June 2, 2022
New Feature Global Threat Intelligence (GTI)
New Feature Automatic Remediation
Automatic Remediation (Auto-Remediation) capability to enable real-time actions against potential threats. These actions are triggered by alerts that have an underlying event rules built with specific criteria. Auto-Remediation can be set up for an event with the following actions:
For more information, see Event Rules > Apply Auto-Remediation.
New Feature Custom Vulnerability Indicator
New Feature TISAX Compliance
New Feature AWS Vulnerability Dashboard
New Feature Organization Integration
Manage cloud services in bulk for GCP project integrations. For more information, see GCP.
Manage cloud services in bulk for Azure subscription integrations. For more information, see Azure.
Image Vulnerabilities dashboard to report vulnerabilities found during image build process. The dashboard also represents whether an image was allowed to progress through build pipeline based on the vulnerabilities found. For more information see Image Vulnerabilities.
Improved Kubernetes Overview to easily navigate through Uptycs monitored Kubernetes resources and find out vulnerabilities, threats, compliance or audit issues in these resources. To view this page, ensure you have the Kubequery agent version 3.10.2 installed. For more information, see Containers > Overview.
Added Group by Package option on the Containers Vulnerabilities page to display the packages that are most vulnerable and present in most images. For more information, see Image Vulnerabilities.
Container detections display the Kubernetes resources data in addition to the detection details. The cluster and namespace level filters allow fine-grain control over the dataset. For more information, Containers > Detections.
If an Auto-Exception is enabled for a file event, the Delete file auto-remediation action deletes the files in the first instance and does not delete the files generated in repetitive cycles.
If a process column is configured for redaction, the auto-remediation action does not apply for that column.
The cluster view threat detections include both closed and open detections.
Deleting VPC Flowlogs Monitoring service from AWS integration is currently not supported.