Virsec Security Platform (VSP) leverages the patented Trusted Execution™ technology to protect high-value enterprise applications deployed in data center or on public and hybrid clouds, from highly sophisticated attacks including memory corruption, code injection, credential theft, supply chain and other sophisticated attacks. VSP effectively creates and enforces guardrails around the application as it executes. These guardrails ensure that applications only perform as intended and restrain bad actors from corrupting memory as a precursor to hijacking control of the application and subsequent stealing or destroying high-value enterprise data.

 

 

DATE OF RELEASEDATE OF RELEASE

 

6/18/2022

NEW FEATURESNEW FEATURES

  1. The ability to define an alternate Container Name to the Process Collective Definition in the Application to help variability in the CI-CD workflows is added

  2. VSP-Host now supports the Operating Systems: SUSE 15 SP2. Refer to the Compatibility Matrix for more information

  3. VSP now provides signed Linux VM Install Scripts for specific Operating Systems. Refer to the VM Installation Manual for more information

  4. If secure boot is enabled on Linux systems, vsyvsi driver is not loaded

 

FIXESFIXES

 

Defect ID

Description

WEB-2349

MS Exchange Server does not report incidents for attacks against the OWA application

WEB-2134

AE component (vrule_run.sh) of probe is not started

SUPP-284

CMS UI is unresponsive after encountering process-monitoring-service error

SUPP-273

IBM and IIS servers are not present in PCM but are covered in the installation docs

SUPP-262

Attack count is not revised on CMS UI

SUPP-260

VSP Documentation: VSP Upgrade docs out of order

SUPP-257

VSP Documentation: Incident email subscription documentation to be added

SUPP-236

CMS is unable to set Hosts into Detect/Protect mode - possibly due license hack

SUPP-229

QRadar Webhook gave error when upgraded from 2.4.0 to 2.4.1

SUPP-212

Host is Out of Sync on Windows 2016

SUPP-205

VSP Probe is Out of Sync for the host profile associated to 7 hosts

SUPP-203

CI and CD tools use images from internal Artifactory

SUPP-200

High CPU Utilization on Probe on Windows 2016 server after upgrading probe from 2.2.2 to 2.3.3 while in Protect mode

SUPP-198

2.4.1 Upgrade fails due to double quotes in line 70 of the file docker-compose-cms.yaml.template

SUPP-192

VSP Documentation: VSP 2.x on-prem license process to be updated

SUPP-189

CI script displayed error with the option -g

SUPP-145

Monitor Probes page gets stuck during loading

PLT-1092

vsysi driver installation fails when secure boot is enabled on a target linux machine

PLT-967

Probe erases Satellite software on installation

HMM-2670

Virsec probe binaries are reported as incidents by Host Monitoring

HMM-2468

Binaries with expired publisher certificates are not blocked by host Monitoring

HMM-2418

Increased default HMM and ACP incident limits on probe

HMM-2181

For an eWAF based application setup, Provisioning takes more than 5 minutes to attain Normal state

CMS-3433

UI for Web Services lists IIS but not supported in Compatibility Matrix

CMS-2813

User Password change does not recognize all special characters

Table – VSP 2.4.3 Fixes 

KNOWN ISSUESKNOWN ISSUES

 

Category

Description

Known Issue/ Caveat

Host Monitoring

Windows library issue

In Windows, VSP host monitoring does not suspend already running processes that have non-whitelisted libraries loaded into it

Known Issue

Linux HMM agent limitation

In Linux, VSP host monitoring injects its own HMM agent into every running process. The HMM agent expects a specific version of glibc. If the application loads its own custom glibc version that is not compatible with the HMM agent, the HMM agent may not load correctly causing some application issues

Limitation

Windows application execution inconsistency

In Windows, an application can be started with or without its .exe extension. Since VSP host monitoring analyzes the commandline as is, running python.exe vs python may result in different detections

Limitation

Table – Known Issues