5.3.2 Release Notes (April 2021)
Cloud Security Advisor Credits and Waivers
Some Cloud Security Advisor maturity score checklist recommendations may already be covered by another solution that fulfills the requirements of this recommendation. Or that recommendation may not apply to your organization's security implementation. To improve your security maturity score, MVISION Cloud now allows you to Take Credit for Another Solution or Waive Recommendations. For details, see Cloud Security Advisor Checklist.
Cloud Security Advisor Admin Role
To Take Credit or Waive Recommendations to improve your security maturity score, an admin must have the Cloud Security Advisor Admin role. For details, see About User Roles and Access Levels.
File Integrity Monitoring for AWS Container Services
When installed with the CWPP Agent, the File Integrity Monitoring (FIM) plugin validates containers to assure compliance for files against a known good baseline. If the agent is installed and the plugin is running on the managed resource, the validation is automatic. No scan is required. MVISION Cloud supports FIM for Amazon Web Services for files managed by containers. For details, see About File Integrity Monitoring.
Vulnerability Assessment for Runtime Container Services
When you create a Vulnerability scan, you can also select to scan containers within a VM for vulnerabilities. For details see, About Vulnerability Scans.
Configuration Audit for Google Container Registry
Security Configuration Audit now supports Google Container Registry (GCR) to scan for misconfigurations. For details, see About Configuration Audit for IaaS.
Configuration Audit for Azure Container Registry
Security Configuration Audit now supports Azure Container Registry (ACR) to scan for misconfigurations. For details, see About Configuration Audit for IaaS.
On-Demand Scans for File Attachments in Microsoft Dynamics 365
MVISION Cloud now supports On-Demand Scans the file attachments in Microsoft Dynamics 365. For details, see On-Demand Scan for Microsoft Dynamics 365.
ServiceNow Quebec 2021 and Workday Q1 2021 Support
MVISION Cloud v5.3.2 supports ServiceNow Quebec (Q1 2021) and Workday (Q1 2021). For details on the latest or previous release versions of supported CSPs, see Supported Versions of Structured Apps.
Threat Cloud Cards and Mini Cards
Threat page provides Threat Cloud Cards and Mini Cards to determine the specific threats associated with the clusters of anomalies that suggest your cloud services have been compromised. For details, see Threats Page.
CASB Connect CSPs
MVISION Cloud now supports the following CASB Connect CSPs such as DocuSign, Atlassian Access, Workplace, Jive, GitHub for Business, Bitbucket, OneLogin, ZenDesk, Okta, SmartSheet, Cisco Webex Teams. For details, see CASB Connect CSPs.
Reverse Proxy for Yammer
MVISION Cloud for Yammer provides the Contextual Access Control using Reverse Proxy for managed and unmanaged devices. For details, see Reverse Proxy for Yammer.
Cyber Risk Attribute Group Score
The Cyber Risk attribute group now holds five percent of the overall Risk Category Weight. For details, see Cyber Risk Management.
Risk Category Weight Changes for CSPs
With the change in the Risk Category Weight distribution in the MVISION Cloud 5.3.2 release, the risk score computation of all CSPs has changed. As a result, some CSPs have moved from Low to Medium and some have moved from Medium to Low. If you are using the CLR functionality to automatically block high-risk services (or any other criteria that depends on the risk score of the CSPs), anticipate a change in the count of CSPs getting blocked or unblocked as a result of the change in risk scores of these CSPs. For details, see List of CSPs Impacted with Risk Category Changes.