Patch 3.1.1_P1_LA

Release Date

13-March-2025

This release is an LA release with "limited availability," aimed at providing remote certificate renewal capabilities and enabling TrustHub for other code repositories.

New and Enhanced functionalities

1. Certificate Renewal

   1. Certificate renewal capability is added in this release which allows server certificates, Probe and Kafka certificate renewals via CPM APIs remotely, without manual intervention

   2. CPM 1.2.0 upgraded to CPM 1.3.0 to support certificate renewals

      
      

2. TrustHub enhancement 

   1. Currently there is a support for code repositories in jFrog/HTTP servers as part of v3.1.1 release. Additionally, below code repositories are being supported from this release

      1. Azure blob storage

      2. AWS s3 

   2. Integrated with RL Assure for package code qualification

   3. Webhook feature added to report malicious package notification to external systems and also as an email notification.

   4. Package Push API is added to send the code into TrustHub Enterprise from workload or centralised orchestration tool.

   5. Incremental scan of all the above code repositories

Enhancements in Trust Sight:

1. The Trust Sight widgets (System Integrity, Vulnerability and Know Your Software) have been enhanced to give high context rich options in the Drill-Down feature in all the Widgets so that the end-user shall have better view on the options to select and drill down with appropriate data. 

   

2. In “Show Underlying Data” feature many of the irrelevant fields have been deleted and realigned to show very specific data which is logically connected in all the Trust Sight widgets (System Integrity, Vulnerability and Know Your Software) 

   

3. System Integrity widget has been refined with various Trust Bands for end-user to understand the Trust Score of the environment. Also Non-Packed code widget has been removed.

   

4. OKTA workforce integration support is added

5. The EPSS and KEV support have been introduced for the CVEs for effective analysis on vulnerability assessment with EPSS bands and KEV, henceforth providing high value to customers with VSP compensation coverage on these Critical and High CVEs. 

   The new widgets for EPSS and KEV corresponding to these features have been added.

   

6. The support for Packages based Vulnerability Compensation have been added, with this new feature we generate Vulnerability Compensation analysis for all installed packages on the workload.