: 31.01 Update 1 Release Notes

31.01 Update 1 Release Notes

Table of Contents

31.01 Update 1 Release Notes

The following table outlines the release particulars:
Code name
Newton, 31.01 Update 1
Release date
September 11, 2023
Maintenance Release
Review the system requirements to learn about the supported operating systems, hypervisors, runtimes, tools, and orchestrators.

Upgrade from Previous Releases

Upgrade Defender Versions 22.06 and Earlier

With the 31.00.xxx release, Defender versions supported (n, n-1, and n-2) are v31.xx.xxx, v30.xx.xxx, and v22.12.xxx.
To prepare for this update, you must upgrade your Defenders from version v22.06.xx.xxx (Kepler) or earlier to a later version. Failure to upgrade Defenders will result in disconnection of any Defender version below 22.12 such as 22.06.

Upgrade the Prisma Cloud Console

With the 31.00.xxx release, the supported Console versions (n, n-1, and n-2) are v31.xx.xxx, v30.xx.xxx, and v22.12.xxx.
You can upgrade the Prisma Cloud console directly from any version for n-1 to n. With 30.xx as n-1 and 31.xx as n, you can go directly from 30.01.152 to 31.01.123.
You have to upgrade any version of 22.12.xx to 30.xx before upgrading to 31.xx. For example, you can upgrade from 22.12.693 to 30.02.123 and then upgrade to 31.01.123.


Severity-based Actions for Packages in Vulnerability Rules

Vulnerability policy rules can now be scoped based on the severity threshold per package, in addition to scoping the vulnerabilities by collections. You can now define the severity threshold per package type for alert and block actions.
The package type severity thresholds apply to all workload types: deployed images, CI Images, hosts, VM images, functions, and CI Functions.
With this feature, you can monitor alerts at a granular level and focus on vulnerabilities in specific packages.

Parallel Registry Scanning

Prisma Cloud now supports scanning up to 4 registries in parallel as compared to scanning one registry at a time earlier under Monitor > Vulnerabilities > Images > Registries. You can trigger a registry scan at the time of configuring the registry. The new registry scans wait in a queue until the previous scan completes.
You can either scan all registries or select multiple registries to scan in parallel, thus reducing the scan time. By default, the Console is set to scan only 1 registry at a time. You can edit this registry scan limit to scan up to 4 registries in parallel by setting the REGISTRY_SCANNERS = 4 in the twistlock.cfg file.

End of Support Notifications

  • Docker Access Control (
    Defend > Access > Docker
    ) and the Access User role (
    Manage > Authentication > Roles
    ) are no longer supported.

Addressed Issues

  • Fixed an error in deploying and upgrading the Host Defenders on Windows Server 2019 installed on AWS.
  • Fixed an issue where node count was missing for EKS clusters under
    Manage > Cloud accounts
    report. The correct node count is now displayed on the Console and in API Cloud Discovery scan results.
  • Fixed a high CPU utilization issue when using WAAS sensitive data on Console versions earlier than v31.01.00. We addressed this issue by incorporating sensitive data detection using dynamic sampling rates, while all other WAAS detections maintain their rigorous examination of every request.

Recommended For You