- Proxy Scanner config change:
scan_public_registriesis now true by default - If you omit the
scan_public_registriesfield from your Proxy Scanner config, it will now be set to
- Image filter option now available for proxy scanner integrations - Use the
image_filteroption to scan and assess specific images in a registry with the Proxy Scanner.
- Active container images assessed with inline scanner and proxy scanner are now re-evaluated daily - An active image is one that is observed by the Lacework Agent (see Container Vulnerability FAQs for further explanation).
- This includes Kubernetes Admission Controller integrations as the proxy scanner is a component of the integration.
- For inline scanner, this will only apply to images that have been scanned when the
--saveoption was used (as this saves results to the Lacework Console).
- New API endpoints for Data Export Rules - Lacework offers a new set of API endpoints for users to export data collected from their Lacework account and send it to an S3 bucket. Users can extend Lacework processed/normalized data to report/visualize alone or combine with other business/security data to get insights and make meaningful business decisions.
Documentation Site Updates
The new Lacework documentation site has the following improvements:
- Search - The enhanced search function provides filters to help you narrow your search results to specific categories. Click a category to see the results within that category only. Each search result shows its category, the heading where the content is found, and the help topic URL.
- New navigation elements - The site introduces the following elements:
- Landing page - The new landing page displays the search bar and tiles to replace the original home page. The side navigation now displays only after clicking a tile or selecting an item from the top navigation bar.
- Tiles - Tiles highlight the most commonly accessed documentation topics and provide a quick way to view helpful resources like the latest release notes and critical vulnerability bulletins.
- Updated navigation bar - In the navigation bar, the Product Docs tab replaces the Home tab. Product Docs is a drop-down menu where you can select from these categories: Navigate the Console, Onboarding, and IaC.
- Content reorganization - Content is now grouped differently and the navigation to reach topics may differ because the topics are located in different categories:
- Product docs - Previously, Lacework product documentation was combined under the Home tab, which also had one left navigation menu. Now, the same content is split between Navigate the Console and Onboarding, each with its own left navigation menu.
- The Navigate the Console category aligns organizationally with the Lacework Console and contains content relevant to its available features and functionality.
- The Onboarding category contains overviews, initial setup information, and content related to integrating cloud service providers, container registries, and hosts.
- The IaC category contains Lacework IaC Security documentation. IaC was previously a stand-alone top navigation item.
- The following table maps topics’ and sub-categories’ previous navigation to their new navigation.
|Topic or Sub-Category||Previous Navigation||New Navigation|
|Onboard with Lacework||Get Started||Onboarding > Overview|
|Terraform for Lacework||Get Started||Onboarding > Overview|
|Integrate Lacework with AWS||Integration Setup||Onboarding|
|Integrate Lacework with Azure||Integration Setup||Onboarding|
|Integrate Lacework with Google Cloud||Integration Setup||Onboarding|
|Integrate Container Registries||Integration Setup > Containers||Onboarding > Container Registries|
|Integrate Proxy Scanner||Integration Setup > Containers||Onboarding > Container Registries|
|Integrate Inline Scanner||Integration Setup > Containers||Onboarding > Container Registries|
|AWS Compliance||Compliance||Navigate the Console > Compliance|
|Azure Compliance||Compliance||Navigate the Console > Compliance|
|Google Cloud Compliance||Compliance||Navigate the Console > Compliance|
|Cloud Compliance Dashboard||Compliance||Navigate the Console > Compliance|
|CIS Benchmarks||Compliance||Navigate the Console > Reports|
|Reports||Compliance||Navigate the Console|
|Container Vulnerability Assessment||Vulnerability Discovery||Navigate the Console > Vulnerabilities|
|Host Vulnerability Assessment||Vulnerability Discovery||Navigate the Console > Vulnerabilities|
|Vulnerability Exceptions||Vulnerability Discovery||Navigate the Console > Vulnerabilities|
|LW Risk Score||Vulnerability Discovery||Navigate the Console > Vulnerabilities|
|Policies||Detection||Navigate the Console > Policies|
|Use Lacework APIs (for custom policies)||Detection||Navigate the Console > Policies|
|Use Lacework Console (for custom policies)||Detection||Navigate the Console > Policies|
|Compliance Policy Exceptions||Detection||Navigate the Console > Policies|
|Container Vulnerability Policies||Detection||Navigate the Console > Policies|
|Polygraphs||Investigation||Navigate the Console > Resources|
|Dossiers||Investigation||Navigate the Console > Resources|
|Resource Inventory||Investigation||Navigate the Console > Resources|
|Integrate with Kubernetes Admission Controller||Lacework for Kubernetes Security||Onboarding > Kubernetes|
|Kubernetes Audit Logs||Lacework for Kubernetes Security||Onboarding > Kubernetes|
|EKS Audit Log Integration||Integration Setup > Integrate Lacework with AWS||Onboarding > Kubernetes|
|Lacework for Linux Workload Security||Lacework for Workload Security||Onboarding > Workload Security|
|Lacework for Windows Workload Security||Lacework for Workload Security||Onboarding > Workload Security|
|Account & Organization Settings||Administration||Navigate the Console > Settings|
|Authentication||Administration||Navigate the Console > Settings > Usage|
|Usage & Billing||Administration||Navigate the Console > Settings > Usage|
|Team Members||Administration > Account & Organization Settings||Onboarding|
|CloudTrail Events Reference||Events||Navigate the Console > Events|
|Time-Series Events Reference||Events||Navigate the Console > Events|
|Workload Events Reference||Events||Navigate the Console > Events|
|Report Rules||Events > Rules||Navigate the Console > Settings > Configuration|
|Alert Rules||Events > Rules||Navigate the Console > Settings > Notifications|
|Data Shares & Export||Home||Navigate the Console > Settings > Configuration|
|Critical Vulnerability Bulletins||Home||Landing page|