Release notes

This topic lists both latest features now available in Prevasio and important documentation updates.

October 2024 Update

Prevasio Kubernetes Security Enhancements – AKS Integration

Prevasio now supports Azure AKS Kubernetes Managed Service. Note that additional Azure role (Azure Kubernetes Service Cluster User Role) is required for permissions to perform a KSPM scan on Kubernetes clusters. See Kubernetes Security Posture Management (KSPM). (Released 7-Oct-2024)

September 2024 Update

Prevasio Kubernetes Security Enhancements – EKS Integration

Prevasio introduces comprehensive Kubernetes security monitoring, starting with AWS EKS. As Kubernetes environments become more complex, maintaining a secure posture while managing vulnerabilities and compliance violations is critical.

Key Features:

  • EKS Focus: Prevasio now supports automatic onboarding of all Kubernetes clusters across AWS EKS, with plans for multi-cloud vendor support coming soon.

  • Auto-Discovery: Seamlessly discover all clusters within each of your AWS accounts across all regions.

  • Efficient Scanning: Each cluster undergoes an in-depth security scan by the Prevasio KSPM scan engine. Scans take a few minutes per cluster, depending on configuration.

  • Continuous Monitoring: Prevasio performs daily scans and continuously updates your Kubernetes security posture. Any changes, such as new clusters, deleted clusters, or new vulnerabilities, are automatically reflected, ensuring your environment remains secure and up-to-date.

By simplifying cluster management and vulnerability detection, Prevasio helps you maintain strong security practices as your Kubernetes environment scales. See Kubernetes Security Posture Management (KSPM). (Released 11-Sep-2024)

August 2024 Update

Azure Support of Prevasio Application Discovery

The Prevasio Application Discovery feature has been enhanced to support Azure, expanding its capability beyond AWS. This advanced solution now identifies applications within both AWS and Azure environments, presenting a comprehensive graph of the applications' resource inter-dependencies. The graph details the application’s structure, highlights elements with security issues, and offers a visual view of complex relationships within the cloud environment. By pinpointing vulnerabilities within the application, this tool helps prioritize security issues based on their placement and impact, across both AWS and Azure platforms. See Prevasio Application Discovery. (Released 28-Aug-2024)

New Prevasio deployment locations for Middle East (ME), UAE and IND regions

We're excited to announce the addition of a new Prevasio deployment location for our valued users in the UAE and IND regions. Prevasio is now hosted on the following AWS availability zones:

  • IND: ap-south-1 (Mumbai)

  • UAE: me-central-1 (UAE)

  • ME: me-south-1 (Bahrain )

  • US: us-east-1 (N. Virginia)

  • EMEA: eu-central-1 (Frankfurt)

  • ANZ : ap-southeast-2 (Sydney)

See Logging in and out. (Released 5-August-2024)

July 2024 Update

Kubernetes cluster risk insights

The new Kubernetes Security Dashboard to deliver insights into cluster misconfiguration, vulnerabilities and exposed secrets. Benefit from advanced visualizations and detailed analytical reports to effectively manage and mitigate security risks. See Kubernetes Security Posture Management (KSPM). (Released 30-July-2024)

Prevasio System Roles

Prevasio now supports three system roles more granular control over user permissions, ensuring that each user has access to only the necessary features based on their role. The Admin role has full access to all settings, resources, and sections; the Security Manager role has full access except for User Management; and the Auditor role has read-only access to specified features. See Manage user rolesPrevasio user roles. (Released 23-July-2024)

New Prevasio deployment location for Europe, the Middle East, and Africa (EMEA) region

We're excited to announce the addition of a new Prevasio deployment location for our valued users in the Europe, the Middle East, and Africa (EMEA) region. See Logging in and out. (Released 2-July-2024)

June 2024 Update

Prevasio Application Discovery Enhanced!

Our dependency graph now automatically identifies microservices within your applications. A microservice consists of an interconnected set of cloud resources that collectively perform a set of functions or service and works together with other microservices to form the larger application. See Prevasio Application Discovery. (Released 23-June-2024)

Export your dashboard to PDF or CSV

Export your dashboard views to files in PDF or CSV format, for both single and multi-account views. This enables you to easily share the data with others or perform further analysis in a spreadsheet program. See Getting around Prevasio. (Released 21-June-2024)

May 2024 Update

Introducing Prevasio Application Discovery

Application discovery is an advanced solution designed to identify applications within customer environment and present a graph of the applications' resource inter-dependencies. This graph details the application’s structure and highlights elements with security issues, offering a view of the complex relationships within the cloud environment. By showing where vulnerabilities occur within the application, this visual tool helps prioritize security issues based on their placement and impact. See Prevasio Application Discovery. (Released 21-May-2024)

