Runecast Analyzer Release Updates

• Addressed usability issues in large environments
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Exploit Information for Vulnerabilities - Vulnerability view is now enhanced with additional metadata indicating whether any exploit information is available for a given CVE. This introduces another layer to risk prioritization based on severity levels.
• Additional Result Statuses - Not Applicable and Not Relevant statuses have been added to make the analysis results even more transparent and easy to consume.
• Enhanced Inventory View - The Inventory view page has been redesigned to offer cohesive data and interactions across the board. This page displays the same issue grid, filters, and metadata as in other views, so you can quickly gain insights when checking the overall status of your infrastructure.
• New Compliance Profile: TISAX - The Trusted Information Security Assessment Exchange (TISAX) standard helps to ensure information security in the automotive industry and is now available in the knowledge profiles list.
• Updated OS Analysis Agent (Action Required) - New version of the OS agent is available. Update of the target systems is required to take advantage of new improvements.
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Preventing unexpected startup sequence in rare cases for OVA deployments

• The underlaying OS for OVA and cloud image deployments has been upgraded
• Added possibility to delete multiple registered OS hosts at a time
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Automated migration of potentially affected filters after upgrade to version 6.5
• DISA STIG for RHEL was updated to latest version (ver1, rel. 9)
• Standard update and maintenance of knowledge rules

• Added CIS for CentOS 7
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Tasks in Configuration Vault - performed tasks on ESXi hosts and VMs are now available in Configuration Vault. This allows easy correlation between configuration changes and performed tasks for enhanced audit tracking
• Brand new analyses comparison - provides deep insights into what has changed between two analyses - on issue and object level. Helps to track progress towards risk-free IT infrastructure
• More security profiles -Runecast now covers BSI for Kubernetes and KVKK for vSphere
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Coverage of multiple important VMware KBs affecting infrastructure availability
• Standard update and maintenance of knowledge rules, HCL records and system packages

• NIST coverage for Windows Server OS
• Increased count of automated DISA STIG rules for Windows Server
• Improved performance and stability
• Faster update of manual answers
• Addressed an issue with the vSphere WebClient plugin
• OS analysis agent update to resolve missing collection data
• Minor usability improvements of the Image Scanning view
• An ESXi 8.0 coverage in the HW compatibility checks.
• NIST coverage for Linux RHEL
• New coverage of Microsoft Vulnerabilities added (published by Microsoft this month).
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Container image scans can be shared by a dedicated URL
• NSX-T Global Manager is now supported as part of the NSX-T connection
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Extended coverage of DISA STIG for vSphere 7 (vCenter VAMI and RhttpProxy)
• Updated OS agent to allow auto-evaluation of more OS related rules
• Addressed minor usability bugs
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Additional API endpoints for container image scanning integration
• Export to Jira now available in all views
• Addressed minor usability bugs
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Added critical VMware KBs in the proactive analysis
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Coverage for critical MS Windows CVE-2022-30190
• Extended Linux vulnerabilities coverage
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Addressed minor usability bugs
• Coverage of NIST profile for Azure
• Coverage of BSI profile for Windows Server OS
• Standard update and maintenance of knowledge rules, HCL records and system packages

• Communication of “Not Analyzed” issue state – brings attention to new rule definitions that were not analyzed yet
• Added integration to Jira
• Extended vSphere collection – tags for objects are now included in Configuration Vault
• Improvements to the OS Analysis – simpler agent installation and better communication of errors during analysis
• Standard update and maintenance of knowledge rules and Hardware Compatibility List records

• Introducing Organizations - group connections into different logical units to replicate your company structure and allow only required teams to view or manage the systems they are responsible for
• Correlation with Known Exploited Vulnerabilities (KEV) catalog helps you prioritize remediation actions for any discovered vulnerabilities
• More security profiles - OS support is extended with coverage of DISA STIG profile. vSphere can be evaluated against GDPR
• All new issue lists unlock new powerful ways of how to observe, filter, inspect and resolve all the reported issues

• Improved usability
• Standard update and maintenance of knowledge rules and Hardware Compatibility List records

• New CIS Benchmarks - Windows Server 2019 and RHEL 7
• Extended coverage of VMware NSX-T
• Fixed usability bugs
• Standard update and maintenance of knowledge rules and HCL records

‍

• Added a rule detecting a newly published log4j2 vulnerability (CVE-2021-45105)
• Updated log4j to version 2.17 to address CVE-2021-45105
• Updated ElasticSearch and Logstash to 6.8.22 which contain the latest log4j 2.17
• Fixed the OS agents installation script to work with localized Windows versions
• Updated the VMSA-2021-0028 body in the UI according to the latest VMware updates
• Updated the VMware Horizon log4j analysis rule as now there is a patch released, based on VMSA-2021-0028
• Adjusted the Apache Log4j2 Security Update CVE-2021-45046 severity to Critical

• Runecast Analyzer and all components are fully patched to address CVE-2021-44228 and 2021-45046
• Updated detection of Apache Log4j Java library vulnerability (CVE-2021-44228) on Windows and Linux which improves the results accuracy and makes the results more explanatory
• Detection on Windows, Linux, and VMware of newly added Apache Log4j Java library vulnerability (CVE-2021-45046)
• Updated Elasticsearch and Logstash components to version 6.8.21 to address CVE-2021-44228 and 2021-45046
• New Windows 2016 Domain Controller CIS profile added that extends the compliance capabilities on Microsoft platform
• Improved detection of CVE-2021-44228 reducing false positives

• Detection of Apache Log4j Java library vulnerability (CVE-2021-44228) on Windows and Linux
• Applied Log4j vulnerability workaround on Elasticsearch components
• Log4j library used in Runecast Analyzer updated to latest recommended version - 2.16.0
• Updated evaluation of VMSA-2021-0028 to include the newly added NSX-V

