May 2024 Platform Releases

Generally Available

• Updated AWS Foundational Security Best Practices (FSBP) Standard is now available (Revision 2) - Includes the addition of high severity policies, see AWS Foundational Security Best Practices (FSBP) Standard for details.

• Alert overview added to dashboard - The dashboard now displays an overview of open alerts in your environment (split by severity).

• Policy metadata changes - The information presented in the Lacework console for custom and default (built-in) policies has changed. Default policies no longer display the "Last updated" and "Updated by" information items. Instead, Lacework is indicated as the creator. Custom policies indicate the last updated date and the user who updated the policy, as before. For more, see View Policies.

• New datasources - You can use Lacework datasources as the basis for custom LQL policies and ad hoc investigations into your environments. The following new datasources are available:

  • LW_CFG_AWS_DYNAMODB_DESCRIBE_CONTINUOUS_BACKUPS
  • LW_CFG_AWS_ECR_GET_LIFECYCLE_POLICY
  • LW_CFG_AWS_S3_GET_BUCKET_OWNERSHIP_CONTROLS
  • LW_CFG_AWS_S3_GET_BUCKET_POLICY_STATUS
  • LW_HE_PACKAGES

  For more information, see Datasource Metadata. Note that the introduction of new services may require you to modify the privileges of the Lacework user in your cloud accounts. For more information, see Maintain Cloud Integrations with Terraform.

• Cloud Compliance drawer UI changes - The Excluded tab under Resources in all Cloud Compliance drawers has been split into two new tabs:

  • The Excepted tab now shows resources that have a compliance policy exception applied to them.
  • The Not assessed tab shows resources that are not assessed.

  This change extends similar recent Compliance Dashboard updates described in April 2024 Platform Releases.

• The CIS Google Cloud Platform Foundation Benchmark v2.0.0 is now available as a compliance framework - See our CIS Google Cloud 2.0.0 Benchmark guide for details.

Public Preview

• Kubernetes Compliance for Google Kubernetes Engine (GKE)

  Google Kubernetes Engine (GKE) is now supported by our Kubernetes Security Posture Management. See Kubernetes Compliance Integrations to learn how to integrate your GKE clusters with Lacework.

  This release also adds the CIS Google Kubernetes Engine (GKE) Benchmark v1.4.0 as a compliance framework.

  Current Limitations:

  • GKE does not have compliance framework support for Report Configuration templates at this time.
  • We are working on increasing the overall number of automated policies, above and beyond those recommended by CIS. Check the Compliance Policy Changelog for updates.