Skip to content

Release Notes

Release history for Runecast Analyzer.

Recent

Version 6.9.23.0

Application released May 12, 2026

  • HCL Support for vSphere 9.0 — HCL analysis includes support for vSphere 9.0.
  • CIS Azure Foundations update — CIS Azure Foundations Security Profile have been updated from v3.0.0 to v5.0.0.
  • Standard update and maintenance — Update of knowledge rules, HCL records and system packages.

Version 6.9.22.0

Application released April 10, 2026

  • Standard update and maintenance — Update of knowledge rules, HCL records and system packages.

Version 6.9.21.0

Application released February 26, 2026

  • Standard update and maintenance — Update of knowledge rules, HCL records and system packages.

Version 6.9.20.0

Application released January 29, 2026

  • Standard update and maintenance — Update of knowledge rules, HCL records and system packages.

2025

Version 6.9.19.1

Knowledge definition update released December 12, 2025

  • Compliance Profile Update: TISAX — The Trusted Information Security Assessment Exchange (TISAX) standard helps to ensure information security in the automotive industry and is now updated to version 6.0.3.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.19.0

Application released November 27, 2025

  • vSphere Web Client plugin discontinued — The vSphere Web Client plugin is no longer supported. Please make sure to unregister the plugin.
  • Standard update and maintenance — Update of knowledge rules, HCL records and system packages.

Version 6.9.18.0

Application released October 29, 2025

  • New Microsoft CVEs — New Microsoft CVEs from Microsoft's October 2025 Patch Tuesday are added. Additionally, the existing Microsoft CVEs rules are aligned with latest updates.
  • Standard update and maintenance of knowledge rules, HCL records and system packages — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.17.1

Knowledge definition update released October 13, 2025

  • VMSA-2025-0015 — VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244, CVE-2025-41245, CVE-2025-41246).
  • VMSA-2025-0016 — VMware vCenter and NSX updates address multiple vulnerabilities (CVE-2025-41250, CVE-2025-41251, CVE-2025-41252).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.17.0

Application released October 8, 2025

  • Resolved an upgrade issue that, under certain conditions, could prevent the upgrade process from completing as expected.
  • Standard update and maintenance of knowledge rules, HCL records and system packages — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.16.1

Knowledge definition update released September 17, 2025

  • New Microsoft CVEs — New Microsoft CVEs from Microsoft's September 2025 Patch Tuesday are added. Additionally, the existing Microsoft CVEs rules are aligned with latest updates.
  • CIS Update for Windows Server — CIS profile for Windows Server 2022 is updated to the latest version (version 4.0.0).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.16.0

Application released September 8, 2025

  • Support For New AWS Region — Runecast is now supporting new AWS region Asia Pacific (Taipei) ap-east-2.
  • Standard update and maintenance of knowledge rules, HCL records and system packages — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.15.1

Knowledge definition update released August 22, 2025

  • VMSA-2025-0014 — VMSA-2025-0014: VMware vCenter updates address a denial-of-service vulnerability (CVE-2025-41241).
  • New Microsoft CVEs — New Microsoft CVEs from Microsoft's August 2025 Patch Tuesday are added. Additionally, the existing Microsoft CVEs rules are aligned with latest updates.
  • CIS Update for Windows Server — CIS profile for Windows Server 2019 is updated to the latest version (version 4.0.0).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.15.0

Application released August 1, 2025

  • Dynatrace integration updates — Users of Dynatrace Integration must migrate their endpoint from /events.security to /security.events by September 30. For implementation details, refer to the OpenPipeline Ingest API for security events documentation.
  • Manual answers performance improvements.
  • CIS Update for Windows Server — CIS profile for Windows Server 2022 is updated to the latest version (version 4.0.0).
  • Standard update and maintenance of knowledge rules, HCL records and system packages — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.14.1

Knowledge definition update released July 22, 2025

  • Critical VMSA-2025-0013 — VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239).
  • New Microsoft CVEs — New Microsoft CVEs from Microsoft's July 2025 Patch Tuesday are added. Additionally, the existing Microsoft CVEs rules are aligned with latest updates.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.14.0

