2023.7.3

Insights

Enhancements

SaaS Misconfigurations for GitHub: The GitHub integration now offers additional assessment queries to monitor repository security risks. The new queries include:

• GitHub Repositories without branch protection rules

• GitHub Repositories that allow default branch deletion

• GitHub Repositories that allow force push on default branches

• GitHub Repositories that allow merges to default branches without pull request approval

• GitHub Public Repositories that allow forking

• GitHub Organizations with disabled MFA

• GitHub Repositories with secret scanning disabled

• GitHub Repositories with vulnerability alerts disabled

• GitHub Security Advisories

Repositories now have the attributes allow_forking, secret_scanning_enabled, default_allow_delete, default_allow_force_push and default_require_pull_request_approval, and has_branch_protection_rules.

GitHub Security Advisories, used to report, track, and discuss security-related issues for software projects, are now shown as an entity type.

Please note that the integration requires the additional permission scope repository_advisories:read to gather the relevant information.

Show destination entities in Query Builder: Query Builder now has the option to display pairs of source and destination nodes as results, similar to Workflow queries.

For example, when executing the query Google User to Google Cloud Project, you can choose to Show Google Cloud Projects related to each user in the results. The results will contain additional columns showing the Project name and any other destination entity attributes.

Summary entities for Query Builder: Queries showing destination entities can show the authorization path for each result in a Summary Entities column. When building a query, you can select the intermediate entity types displayed in the summary, providing visibility into the Roles, Policies, Groups, or other intermediate entities connecting a result source and destination. For sample searches with path summaries, refer to the Presentation Options and Intermediate Entities documentation.

Report export enhancements (Early Access): When exporting reports in PDF format, you now have the option to show destination nodes for results, and include columns for source entity properties and summary entities.

Note that all queries in the report to export must specify the same source and destination entity types to support these options.

Integrations

Enhancements

FR-1380 AWS Elastic Container Repositories (ECR): The AWS integration now supports the discovery of public and private ECR registries and repositories. New out-of-the-box insights are available to identify:

• AWS IAM Users with permission to create ECR Private Repositories

• AWS IAM Users with permission to create ECR Public Repositories

• AWS IAM Users with permission to put images into ECR Public Repositories

• AWS ECR Public Repositories

Please note that additional permission scope is required for the integration. To prevent warnings, you should update the Veza trust policy to include the ECR SID, or prevent extraction for the ECR service by editing the integration configuration.

Cross-Account Effective Permissions (Early Access): When enabled, the Google Cloud integration now shows cross-account access for users in one GCP organization assigned to groups in an external organization.

Custom datasource payloads in integration details: You can now view the most recent custom provider push payload in JSON format by clicking on an integration name and selecting Show Schema Definition.