The following enhancements were made in previous releases ofBMC Helix Cloud Security.
September 2020: 15 September, 2020
This release of BMC Helix Cloud Security includes the following features and enhancements:
Available on the Helix Platform
BMC Helix is a portfolio of SaaS offerings delivering service and operations management that is fast, accurate and cost-effective, across multi-cloud, multi-device, and multi-channel environments. BMC Helix services are delivered from your cloud location of choice and receive the benefits of BMC's world-class SaaS Operations team and processes. For more information,BMC Helix Portal. BMC Helix Cloud Security is available as a service on BMC Helix Portal.
New policy for the Microsoft Azure connectors
A new BMC Azure Benchmark - Virtual Machines policy is now available for Microsoft Azure connector. It contains the following rules:
Ensure Boot Diagnostics is enabled
Ensure Guest OS monitoring is enabled
If you are configuring the connector for the first time, select the policy while onboarding the connector. If you have an Azure connector running already, you can assign the connector to this policy. Go to the Policy Details > Execution Schedule tab to assign a connector to the policy. For details, see Managing policies.
This policy is available for both Microsoft Azure cloud and on-premises connectors. Remediation actions are available for violations associated with these policies.
A new CIS Microsoft Azure Foundations Benchmark policy v1.1.0
The earlier CIS Microsoft Azure Foundations Benchmark policy is deprecated, and a new CIS Microsoft Azure Foundations Benchmark v1.1.0 policy is available in this release. This policy is available for both Microsoft Azure cloud and on-premises connectors. To use the new policy, onboard the connector again and select the policy. The "9.8 Ensure that 'Python version' is the latest, if used to run the web app (Not Scored)" rule always compares an existing python version with latest python version.
The following rules are indeterminate in this policy:
3.3 Ensure Storage logging is enabled for Queue service for read, write, and delete requests
7.5 Ensure that the latest OS Patches for all Virtual Machines are applied
Due to limitations in the Microsoft Azure APIs, you need to run these rules manually.
Auto-installation of RSCD Agent and Smart Agent using the Microsoft Azure connecto
In this release, you can download and install the Remote System Call Daemon (RSCD) and Smart Agent for Microsoft Azure using the Azure cloud and on-premises connectors.
Updates to the RSCD and Smart Agent installer for the AWS connectors
In this release, the following new parameters are added to the RSCD and Smart Agent installer for the AWS connectors:
Enroll Interval Minutes
Enroll As
Tunnel Enable
These parameters are available when you install the RSCD and Smart Agent using AWS cloud or on-premises connectors. For more information, see RSCD Agent and Smart Agent Installation Help.
The BMC EC2 RSCD Discovery policy is renamed to BMC EC2 RSCD Discovery 1.1.0. To use the new policy, onboard the connector again and select the policy. For details, see Managing policies.
February 2020: Release
This release of BMC Helix Cloud Security includes the following features and enhancements:
Item
Description
Discovery Integration
BMC Discovery(On-Prem)
With this release , BMC Helix Cloud Security support integration with Cloud Security and Cloud Cost with BMC Discovery(On-Prem Collector)(hosted on AWS or on on-prem). BMC Helix Cloud Security has launched an Discovery On Premise connector. This will allow users to see the security posture of the business service. User should be able to report, notify, set exceptions on business service.
Event Driven Compliance(AWS)
Support for more AWS resources
With this release, BMC Helix Cloud Security Support more AWS resources like IAM Password Policy, IAM Policy, Elastic Block Store (EBS),Elastic Search (ES),Relational Database Service (RDS), CloudTrail, Key Management Service (KMS),Virtual Private Cloud (VPC),Elastic Compute Cloud (EC2),Elastic Load Balancer (ELB). BMC Helix Cloud Security scan for newly discovered resource or changes made to existing resource. Any changes to a resource should trigger a scan specific for that resource and flag if it is non-compliant.
API to trigger Compliance scan for specific resource(AWS)
With this release, BMC Helix Cloud Security Support API to trigger compliance scan for specific resource(AWS). As a CloudOps engineer, whenever a new configuration for a specific resource is pushed or a new resource is created in a cloud environment through a DevOps pipeline, then CloudOps engineer able to call an API from a DevOps pipeline to scan the same specific resources for any misconfiguration.
Compliance On Google Cloud
For GCP Connector Single Policy Support For CIS
With this release, BMC Helix Cloud Security Support For GCP Connector Single Policy Support For CIS. BMC Helix Cloud Security supports single benchmark for CIS GCP benchmarks instead of service specific benchmarks.
GKE
With this release, BMC Helix Cloud Security Support for GKE(Google Kubernetes Engine). Create/Update GCP policies and remedial actions in BMC Helix Cloud Security as per the final benchmark released by CIS for GKE.
Release updates in 2019
November updates
Nov 2019: Release
Following features are available in this release of Cloud Security:
Item
Description
Managing Remedy Single Sign On
Remedy Single Sign-On (Remedy SSO) is an authentication system for a multi software environment that enables users to present credentials for authentication only once. After Remedy SSO authenticates the users, they can gain access to any other application with automatic authentication without providing the credentials again.