Application released July 7, 2025

  • Inventory tree loading performance improvements.
  • Fix scheduled update of AWS EC2-deployed Runecast Analyzer.
  • Standard update and maintenance of knowledge rules, HCL records and system packages Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.13.1

Knowledge definition update released June 24, 2025

  • NIST Update for Kubernetes NIST profile for Kubernetes update to the latest release 5.1.1.
  • New Microsoft CVEs New Microsoft CVEs from Microsoft's June 2025 Patch Tuesday are added. Additionally, the existing Microsoft CVEs rules are aligned with latest updates.
  • Standard update and maintenance of knowledge rules, HCL records and system packages Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.13.0

Application released June 3, 2025

  • Dynatrace Proxy Support Fixed — Dynatrace integration now correctly uses proxy settings configured in Runecast Analyzer.
  • Improved Azure OIDC Authentication — Fixed misconfigured cookie parameters for smoother Azure login via OIDC.
  • Agentless Scan Discontinued — This feature is no longer supported. Please disable it and remove related scanner VMs.
  • New & Updated Security Benchmarks.
  • Added CIS Kubernetes Benchmark v1.11.1.
  • Updated Kubernetes DISA STIG to Ver 2, Rel 3.
  • Updated CIS Azure Foundations to v3.0.0.
  • VMware Vulnerability Coverage.
  • VMSA-2025-0010 (CVE-2025-41225 to -41228)
  • VMSA-2025-0007 (CVE-2025-22247)
  • Microsoft May 2025 CVEs — Latest CVEs added and existing rules aligned with Patch Tuesday updates.
  • Standard update and maintenance of knowledge rules, HCL records and system packages — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.12.0

Application released April 24, 2025

  • Introducing integration with Dynatrace A new integration option has been added, allowing ingestion of compliance findings from Runecast Analyzer to Dynatrace via OpenPipeline.
  • ESXi syslog configuration indicator improvement ESXi syslog configuration indicator was showing red cross, when using ssl.
  • HCL analysis improvements Fix duplicated HBA cards in HCL analysis.
  • Standard update and maintenance of knowledge rules, HCL records and system packages Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.11.0

Application released April 7, 2025

  • Role-based authentication for AWS Accounts It is possible to use AWS role for Runecast Analysis, when Analyzer runs in EC2 instance.
  • HCL analysis improvements HCL analysis could not process certain HBA adapters.
  • Kubernetes STIG update DISA STIG Security Profiles for Kubernetes have been updated to the latest versions (Ver 2, Rel 2).
  • Standard update and maintenance of knowledge rules, HCL records and system packages Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.10.3

Knowledge definition update released March 28, 2025

  • VMSA-2025-0005 VMware Tools for Windows update addresses an authentication bypass vulnerability (CVE-2025-22230).
  • Microsoft Windows Server DISA STIG update DISA STIG Security Profile for Microsoft Windows Server 2016 has been updated to the latest version (Windows Server 2016 STIG - Ver 2, Rel 10).
  • Standard update and maintenance of knowledge rules Weekly updates of knowledge rules and HCL records.

Version 6.9.10.2

Knowledge definition update released March 21, 2025

  • RHEL DISA STIG update — DISA STIG Security Profile for Red Hat Enterprise Linux 8 has been updated to the latest version (Ver 2, Rel 2).
  • Microsoft Windows Server DISA STIG update — DISA STIG Security Profiles for Microsoft Windows Server have been updated to the latest versions (Windows Server 2019 STIG - Ver 3, Rel 3, Windows Server 2022 STIG - Ver 2, Rel 3).
  • vSphere NIST update — NIST SP 800-53 Revision 5 - Based on STIG for vSphere 8 has been updated to reflect the latest version of STIG.
  • AWS CIS update — CIS Security Profile for Amazon Web Services Foundations has been updated to the latest version (v4.0.1).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.10.1

