30.01 Release Notes

The following table outlines the release particulars:
Code name
Release date
May 23, 2023
Maintenance Release
Review the system requirements to learn about the supported operating systems, hypervisors, runtimes, tools, and orchestrators.

New Features in Agentless Security

Support for Third-Party Packages on Windows

This feature adds support for scanning vulnerabilities on third-party packages on Windows machines: Node-Node.js, Python, Ruby-Gems, Java-JAR, and NuGet.

Selective Scanning of Hosts with Include Tags

The new
Include hosts by tag
option allows you to select a subset of your hosts for scanning based on their tags. The tags interface is enhanced to help you view and manage your tags more easily. Additionally, you can now use wildcards to exclude or include hosts that match a certain tag pattern. For example, you can use web-* to include all hosts that have a tag starting with web-.

UI Enhancements

  • You can now see specific account statuses (for example, scanning and completed) and sort accounts by that status.
  • The cloud accounts page now shows the general scan progress instead of the progress bar.

Hub Account Changes

  • Hub account is now treated as an account dedicated for Agentless scanning and hence will be used to only scan other accounts.
  • Scan related configurations are done centrally on the hub account configuration and are not required to be duplicated across all target accounts. As an example, you can set networking configuration only on the hub account.

Agentless scanning in AWS: Specify a subnet and use a private IP

You can now specify a subnet name and use a private IP from that subnet to report the agentless scanning results back to Prisma Cloud.

New Features in Core

Support for New Operating Systems

  • Support for TAS 4.0
  • Support for Amazon Linux 2023
  • Extended support for TalOS with Runtime defense for containers; available on Container Orchestrator Defenders.

Enhancement in Host Security

Discovery Date for Host Vulnerability Scan Results

  • Add Discovery date for the vulnerabilities discovered on the host.

API Changes and New APIs

API URLs versioned as 30.01
Following the versioning number format for 30.xx, all the supported API endpoints will be versioned as 30.01 in this release. If you are using the 30.00 endpoints in your automation workflows and scripts, they will continue to be supported.
Supports the following APIs:
  • feeds/custom/custom-vulnerabilities, GET
  • feeds/custom/custom-vulnerabilities, PUT
  • feeds/custom/malware, PUT
Supports the following APIs:
  • settings/certificates, POST
  • settings/certs, GET
  • settings/certs, POST
  • settings/console-certificate, POST
  • settings/custom-labels, POST
  • settings/intelligence, GET
  • settings/intelligence, POST
  • settings/ldap, GET
  • settings/ldap, POST
  • settings/license, GET
  • settings/license, POST
  • settings/logging, GET
  • settings/logging, POST
  • settings/logon, GET
  • settings/logon, POST
  • settings/oauth, GET
  • settings/oauth, POST
  • settings/oidc, GET
  • settings/oidc, POST
  • settings/proxy, GET
  • settings/proxy, POST
  • settings/saml, GET
  • settings/saml, POST
  • settings/scan, GET
  • settings/scan, POST
  • settings/telemetry, GET
  • settings/telemetry, POST
  • settings/trusted-certificate, POST
  • settings/trusted-certificates, POST
TAS Droplets
Supports the following APIs:
  • tas-droplets, GET
  • tas-droplets/download, GET
  • tas-droplets/progress, GET
  • tas-droplets/scan, POST
  • tas-droplets/stop, POST
Trust Data
Supports the following APIs:
  • trust/data, GET
  • trust/data, PUT

Addressed Issues

  • Addressed an issue that caused the Console to be unresponsive when a database restore was unsuccessful. With this fix, when the database restore fails, Console reverts the changes and falls back to the database state before the restore was initiated.
  • Fixed incorrect CVE matching to the base layer for the binaries installed without a package manager. There are differences in the results between an image created by Dockerfile and an image pulled by the registry. The vulnerabilities scan results attribute correctly to the base layer for the images built from a Dockerfile.

End of Support Notifications

TLS Cipher Support Update

Ends the support for the following TLS ciphers for WAAS:

AWS Phase 1 Deprecation of.NET Core 3.1

AWS Lambda runtimes entered .NET Core 3.1 into phase 1 of deprecation on April 3 2023, and Prisma Cloud has updated the supported AWS Lambda runtimes in the system requirements.
See the AWS Lamba runtimes documentation for more details.

Recommended For You