Skip to main content

February 2024 Platform Releases

Generally Available

  • Two additional configuration options for Kubernetes Compliance integrations - Two new configuration options have been added when integrating your Kubernetes cluster:

    • clusterAgent.proxyUrl - Configure the Cluster Collector to use a network proxy by setting the proxy server URL and port. The Cluster Collector will use the laceworkConfig.proxyUrl option first (if it has been set).
    • clusterAgent.hostNetworkAccess - Configure the Cluster Collector pod to have access to the host network (in case of strict pod network policies).
  • The Lacework Security in Jira integration for Vulnerability Management is now available in all geographic locations - This feature is also now generally available. See Integrate Lacework with Security in Jira to get started.

  • Active Package Detection (Code Aware Agent) is now generally available - Active Package Detection enables you to identify active and inactive packages in your environment through our Code Aware Agent, which in turn enables Active Vulnerability Detection.

  • Identity management - The Lacework identity management feature provides you with the visibility and context to understand your cloud identity architectures and right-size cloud permissions to achieve least privilege goals.

    Access identity management capabilities through the top-level Identities menu item in the left navigation. Identities has three pages:

    • The Overview page provides a consolidated view of identity metrics, including excessive privileges, active keys older than 180 days, and total number of user accounts. Additional categories of metric trends include high risks, low usage, identity activity, and identity compliance.
    • The Top identity risks page helps you prioritize what to fix first by providing a list of the greatest identity risks in your environment.
    • The Explorer page provides a list of identities and summary information. From here, you can drill down into identity details such as access grants and identity transitions, for example, you can see which user can assume which roles. You can also get remediation suggestions and rationale for fixing identity issues and even add exceptions to specific risks. The Explorer page also lets you view identity policies.
  • Transit gateway support added to attack path analysis - The Path investigation page indicates when an entity in the attack path is connected to a cross account. A cross account exists if a cloud entity in one account is exposed to the internet and the transit gateway allows traffic to another account. The Exposure Polygraph includes a new node for transit gateways and tabular details provide the cross account name in context of any connected entities.

  • New composite alert - The Potentially compromised Kubernetes user alert will be triggered when there Lacework detects evidence suggesting potentially compromised Kubernetes user credentials.

  • Support for detecting active and inactive Rust packages on hosts and containers - The Lacework platform can now detect active and inactive Rust packages on hosts and containers if you do the following:

    This enables you to know whether a vulnerable Rust package is being used by an application and prioritize fixing active vulnerable packages first. Use the Package status filter in the Host Vulnerabilities page and Container Vulnerabilities page to see active or inactive vulnerable Rust packages on hosts and containers. See Host Vulnerability - Package Status for details.

Documentation Updates

  • Improvements to the Compliance Frameworks documentation - All current Compliance Framework documentation (for example: CIS AWS 1.4.0 Benchmark) has been improved to include additional information in the policy mapping tables.