February 02, 2022
Summary of Changes/Improvements
Optimized agent privileges (Beta) - The Lacework agent can now use the Linux capabilities framework to run as a user who is not
rootwhen not deployed as a container. You can enable this feature (beta) through the agent configuration file. See Run Agent as Non-Root User for details.
Improved sidecar installation - You can now use Docker’s
ENTRYPOINTsyntax to deploy the Lacework agent in a sidecar container. Set the
LaceworkVerboseenvironment variable to
truein the Fargate task definition to enable verbose sidecar installations. Compression utilities in the Lacework agent sidecar installation are no longer needed and have been removed.
Support Container FIM in Fargate environment - The Lacework agent can now run FIM tasks in managed container environments when you enable the configuration option. See Configure Agent Behavior in config.json File for details.
Platform support - The Lacework agent now supports these platforms:
- Red Hat OpenShift
- Red Hat OpenShift Service on AWS
Enhanced log4j detection - Lacework has added a few enhancements to make the feature more robust by caching data, enabled you to adjust in real-time the set of hashes the log4j process scanning looks for, and removed the limit on nested jar files. See Product Enhancement for log4j for details.