Release notes-Release 97057

Release notes-Release 97057

January 16, 2022

Endpoint

New Feature Log4j Exploit Tracker

Added the Log4j Exploit Tracker dashboard to:

  • Monitor hosts, dockerd, and containerd Log4j exploits
  • Download the list of vulnerable JARs, hosts, and images
  • View all Log4j instances running, irrespective of whether vulnerable or not

For more information, see Log4j Exploit Tracker.

Enhancements

  • New compliance checks for RHEL7 and RHEL8. For more information, see Compliance Rules.

Container

Enhancements

A new tab Search Scans on the Containers > Kubernetes: Runtime Scan page to search for a CVE in all runtime scans based on package name or CVE. For more information, see Containers > Kubernetes: Runtime Scan.

Platform

Enhancements

The user interface for Detections page is revamped for improved usability. The following is the list of salient features:

  • Sorts signals by severity
  • Group signals by alert or event rule
  • Signal search to filter through all the metadata
  • Detection graph is more performant
  • Assign or close detections using the Actions button
  • Addition of MITRE Tactics and Techniques count to the summary to help with triaging

For more information see, Detections.

API

Added/enhanced the following APIs. For more information, see the API Documentation.


API
Description
/assets/{assetId}/remediationActions
Displays a history of remediation actions performed.