This release includes the following features and enhancements:

New Feature Microsoft Azure - Beta

Support for Microsoft Azure integration and security audit capabilities by introducing the following features:

• Azure integration with Uptycs using Terraform.
• Azure service inventory, configuration, and log ingestion for currently supported key services:
  
  • Virtual Machines, Apps, Containers, Active Directories, Storage Accounts, Key Vaults, MySQL Server, PostgreSQL Server, SQL Server, and Cosmos Databases
• Azure insights dashboards for Virtual Machines and Storage Accounts.
• Event and Alert rules to perform best practice and vulnerability checks for the supported Azure services.
• Azure CIS Compliance Benchmark v1.3.0 support.

Enhancements

• New insight dashboards for GCP services - Big Query and Cloud SQL.
  
• Support for additional GCP services - Memory Store, Secret Manager, Pub/Sub, and Cloud Load Balancing.
  

Enhancements

• The User Analysis dashboard includes OS and hosts IP details in the Assets section.
  
• Keyboard shortcut to run an SQL query from the Investigate page.
  

Enhancements

• New operator for event rule builder filters and exceptions - Ancestor list path compare.
  
• Automated exceptions for the alert rules from a common ancestor list path when the limit of 20 alerts exceeds.
  
• Support to enable and disable rule exceptions.
  
• Added the Alerts tab in the Detections section to manage alerts.
  
• Support for the upt_hash field in the internal metadata of each event and alert table to identify the origin of events and alerts.

• Auto upgrade from the Assets management page is currently not supported for the following osquery agents deployed using yaml files:
  
  • Farquery on AWS Fargate
  • DaemonSet on GCP / AKS / EKS / generic Kubernetes