CloudSploit version 3.9.0 introduces the most latest version on 2024-09-18. The update includes new plugins for Azure, AWS with the hotfixes and enhancements in the existing plugins. The details are as follows.

New Plugins

AWS

EKS

• EKS GuardDuty Enabled

QLDB

• Ledger Deletion Protection
• Ledger Has Tags

Managed Blockchain

• Managed Blockchain Network Member CloudWatch Logs

Azure

Batch Account

• Batch Account Managed Identity

Container Apps

• Container Apps IP Restriction Configured

Machine Learning

• Machine Learning Registry Has Tags
• Machine Learning Registry Public Access Disabled
• Machine Learning Workspace Data CMK Encrypted
• Machine Learning Workspace High Business Impact Enabled

MySQL

• MySQL Flexible Server CMK Encrypted
• MySQL Flexible Server Logging Enabled

Synapse

• Synapse Workspace Diagnostic Logging Enabled
• Synapse Workspace Double Encryption Enabled
• Synapse Workspace Has Tags

Hot fixes and enhancements

AWS

Encryption Level Setting Updated the default value of the encryption level setting to awskms for all AWS encryption plugins that have a desired encryption level setting. This ensures that resources are checked to verify that they meet the required encryption level of awskms by default.

Domain Transfer Lock The plugin logic has been updated to verify supported domains.

EBS Snapshot Collection Limitation Starting next month, EBS snapshot collection will be limited to 30,000 snapshots from the most recent month. No snapshots older than one month will be collected.

ELBv2 WAF Enabled Updated the plugin logic to check WAF status explicitly for Application Load Balancers only, rather than for all load balancers.

ELBv2 Unhealthy Instances Previously, the plugin did not show the resource ARN in the result. The plugin logic has been updated to correctly populate the resource and provide accurate results.

Azure

App Service Plugins Updated to include new whitelist settings, ensuring that specific resources are exempt from checks. This update applies to the f
following plugins:

• Authentication Enabled
• HTTPS Only Enabled
• Guest Level Diagnostics Enabled
• Permissions Update

Azure has renamed Security Center to Defender for Cloud. As a result, the following Azure plugins have been refactored to support Defender for Cloud:

• Application Whitelisting Enabled
• Auto Provisioning Enabled
• High Severity Alerts Enabled
• Monitor Endpoint Protection
• Monitor External Accounts with Write Permissions
• Monitor IP Forwarding
• Monitor JIT Network Access
• Monitor Next Generation Firewall
• Monitor System Updates
• Monitor Total Number of Subscription Owners
• Security Configuration Monitoring
• Security Contact Additional Email
• Security Contact Enabled for Subscription Owner
• Security Contacts Enabled
• Standard Pricing Enabled