CloudSploit version 3.9.0 introduces the most latest version on 2024-09-18. The update includes new plugins for Azure, AWS with the hotfixes and enhancements in the existing plugins. The details are as follows.
New Plugins
AWS
EKS
- EKS GuardDuty Enabled
QLDB
- Ledger Deletion Protection
- Ledger Has Tags
Managed Blockchain
- Managed Blockchain Network Member CloudWatch Logs
Azure
Batch Account
- Batch Account Managed Identity
Container Apps
- Container Apps IP Restriction Configured
Machine Learning
- Machine Learning Registry Has Tags
- Machine Learning Registry Public Access Disabled
- Machine Learning Workspace Data CMK Encrypted
- Machine Learning Workspace High Business Impact Enabled
MySQL
- MySQL Flexible Server CMK Encrypted
- MySQL Flexible Server Logging Enabled
Synapse
- Synapse Workspace Diagnostic Logging Enabled
- Synapse Workspace Double Encryption Enabled
- Synapse Workspace Has Tags
Hot fixes and enhancements
AWS
Encryption Level Setting
Updated the default value of the encryption level setting to awskms for all AWS encryption plugins that have a desired encryption
level setting. This ensures that resources are checked to verify that they meet the required encryption level of awskms by default.
Domain Transfer Lock
The plugin logic has been updated to verify supported domains.
EBS Snapshot Collection Limitation
Starting next month, EBS snapshot collection will be limited to 30,000 snapshots from the most recent month. No snapshots older
than one month will be collected.
ELBv2 WAF Enabled
Updated the plugin logic to check WAF status explicitly for Application Load Balancers only, rather than for all load balancers.
ELBv2 Unhealthy Instances
Previously, the plugin did not show the resource ARN in the result. The plugin logic has been updated to correctly populate the
resource and provide accurate results.
Azure
App Service Plugins
Updated to include new whitelist settings, ensuring that specific resources are exempt from checks. This update applies to the f
following plugins:
- Authentication Enabled
- HTTPS Only Enabled
- Guest Level Diagnostics Enabled
- Permissions Update
Azure has renamed Security Center to Defender for Cloud. As a result, the following Azure plugins have been refactored to support Defender for Cloud:
- Application Whitelisting Enabled
- Auto Provisioning Enabled
- High Severity Alerts Enabled
- Monitor Endpoint Protection
- Monitor External Accounts with Write Permissions
- Monitor IP Forwarding
- Monitor JIT Network Access
- Monitor Next Generation Firewall
- Monitor System Updates
- Monitor Total Number of Subscription Owners
- Security Configuration Monitoring
- Security Contact Additional Email
- Security Contact Enabled for Subscription Owner
- Security Contacts Enabled
- Standard Pricing Enabled