August 10, 2022, Conformity—The following features and updates are now available with
Conformity's latest release on 10 August 2022.
Bug Fixes
- Fixed a timeout bug happening when adding an AWS account vis Public API.
- Fixed a bug with SNS notifications being triggered for excluded resources in any rule for AWS, Azure and GCP bots.
Custom Policy Updates
There is no change to the custom policy as a result of the new deployment. The current
custom policy version is 1.37. Click here to access the current custom policy.
New Rules
Azure
- Network-021: Check for Unrestricted MongoDB Access: This rule ensures that no network security groups allow unrestricted inbound access on TCP ports 27017, 27018 and 27019.
- Azure: Network-024: Check for Unrestricted NetBIOS Access: This rule ensures that no network security groups allow unrestricted inbound access on TCP port 139 and UDP ports 137 and 138 (NetBIOS).
- Azure: VirtualMachines-039: Server Side Encryption for Boot Disk using CMK: This rule ensures that Azure VM managed disk boot volumes are encrypted at rest using customer-managed keys (CMKs).