Knowledge definition update released March 11, 2025

  • Critical VMSA-2025-0004 — VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.9.0

Application released February 4, 2025

  • Runecast VM Memory improvements — Dynamic swapfile size management.
  • OS and Kubernetes Scan improvements — Improvements in OS and Kubernetes data collection.
  • New Kubernetes CVEs — Updated CVE coverage for Kubernetes.
  • Improvements in detection of Windows vulnerabilities. — Detection of vulnerable Windows components.
  • Standard update and maintenance of knowledge rules, HCL records and system packages — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.8.3

Knowledge definition update released January 21, 2025

  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules.
  • New Linux CVEs — Updated CVE coverage for Linux.
  • New Microsoft CVEs — New Microsoft CVEs from Microsoft's January 2025 Patch Tuesday are added. Additionally, the existing Microsoft CVEs rules are aligned with latest updates.

2024

Version 6.9.8.2

Knowledge definition update released December 20, 2024

  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules.

Version 6.9.8.1

Knowledge definition update released December 16, 2024

  • Update DISA STIG Microsoft Windows Server 2022 Benchmark — DISA STIG Security Profile for Microsoft Windows Server 2022 has been updated to the latest version (MS Windows Server 2022 STIG - Ver 2, Rel 2).
  • Red Hat Enterprise Linux 8 STIG update — DISA STIG security profile has been updated to version 2 release 1.
  • Red Hat Enterprise Linux 9 STIG update — DISA STIG security profile has been updated to version 2 release 2.
  • Kubernetes CISA improvements — Kubernetes improvements on CISA security standard. Additional automated validations were included.
  • Azure false positives addressed on CIS benchmark — Azure rules CIS-3429, CIS-3400, CIS-3384 have been updated to address and reduce the occurrence of potential false positives.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules.

Version 6.9.8.0

Application released November 22, 2024

  • Microsoft Windows Server DISA STIG update — DISA STIG Security Profile for Microsoft Windows Server 2016 has been updated to the latest version (MS Windows Server 2016 STIG - Ver 2, Rel 9).
  • SameSite cookie settings improvements.
  • Public API update.
  • EULA update.
  • Standard update and maintenance of knowledge rules, HCL records and system packages — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.7.3

Knowledge definition update released November 7, 2024

  • CIS Kubernetes Benchmark 1.10.0 — CIS Kubernetes Benchmark Security Profile 1.10.0 was added.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.7.2

Knowledge definition update released October 23, 2024

  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.7.1

Knowledge definition update released October 10, 2024

  • VMware vSphere DISA STIG update — DISA STIG for VMware vSphere 7.0 update to v1 r3.
  • RHEL DISA STIG update — DISA STIG Security Profile for Red Hat Enterprise Linux 9 update to the latest version (ver 2, rel 1).
  • Extended CIS coverage — The CIS security profile now covers Ubuntu Linux 24.04 LTS v1.0.0.
  • NIST Update for Windows Server — NIST profile for Windows Server update to the latest release 5.1.1.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.7.0

Application released October 4, 2024

  • Critical VMSA-2024-0019 — VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813)
  • VMware vSphere DISA STIG update — DISA STIG for VMware vSphere 8.0 update to v2 r1.
  • Microsoft Windows Server DISA STIG update — DISA STIG Microsoft Windows Server 2016 Benchmark - update to Ver 2, Rel 8.
  • CIS for VMware vSphere update — Update CIS for VMware ESXi 8.0 to v1.1.0, Update CIS for VMware ESXi 7.0 to v1.4.0.
  • Other Improvements — Improvements in Horizon scans, definition exports and more.

Version 6.9.6.0

Application released September 19, 2024

  • New Security Profiles for Kubernetes — CIS 1.9.0, NIST, DORA, and STIG v2 release 1 has been added to our compliance portfolio.
  • Improvements in Finding Values for vCenter — The formerly missing values for some issues in the Findings tab are now displayed.
  • Agentless Improvements — Improvements in Agentless scanning for better stability.
  • Other Improvements — WebClient Plugin and HCL Global Override Fix.