October updates
Oct 2019: Release
Following features are available in this release of Cloud Security:
Item
Description
Cloud Security integration with BMC Discovery
With this release , TSCS support integration with BMC Discovery . This will allow users to see the security posture of the business service. User should be able to report, notify, set exceptions on business service.
June updates
June 2019: Release
Following features are available in this release of Cloud Security:
Item
Description
Event Driven Compliance for BMC Helix Cloud Security
With this release, TSCS Support Event-Driven Compliance for AWS Cloud Connector. This feature will enable TSCS to scan for a newly discovered resource or changes made to an existing resource for S3 and Security Group. With this capability, It will be ensured that any new resources deployed or existing resources modified in the cloud are compliant to the security configuration as per the latest CIS standards.
Following features are available in this release of Cloud Security:
Item
Description
Kubernetes Connector
As part of this change, user will be able to onboard the Kubernetes connector. For more details, please refer this page.
OpenShift Connector
As part of this change, user will be able to onboard the OpenShift connector. For more details, please refer this page.
April updates
April 2019: Release 2
Following features are available in this release of Cloud Security:
Item
Description
Azure Cloud Connector Support for Remediation
As part of this change, user will be able to remediate the non-compliant resources with Azure Cloud Connector. For more details, please refer this page.
Single Policy Support for Docker
As part of this change, we have single policies for CIS Docker benchmarks instead of separate policies for each resource type.
April 2019: Release 1
Following features are available in this release of Cloud Security:What's new
Item
Description
Azure Cloud Connector Support for Compliance
As part of this change, user will be able to scan the non-compliant resources with Azure Cloud connector. For more details, please refer this page.
March updates
March 2019: Release 3
Following features are available in this release of Cloud Security:
Item
Description
RCSD Download Support
As part of this change, User will be able to download RSCD Agent directly from the BMC Helix Cloud Security UI.
March 2019: Release 2
Following features are available in this release of Cloud Security:
Item
Description
Single Policy Support
As part of this change, we have single policies for CIS AWS benchmark instead of separate polciies for each resource type.
As part of this change, all the below resource types are merged into Single resource type viz. “Account: Global Configurations"
Same can be seen on Dashboard page, Resources page, Violations page & Remediations page:
IAM: IAM Password Policy
IAM: IAM Roles
IAM: IAM Support Policy
AWSConfig:Management Tools – AWS Config
Open JDK 11 Support
All the new connector (except server connector) download now support Open JDK 11.0.2 and will also reflect in the connector prerequisites.
March 2019: Release 1
Following features are available in this release of Cloud Security:
Item
Description
Permission
BMC Helix Cloud Security now supports public access BLOCK policies across all buckets that AWS has recently released.
February updates
February 2019: Release 2
Following features are available in this release of Cloud Security:
Item
Description
GDPR Support for AWS
BMC Helix Cloud Security now support releases in GDPR
Articles 30,
Articles 32,
Articles 24 & 25.
This includes 14 New GDPR AWS policies.
PCI Support for AWS
BMC Helix Cloud Security now support PCI DSS v3.2.1.Which includes 14 AWS Policies.
Following features are available in this release of Cloud Security:
Item
Description
Violation Action Details
With this release, a Cloud Ops engineer will be able to see more information on a violation and remedial action that will be taken when remediation is triggered for that violation.
January updates
January 2019: Release 1
Following features are available in this release of Cloud Security:
Item
Description
Resource Consistency
With this release, the Resources representation in BMC Helix Cloud Security and BMC Helix Cloud Cost would be similar. We also show Accounts Column and Accounts Filter in Dashboard, Resources, Violation and Remediation Pages.
Release updates in 2018
December updates
December 2018: Release 2
Following features are available in this release of Cloud Security:
Item
Description
Change Creation
BMC Helix Cloud Security now supports integration with Remedy so that user can create change ticket for every remediation that takes place either automatically or manually.
This version of BMC Helix Cloud Security has enabled a new feature to create and manage 'Incidents' on violations to alert users when policies are not adhered to.
BMC Helix Cloud Security provides a sample run book for creating incidents and a sample workflow to guide users in creating the appropriate business logic.
TSCS UI filters were not applied correctly in violations section.
DRDK2-14175
Approval page showed inconsistent behavior.
DRDK2-13931
CP Cloud connector lambda logs showed some errors after successful run.
DRDK2-14771
Incorrect remediation Status was displayed on Remediation Page in TSCS UI.
DRDK2-14772
Disabled option was removed from all configuration tab filters on Remediation History page in TSCS UI.
DRDK2-14327
Scanned non-compliant resources triggered remediation and showed status under Violations L3 page but the remediation status was not displayed in Resources L3 page.
DRDK2-14142
Schema credentials were not encrypted.
Was this page helpful? YesNoSubmitting...Thank you
. BMC Helix Cloud Security is available as a service on BMC Helix Portal.
Comments
Log in or register to comment.