Skip to content

Releases: trendmicro/cloudone-container-security-helm

2.6.1

11 Feb 18:38
@gmonz36 gmonz36
2.6.1
4ca22d4
Compare
Choose a tag to compare
2.6.1 Latest
Latest

Changelog

[2.6.1] - 2025-02-11

Bug Fixes

  • Fix bug in which the scan-manager would fail to start when both vulnerability scan and malware scan are enabled.
  • Fixed custom_headers validation warnings for http_output config

Full Changelog: 2.6.0...2.6.1

Upgrade instructions

Sample upgrade command:

helm upgrade \
--values overrides.yaml \
--namespace trendmicro-system \
trendmicro \
https://github.com/trendmicro/cloudone-container-security-helm/archive/2.6.1.tar.gz
Assets 2
Loading

2.6.0

10 Feb 19:28
@zayaanmoez zayaanmoez
2.6.0
9ebe9bd
Compare
Choose a tag to compare
2.6.0

Changelog

[2.6.0] - 2025-02-10

Features

  • Falco Upgrade - Upgrade falco to 0.39.2
    • Enhanced modern-bpf probe detection by probing kernels for bpf features
    • Fix kernel breaking issue for modern-bpf for kernels >= 6.6.11
    • New configuration options in Falco.yaml config
    • New falco rule enhancements available for custom rules including field transformer operators basename, regex and more. See latest Falco rules documentation for more details
    • Global logConfig.logLevel in helm values inherited for Falco containers

Bug Fixes

  • Fix leader election failures in controllers due to small renew deadline causing the leader lease to be lost
  • Fix labels provided in overrides not applying to policy operator or workload images remover job

Breaking Changes

  • Removed configuration options for Falco. Custom falco.yaml or falco-customrules.yaml configuration maybe affected
    • Replaced rules_file with rules_files
    • Removed syscall_buf_size_preset
    • Removed syscall_drop_failed_exit
    • Replaced modern_bpf.cpus_for_each_syscall_buffer with engine.modern_ebpf.cpus_for_each_buffer
    • Replaced syscall_event_drops with the metrics config and some automatic notifications on syscall drops

Full Changelog: 2.5.5...2.6.0

Upgrade instructions

Sample upgrade command:

helm upgrade \
--values overrides.yaml \
--namespace trendmicro-system \
trendmicro \
https://github.com/trendmicro/cloudone-container-security-helm/archive/2.6.0.tar.gz
Assets 2
Loading

2.5.5

29 Jan 20:34
@gmonz36 gmonz36
2.5.5
c689ca2
Compare
Choose a tag to compare
2.5.5

Changelog

[2.5.5] - 2025-01-29

Features

  • Support CIS EKS compliance scanning 1.5.0
  • Add option to auto-register cluster and define the cluster policy and rulesets in custom resources.

Bug Fixes

  • Fix workload-operator issue in which it would fail to handle images owned by deployments that have a name exceeding 63 characters.

Full Changelog: 2.5.4...2.5.5

Upgrade instructions

Sample upgrade command:

helm upgrade \
--values overrides.yaml \
--namespace trendmicro-system \
trendmicro \
https://github.com/trendmicro/cloudone-container-security-helm/archive/2.5.5.tar.gz
Assets 2
Loading

2.5.4

15 Jan 16:54
@zayaanmoez zayaanmoez
2.5.4
bf17579
Compare
Choose a tag to compare
2.5.4

Changelog

[2.5.4] - 2025-01-15

Enhancements

  • Support for using Splunk HEC token from secret for Falco custom rules

Bug fixes

  • Update Falco rules overrides format to remove deprecated fields
  • Fix validating webhook namespace selector config to not include excluded namespaces
  • Fix client-go issue where operator fails due to leader election lost
  • Update compliance scan job scc to fix warnings

Full Changelog: 2.5.3...2.5.4

Upgrade instructions

Sample upgrade command:

helm upgrade \
--values overrides.yaml \
--namespace trendmicro-system \
trendmicro \
https://github.com/trendmicro/cloudone-container-security-helm/archive/2.5.4.tar.gz
Assets 2
Loading