View GCP AR CD mitigation scan history

The GAR CD Mitigation Scan History Page provides a provides a scan log of each deployment of an image in the AR . You can view a summary of all scan history or drill down for details of each GCP project. See Enable Threat Management on GCP AR. (Released 16-May-2024)

March 2024 Update

Updated Prevasio login URLs,

We have updated Prevasio login URLs:

See Logging in and out. (Released 06-March-2024)

February 2024 Update

View Azure ACR CD mitigation scan history

The ECR CD Mitigation Scan History Page provides a provides a scan log of each deployment of an image in the CR . You can view a summary of all scan history or drill down for details of each Azure Subscription. See Enable Threat Management on Azure ACR. (Released 28-February-2024)

View Configuration and Compliance Risk Trends

We've enhanced the dashboard for single accounts of all CSP (Cloud Service Provider) types. This update features a high-level analytic risk trend graph. This graph displays both regressions and progress in resolving configuration and compliance issues for the account and can be filtered according to severity level and time frame. Additionally, the update introduces a summary of the latest cloud security assessment scan data for the selected cloud account.

These enhancements enable security administrators to gain a holistic view of the current security status and historical trends streamlining the process of identifying vulnerabilities and understanding security patterns over time.

See View Configuration and Compliance Risk Trends . (Released 19-February-2024)

January 2024 Update

Enhanced Networking Risk Management in Prevasio

Introducing the AlgoSec Best Practices compliance standard: Prevasio now enables you to deep dive into networking risks with advanced capabilities for identifying and analyzing networking misconfiguration, a feature that distinctly positions us ahead of competitors in the cloud security space. We've added a fourth compliance standard, AlgoSec Best Practices, specifically designed for network risk violations. This internally developed standard elevates our compliance and risk assessment to new heights, offering a more comprehensive analysis and improved adherence to compliance standards. See Networking risks. (Released 17-January-2024)

November 2023 Update

View ECR CD mitigation scan history

The ECR CD Mitigation Scan History Page provides a provides a scan log of each deployment of an image in the ECR repository. You can view a summary of all scan history or drill down for details of each AWS account. See Enable Threat Management on AWS ECR . (Released 29-November-2023)

Manage threats in your CI/CD pipelines

Prevasio's Mitigation Rules are integral to the GitHub CI and the AWS ECR CD pipelines. Mitigation rules assess container images for high-risk flags. Prevasio static scans cover malware, vulnerabilities, and dynamic scans check behavior analysis (IPs, Domains, Countries, Open Ports).

Default Mitigation Rules, sourced from government and other public databases and updated daily, include artifact items with risk severity. You can set minimum risk levels for blocking pull requests (GitHub CI) and locking repositories (AWS ECR CD). For instance, a medium-risk IP won't block a pull request if the minimum risk is set to high. Conversely, with a medium risk-setting, the same IP would trigger a block. You can also create custom block- and allow-lists. See Threat Management. (Released 16-November-2023)

October 2023 Update

New Prevasio deployment location for ANZ region

We're excited to announce the addition of a new Prevasio deployment location for our valued users in the Asia Pacific region. We are already in the process of onboarding the first customer located in Australia. Prevasio is now hosted on the following AWS availability zones and next in line is the EMEA availability zone as well.

  • ANZ : ap-southeast-2 (Sydney).

  • US: us-east-1 (N. Virginia)

See Logging in and out. (Released 26-October-2023)

Extended insights for Docker container scans

We've enhanced Prevasio CI/CD Container Security by displaying the list of your open Pull Requests right in Prevasio. The list provides a structured view of the scan details for each open pull request, to help quickly assess and manage your security findings. Also, you can now access a full report of Docker container scans, directly from the Scan Summary comments in GitHub or from within Prevasio, in the Pull Requests list. See Prevasio CI/CD Container Security . (Released 22-October-2023)

Manage Your AWS ECR Repositories

Now you can integrate Prevasio with AWS to manage ECR repositories. Automatically detect when new images are pushed to your repositories. Modify the permissions of your repositories, giving you the ability to block any pull operation for the location where the image resides. See Enable Threat Management on AWS ECR . (Released 12-October-2023)

September 2023 Update

Prevasio CI/CD Container Security

AlgoSec Prevasio CI/CD Container Security solution AlgoSec Prevasio CI/CD Container Security solution is an extensible security plugin platform that provides an automated scan for Docker containers. AlgoSec Prevasio will build, simulate runtime, and scan the image statically and dynamically for security risks. This is integrated into the user's GitHub repository CI process. See Prevasio CI/CD Container Security . (Released 19-September-2023)