-
Drilled MetaChecks: When contextualizing your Security Findings with MetaHub, the tool now drills down into all associated resources, like Security Groups, IAM Roles, IAM Policies, AutoScaling Groups, etc. For each associated resource, MetaHub will execute all MetaCheck available for that resource type. This way, if you are analyzing a finding for an EC2 instance, you don't stop there, you can also analyze the Security Group, IAM Role, IAM Policies, etc. associated with that EC2 instance.
-
Impact MetaChecks: The MetaChecks is_public, is_encrypted, is_unrestricted, and is_attached are now defined for all resource types, giving a standardized way to define the impact of a finding no matter the resource type.
-
MetaHub now adds a new MetaAccount section for your security findings, with information about the account where the finding was generated, for example, the security contact email; this information could be useful for defining the ownership of a finding. You can now define ownership based on these fields, or MetaTags or MetaTrails.
-
New Resource Type MetaChecks: AwsAutoScalingAutoScalingGroup, AwsEksCluster, AwsIamRole, AwsRdsDbInstance, and AwsRdsDbCluster
-
New MetaTrails events added