: scan by URL
      • With scan by URL you specify the full HTTP url to a file for scanning
      • There are many uses for this, but one in particular we think will be useful is for Amazon S3 pre-signed URLs. These are a good way to hand off objects, but also to implement what we call Scan on Read. Scan on Read writeup coming soon
      • Get more details by visiting the ==API Overview== page
  • Audit Logging
    • Anything and everything that is done through the Management Console is now logged to a new CloudWatch Log Group for auditing messages - CloudWatch --> Log Groups --> CloudStorageSecurity.Console.AuditLogging
  • Self-Service Prepaid Discount Marketplace Listing
    • New AWS Marketplace purchasing option where you can buy in bulk in a discounted, pre-paid fashion
    • This is a self-service purchase option that offers discounted pricing without having to talk to anyone
    • Note: If you are planning to purchase more than 6TB of new data and / or more than 100TB of existing data, reach out to us to discuss a Private Offer with custom pricing
    • Check out the ==Pre-paid Discount Listing== on the AWS Marketplace
  • Various bug fixes and improvements

October 2021 - Console: v5.08.000, Agent: v5.07.001

In this release:
  • Cloud Detonation Sandbox
    • Sometimes you require additional analysis of problematic files you encounter. You can now send those files to the cloud sandbox for detonation. You can perform a simpler Static Analysis or a Dynamic Analysis where the file is executed on a system and the outcome shared.
    • This leverages the Sophos Cloud Sandbox for detonation. Cloud Storage Security has a dedicated slice of this sandbox specifically for scanning their customer's files.
    • Get more details by visiting the ==Problem Files help== page
  • Activity by Bucket Reporting
    • The Scan Results reporting page has been enhanced to show bucket activity by day, week, month and custom time frames.
    • Get more details by visiting the ==Scan Results help== page
  • Linked Account Management Simplification
    • See the version and status of the linked account roles connected to your deployment
    • Upgrade one / multiple / all linked accounts from the console
    • No longer do you need to go to each linked account to run the stack update for the role
    • Get more details by visiting the ==Manage Accounts help== page
  • Various bug fixes and improvements

September 2021 - Console: v5.07.000, Agent: v5.06.002

In this release:
  • API Endpoint Enhancements
    • 2 new APIs: scan and then upload and scan an existing S3 object (both customer requests)
      • With scan and upload you specify a new uploadTo attribute in the header that specifies a "<container> / <object-path>" like "mybucket/full-path-to-file.txt" Note: this is an add on to the existing scan api
      • The scan existing S3 object is a new API, not just a modification to the existing scan option. You will call api/Scan/Existing and specify the location information ("container" and "objectPath") in the header
      • Get more details by visiting the ==API Overview== page
    • Setup Simplification
      • You can now leverage the Cloud Storage Security SSL cert and application domain for your API Endpoint access
      • Prior to this release you were required to provide your own certificate and DNS registration. Now, like the Management Console itself, you can register your API Endpoint(s) with the cloudstoragesecapp.com domain.
      • This makes testing and configuring the API Endpoint much simpler and a whole lot quicker to get setup
      • Get more details by visiting the ==API Agent Settings== page
    • API calls log to CloudWatch and Problem Files
      • All scan API calls now log CloudWatch and Problem Files if they are in fact problem files
    • API-Only Users
      • Prior to this release, users authorized to make API calls could also log into the Management Console. You can now create a user that only has the rights to make API calls, but won't be able to login to the console
  • Multi-factor Authentication
    • Users can now setup multi-factor authentication to assist in more secure access
    • Get more details by visiting the ==User Management== page
  • CFT Updates
    • Added the ability to use the HostedZoneID in addition to the HostedZoneName for use with Route53
  • Various bug fixes and improvements

August 2021 - v5.06.002

In this release:
  • Patch fix to make the proper regional endpoint calls
  • Upgrade Notes
    • If upgrading from 5.05.x and prior, you should have no issues upgrading to 5.06.002
    • If coming from 5.06.001, you will have to take an additional action this one time
    !!! warning "Upgrading from 5.06.001" Release 5.06.001 introduced two new parameters into the CloudFormation Template. These new parameters were entered with blank default behaviors and due to CFT functionality those needed default values. We've added the default values now, but in order for the upgrade to work properly you will need to reboot your Management Console. Once you've rebooted the console the upgrade will go smoothly. This process should not take any longer than 5 minutes.
    ??? tip "Reboot and then Upgrade"
    Rebooting the console is a simple process. We will walk you through it below.
    1. Login to the <a href="https://console.aws.amazon.com" target="_blank">AWS Console</a>
    *Note: ensure you are in the region you installed the Antivirus for Amazon S3 Management Console*
    2. Navigate to the Elastic Container Service
    ![ECS service search](./img/aws-ecs-service-search.png)
    Which will lead you to:
    ![ECS service](./img/aws-ecs-service.png)
    3. Click into the Cluster that matches your deployment to see the details and services
    ![ECS cluster details](./img/aws-ecs-cluster-details.png)
    4. Tick the box for the Console service and click the `Update` button
    ![ECS cluster details](./img/aws-ecs-cluster-service-update1.png)
    5. Tick the box for `Force New Deployment` and click the `Skip to Review` button
    ![ECS cluster details](./img/aws-ecs-cluster-service-update2.png)
    6. Click the `Update Service` button
    ![ECS cluster details](./img/aws-ecs-cluster-service-update3.png)
    That is it. Once the new console instance has come online you will be able to proceed with the [standard upgrade process](./console-overview/product-upgrades.md)