Version 6.9.5.3

Knowledge definition update released September 9, 2024

  • Microsoft Windows Server DISA STIG update — DISA STIG Security Profile for Microsoft Windows Server 2022 has been updated to the latest version (MS Windows Server 2022 STIG - Ver 2, Rel 1).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.5.2

Knowledge definition update released August 27, 2024

  • CIS Update for Windows — CIS profile for Windows 10 Enterprise is updated to the latest version (version 3.0.0).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.5.1

Knowledge definition update released August 14, 2024

  • CIS Update for Windows — CIS profile for Windows 11 Enterprise is updated to the latest version (version 3.0.0).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.5.0

Application released July 30, 2024

  • CIS Update for Windows Server — CIS profile for Windows Server 2022 is updated to the latest version (version 3.0.0).
  • Analysis separation — An architectural update to our application. The configuration and analysis components have been separated into independent modules.
  • K8s Node Collector changes — Improvements in collection for more precise results and support of upcoming security profiles (please note there is a mounted volumes change).
  • Improvements — Improvements made to enhance usability and functionality.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules, HCL records and system packages are included.

Version 6.9.4.3

Knowledge definition update released July 9, 2024

  • CIS Update for Windows Server — CIS profile for Windows Server 2019 is updated to the latest version (version 3.0.1).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.4.2

Knowledge definition update released June 21, 2024

  • Critical VMSA-2024-0012 — VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081).
  • CIS Update for Windows Server — CIS profile for Windows Server 2016 is updated to the latest version (version 3.0.0).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.4.1

Knowledge definition update released June 10, 2024

  • NIST for vSphere improvement — NIST for vSphere enriched with rules based on DISA STIG for vSphere 8.0.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.4.0

Application released May 30, 2024

  • Data retention configuration — You can now change or disable data retention policy for features like Configuration Vault and Capacity Management.
  • vSphere Agentless OS Scanning Updates.
  • Usability improvements — The Filters and Licensing settings pages have been re-designed for easier use. The vSphere Log KB Articles page is now aligned with other issue pages, so you can take advantage of the standard issue grid features and issue details.
  • Definitions update and maintenance — Weekly updates of knowledge rules and HCL records and OS Security updates.

Version 6.9.3.1

Knowledge definition update released May 13, 2024

  • CIS Update for Microsoft Azure Foundations — CIS Security Profile for Microsoft Azure Foundations was updated to the latest version (v2.0.0).
  • CIS Update for Ubuntu Linux — CIS Security Profile for Ubuntu Linux 22.04 LTS was updated to the latest version (v2.0.0).
  • NIST for vSphere enhancement — NIST for vSphere has been updated to include new rules based on the DISA STIG for vSphere 7.0, in addition to the original rules.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.3.0

Application released April 26, 2024

  • Checks for the latest LINUX CVEs were added.
  • Microsoft's April 2024 Patch Tuesday CVEs.
  • OS Security updates.
  • Standard update and maintenance of knowledge rules, HCL records, and system packages.

Version 6.9.1.5

Knowledge definition update released April 5, 2024

  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.1.4

Knowledge definition update released March 29, 2024

  • RHEL DISA STIG update — DISA STIG Security Profile for Red Hat Enterprise Linux 7 has been updated to the latest version.
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.1.3

Knowledge definition update released March 21, 2024

  • CIS Update for RHEL — CIS Security Profile for RHEL was updated to the latest version (v4.0.0).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules and HCL records.

Version 6.9.1.2

Knowledge definition update released March 8, 2024

  • Critical VMSA-2024-0006 — VMware updates address multiple vulnerabilities in ESXi.
  • CIS Update for CentOS — CIS Security Profile for CentOS was updated to the latest version (v4.0.0).
  • Standard update and maintenance of knowledge rules — Weekly updates of knowledge rules are included.

