Amazon EKS Compliance integrations are now GA - Integrating Amazon EKS compliance lets you monitor configuration compliance of your EKS cluster resources. Use the CIS Amazon EKS 1.1.0 benchmark to provide a baseline for your Kubernetes security configurations, which helps protect your Kubernetes environments. For details, see EKS Compliance integrations.
New Container Vulnerability filters for Active Images tab - You can now filter by Pod Namespace, K8s Cluster, and Machine Tags in Container Vulnerability when grouped by Image ID (Active Images tab).
Amazon EKS Audit Log integration is now GA - Integrating Amazon EKS audit logs lets you monitor and baseline Kubernetes runtime security audit logs, allowing you to understand critical security events within Kubernetes clusters. For details, see EKS audit log integrations.
LQL syntax enhancements - Changes in LQL include the following:
Two new formats are available for expressing strings in LQL: s-strings and double-quoted strings. Double-quoted strings support several types of escape sequences. Note that use of the previously available format, single quoted strings, is still supported but discouraged. For more information, see Strings.
Aliases no longer need to be enclosed in parenthesis for the array_to_rows function alias. For more information on this function, see Expanding JSON Arrays into Rows.
Scan Java images offline when using the Inline or Proxy Scanner - You can now use an environment variable that stops the Inline ot Proxy Scanner from accessing https://search.maven.org/solrsearch/select for Maven Java dependencies/jars. See the following sections for details:
New Proxy Scanner config option that supports special characters - See disable_expand_env for details on how to allow special charaters in the Proxy Scanner config.yml.
Packages tab now displays one unique package per row with expandable dropdown for multiple vulnerabilities - The Packages tab for host and image assessments now displays one unique package per row. If there is more than one vulnerability found on a package, an expandable dropdown option is available. When clicked, this displays all vulnerabilities found on the package.
Container Vulnerability tabs changed to All Images and Active Images - The Container Vulnerability tabs are changed from Buildtime and Runtime to All Images and Active Images.