Skip to main content

August 2021 Platform Releases


  • SUSE SLES support for container vulnerability scanning - SUSE SLES base layer images are now scanned for vulnerabilities. See the Operating System Support section in Container Vulnerability Assessment Overview for a list of supported versions.

  • Distroless (including Bazel builds) support for vulnerability scanning of container images - The Lacework scanner now supports scanning of container images running Distroless (a slimmed down Linux distribution image plus the application runtime) and when built using Bazel.

  • Modified inline scanner commands - The following commands have been adjusted but backwards compatibility will be maintained for this release:

    • evaluate becomes image evaluate. Additional command line flags have also been added:
      • --save to save the results to the Lacework Console.
      • --tags to provide a list of key, value pairs.
      • --html will generate a report in HTML format (such as after running CI pipeline integrations).
    • scan becomes image scan
    • config becomes configure
  • Configure inline scanner to save results to Lacework Console - The inline scanner no longer saves evaluation results to the Lacework Console by default. To keep the same behavior as before, perform one of the following options::

    • Run the configure data command and enter true for the "Save results in platform" option.
    • Use the LW_SCANNER_SAVE_RESULTS=true environment variable on your local or CI/CD system.
    • Use the --save flag when running the image evaluate or image scan commands.
  • Inline scanner in proxy mode - The Lacework inline scanner can now be run in proxy mode as a daemon service on your host.

  • Prompt if upgrade available - When you run any Lacework scanner command, a prompt appears if there is a new version available (with instructions on how to upgrade).

  • Programming language support for vulnerability scanning of container images - You can scan containers at build time for Java, Ruby, PHP, GO, NPM, .NET, and Python packages.
    This feature is disabled by default. To enable it:

    • For inline scanner, use the configure scanner command or LW_SCANNER_SCAN_LIBRARY_PACKAGES=true environment variable on your local system. Alternatively, use the --scan-library-packages flag with the image scan and image evaluate commands.
    • For registry integrations using proxy scanner, use the scan_non_os_packages: true key in the configuration yamls.
    • For inline scanner with CI pipelines, use the LW_SCANNER_SCAN_LIBRARY_PACKAGES=true environment variable on your CI/CD system.

    Find out more about this feature in the Language Libraries Support section.

  • Proxy scanner support for Harbor - The Lacework proxy scanner now supports on-demand scans and registry notification for Harbor. For details, see Integrate Proxy Scanner.

  • Set the reply to email for email alert channels created through the API - You can set a reply to email address in the POST /api/v2/AlertChannels endpoint. You can send it to any email address (not just the original sender).

  • Error count in CloudTrail dossier user events - CloudTrail dossier user events now include an error count column.

  • API changes to support repo-label based queries - You can fetch scan results based on YOUR_REPO_NAME:TAG. If you do not specify the tag, the API server uses the latest tag.


  • Filtering container vulnerability - You can now filter vulnerabilities by active status and CVE severity.
  • Container scan time performance - Improved container scan time performance from minutes down to seconds (or even milliseconds in some cases).
  • SSO - Users in multiple groups can now fluidly SSO into the console through Okta. This is especially important for multi-hierarchy RBAC environments.