- GCP CIS 1.2 benchmark report updates - The HIPAA, SOC2, PCI, and ISO27001 report types have been updated to include many of the new GCP CIS 1.2 benchmark rules.
- Advanced Filters in search inputs - The Vulnerabilities > Hosts or Vulnerabilities > Containers page provides advanced search in the top left. You can group by CVE to change the filters that are available. You can select a filter to add it to the filter ribbon. Select Any Field to use free form search.
Due to performance challenges downloading large images at scale, we have temporarily disabled scanning Go binaries in the proxy scanner and platform scanner. Local inline scanners will continue to evaluate Go binaries as normal.
All Lacework scanning modes will still support go source code evaluations, this temporary removal only impacts Go binaries. Further changes will be implemented in a following release to re-introduce Go binary scans.
- Proxy scanner general availability - The proxy scanner is now in GA as of this release.
- Support for Nexus container registries
- Adjust idle timeout - You can adjust the Lacework Platform idle timeout duration from 30 minutes to 24 hours. For details, see the Platform Timeout section in General Settings.
Container Vulnerability Updates
The Lacework Console introduces a redesigned Container Vulnerabilities page, which includes the following updates:
- Page layout - The page now has a search field at the top followed by drop-down menus that let you choose how to group vulnerabilities and the time period. Below these are a row of clickable filters. The statistics and chart are immediately below the filters. The new design adds icons for view actions, which are available in the top right corner.
- Search - The search field at the top of the page allows you to search the page for specific text within any of the container or vulnerability list details.
- Grouping options - When viewing vulnerabilities, you now have a number of grouping options. You can group by image ID, image registry, or image repository. You can also group by CVE, package name, or package namespace.
- Filters - Along the top of the page are filters that you can use to display a subset of vulnerabilities. You can also use the filter icon and select from the list of all filters. Statistics are not updated for search results.
- Vulnerabilities list - The page lists all vulnerabilities by default (up to 100 at a time). You can sort the vulnerabilities list using options that depend on how the vulnerabilities are grouped. When grouped by image ID, vulnerabilities can be sorted by image creation date, image repository, number of containers, or critical CVE - high to low. When grouped by CVE, vulnerabilities can be sorted by severity, score, vulnerability ID, or affected hosts. You can refresh the list and also download it as CSV.
- Host and risk assessments - When grouped by image ID, clicking an image name displays its detailed assessment results where you can view each vulnerability's severity and score. When grouped by CVE, clicking a vulnerability ID displays its risk assessment and each affected image ID.
- Saving and copying links to views - When the page displays your desired filtered vulnerabilities, you can save the current view by clicking the Save view icon. This allows you to access the saved view later through the Open views icon. You can also copy the link to the current view by clicking the Copy link icon. You can then send that link to others so they can see the same view. Note that searches and sorting cannot be saved in views or copied as links.