Source: securityboulevard.com – Author: Dexter Garner
Over the last few months, we’ve been working on making a number of meaningful updates to Fairwinds Insights. We’ve delivered some great new functionality that our Insights customers will definitely benefit from. One of the biggest improvements is the change to reporting Common Vulnerabilities and Exposures (CVEs) by affected workload to reporting them by image, tag, and Secure Hash Algorithm (SHA). We also have new capabilities that make App Groups and Policy Mappings even more useful, as well as updates to Quality of Service (QoS) recommendations for rightsizing. Let’s jump into the details!
Added Action Items filter by image, tag, and SHA
We changed how CVEs are reported so associate them with the image, tag, and SHA as opposed to affected workload. That means if you’re creating tickets for a CVE, we aggregate all the workloads into one CVE, which makes it much easier to track and remediate them. It also simplifies ticket creation. Previously, you could only create tickets per Action Item, so you would get eight individual tickets for a CVE that existed on eight different workloads. Now, you just have one big ticket where you can see all of the workloads impacted by a single CVE. This is a much simpler way of handling vulnerabilities. To see CVEs, you can still navigate to workloads in the Action Items tab or you can go in and filter on image name, tag, and SHA.
App Groups Reporting
Now teams can gain a high-level understanding of how each App Group is fixing issues by Policy Mapping over a specific period of time. This reporting functionality by App Group can help teams understand how many of a specific issue have been fixed over the last month, quarter, half a year (basically whatever time frame works for your reporting purposes). This reporting gives you a visual output that you can download and track over time. And you can also download the filtered view for executive reporting purposes. This new functionality really gives you a more holistic view of improvements to your K8s infrastructure.
Add App Groups to Automation Rules
Automation rules allow you to automate certain actions within Insights; for example, you can set the assignee, resolution, and severity level for Action Items that match a certain pattern. Or you can create an Action Item Exception for resources in a cluster or namespace or send a Slack message when certain Action Items are detected in clusters. Now, you can apply automation rule functionality to the concept of AppGroups. For instance, you can now direct the flow of specific findings to third party integrations, such as Jira, GitHub, Azure DevOps, or PagerDuty incidents if an issue occurs in a resource associated with a specific AppGroup. You can even add and use Secrets with our API.
Add New QoS Burstable+
We all know how difficult and tedious it can be to tune cost attribution and resources in Kubernetes. To help with that, we’ve added a new rightsizing recommendation algorithm (Burstable+) intended for conservative production environment recommendations.
Bug Fixes and Enhancements
Here are just a few of the enhancements and fixes that enable some of our bigger updates described above (and more yet to come! Stay tuned 🙂).
- Add ability to unlink tickets
- Improve Capacity page performance
- Add export link to App Groups Reporting
- Add a list of values for IaC Files on filter API, with link back to repositories and support on the Action Items page
- Assign new users created via SSO to a default team
- Add “Last X days” to Costs Date Selector
- Pull OPA Policies into PolicyMappings UI
Questions About Fairwinds Insights or Kubernetes?
Please reach out to us with any questions about Insights or how to manage Kubernetes at scale without putting undue stress on your internal teams. We’d be happy to walk through any questions you have about the latest functionality in Fairwinds Insights to help you take advantage of everything we’re building. Please also consider joining the Fairwinds Communityon Slack or the user group.
If you don’t want to spend time managing Kubernetes, we also provideManaged Kubernetes-as-a-Service, a people-led service that delivers mission-critical Kubernetes infrastructure.
To stay up to date with Fairwinds Insights updates, read our release notes.
*** This is a Security Bloggers Network syndicated blog from Fairwinds | Blog authored by Dexter Garner. Read the original post at: https://www.fairwinds.com/blog/fairwinds-insights-release-notes-16.1.11-16.2.4-cve-mapping-updates
Original Post URL: https://securityboulevard.com/2024/11/fairwinds-insights-release-notes-16-1-11-16-2-4-cve-mapping-updates/
Category & Tags: Security Bloggers Network,security – Security Bloggers Network,security
Views: 0