Views:
October 26, 2022, Conformity—The following features and updates are now available with Conformity's latest release on 26 October 2022.
  • Introducing the 'skipUpdatingEnabledSuppression' attribute in the Check API allowing you to prevent updating suppressed checks until you reach your 'suppressed-until' date.
  • You can now add tags when onboarding AWS, Azure or GCP accounts using the Accounts API.
  • The CSV reports now include cost and savings data for the checks related to the cost rules.
  • Added support for PCI DSS v4 and CIS Controls Version 8 across Conformity compliance features for AWS, Azure and GCP.
  • Added support for CIS GCP Foundation Benchmark Version 1.2.0 in Conformity compliance features.
Bug Fixes
  • Fixed a bug preventing CSV reports from being generated when compliance reports had 0 checks.
  • Fixed a bug to make notes mandatory while updating the suppressed or unsuppressed property in the Check API regardless of whether the underlying rule is custom or standard.
  • Fixed a bug where reports generation failed due to a large amount of data.
  • Fixed a bug with the public API `Events get` to strip all html tags (syntax to enclose username, api keys or similar data in a strong tag) from `event.attributes.description` property of the response object.
  • Fixed a bug to make the `Note` field mandatory when suppressing or un-suppressing a check the UI.
  • Fixed a bug to allow the users to go back to the Project selection from the Confirmation page when onboarding GCP projects.
  • Fixed a bug where users weren't receiving the 'Welcome' email after signing up.
  • Fixed a bug to display a warning icon indicating the rule exception state for Tags case insensitive, Tags case sensitive, and resource id filters in all 3 rule list views (Account, Organisational profile and Custom Profile).
  • Fixed a bug to increase the size limit of an Organisation Profile allowing you to save and apply multiple rule configurations to many accounts.
  • Fixed a bug where the Profile API was timing out when a profile with multiple rule configurations was applied to a large number of accounts.
  • WS-005: WorkSpaces Storage Encryption: Fixed a bug for the rule to generate checks for all Workspace checks on an AWS account instead of 25 workspaces.
Custom Policy Updates
There is no change to the custom policy as a result of the new deployment. The current custom policy version is 1.38. Click here to access the current custom policy.
New Rules
Azure
  • MySQL-002 (Configure TLS Version for MySQL Flexible Database Servers): This rule ensures that the `tls_version` parameter is set to a minimum of `TLSv1.2` for all MySQL flexible database servers.
Rule Update
  • CF-006: CloudFront Security Policy: Updated the rule to include the latest Security policies.