Skip to main content
McAfee Enterprise MVISION Cloud

5.4.2 Release Notes (July 2021)

Activities Page Redesign

The Incidents > Activities page provides details on the threat activity within your organization. It can be used to monitor the activity of how users within your organization use cloud services and detect risk trends for the entire organization over time. The Activities page has been redesigned to be more consistent with other MVISION Cloud pages and provide better usability with filters, Omnibar search, Saved Views, and other features. For details, see About Activities

Configuration Audit Notifications Based on Incident Severity

When you create your service instance, you can configure notifications to be sent based on different Configuration Audit incident severities as per your organization's requirements. This allows you to avoid being inundated with minor severity incidents alerts. For details, see Enable Configuration Audit Notifications

Essential and Advanced Policy Templates for Container Security

When you go to the Policy > Policy Templates page you can select Recommendation/Benchmark filters for Container Security - Essential and Container Security - Advanced policy templates. The Container Security - Essential are 18 policy templates with the minimum requirements for container security resource discovery and On-Demand Scans. For details, see Policy Templates for Container Security

In VPC Scans now Support GCP

In VPC Scans now support Google Cloud Platform (GCP). For details, see Create an In VPC Scan

File Integrity Monitoring now Supports AKS

File Integrity Monitoring now supports Azure Kubernetes Service (AKS). For details, see About File Integrity Monitoring

Vulnerability Scans now Support AKS

Vulnerability Scans now support Azure Kubernetes Service (AKS) main and secondary nodes for vulnerabilities when you select VM instances. For details, see About Vulnerability Scans.

Vulnerability Policy Wizard Updates

The Vulnerability Policy Wizard has been updated to change the "IS" operator to "IS ONE OF" to allow for more detailed CVE searches. It also saves a step by automatically generating an incident for every event found. For details, see Create a Vulnerability Policy

Incident Severity Levels Made Consistent for MVISION Cloud and McAfee Enterprise ePO

Incident severity levels have been made consistent between products for MVISION Cloud and McAfee Enterprise ePO. Incident severity levels in MVISION Cloud and in generated reports (PDF) are changed to:

  • High > Critical
  • Medium > Major
  • Low > Minor
  • N/A > Info
  • N/A > Warning

When you export the incident to CSV or a SIEM integration, the number corresponds to the new severity level as follows:

  • 2 > Critical
  • 1 > Major
  • 0 > Minor
  • 4 > Warning
  • 3 > Info

New Audit Log Event Types

The new Audit Log Event Types introduced are API Access, AWS Account Authentication, Config Audit AWS Accounts Modified. These new Audit Log Event Types identify the activities when the accounts are added or deleted using MVISION Cloud API. For details, see Audit Log Events.

IaaS Resources Bulk API

This is a new API that returns details for multiple resources in a single call. The number of resources returned in an API call is configurable. For details, see IaaS Resources API.

Policy Incidents Page Download CSV Feature Deprecated

The Download CSV feature on the Policy Incidents page has been deprecated as of MVISION Cloud 5.4.1. You can still download a CSV file from the Policy Incidents Summary

  • Was this article helpful?