Release Notes 3.8

This release includes new features, enhancements, and fixes as part of version 3.8.

CoreStack FinOps

  • Enhanced FinOps Maturity Assessment Detailed Report.
  • Potential cost savings trend with 3-6 months data.
  • Event date (by month) for resources violating cost policies.
  • Cost spend and savings UI/UX.
  • GCP Parent Billing Account

    • A GCP Organization can be onboarded as a tenant in CoreStack.
    • Billing sub-account(s) and details can be tracked under GCP Organization.
    • Updated functionality to capture reseller margin changes.

    Cost Visibility

    • Enhanced Cost visibility view with additional filter options.

    Cost Optimization

    • Cost Recommendation detailing info for individual resources are enriched with resource utilization and recommendation definition data.
    • Added additional cost optimization policies to support:
      • Azure Cosmos DB (Cassandra, Gremlin, MongoDB, SQL, Table).
      • Azure App Service Plan
      • AWS Lambda
      • AWS EBS
      • AWS Tags
      • AWS Redshift
      • OCI Compute
      • OCI Block storage
      • OCI Budgets

    CoreStack SecOps​​​​​​​​​​​​​​

    • Added policy for governing Network Architecture of an Account. The configuration will validate whether the network architecture in the cloud has been applied properly based on the rules provided to CoreStack.

    • Added GCP premium policies into CoreStack policies.

    CoreStack CloudOps​​​​​​​

    • Added operational policies for compute instances, load balances, databases (ADW and ATP) and volumes.

    • Added multi-factor authentication (MFA) for all account levels.

    • Added Resource Tag Management for all the Azure supported resources.

    • Enhanced Azure Log Analytics to create and manage KQL queries from Azure without switching between workspaces.

    • In Resource > Inventory > Cloud Services > select Azure. In Category, select Network. The network security group resources will appear. Click View under Rules to view or download resource-specific rules. The rules shows inbound and outbound communication information.

    • Added Secure Score for custom APIs. The score gives you a rating of the security of your APIs, as well as their stability over time.

    • For OCI cloud accounts, under Resource > Inventory > Cloud Accounts > Actions, you can create Tag Rules.

    • For OCI cloud accounts, added Inventory Management Actions:

      • START
      • STOP
      • RESET
      • DELETE
      • SOFTSTOP
      • SOFTRESET
    • Added set OCI budgets and receive alerts.

    • In Azure Resource Posture, you can select the View option (eye icon) in the grid against a specific Cloud Account or Tenant. A drill-down graph shows the break-up of the resource counts by:

    • Resource Category

    • Application

    • Resource Type

    • Resource Group (For Azure & GCP)

    • Region (For AWS)

    • Cloud Account (For Tenant Level view)

    Global Tenant

    • For Account Admin and Tenant Admin, added the global Tenant view to retain a selected Tenant to show across the different modules/sections/pages of the product.
      • In Governance > Account Governance, the Global Tenant is available across all pages.  
      • In Operations > Posture, the Global Tenant is available across all pages.  
      • In Security > Posture, the Global Tenant is available across all pages.  
      • In Cost > Posture, the Global Tenant is available across all pages.  
      • In Access > Posture, the Global Tenant is available across all pages.  
      • In Access > Posture > Cloud Provider > Access Violation Summary > Cloud Account > Visibility, the Global Tenant is available across all pages.  
      • In Resource > Posture, the Global Tenant is available across all pages.  
      • In Resource > Posture > Account > Cloud Account > Visibility, the Global Tenant is available across all pages.  
      • In Resource > Posture > Tenant > Tenant name > Visibility, the Global Tenant is available across all pages.  
      • In Compliance > Posture > By cloud, the Global Tenant is available across all pages.  
      • In Compliance > Posture > By policy, the Global Tenant is available across all pages.  
      • In Recommendations, the Global Tenant is available across all pages. 
      • In Reports > Global, the Global Tenant is available across all pages.  
      • In Settings > Cloud Accounts, the Global Tenant is available across all pages.  
      • In Settings > Integrated tools, the Global Tenant is available across all pages.  
      • In Settings > Resource Catalog, the Global Tenant is available across all pages.  
      • In Settings > Tenants, the Global Tenant is available across all pages.  
      • In Settings > Roles, the Global Tenant is available across all pages.  
      • In Settings > User groups, the Global Tenant is available across all pages.  
      • In Settings > Users, the Global Tenant is available across all pages.  
      • In Settings > Audit log, the Global Tenant is available across all pages.  

    Audit Log

    • Below User group write operations logs are captured in the Audit log.

      • User group creation/updation/deletion
      • Add/Delete members to the User group
      • Assign/Unassign roles to the User group
      • Add/Delete tenants to the User group
      • Cloning (duplicating) a user group
    • Added below filter types.

      • Action - Multi-select
      • Function - Multi-select
      • User - Multi-select
      • Duration - Uni-select
    • Renamed Description field as Activity.

    • Added below fields to Audit details section.

      • Function
      • Action type
      • Action taken on
      • User
      • Date
      • IP Address
      • User Agent
      • Activity

    Reports

    • In Reports > Security > AWS > Threat Analytics > AWS Security Threat, added AWS threat report. The report shows threats based on various cloud resources, findings, intent, location, and threat trend. This meta data is captured as reported by customer cloud accounts.

    • In Reports > Security > Azure > Threat Analytics > Azure Security Threat, added Azure threat report.

    • Added Azure Tag Report.

    • Added AWS Vulnerability Trend report.

    • Azure Utilization report based on Metric Enhancement.

    • Enhanced Azure Cost Monthly report.

    • Enhanced EC2 Analytics report.

    • Enhanced GCP Cost Monthly report.

    • Enhanced Report UI/UX.

    • Added Azure Newly Added Resource report.

    • In the FinOps Detail Report, at the resource level, added date to see when the resource was first recommended by CoreStack.

    CoreStack Compass (WAF)

    • Added pop up notifications when critical actions are triggered.
    • Added email notifications when assessment is submitted/ approved.

    Bug Fixes

    • Operation alert email generated with the delay.
    • Tenant name and Subscription name were missing in the reservation Policy output.
    • Tag Sync Issue - In resource inventory some of tags were not synced due to missing parameter in schema
    • Dedicated setup endpoint redirected to vanilla CoreStack URL when logged in using Azure SSO.
    • Cost budget setting were not working in few cases.
    • AWS Vulnerability report were showing duplicate values.
    • Security threats were not listing in details section.
    • Search option weren’t working in Inventory Page.
    • RI Utilization graph data were not available for any reserved instance.
    • SKU and resource name were showing NA for right sizing.
    • Download Option were not working under Current Reservations section.