Current Release - Release Notes Ransomware Defender AWS
Release Date | Version |
---|---|
- What’s New in Superna Eyeglass Ransomware Defender AWS Edition Release 3.1.1
- Fixed in 3.1.1
- What’s New in Superna Eyeglass Ransomware Defender AWS Edition Release 3.1.0 (05/03/2023)
- Fixed in 3.1.0
- RWDAWS-235 [Ignored List] : able to generate TD events from paths added to the ignored list
- RWDAWS-233 Remove 'Create/Delete Snapshot' option from Actions menu for an active or archived event
- RWDAWS-182 False alarm about eca node version doesn't match eyeglass version
- RWDAWS-98 Uploading files to s3 buckets triggers TD15
- RWDAWS-240 [Monitor Only Settings] : events from path added to the monitor only settings should be in monitor mode
- RWDAWS-241 Cluster up may get stuck sometimes at Initializing hbase schema step
- RWDAWS-179 [Active Auditor]: Monitor only mode - generic TD's can be raised as a warning, major and critical
- RWDAWS-239 Data Start and end times on easy audit reports are sometimes inaccurate
- Known Issues
- General
- RWDAWS-236 UI hang issues plus unrelated error messages are shown randomly
- RWDAWS-355 Able to trigger TD15 when bytes match percent tolerance is greater than default value
- RWDAWS-434 Add Managed Device UI - when select 'show protected buckets only' option, no data is shown
- Webhooks
- RWDAWS-386 [Webhooks] : RSW event - do not send Security guard events
- RWDAWS-377 [Webhooks] : RSW event - remove MINOR option from event severity filter
- Cyber Recovery Manager
- RWDAWS-417 [Cyber Recovery Manager] : Missing S3 permissions for CloudFormation template
- RWDAWS-419 [Cyber Recovery Manager] : Ransomware event gets triggered when recovery job moves file to quarantine directory
- RWDAWS-416 [Cyber Recovery Manager] : Bucket versioning status is not shown correctly on UI
- RWDAWS-482 [Cyber Recovery Manager] Bucket versioning enabled - file objects are not restored to the most recent version
- Security Guard
- RWDAWS-231 Security Guard Log Viewer - Copy to Clipboard doesn't work
- RWDAWS-354 [Security Guard] : 'Run Now' button gets disabled after close and re-open Superna Defender UI
- Active Auditor
- RWDAWS-354 [Active Auditor] : Can not trigger CRTA policy events
What’s New in Superna Eyeglass Ransomware Defender AWS Edition Release 3.1.1
Fixed in 3.1.1
What’s New in Superna Eyeglass Ransomware Defender AWS Edition Release 3.1.0 (05/03/2023)
Fixed in 3.1.0
RWDAWS-235 [Ignored List] : able to generate TD events from paths added to the ignored list
- UI element not shown properly
- path hint shows as “<Bucket>/Path/To/Object“. Close UI, re-open again, path shows as “/ifs/“.
- rsw event should not be generated for paths added to ignored paths list.
RWDAWS-233 Remove 'Create/Delete Snapshot' option from Actions menu for an active or archived event
For any active or archived TD events, still seeing option to create/delete snapshot.
RWDAWS-182 False alarm about eca node version doesn't match eyeglass version
Seeing informational alarm raised about “ECA node version does not match the Eyeglass version“
RWDAWS-98 Uploading files to s3 buckets triggers TD15
Observing that TD15 if just triggered by uploading files to AWS s3 bucket. For upload the event type is OBJECT_WRITE.
RWDAWS-240 [Monitor Only Settings] : events from path added to the monitor only settings should be in monitor mode
For a path added to Monitor Only Settings, TD events should be generated in monitor mode and warning severity. But currently able to get events as WARNING/MAJOR/CRITICAL.
RWDAWS-241 Cluster up may get stuck sometimes at Initializing hbase schema step
Eca cluster up may get stuck at Initializing hbase schema step.
RWDAWS-179 [Active Auditor]: Monitor only mode - generic TD's can be raised as a warning, major and critical
Monitor only mode - generic TD's can be raised as a warning, major and critical.
RWDAWS-239 Data Start and end times on easy audit reports are sometimes inaccurate
When running an audit report, the timestamps of the resulting dataset's first and last audit records are displayed on the UI.
Known Issues
General
RWDAWS-236 UI hang issues plus unrelated error messages are shown randomly
Noticing that sometimes eyeglass UI hangs or takes time to load UI elements OR randomly triggers user logoff from GUI. In between also see some random error messages pop up window
RWDAWS-355 Able to trigger TD15 when bytes match percent tolerance is greater than default value
Able to trigger TD15 when bytes match percent tolerance is greater than default value
RWDAWS-434 Add Managed Device UI - when select 'show protected buckets only' option, no data is shown
When select “show protected buckets only“ on ‘Add Managed Device’ UI, it shows no data (even though protected buckets are added)
Webhooks
RWDAWS-386 [Webhooks] : RSW event - do not send Security guard events
SG events are sent to webhook endpoint if matches filter criteria.
RWDAWS-377 [Webhooks] : RSW event - remove MINOR option from event severity filter
For RSW events, severity can only be WARNING, MAJOR and CRITICAL.
There is no MINOR severity
Cyber Recovery Manager
RWDAWS-417 [Cyber Recovery Manager] : Missing S3 permissions for CloudFormation template
Missing S3 permissions for CloudFormation template
RWDAWS-419 [Cyber Recovery Manager] : Ransomware event gets triggered when recovery job moves file to quarantine directory
Ransomware event gets triggered when recovery job moves file to quarantine directory
RWDAWS-416 [Cyber Recovery Manager] : Bucket versioning status is not shown correctly on UI
In AWS, when bucket version = disabled , on GUI its shows ERROR_GETTING_STATUS
RWDAWS-482 [Cyber Recovery Manager] Bucket versioning enabled - file objects are not restored to the most recent version
Bucket versioning enabled - file objects are not restored to the most recent version
Security Guard
RWDAWS-231 Security Guard Log Viewer - Copy to Clipboard doesn't work
Security Guard Log Viewer - Copy to Clipboard doesn't work
RWDAWS-354 [Security Guard] : 'Run Now' button gets disabled after close and re-open Superna Defender UI
'Run Now' button gets disabled after close and re-open Superna Defender UI
Active Auditor
RWDAWS-354 [Active Auditor] : Can not trigger CRTA policy events
CRTA policy events can not be triggered in eyeglass