August 2021 - v5.06.001

In this release:
  • Multi-Engine Scanning options
    • You can now select to scan your files with all the engines we support - currently Sophos and ClamAV
    • Two options for activating multi-engine scanning:
      • All Files - every file that is scanned will be scanned by all engines
      • By File Size - Smaller files (<2gb) will be scanned by ClamAV and larger files (>2gb) will be scanned by Sophos can handle much larger file sizes (<195gb)
    • Get more details by visiting the ==Scan Settings== page
  • Dashboard and Reporting Updates
    • ==Dashboard== now reflects all 3 scan models (Event, Retro and API) for the GB Scanned and Object Scanned Charts
    • ==Usage Report== now has the option to export data to CSV file
    • ==Scan Results== received two enhancements - data can be exported to CSV and individual findings (infected, error, unscannable) are clickable and will redirect you to the specific results on the Problem Files page
    • ==Bucket Settings== - new page to review the critical configuration aspects of your S3 Buckets
  • Enhanced Scan Result details
    • Each and every Scan Result now includes the Engine Name, Engine Version, Virus DB Version and the Scan Type
    • This is included in multi-engine scan results ??? note "Sample Multi-Engine Scan Result"
      {
      "guid": "f3780373-ca3c-4324-bdd0-774d8b04f92e",
      "dateScanned": "2021-08-24T12:25:30.4494053Z",
      "bucketName": "preview-destination-bucket",
      "key": "virus/YNtbRiwU4Iyv5vOY_virus_157_eicar_com.zip",
      "versionId": null,
      "result": 1,
      "scanResults": [
      {
      "result": "Infected",
      "virusName": [
      "Win.Test.EICAR_HDB-1"
      ],
      "message": [],
      "dateScanned": "2021-08-24T12:25:30.4494053Z",
      "engine": "ClamAV",
      "engineVersion": "0.103.3",
      "virusDbVersion": "26231",
      "scanType": "GoFwd"
      },
      {
      "result": "Infected",
      "virusName": [
      "EICAR-AV-Test"
      ],
      "message": [
      "eicar.com"
      ],
      "dateScanned": "2021-08-24T12:25:30.4564762Z",
      "engine": "Sophos",
      "engineVersion": "3.82.1",
      "virusDbVersion": "5.86",
      "scanType": "GoFwd"
      }
      ],
      "actionTaken": "Move",
      "virusUploadedBy": "AWS:AROA3K5IVNMVJTERL6GIW:preview-bucket-transfer",
      "fileExists": true,
      "movedTo": "cloudstoragesecquarantine-pk913wa-779353418538-us-east-1",
      "region": "us-east-1",
      "accountId": "779353418538",
      "allowOnceExemptionAdded": false,
      "permanentlyAllowed": false
      }
  • Various bug fixes and improvements

August 2021 - v5.05.002

In this release:
  • API Endpoint Agent Changes
    • We now allow you to use IAM based certificates with the API endpoint
    • Enabled CORS in the API Agent - currently allowing all sources
  • CFT Changes
    • We now allow you to specify custom, pre-existing roles to leverage
  • Quarantine Bucket Changes
    • Added new configuration option that allows you to quarantine files centrally to the deployment account or keep current settings of quarantining files within linked accounts
    • Add Life Cycle Policy days attribute to quarantine buckets - after set number of days quarantined objects will be deleted
  • DynamoDB Changes
    • Allow you to turn on / off Point In Time Recovery on our tables
  • Various bug fixes and improvements

July 2021 - v5.04.002

In this release:
  • Various bug fixes and improvements
    • Console Settings
    • API Agent Settings
    • Job Status filtering
    • Schedule overlap message
    • Linked Account bucket, assumed role, SNS topic and permissions fix
    • Multi infected message for a single file fix
    !!! important You must upgrade the Linked Account Role (cross account role) for any linked accounts. You can launch the stack up from the Manage Accounts.

