Virsec Security Platform (VSP) leverages the patented Trusted Execution™ technology to protect high-value enterprise applications deployed in data center or on public and hybrid clouds, from highly sophisticated attacks including memory corruption, code injection, credential theft, supply chain and other sophisticated attacks. VSP effectively creates and enforces guardrails around the application as it executes. These guardrails ensure that applications only perform as intended and restrain bad actors from corrupting memory as a precursor to hijacking control of the application and subsequent stealing or destroying high-value enterprise data.
DATE OF RELEASEDATE OF RELEASE
8/9/2022
NEW FEATURESNEW FEATURES
-
Java 17 Support: Support for Java 17 is added
-
OpenShift: Augmented VDT CD tool to handle specification of static IP addresses
FIXESFIXES
Defect ID |
Description |
WEB-3591 |
There is a delay in application status change from Provisioned to Normal in CMS |
SUPP-405 |
Search functionality of Support Portal application is impacted after VSP deployment |
SUPP-399 |
VSP-manager does not handle steady-state keep alive exceptions properly |
SUPP-393 |
Critical Vulnerabilities found in images after CI Phase |
SUPP-343 |
High Memory Utilization On Windows servers in Protect Mode with the option "Autowhitelist unknown files from reference host scan and incidences" enabled |
SUPP-314 |
Multiple Probes are disconnected and CMS-Client logs reports error 502 for /services/pms/ti/reputation for probe ASIs |
SUPP-308 |
ACP does not block Large command lines in protect mode |
SUPP-301 |
Email Integration Fails with the error "AuthenticationFailedException: 535 Authentication Credentials Invalid" |
SUPP-293 |
Failed to enable pristine host for HMM during Probe Upgrade |
SUPP-256 |
A large number of process/library incidents are reported for core linux processes in Pristine mode |
SUPP-241 |
Probe deployment fails on Centos8 server |
SUPP-221 |
CMS instability is observed after server restart with slow loading and probe status changes |
CMS-5800 |
Archived nodes cannot be deleted |
Table – VSP 2.4.5 Fixes
KNOWN ISSUESKNOWN ISSUES
Category |
Description |
Known Issue/ Caveat |
Host Monitoring |
||
Windows library issue |
In Windows, VSP host monitoring does not suspend already running processes that have non-whitelisted libraries loaded into it |
Known Issue |
Linux HMM agent limitation |
In Linux, VSP host monitoring injects its own HMM agent into every running process. The HMM agent expects a specific version of glibc. If the application loads its own custom glibc version that is not compatible with the HMM agent, the HMM agent may not load correctly causing some application issues |
Limitation |
Windows application execution inconsistency |
In Windows, an application can be started with or without its .exe extension. Since VSP host monitoring analyzes the commandline as is, running python.exe vs python may result in different detections |
Limitation |
Table – Known Issues