Virsec Security Platform (VSP) leverages the patented Trusted Execution™ technology to protect high-value enterprise applications deployed in data center or on public and hybrid clouds, from highly sophisticated attacks including memory corruption, code injection, credential theft, supply chain and other sophisticated attacks. VSP effectively creates and enforces guardrails around the application as it executes. These guardrails ensure that applications only perform as intended and restrain bad actors from corrupting memory as a precursor to hijacking control of the application and subsequent stealing or destroying high-value enterprise data.
DATE OF RELEASEDATE OF RELEASE
6/18/2022
NEW FEATURESNEW FEATURES
-
The ability to define an alternate Container Name to the Process Collective Definition in the Application to help variability in the CI-CD workflows is added
-
VSP-Host now supports the Operating Systems: SUSE 15 SP2. Refer to the Compatibility Matrix for more information
-
VSP now provides signed Linux VM Install Scripts for specific Operating Systems. Refer to the VM Installation Manual for more information
-
If secure boot is enabled on Linux systems, vsyvsi driver is not loaded
FIXESFIXES
Defect ID |
Description |
WEB-2349 |
MS Exchange Server does not report incidents for attacks against the OWA application |
WEB-2134 |
AE component (vrule_run.sh) of probe is not started |
SUPP-284 |
CMS UI is unresponsive after encountering process-monitoring-service error |
SUPP-273 |
IBM and IIS servers are not present in PCM but are covered in the installation docs |
SUPP-262 |
Attack count is not revised on CMS UI |
SUPP-260 |
VSP Documentation: VSP Upgrade docs out of order |
SUPP-257 |
VSP Documentation: Incident email subscription documentation to be added |
SUPP-236 |
CMS is unable to set Hosts into Detect/Protect mode - possibly due license hack |
SUPP-229 |
QRadar Webhook gave error when upgraded from 2.4.0 to 2.4.1 |
SUPP-212 |
Host is Out of Sync on Windows 2016 |
SUPP-205 |
VSP Probe is Out of Sync for the host profile associated to 7 hosts |
SUPP-203 |
CI and CD tools use images from internal Artifactory |
SUPP-200 |
High CPU Utilization on Probe on Windows 2016 server after upgrading probe from 2.2.2 to 2.3.3 while in Protect mode |
SUPP-198 |
2.4.1 Upgrade fails due to double quotes in line 70 of the file docker-compose-cms.yaml.template |
SUPP-192 |
VSP Documentation: VSP 2.x on-prem license process to be updated |
SUPP-189 |
CI script displayed error with the option -g |
SUPP-145 |
Monitor Probes page gets stuck during loading |
PLT-1092 |
vsysi driver installation fails when secure boot is enabled on a target linux machine |
PLT-967 |
Probe erases Satellite software on installation |
HMM-2670 |
Virsec probe binaries are reported as incidents by Host Monitoring |
HMM-2468 |
Binaries with expired publisher certificates are not blocked by host Monitoring |
HMM-2418 |
Increased default HMM and ACP incident limits on probe |
HMM-2181 |
For an eWAF based application setup, Provisioning takes more than 5 minutes to attain Normal state |
CMS-3433 |
UI for Web Services lists IIS but not supported in Compatibility Matrix |
CMS-2813 |
User Password change does not recognize all special characters |
Table – VSP 2.4.3 Fixes
KNOWN ISSUESKNOWN ISSUES
Category |
Description |
Known Issue/ Caveat |
Host Monitoring |
||
Windows library issue |
In Windows, VSP host monitoring does not suspend already running processes that have non-whitelisted libraries loaded into it |
Known Issue |
Linux HMM agent limitation |
In Linux, VSP host monitoring injects its own HMM agent into every running process. The HMM agent expects a specific version of glibc. If the application loads its own custom glibc version that is not compatible with the HMM agent, the HMM agent may not load correctly causing some application issues |
Limitation |
Windows application execution inconsistency |
In Windows, an application can be started with or without its .exe extension. Since VSP host monitoring analyzes the commandline as is, running python.exe vs python may result in different detections |
Limitation |
Table – Known Issues