July 2021 - v5.04.001

In this release:
  • Security Hardening
    • Improved allowed TLS versions and cipher suites
    • Added content security policy
    • Added additional security headers
  • Various bug fixes and improvements

July 2021 - v5.04.000

In this release:
  • API Driven Object Scanning
    • To go along with event-based scanning, scheduled scanning and on-demand scanning, we are happy to introduce API-driven scanning. As it sounds, we are providing a REST API where you are able to hand us a file or object for scanning directly.
    • For those environments where you have applications and workflows where you need to insert file scanning before deciding what next to do with the file, you can leverage this to slip it right into your solution. This is often desired if you want to scan the files before they are written to "disk" (Amazon S3 or anywhere else).
    • This can have a public or private access URL allowing you to integrate this in to any application running on-prem, in AWS or any other cloud. The implications are such that you are not required to have the object residing in Amazon S3 in order to scan it. You can get the verdict back before placing the file into Amazon S3
    • Get more details by visiting the ==API Driven Scanning== page
    • See how to configure API Agent Scanning on the ==API Agent Settings== page
  • Scan Results Report
    • This simple report gives you the Scan Results breakdown for all files processed by day (last 30 days), by week (last 12 weeks), by month (last 12 months) and for custom time ranges
    • You can drill down into any time window to see the activity by Account
    • Get more details by visiting the ==Scan Results Report== page
  • Various bug fixes and improvements

June 2021 - v5.03.000

In this release:
  • Detailed usage rollup reporting
    • Today you can piece together activity from the Dashboard and the Logs, but haven't had a clean rollup for usage and issues by Groups and Accounts. This is the first step towards interesting reports. More to come
    • This new Monitoring page will give you a high-level view for the last 12 months by Group and Account in the charts. It will also provide a more detailed view by current month, last month, 3 months, 6 months and 12 months within the Group panels
    • Get more details by visiting the ==Usage Rollup== page
  • Increased File Size Handling (200GB)
    • This latest release now takes advantage of AWS Fargate's new disk size options (new max size is 200GB). The larger native disk size allows for larger file handling without having to bring in additional AWS services (like EFS)
    • As AWS Fargate allows for even larger disk sizes, scanned file size will also increase
    • If you know you will be scanning larger file sizes, you can simple change the Scanning Agent disk size on the ==Agent Settings== page
  • Re-architecture of On-Demand and Scheduled Scanning
    • Each schedule execution or on-demand scan is treated as its own stand-alone job
    • Each job will get its own resources (queue, scanning agents, etc) for the duration of the job
      • This allows for great scale and simultaneous jobs won't step on or delay each other
    • For existing customers:
      !!! important This will remove the Retro Service that has been in place to manage both of these types of scanning. Run Task functionality is now replacing the Retro Service.
      This will not impact existing schedules.
  • Job monitoring for On-Demand and Scheduled Scanning
    • Added the ability to track historically and in real-time the jobs (on-demand and scheduled scans) executed by the system. No longer do you have to question if you ran an on-demand scan or if a scheduled scan executed or not
    • You will have the ability to monitor and manage the jobs
    • Get more details by visiting the ==Jobs== page
  • Various bug fixes and improvements
!!! warning If you have been using the system for many months and have processed a lot of data, especially leveraging Smart Scan, then the post-upgrade process could take a "long" time. It is dependent on the amount of data you have in the DynamoDB tables. One customer has seen this process take upwards of 4 hours.
If you are not upgrading to this version, but install from this version or later you will not face this upgrade time.

April 2021 - v5.01.002

In this release:
  • Local Task Image Support
    • We now support the ability to host the container images locally
    • You can download the images from our repo and place them locally in your own repo
    • Simply specify and account number where the repo will be located and make sure to use matching names
    • Get more details by visiting the ==Advanced Deployment Considerations== section
  • Various bug fixes and improvements
    • Fixed a billing issue introduced in the v5 release
    • Fixed a out-of-memory issue in the Dashboard Widgets when you have a lot of Agent data
    • Fixed a bug in the Scheduled Scan modal
    • Improved agent data lookups
    • Many small bugs have been fixed, as well as tweaks to the UI behavior and appearance.

April 2021 - v5.01.000

In this release:
  • Various bug fixes and improvements
    • Deployment Overview page updated to better reflect real-time scan protection vs schedule protection in your overall regional bucket protection score
    • Improved Object Tag handling
      • Fixed discarding existing tags on object when we place our tags
      • New object scanning will evaluate whether the object has been scanned before and skip it if it has the "scan-result" tag on it
        • This is useful if copying objects that have been previously scanned into the same or another protected bucket
        • Note: if a replacement object has been uploaded "over the top" of the existing object, we will scan it (it will come in without tags and erase existing tags)
    • Many small bugs have been fixed, as well as tweaks to the UI behavior and appearance.

March 2021 - v5.00.000

In this release:
  • Premium Scan Engine Added - Sophos
    • Sophos is a well known household name in security providing excellent detection and great performance
    • Sophos provides the ability to scan much larger file sizes
      • 15gb to start, but much larger in the very near future
    • Sophos offers much better ==performance==
    • Get more details by visiting the ==Scan Engines== page
  • Improvements to Local Signature Updates
  • More Deployment Options Added
    • Auto Assign Public IP - Console and Agents