MyGit

v3.5.0

aquasecurity/cloudsploit

版本发布时间: 2024-06-06 01:26:10

aquasecurity/cloudsploit最新发布版本:v3.9.0(2024-09-24 17:03:17)

CloudSploit version 3.5.0 introduces the most latest version on 2024-05-28. The update includes new plugins for Azure, AWS with the hotfixes and enhancements in the existing plugins. The details are as follows.


New Plugins

AWS

Bedrock

Neptune

DocumentDB

SQS

WAFV2

Azure

Batch Account

App Configuration

Container App

Cosmos DB

DataBricks

Event Hub

Front Door

Machine Learning

Log Alerts

PostgreSQL Server

Hot fixes and enhancements

Aws

KMS Key Rotation Key rotation feature is only available on key type SYMMETRIC_DEFAULT , updated the plugin to produce passing results for the key type that does not have key rotation feature available.

  1. ELBv2 TLS Version and Cipher Header Enabled Updated the plugin logic to check that TLS version and Cipher should be disabled in headers. Enabling these headers may leak sensitive information, so updating the plugin to check the TLS version and Cipher header should not be enabled. Updated the title, description and output message . The plugin title is renamed to ELBv2 TLS Version and Cipher Header Disabled.

  2. EKS Kubernetes Version Modified the depreciation date for EKS versions. For list of updated EKS versions, refer https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html

  3. EKS Latest Platform Version Modified the depreciation date and latest platform version for EKS versions. For list of updated latest platform, refer to https://docs.aws.amazon.com/eks/latest/userguide/platform-versions.html

  4. Lambda Old Runtimes Modified the end of life dates for lambda runtimes versions. For list of updated end of life dates for lambda runtimes versions, refer , https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy

Azure

  1. Load Balancer Public IP Revised title, description, more info, recommended actions, and output message of the plugin to ensure that Azure Load Balancers are public to meet your organization's security compliance and availability needs. The plugin title is renamed to Public Load Balancer.

  2. PostgreSQL Flexible Server Version Earlier, the plugin was checking for the latest version, which was 13. Modified the latest version of the flexible server from 13 to 16.

  3. Microsoft Support Operations Auditing Enabled Updated the plugin to produce unknown results if it’s unable to get audit policies, previously it was producing failed results if there were no audit policies in data.

  4. Previously, the following plugins were responsible for checking the diagnostic logs of blob, queue, and table for both V1 and V2 storage account types. But as in V1 (premium) type the diagnostic logs can only be enabled for that specific storage account kind service, so updated the plugins to produce pass results if the storage account type is premium.

Storage Account Blob Service Logging Enabled Storage Account Queue Service Logging Enabled Storage Account Table Service Logging Enabled

Google

  1. PostgreSQL Latest Version Earlier, the plugin checking for the latest version, which was 14. Modified the latest version of PostgreSQL server from 14 to 15.

相关地址:原始地址 下载(tar) 下载(zip)

查看:2024-06-06发行的版本