The StackRox Kubernetes Security Platform version 3.0.52 includes new features, bug fixes, and system changes. To upgrade to this release from a previous version, see the Upgrade StackRox section.
Release date: November 18, 2020
You can now send alert notifications and audit events from the StackRox Kubernetes Security Platform to a SIEM or a syslog collector. To get started, see Integrate using Syslog protocol.
The StackRox Kubernetes Security Platform version 3.0.52 supports the latest Kubernetes version 1.19. See the supported platforms topic to learn more about the operating systems, container platforms, and managed Kubernetes services that we support.
Release date: Dec 7, 2020
The StackRox Kubernetes Security Platform version 188.8.131.52 adds support for external network endpoints in the network graph See the network graph topic to learn more about viewing and configuring external endpoints in the network graph.
- ROX-5597: Previously, if you were monitoring Google’s Container-Optimized OS with Collector by using eBPF probes, sometimes the OS reported high CPU usage. We’ve optimized the Collector image to reduce CPU usage.
- ROX-5758: Previously, Scanner didn’t mark some ASP.Net Core CVEs as fixable (only for patch releases) because the corresponding NVD database didn’t report fixes for those CVEs. We’ve updated Scanner, and it now reports fixable ASP.Net Core CVEs.
Release date: Dec 7, 2020
- ROX-5984: We’ve fixed an issue where unconfigurable options were visible when configuring the syslog integration.
- ROX-5988: We’ve fixed an issue where viewing image components caused UI errors under certain conditions.
- ROX-6070: Previously, when integrating with some OpenID Connect (OIDC) Identity Providers, the Test Login option would report connection errors. We’ve fixed this issue.
We’ve removed the redundant option to filter risks by priority from the Risk view.
Scanner now identifies vulnerabilities in the latest Ubuntu version 20.10 images, and distroless Docker images.
We’ve added new policy criteria called Container Name that evaluate policy against the provided container name.
|Main||It includes Central, Sensor, Admission Controller, and Compliance. It also includes ||stackrox.io/main:184.108.40.206|
|Scanner DB||Stores image scan results and vulnerability definitions.||stackrox.io/scanner-db:2.7.1|
|Collector||Collects runtime activity in Kubernetes or OpenShift clusters.||collector.stackrox.io/collector:3.1.8-latest|
|New topic||StackRox architecture||Discover the StackRox Kubernetes Security Platform architecture and concepts.|
|New section||Examine images||Added a new Supported operating systems section.|
|New section||Supported platforms||Added a new StackRox Kubernetes Security Platform support section and clarified the Kubernetes versions we support.|
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.