Winter '22 Release


Java Discovery Fact For Apache Log4j

Log4Shell is a high severity vulnerability (CVE-2021-44228, CVSSv3 10.0) that impacts multiple versions of the Apache Log4j 2 utility. The vulnerability allows for unauthenticated remote code execution. Currently, the scanning tools are able to detect a limited scope of Log4j vulnerabilities only relevant to Apache HTTP server. Cloudaware has released a custom fact that enables Java discovery to identify vulnerable log4j jar* files. Please note that Breeze is to be installed to enable this type of scans.

OS Services CIS Scans

CIS Kubernetes Benchmark is added to Cloudaware Compliance Engine library. The benchmark allows to evaluate the hardening level of container orchestration deployments.


Cloudaware Virtual Applications

The following objects are available for attachment to Cloudaware Virtual Applications:

  • AWS EFS File System

  • AWS EKS Cluster

  • AWS EKS Cluster Pod

  • AWS EMR Cluster

  • AWS Kinesis Firehose Destination

  • AWS Kinesis Stream

  • AWS KMS Key

  • AWS MQ Broker

  • AWS RDS Cluster

  • AWS Secrets Manager Secret

  • AWS SQS Queue

  • Azure SQL Instance

  • Azure SQL Instance Database

External APIs

Cloudaware released API to remove AWS Account. This API allows to mark an AWS Account for removal and automatically approve the removal request. Note that only Admin users are able to leverage this feature.


Azure Data Factory

Azure Analysis Services

Azure Monitor Metrics



The object AWS MSK Configuration Revision is added, with a lookup to objects AWS MSK Cluster, AWS MSK Configuration and AWS MSK Node. This object stores the details related to AWS MSK configuration revision and helps to capture the actual cluster configuration.


The following AWS Directory related fields are added to AWS RDS instance and AWS RDS Cluster layouts: Name, FQDN, IAM Role ARN, ID, Status.

AWS Сost Explorer Coverage and Utilization 

Cloudaware supports new record types for ElastiCache, Elasticsearch, Redshift allowing to track RI сoverage and utilization.