2023.7.3
Changes in Veza release v2023.7.3
Insights
Enhancements
SaaS Misconfigurations for GitHub: The GitHub integration now offers additional assessment queries to monitor repository security risks. The new queries include:
GitHub Repositories without branch protection rules
GitHub Repositories that allow default branch deletion
GitHub Repositories that allow force push on default branches
GitHub Repositories that allow merges to default branches without pull request approval
GitHub Public Repositories that allow forking
GitHub Organizations with disabled MFA
GitHub Repositories with secret scanning disabled
GitHub Repositories with vulnerability alerts disabled
GitHub Security Advisories
Repositories now have the attributes allow_forking
, secret_scanning_enabled
, default_allow_delete
, default_allow_force_push
and default_require_pull_request_approval
, and has_branch_protection_rules
.
GitHub Security Advisories, used to report, track, and discuss security-related issues for software projects, are now shown as an entity type.
Please note that the integration requires the additional permission scope repository_advisories:read
to gather the relevant information.
Show destination entities in Query Builder: Query Builder now has the option to display pairs of source and destination nodes as results, similar to Workflow queries.
For example, when executing the query Google User
to Google Cloud Project
, you can choose to Show Google Cloud Projects related to each user in the results. The results will contain additional columns showing the Project name and any other destination entity attributes.
You can alternately view the connected entities for a single result by clicking the number of related entities. This will open a table view with details about each destination entity the source entity is related to.
For example, when searching for IAM Users with S3 Bucket permissions, you can click the destination entity count to review:
Each bucket that the user can access, including all discovered bucket attributes.
The effective permissions (e.g.,
READ
) the user has on the bucket.The system-level permissions (e.g.,
s3:GetObject
) by changing the displayed permission type.
Summary entities for Query Builder: Queries showing destination entities can show the authorization path for each result in a Summary Entities column. When building a query, you can select the intermediate entity types displayed in the summary, providing visibility into the Roles, Policies, Groups, or other intermediate entities connecting a result source and destination. For sample searches with path summaries, refer to the Presentation Options and Intermediate Entities documentation.
Report export enhancements (Early Access): When exporting reports in PDF format, you now have the option to show destination nodes for results, and include columns for source entity properties and summary entities.
Note that all queries in the report to export must specify the same source and destination entity types to support these options.
Integrations
Enhancements
FR-1380 AWS Elastic Container Repositories (ECR): The AWS integration now supports the discovery of public and private ECR registries and repositories. New out-of-the-box insights are available to identify:
AWS IAM Users with permission to create ECR Private Repositories
AWS IAM Users with permission to create ECR Public Repositories
AWS IAM Users with permission to put images into ECR Public Repositories
AWS ECR Public Repositories
Please note that additional permission scope is required for the integration. To prevent warnings, you should update the Veza trust policy to include the ECR
SID, or prevent extraction for the ECR service by editing the integration configuration.
Cross-Account Effective Permissions (Early Access): When enabled, the Google Cloud integration now shows cross-account access for users in one GCP organization assigned to groups in an external organization.
Custom datasource payloads in integration details: You can now view the most recent custom provider push payload in JSON format by clicking on an integration name and selecting Show Schema Definition.
Last updated