Release notes

This topic lists both latest features now available in Prevasio and important documentation updates.

March 2024 Update

Updated Prevasio login URLs,

Updated Prevasio login URLs,

We have updated Prevasio login URLs:

For US-based users: http://us.app.algosec.com/prevasio
For ANZ-based users: http://anz.app.algosec.com/prevasio

See Logging in and out. (Released 06-March-2024)

February 2024 Update

View Azure ACR CD mitigation scan history
View Configuration and Compliance Risk Trends

View Azure ACR CD mitigation scan history

The ECR CD Mitigation Scan History Page provides a provides a scan log of each deployment of an image in the CR . You can view a summary of all scan history or drill down for details of each Azure Subscription. See Enable Threat Management on Azure ACR. (Released 28-February-2024)

View Configuration and Compliance Risk Trends

We've enhanced the dashboard for single accounts of all CSP (Cloud Service Provider) types. This update features a high-level analytic risk trend graph. This graph displays both regressions and progress in resolving configuration and compliance issues for the account and can be filtered according to severity level and time frame. Additionally, the update introduces a summary of the latest CSPM scan data for the selected cloud account.

These enhancements enable security administrators to gain a holistic view of the current security status and historical trends streamlining the process of identifying vulnerabilities and understanding security patterns over time.

See View Configuration and Compliance Risk Trends . (Released 19-February-2024)

January 2024 Update

Enhanced Networking Risk Management in Prevasio

Enhanced Networking Risk Management in Prevasio

Introducing the AlgoSec Best Practices compliance standard: Prevasio now enables you to deep dive into networking risks with advanced capabilities for identifying and analyzing networking misconfiguration, a feature that distinctly positions us ahead of competitors in the cloud security space. We've added a fourth compliance standard, AlgoSec Best Practices, specifically designed for network risk violations. This internally developed standard elevates our compliance and risk assessment to new heights, offering a more comprehensive analysis and improved adherence to compliance standards. See Networking risks. (Released 17-January-2024)

View ECR CD mitigation scan history

The ECR CD Mitigation Scan History Page provides a provides a scan log of each deployment of an image in the ECR repository. You can view a summary of all scan history or drill down for details of each AWS account. See Enable Threat Management on AWS ECR . (Released 29-November-2023)

Manage threats in your CI/CD pipelines

Prevasio's Mitigation Rules are integral to the GitHub CI and the AWS ECR CD pipelines. Mitigation rules assess container images for high-risk flags. Prevasio static scans cover malware, vulnerabilities, and dynamic scans check behavior analysis (IPs, Domains, Countries, Open Ports).

Default Mitigation Rules, sourced from government and other public databases and updated daily, include artifact items with risk severity. You can set minimum risk levels for blocking pull requests (GitHub CI) and locking repositories (AWS ECR CD). For instance, a medium-risk IP won't block a pull request if the minimum risk is set to high. Conversely, with a medium risk-setting, the same IP would trigger a block. You can also create custom block- and allow-lists. See Threat Management. (Released 16-November-2023)

October 2023 Update

New Prevasio deployment location for ANZ region
Extended insights for Docker container scans
Manage Your AWS ECR Repositories

New Prevasio deployment location for ANZ region

We're excited to announce the addition of a new Prevasio deployment location for our valued users in the Asia Pacific region. We are already in the process of onboarding the first customer located in Australia. Prevasio is now hosted on the following AWS availability zones and next in line is the EMEA availability zone as well.

ANZ : ap-southeast-2 (Sydney).
US: us-east-1 (N. Virginia)

See Logging in and out. (Released 26-October-2023)

Extended insights for Docker container scans

We've enhanced Prevasio CI/CD Container Security by displaying the list of your open Pull Requests right in Prevasio. The list provides a structured view of the scan details for each open pull request, to help quickly assess and manage your security findings. Also, you can now access a full report of Docker container scans, directly from the Scan Summary comments in GitHub or from within Prevasio, in the Pull Requests list. See Prevasio CI/CD Container Security . (Released 22-October-2023)

Manage Your AWS ECR Repositories

Now you can integrate Prevasio with AWS to manage ECR repositories. Automatically detect when new images are pushed to your repositories. Modify the permissions of your repositories, giving you the ability to block any pull operation for the location where the image resides. See Enable Threat Management on AWS ECR . (Released 12-October-2023)

September 2023 Update

Prevasio CI/CD Container Security

Prevasio CI/CD Container Security

AlgoSec Prevasio CI/CD Container Security solution AlgoSec Prevasio CI/CD Container Security solution is an extensible security plugin platform that provides an automated scan for Docker containers. AlgoSec Prevasio will build, simulate runtime, and scan the image statically and dynamically for security risks. This is integrated into the user's GitHub repository CI process. See Prevasio CI/CD Container Security . (Released 19-September-2023)