- 20 Mar 2025
- 1 Minute to read
- Print
- DarkLight
- PDF
Patch 3.1.1_P1_LA
- Updated on 20 Mar 2025
- 1 Minute to read
- Print
- DarkLight
- PDF
Release Date
13-March-2025
This release is an LA release with "limited availability," aimed at providing remote certificate renewal capabilities and enabling TrustHub for other code repositories.
New and Enhanced functionalities
Certificate Renewal
Certificate renewal capability is added in this release which allows server certificates, Probe and Kafka certificate renewals via CPM APIs remotely, without manual intervention
CPM 1.2.0 upgraded to CPM 1.3.0 to support certificate renewals
TrustHub enhancement
Currently there is a support for code repositories in jFrog/HTTP servers as part of v3.1.1 release. Additionally, below code repositories are being supported from this release
Azure blob storage
AWS s3
Integrated with RL Assure for package code qualification
Webhook feature added to report malicious package notification to external systems and also as an email notification.
Package Push API is added to send the code into TrustHub Enterprise from workload or centralised orchestration tool.
Incremental scan of all the above code repositories
Enhancements in Trust Sight:
The Trust Sight widgets (System Integrity, Vulnerability and Know Your Software) have been enhanced to give high context rich options in the Drill-Down feature in all the Widgets so that the end-user shall have better view on the options to select and drill down with appropriate data.
In “Show Underlying Data” feature many of the irrelevant fields have been deleted and realigned to show very specific data which is logically connected in all the Trust Sight widgets (System Integrity, Vulnerability and Know Your Software)
System Integrity widget has been refined with various Trust Bands for end-user to understand the Trust Score of the environment. Also Non-Packed code widget has been removed.
OKTA workforce integration support is added
The EPSS and KEV support have been introduced for the CVEs for effective analysis on vulnerability assessment with EPSS bands and KEV, henceforth providing high value to customers with VSP compensation coverage on these Critical and High CVEs.
The new widgets for EPSS and KEV corresponding to these features have been added.
The support for Packages based Vulnerability Compensation have been added, with this new feature we generate Vulnerability Compensation analysis for all installed packages on the workload.