• Apache Log4j Java library is updated to version 2.15.0 to address CVE-2021-44228
• Critical VMSA-2021-0028 is covered by Runecast Analyzer

• Support for LDAP as an Identity Source. You can now use local user management, Active Directory or LDAP/LDAPS groups to allow access to Runecast
• Significant Remediation improvements – additional remediation rules for AWS, doubling the amount of remediable issues and the ability to add parameterized remediable content (such as timeout values, etc.)
• New Configuration Vault views – for Kubernetes and NSX-V
• vSphere7 Update 3 checks against VMware Hardware Compatibility List (HCL)

• Configuration Vault: Introducing a new summary widget to spot changes or deviations easily.
• Configuration Vault: added ability to apply the same baseline on multiple systems
• Configuration Vault: added AWS insights with multiple additional views
• Added Remediation functionality for AWS environments.

• Introducing Configuration Vault to highlight inconsistencies and configuration drift in your environment
• Introducing Remediation - generate scripts & Ansible playbooks to remediate issues at speed
• Knowledge Definition update

• Added Best Practices Profile for vSphere on Nutanix
• Added CIS Benchmark for ESXi 7.0
• CIS Benchmark updates for ESXi 6.7
• Knowledge definition update

• Runecast Analyzer can be deployed natively on Azure from Azure Marketplace
• Added Vulnerability Management
• User Guide is now additionally embedded into the appliance for offline usage
• ‍VMware Hardware Compatibility widget added to the main dashboard
• Added standard port groups to the list of reportable objects for vSphere environments
• Knowledge definition update

• Knowledge definition updates

‍

• Added ServiceNow integration 
• Added automated audits and reporting for Cyber Essentials compliance in vSphere environments
• Knowledge definition updates

‍

• New onboarding wizard guiding the initial setup of your vCenter, AWS and Kubernetes environment in Runecast
• AWS dashboard improvements (new widgets for severity, profiles and history)
• Full Public API coverage for NSX-T, Kubernetes, AWS, VMware Cloud Director
• User interface of the Runecast definition database view enhanced  
• Knowledge definition updates

• Added initial VMware Cloud Director support (Early Access)
• Knowledge definition updates

• Audits against VMware’s Security Configuration Guide (SCG) for NSX-T
• Insights for Edge Nodes, Host Nodes, and Management Nodes
• Checks against VMware Knowledge Base articles covering NSX-T
• Validation against NSX-T best practices

• Added ISO 27001 compliance profiles supporting VMware and AWS
• Added STIG Viewer export
• Added VMware Security Configuration Guide 7.0 support

• Fix added to allow vCenters with vSAN 7.0 U1 to be correctly analysed
• Knowledge definition updates

• Custom Profiles Support.
• Adding Kubernetes (CIS and Best Practices).

• Added GDPR compliance profile for AWS.‍
• Latest knowledge definition updates.

‍

• Fixed a problem to upgrade to 4.4.2.0 when Active Directory was configured.
• Knowledge definition updates.

‍

• Update of vSphere 6.5 DISA STIG to version 1, release 4.
• Added official best practices for Pure Storage Flash Array.
• Knowledge definition updates.

‍

• Improvements to the analysis algorithm to support the latest knowledge definitions.
• Knowledge definition updates.

‍

• VMware Hardware Compatibility: New override functionality enables that particular hardware can be marked manually as compatible, and the information will be applicable in all areas of Runecast Analyzer.
• UI redesign of the Hardware Compatibility feature for increased usability, readability, and accessibility.
• Knowledge definition update.

• HW Compatibility: Added smarter evaluation of socket configurations for servers. 
• Enterprise Console: Added new public API endpoint for group management. Added search/filter functionality for connected systems. Increased loading speed of local systems by 70%.
• Knowledge definition update.

• Added NIST security profile compliance scans for native AWS environments. 
• Knowledge definition update.

• General improvement: Full vSphere 7.0 support.
• Possibility to deactivate VMware HCL checks for any socket number configurations via public API of Runecast Analyzer.
• Knowledge definition update.

• Enterprise Console: New dashboard to monitor a network of Runecast Analyzers and all connected systems.
• Added CIS security profile compliance scans for native AWS environments. 
• Knowledge definition update.

• Best Practices for SAP HANA deployments on VMware.
• NIST (VMware) compliance profile to support federal agencies.
• Added the ability to use custom repositories to update your appliances and deliver knowledge updates.
• Added the ability to include/hide healthy inventory objects (hosts, devices, etc...) from the inventory view.
• Improvements to the user interface and handling for better usability and consistency.

• Update to activate free Horizon analysis to support the home office situation world wide due to COVID-19 crisis.
• Knowledge Definition Updates.

• New usability enhancements.
• Knowledge Definition Update.

• New Security Hardening profile - CIS (Center for Internet Security) for VMware environments.
• Update of DISA STIG profile for vSphere 6.5 ESXi and Virtual Machine.
• Inventory view enhanced with total issue count for each object and all its descendants.

• New Security Hardening profile -  BSI Security Standard.
• Major Performance Improvements.
• Knowledge Definition Update.

• Customizable PCI-DSS criteria based on your enterprise-specific security requirements.
• Add the Log Analysis improvements.
• Improving check of VMSA-2019-0011.

• New HCL ESXi upgradability feature.
• General VMware Hardware Compatibility List (HCL) Improvements.
• WebClient Plugin Improvements.
• Data simplification after 1 Year.

• Brand new automated VMware HCL functionality available in public Beta: Including Host and IO devices checks.

• Update of DISA STIG.