Hi all CloudGuarders,
So... What's new in CloudGuard AppSec this month?
Web API and Web Application assets protected by CloudGuard AppSec - Improved monitoring of certificates usage and connection health to the protected web server:
- When Browsing to Cloud->Assets and selecting an asset that is protected by CloudGuard AppSec, it is possible to see the connection health between CloudGuard AppSec and the protected server’s URL, under the Reverse Proxy section.
- A green “V” will mark a healthy connection.
- In the same location, under Certificates, it is possible to view the status of each exposed URL’s certificate.
- A green “V” will mark that the certificate for the SSL-based URL has been found and installed successfully.
An agent of version v1.2246.439312 and above is needed to view all statuses listed.
Profile Token Rotation option is now available:
- When browsing to Cloud->Profiles and editing a profile, it is now possible to invalidate and create a new token for all future agent deployments by clicking a new “rotate” icon under the Authentication section.
- According to security best practices, it is recommended to periodically rotate the token for all future new installations.
- Existing agents that were already registered are not affected.
- Note - Once rotated, in order to allow deployments of additional agents, replace all deployment scripts/configuration files/key vault entries that contain the now-invalid token.
CVE-2022-3786 and CVE-2022-3602 OpenSSL vulnerability (High):
- CloudGuard AppSec (for Gateways and Linux) including a security fix for the OpenSSL issue depicted in CVE-2022-3786 and CVE-2022-3602. Customers that have Automatic updates, will get it automatically.
- For more information on required actions, visit the dedicated documentation page.
We keep working on new and exciting features for you all the time, Stay tuned!
CloudGuard AppSec Team
