SBN

Feature Release 19.4

We are excited to announce our latest feature release. In this release, we continue our mission to help you leverage CSP tools efficiently and effectively. Release 19.4 offers numerous Azure updates, including an updated Azure CIS compliance pack, enhancements on tagging and visibility, and additional support for multiple cloud service providers.

We actively collaborate with our customers and the broader community to help shape our product, from its core capabilities and functions to its look and feel. Each release includes new features, improved performance, and additional support for the ever-expanding portfolio of services from the major cloud providers and our partners.

Highlights:

Updated Azure CIS Compliance Pack

AWS Elastic Beanstalk Enhancements

Integration of GCP Stackdriver


Updated Azure CIS Compliance Pack

The CIS Microsoft Azure Benchmark offers a collection of best practices for securely configuring Microsoft Azure. Similar to other CIS benchmarks, this one was developed through a unique consensus-based process informed by cybersecurity professionals and subject matter experts. Through our Azure CIS compliance pack, we have consolidated dozens of out-of-the-box policies that automate compliance to meet the CIS Azure Benchmark standards.

We are pleased to offer a major update to the Azure CIS compliance pack to align with the latest version of the benchmark itself (1.1.0). As with our previous version, all benchmarks are mapped directly through DivvyCloud’s insights.

The updated compliance pack includes these new filters:

  • Storage Account Storing Activity Logs
  • Activity Log Profile Not Configured to Capture All Categories
  • Activity Log Profile Not Configured for All Regions

Click here for more information about compliance packs.

AWS Elastic Beanstalk Enhancements

AWS Elastic Beanstalk is a service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on servers such as Apache, Nginx, Passenger, and IIS.

We have enhanced Divvycloud’s Insights into AWS Elastic Beanstalk applications and environments. To complement this, we’ve added a few new filters and and translated this into the user interface by adding a new column to the resources page. 

For more information about AWS Elastic Beanstalk and how to use it with DivvyCloud, refer to our documentation on AWS configuration.

GCP Stackdriver

Stackdriver is a service that provides performance and diagnostics data. For customers using GCP, we now offer the ability to export job backlogs to Stackdriver. This enables our customers to set up intelligent autoscaling of their worker tiers. Click here for additional information about GCP Stackdriver job backlog exports.


Enhancements and Added Support for Azure, AWS, and GCP

Also included in this release are several subtle changes that collectively provide expanded support and increased visibility for our customers using Azure, AWS, and GCP.

Azure

  • New filters to support Azure SQL database encryption and default key insights
  • visibility and tag support for Azure service endpoints, which now allow for private, backend communication to Azure services without the need to transmit over the internet
  • Added support for private Azure DNS zones, which allows harvesting to capture the distinction between public and private for Azure DNS zones
  • Increased visibility into Azure data warehouses to include the encryption information, audit settings, and public status

AWS

  • Improved performance and support for event driven harvesting 
  • Increased efficiency for creating and accessing resource groups and resources
  • Option to enable default volume encryption in AWS regions
  • Increased visibility into S3 buckets and better definition of mpaired visibility
  • Improved performance of and visibility into Amazon Machine Images
  • Increased visibility into EC2 metadata 
  • Added ability to identify suspicious activity based on AWS GuardDuty threat findings
  • Added support for two AWS regions: Bahrain me-south-1 and Hong Kong ap-east-1
  • Added ability to audit S3, KMS, role, an elasticsearch policies
  • Added SFTP support and filtering capabilities
  • Increased visibility and support for Amazon MQ and SNS

GCP

  • Increased functionality and support for GCP Stackdriver

For a complete listing of supported services, enhancements, and filters click here to see our 19.4 release notes.

Have an issue or would like to request a change? Get in touch with us.

The post Feature Release 19.4 appeared first on DivvyCloud.


*** This is a Security Bloggers Network syndicated blog from DivvyCloud authored by Anna Mulamba. Read the original post at: https://divvycloud.com/feature-release-19-4/?utm_source=rss&utm_medium=rss&utm_campaign=feature-release-19-4