Release notes: 2.4.21

Find out what's new in version 2.4.21.

1 minute read

The StackRox Kubernetes Security Platform version 2.4.21 includes several new features and enhancements. To upgrade to this release from a previous version, see the Upgrade StackRox section.

The StackRox Kubernetes Security Platform enforces licensing restrictions in version 2.4.20 and higher.

Contact your sales representative or StackRox support if you don’t have a license.

Key features and improvements

Analyze process activity

Gain more visibility and control over the processes running in your deployments. From the Risk view, you can now see and address abnormal process executions. You can also define a set of processes that are allowed to run and trigger violations for all other processes. See the use process baselining page for more details.

Custom TLS server certificate

You can now set a custom certificate on the Central server, so users and API clients don’t have to bypass certificate security warnings.

Dark mode

You can now change the StackRox portal to use a darker color scheme. To toggle between the dark mode and the light mode (default), select the Sun or the Moon icon in the upper right corner.

eBPF on Red Hat Enterprise Linux

You can now choose to collect runtime activity on Red Hat Enterprise Linux using an Extended Berkeley Packet Filter (eBPF) program instead of a kernel module. To use eBPF in a cluster, select the eBPF option when you configure a Kubernetes or OpenShift cluster in the Platform Configuration > Integrations view.

Policies on volumes

You can now add policies that check whether host-mount or other volumes are writable so that you can prioritize writable volumes over read-only volumes. To get started, navigate to Platform Configuration > System Policies.

Important bug fixes

  • ROX-2157: Previously, the API reference showed field names with the wrong capitalization. The API reference documentation now uses the correct capitalization (camelCase).
  • ROX-1840: In the Role-Based Access Control (RBAC) configuration view, there was a mismatch between the listed permissions and the initially defined permissions. The view now shows the correct set of permissions defined for a role.
  • ROX-2389: Previously, StackRox Central could crash while sending a violation to Splunk if an invalid image name was used in the affected deployment. Version 2.4.21.2 resolves this issue.

Questions?

We're happy to help! Reach out to us to discuss questions, issues, or feature requests.

© 2021 StackRox Inc. All rights reserved.