Skip to content

v2.5.11
Compare
Choose a tag to compare
@andrecorreaneto andrecorreaneto released this 20 Jun 17:38
· 385 commits to main since this release
v2.5.11
f6ce125
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

June 20, 2023 Release Notes - 2.5.11

  1. Performance update to the CIS Compliance Script
  2. Summary Data update to the CIS Compliance Script
  3. Fixes to the CIS Compliance Script

Performance update to the CIS Compliance Script

Migrate the querying of resources to Resource Search (a module within Oracle’s API). By using Resource Search, compartment iterations for listing items are ignored. For items that require more detailed information than Resource Search returns, only those compartments are queried. This migration reduces script execution time by 8 times.

Updates to the CIS Compliance Script

The CIS Summary report CSV adds two new columns Compliant Items, which represents the number of resources that are aligned to that recommendation, and Total which is the total number of that resource in tenancy. The Total column is also in the screen output.

Fixes to the CIS Compliance Script

Fixes

  • Updated the CIS checks 2.1, 2,2, 2.3, and 2.4 to detect Security Lists and Networks Security Groups that allow egress access to ports 22 or 3389 via allowing all protocols, all ports, or using port ranges.
  • Updated CIS Check 2.5 to only look at Default Security Lists.
Assets 2
Loading