Skip to content

Releases: CheckPointSW/charts

2.20.0: RP File Reputation on GKE COS; fluentbit removal; misc.

27 Apr 12:30
c202642
Compare
Choose a tag to compare

Image Assurance | 2.21.0

  • improvements for slow networks and large images

RuntimeProtection | runtime-daemon 1.6.2, runtime-probe 0.30.2-cp-3, runtime-cos-compat 0.0.9

  • Google COS support in File Reputation engine
  • Security enhancements
  • FluentBit container removal from runtime-daemon Pod
  • Profiling engine improvements - better detection of startup event

All features

  • FluentBit removal

Full Changelog: 2.19.1...2.20.0

2.20.0 ea: RP File Reputation on GKE COS; fluentbit removal; misc

30 Mar 09:46
ac00df0
Compare
Choose a tag to compare

Image Assurance | 2.21.0

  • improvements for slow networks and large images

RuntimeProtection | runtime-daemon 1.6.2, runtime-probe 0.30.2-cp-3, runtime-cos-compat 0.0.9

  • Google COS support in File Reputation engine
  • Security enhancements
  • FluentBit container removal from runtime-daemon Pod
  • Profiling engine improvements - better detection of startup event

All features

  • FluentBit removal

Full Changelog: 2.19.0-ea...2.20.0-ea

2.19.1: IA: JFrog Artifactory auto-discovery, CRI v1; RP enhancements

20 Feb 06:03
83fecf7
Compare
Choose a tag to compare

Image Assurance 2.20.1

  • Support JFrog Artifactory auto-discovery
    • When onboarding an Artifactory instance to CloudGuard you should provide the base URL of the Artifactory instance and CloudGuard will scan images of all discovered sub-registries
  • Agents load updated registry credentials and CA bundle without restarting the deployment
  • CRI: support v1 API following v1alpha2 removal
  • CRI-O/Openshift: support nodes without podman on nodes, do not use podman if possible

Runtime Protection - daemon 1.0.0, probe 0.28.0-cp-7

  • logging enhancement
  • telemetry enhancement
  • security enhancement

Full Changelog: 2.18.0...2.19.1

2.19.0 ea: IA: Artifactory auto-discovery, CRI v1; RP enhancements

13 Feb 08:05
8e4f9c6
Compare
Choose a tag to compare

Image Assurance 2.20.0

  • Support JFrog Artifactory auto-discovery
    • When onboarding an Artifactory instance to CloudGuard you should provide the base URL of the Artifactory instance and CloudGuard will scan images of all discovered sub-registries
  • Agents load updated registry credentials and CA bundle without restarting the deployment
  • CRI: support v1 API following v1alpha2 removal
  • CRI-O/Openshift: support nodes without podman on nodes, do not use podman if possible

Runtime Protection - daemon 1.0.0

  • logging enhancement
  • telemetry enhancement
  • security enhancement

Full Changelog: 2.18.0-ea...2.19.0-ea

2.18.0: auto-detect EKS + k3s, linux amd64 node selector, more

09 Jan 15:28
3f7917d
Compare
Choose a tag to compare
  • Auto-detection: added k3s (Rancher) and improved for EKS.
  • Add containerRuntimeSocket helm parameter for runtime socket path.
  • Run pods only on Linux amd64 nodes - default node selector updated.
  • Fix helm install warning when setting environment variables for a pod.

Full Changelog: 2.17.0...2.18.0

2.18.0 ea: auto-detect EKS + k3s, linux amd64 node selector, more

09 Jan 15:28
e57ac1b
Compare
Choose a tag to compare
  • Auto-detection: added k3s (Rancher) and improved for EKS.
  • Add containerRuntimeSocket helm parameter for runtime socket path.
  • Run pods only on Linux amd64 nodes - default node selector updated.
  • Fix helm install warning when setting environment variables for a pod.

Full Changelog: 2.17.0-ea...2.18.0-ea

2.17.0: new registries scan, IA list batching, RP limited GA

21 Dec 07:56
c90e506
Compare
Choose a tag to compare

Image Assurance 2.18.1:

  • Registry images list is sent in batches, allowing to support large registries with many repositories
  • Supporting image scanning in additional registry types
    • Harbor
    • JFrog Artifactory
    • Google Artifact Registry
  • Supporting registries with Self generated certificates
  • Increase images scan rate

Runtime Protection: daemon 0.0.822, policy 1.3.0

  • Limited General Availability (GA) for Runtime Protection, including
    • Malicious Signatures engine
    • File Reputation engine
    • Behavioral Profiling (as Public Preview)

All features

  • Inventory 1.8.0 and Flow Logs 0.8.0: minor improvements

Full Changelog: 2.16.0...2.17.0

2.17.0 ea: new registries scan, IA list batching, RP limited GA

21 Dec 07:55
515b30b
Compare
Choose a tag to compare

Image Assurance 2.18.1:

  • Registry images list is sent in batches, allowing to support large registries with many repositories
  • Supporting image scanning in additional registry types
    • Harbor
    • JFrog Artifactory
    • Google Artifact Registry
  • Supporting registries with Self generated certificates
  • Increase images scan rate

Runtime Protection: daemon 0.0.822, policy 1.3.0

  • Limited General Availability (GA) for Runtime Protection, including
    • Malicious Signatures engine
    • File Reputation engine
    • Behavioral Profiling (as Public Preview)

All features

  • Inventory 1.8.0 and Flow Logs 0.8.0: minor improvements

Full Changelog: 2.16.0-ea...2.17.0-ea

2.16.0: credentials from secret, Rancher, RP on EKS & OpenShift, AC fix

04 Dec 06:03
485bd51
Compare
Choose a tag to compare
  • Admission Control:
    enforcer 2.3.0: fix System Event error message of "the agent has suffered a loss of connectivity which lasts for 24 hours"
    policy 1.2.2: fix

  • Runtime Protection:
    probe 0.28.0-cp-6: support automated installation of kernel headers on EKS, fix installation on OpenShift

  • All features:
    Support Rancher/k3s via manually setting ‘platform’ helm flag
    Support specifying CloudGuard credentials via a Kubernetes secret
    Improve concurrency of rolling updates of daemonsets

Full Changelog: 2.15.1...2.16.0

2.16.0 ea: credentials from secret, Rancher, RP on EKS & OpenShift, AC fix

24 Nov 13:32
8a7b513
Compare
Choose a tag to compare
  • Admission Control:
    enforcer 2.3.0: fix System Event error message of "the agent has suffered a loss of connectivity which lasts for 24 hours"
    policy 1.2.2: fix

  • Runtime Protection:
    probe 0.28.0-cp-6: support automated installation of kernel headers on EKS, fix installation on OpenShift

  • All features:
    Support Rancher/k3s via manually setting ‘platform’ helm flag
    Support specifying CloudGuard credentials via a Kubernetes secret
    Improve concurrency of rolling updates of daemonsets

Full Changelog: 2.15.1-ea...2.16.0-ea