Netskope Cloud Exchange Release Notes Version 4.0.0
We are excited to announce our Cloud Exchange 4.0.0 updates! Get the latest features, issues fixed, and other updates in this release.
Changes in 4.0.0 are listed below.
Added
Application Risk Exchange (ARE) module.
Support for dataexport (aka Iterator) APIv2 log retrieval endpoints - note, incident endpoint not yet supported.
Support for RHEL 7.9 (RHEL 8.0 already supported).
Threat Exchange workflow configuration option for handling duplicate threat IoCs from same or multiple sources over time.
Ticket Orchestrator field auto-learning/notification.
Log Shipper field auto-learning/notification (CLS Mapping Wizard Enhancement).
Risk Exchang score calculation details in the plugin description.
Installation ID to the diagnose script.
Functionality to add new tags during a POST or PATCH API calls to the CTE Indicators.
Functionality to send data without transformation to SIEMs.
Changed
Enhanced reporting of Threat Exchange file sizes to be uploaded to Netskope.
Graceful handling of excessive URL counts or Filehashe file sizes in Threat Exchange for transmission.
Updated Netskope Threat Exchange plugin (Removed default hash while sharing).
Removed
Removed update from UI functionality (CLI is now the only update path).
Here is the list of issues fixed in this release.
Addressed vulnerabilities.
Updated Netskope plugin to handle the cases where we can not find hashes from the Malware alerts.
Fixed an issue related to Log Shipper migration.
Fixed memory issue which arose when sharing a large number of indicators in Threat Exchange.
Fixed issue which arose when extracting >100,000 Risk Exchange logs per user or host
Fixed issue with self-signed certificates for Cloud Exchange running on MacOS.
Fixed issue where plugins were updated automatically.
CE has to be restarted when there is a plugin update that has changes to multiple python files.
If CE was installed previously using ZIP instead of GIT, customers will need to back up the database and migrate it to the new directory as specified in the migration notes.
If CE is installed on a RHEL host, it can not be configured within podman to always restart automatically. Upon failure, customers will need to manually restart CE.
The Extra Large profile has performance issues that are under investigation.