2.5.3

18 Dec 18:56
@zayaanmoez zayaanmoez
2.5.3
44e26df
Compare
Choose a tag to compare
2.5.3

Changelog

[2.5.3] - 2024-12-18

Enhancements

  • Support for vulnerability scanning in clusters with multi-architecture nodes
  • Add support for inheriting tolerations and nodeSelectors from workload to scanner pods
  • Add support to configure annotations for scan jobs

Full Changelog: 2.5.2...2.5.3

Upgrade instructions

Sample upgrade command:

helm upgrade \
--values overrides.yaml \
--namespace trendmicro-system \
trendmicro \
https://github.com/trendmicro/cloudone-container-security-helm/archive/2.5.3.tar.gz
Assets 2
Loading

2.5.2

13 Dec 20:31
@BMelone BMelone
2.5.2
59f7139
Compare
Choose a tag to compare
2.5.2

Changelog

[2.5.2] - 2024-12-13

Enhancements

  • Improve handling of trusted images

Bug Fixes

  • Fix automated cluster registration with whitespace characters in registration-key

Full Changelog: 2.5.1...2.5.2

Upgrade instructions

Sample upgrade command:

helm upgrade \
--values overrides.yaml \
--namespace trendmicro-system \
trendmicro \
https://github.com/trendmicro/cloudone-container-security-helm/archive/2.5.2.tar.gz
Assets 2
Loading

2.5.1

10 Dec 22:06
@BMelone BMelone
2.5.1
3068c48
Compare
Choose a tag to compare
2.5.1

Changelog

[2.5.1] - 2024-12-10

Features

  • Add automated cluster registration flow

Bug Fixes

  • Fix malware scanning support for OpenShift

Full Changelog: 2.5.0...2.5.1

Upgrade instructions

Sample upgrade command:

helm upgrade \
--values overrides.yaml \
--namespace trendmicro-system \
trendmicro \
https://github.com/trendmicro/cloudone-container-security-helm/archive/2.5.1.tar.gz
Assets 2
Loading

2.5.0

05 Dec 19:56
@BMelone BMelone
2.5.0
bbc9905
Compare
Choose a tag to compare
2.5.0

Changelog

[2.5.0] - 2024-12-05

Features

  • Add real-time malware scanning
  • Add trendmicro tag when ecs-task-dispatcher injects tasks

Bug Fixes

  • Fixed cipher suite for malware scanner job

Known Limitations

  • Malware scanning is not supported in OpenShift environment
  • Malware scanning is not supported in ARM64 environment.

Upgrade instructions

To upgrade, use the following command:

helm upgrade \
  --values overrides.yaml \
  --namespace trendmicro-system \
  trendmicro \
  https://github.com/trendmicro/cloudone-container-security-helm/archive/2.5.0.tar.gz
Assets 2
Loading

2.4.3

13 Nov 15:51
@ray-duan ray-duan
2.4.3
987d56b
Compare
Choose a tag to compare
2.4.3

Changelog

[2.4.3] - 2024-11-13

Features

  • Add trusted images evaluation in admission controller
  • Add trusted images evaluation in oversight controller
  • Add malware scanning feature

Bug Fixes

  • Fixed issue where scan-controller and admission-controller crashed
  • Fixed issue where scout sent runtime security event whose pod ID was
  • Fixed missing option on Fargate instance
  • Fixed issue syncing custom rulesets without labels

Upgrade instructions

To upgrade, use the following command:

helm upgrade \
  --values overrides.yaml \
  --namespace trendmicro-system \
  trendmicro \
  https://github.com/trendmicro/cloudone-container-security-helm/archive/2.4.3.tar.gz
Assets 2
Loading

2.4.2

23 Oct 20:26
@zayaanmoez zayaanmoez
2.4.2
4be07fa
Compare
Choose a tag to compare
2.4.2

Changelog

[2.4.2] - 2024-10-23

Features

  • CIS Compliance Scan for OpenShift Added support for CIS compliance scans on Red Hat OpenShift
  • Log Enhancement: Added support for logging configuration and Falco output channel toggles in helm overrides

Bug Fixes

  • Reduced image size and updated dependencies in container images

Upgrade instructions

To upgrade, use the following command:

helm upgrade \
  --values overrides.yaml \
  --namespace trendmicro-system \
  trendmicro \
  https://github.com/trendmicro/cloudone-container-security-helm/archive/2.4.2.tar.gz
Assets 2
Loading