November 21, 2022, Conformity—The following features and updates are now available
with Conformity's latest release on 21 November 2022.
- The FISC Security Guidelines v9 compliance standard mapping now supports the latest AWS and Azure rules released in Conformity.
Bug Fixes
- Enhanced the scanning of all AWS RDS Instances to reduce throttling.
- Fixed a bug where the note for 'number of checks included' indicated an incorrect count while configuring a report for individual checks.
- Fixed a bug where the 'Account rule settings' notes were not being saved correctly for the Custom Role Full Access Users.
- KMS-002:Key Rotation Enabled: Fixed a bug where checks were generated incorrectly if the KMS key did not support key rotation.
Custom Policy Updates
There is no change to the custom policy as a result of the new deployment. The current
custom policy version is 1.38. Click here to access the current custom policy.
Rules
Azure
SecurityCenter-039: Enable Automatic Provisioning of Vulnerability Assessment for
Virtual Machines: This rule advises users to manually check that automatic provisioning
of vulnerability assessment solutions is `Enabled` for virtual machines.
Rule Updates
Fixed an issue with the following rules handling AWS regions with restricted permissions
in Conformity:
- EBS-010: EBS Volumes Attached to Stopped EC2 Instances
- VPC-016: VPC Endpoints in Use
- S3-025: S3 Buckets Encrypted with Customer-Provided CMKs
- CT-003: Publicly Accessible CloudTrail Buckets
- RDS-027: Instance Level Events Subscriptions
- RDS-028: Security Groups Events Subscriptions
- RDS-029: RDS Event Notifications
- RDS-039: RDS Instance Not in Public Subnet
End of Life - Conformity Cost Optimization Feature
*The Conformity Cost Optimization feature will reach end of life with the upcoming
release on 21 November 2022. If you've missed our advance notice, please read through
the details below.*
Why are we doing this?
The Cost Optimization feature used data from the deprecated AWS ‘Detailed Billing
Report’. AWS strongly recommends that all customers move away from this report and
migrate to the newer Cost and Usage Report.
We have decided to discontinue all support for Cost Analysis as our strategic focus
as Trend Micro Cloud One ™ Conformity is on core Cloud Security Posture management
(CSPM) features.
What does it mean for you?
No Cost Optimization widget - you will stop seeing the Cost Optimization widget on
your Organizations’ Main Dashboard.
What happens to the Cost Rules?
All Cost category rules except for the following Rules will still be available to
all customers. We’re deprecating these four Rules because their AWS data source is
a deprecated AWS billing report.
What do I need to do?
You don't need to do anything at your end. If you wish, you can turn off the AWS Billing
report used by Conformity. If you have any concerns or queries regarding the end of
life for the Cost Optimization feature, please reach out to your account managers.
*The Cost Optimization feature is unavailable to our Trend Micro Cloud One ™ Conformity
customers.*