Composite alerts - The composite analysis uses multiple detections to define more specific alert conditions. This technique allows Lacework to accurately raise a composite alert when we suspect an intrusion occurs. With composite alerts, Lacework further alleviates alert fatigue by automatically correlating disparate events across multiple detection sources into higher-level objects.
New AWS Agentless Workload Scanning integration option for AWS Organizations (using Terraform) - Use the Automatic Snapshot Role Integration (Terraform) for AWS Organizations to automatically pick up and integrate new AWS Accounts that are added to your AWS Organization.
Linux Agent can now detect active and inactive packages on hosts - Use the Package Status filter in Host Vulnerability to see active or inactive vulnerable packages on hosts. See Host Vulnerability - Package Status for details.
Additionally, the Package Status filter can be used when downloading a Custom CSV.