Inline Scanner support for scanning by image digest - See
image evaluatefor example commands.
Proxy Scanner Auto Polling support for Google Container Registry (GCR), Amazon Elastic Container Registry (ECR), and Red Hat Quay (quay.io) - These registry types can now be configured for auto polling when using the Proxy Scanner.
New format options for Inline Scanner evaluaton results - New flags are available to format the evaluation results from the Inline Scanner when viewing on the terminal.
--prettyrenders table borders and adds color to Severity column in the output of the evaluation results:
--no-colorstops colors from being rendered in evaluation results when the
--prettyoption is used.
--simpledisplays evaluation results without
Introduced in Layerand
-j, --jsonprints the evaluation results in JSON format (this offers the same output as the
See Example Outputs for Evaluation Results for further details.
Automated configuration for Amazon ECR Proxy Scanner integrations - If you configure the Proxy Scanner to run on an Amazon EC2/ECS instance, it will attempt to automatically discover and authenticate with the private ECR available to the local IAM role. See Automated Configuration for Private Amazon ECRs for details.
On-demand container image scanning from the Lacework Console - For integrated container registries, you can now scan container images on-demand when viewing Container Image Information in the Containers Dossier.
- This feature will be gradually rolled out to customers during this week.
Infrastructure as Code (IaC) differential analysis - The differential analysis algorithm has changed to include ChangeSets that aim to reduce findings and noise in code review feedback.
Public Preview Features
- Vulnerability Usage is shown on the License page - The Settings > Usage: License page on the Lacework Console now displays a Vulnerability Usage section.