Version 6.9.1.1

Knowledge definition update released March 1, 2024

  • DISA STIG for vSphere Enhanced — An additional 120 DISA STIG for vSphere rules automated.
  • Standard update and maintenance of knowledge rules and HCL records — Weekly updates of knowledge rules and HCL records are included.

Version 6.9.1.0

Application released February 23, 2024

  • OS collection fix — Resolved an issue causing incomplete Linux OS configuration collection.
  • Extended DISA STIG coverage — DISA STIG security profile now covers Red Hat Enterprise Linux 9.
  • Extended CIS coverage — The CIS security profile now covers Rocky Linux Benchmark v.1.0.0 and Microsoft Windows 10 & 11 Benchmarks v2.0.0.
  • Definitions update and maintenance — Weekly updates of knowledge rules and HCL records.

Version 6.9.0.0

Application released February 14, 2024

  • 🚀 Agentless Scanning Improvements — The vSphere Agentless feature has been extended with complete coverage for Windows and Linux OS vulnerabilities, along with configurable tags for specifying eligible VMs for scanning. AWS EC2 instances and vSphere VMs selected for agentless scan are highlighted in the inventory tree.
  • 🎁 Introducing New Sidebar with View Controls — Issue quick filters were moved to a brand new side panel allowing view selection - controlling the scope of issues, listed in the table, based on their results.
  • MS Word Export — The results of the analysis can be exported in a detailed DOCX format. This provides the freedom to easily edit the exported data while keeping it well formatted.
  • CIS CSC and HIPAA Update — Ubuntu Linux 22.04 and 20.04 are covered in CIS CSC. HITRUST 9.2 for Azure was added to HIPAA.
  • Cross-System Rules — A single knowledge definition can be related to multiple system types. For instance, a given vulnerability can be discovered on OS with agent and VMs with vSphere agentless scanning configured.

Version 6.8.3.2

Knowledge definition update released January 23, 2024

  • Critical VMSA-2023-0023.1 — VMware has confirmed that a critical vCenter Server remote code execution vulnerability (CVE-2023-34048) patched in October is now under active exploitation. Users are advised to apply available updates to affected VMware products to remediate the vulnerability.
  • Standard update and maintenance of knowledge rules and HCL records — Weekly updates of knowledge rules and HCL records are included.

Version 6.8.3.1

Knowledge definition update released January 18, 2024

  • New Microsoft CVEs — New Microsoft CVEs from Microsoft's January 2024 Patch Tuesday are added for OS analysis. Additionally, the existing Microsoft CVEs rules for OS analysis are aligned with the latest updates.
  • RHEL DISA STIG update — DISA STIG Security Profile for Red Hat Enterprise Linux 8 has been updated to the latest version.
  • Standard update and maintenance of knowledge rules and HCL records — Weekly updates of knowledge rules and HCL records are included.

Version 6.8.3.0

Application released January 9, 2024

  • Updated Memory Requirements — With the increased feature set, the amount of covered knowledge rules and to accommodate future growth, the minimum memory allocation for Runecast has been revised. Please review and adhere to the current requirements.

Version 6.8.2.1

Knowledge definition update released January 6, 2024

  • Standard update and maintenance of knowledge rules and HCL records.

2023

Version 6.8.2.0

Application released December 22, 2023

  • New Microsoft CVEs (December 2023 Patch Tuesday)
  • Standard update and maintenance of knowledge rules, HCL records and system packages.

Version 6.8.1.5

Knowledge definition update released December 18, 2023

  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.8.1.4

Knowledge definition update released December 7, 2023

  • DISA STIG Security Profiles for vSphere 8.0 updated.
  • CIS AWS Foundations Benchmark Security Profile v2.0.0 added.
  • CIS Security Profile for VMware ESXi 8.0 v1.0.0 added.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.8.1.3

Knowledge definition update released December 1, 2023

  • New SUSE Linux CVEs (SUSE/openSUSE CVEs from the period 2020 to 2022 are added).
  • Microsoft Windows Server (2016, 2019 and 2022) DISA STIG updated to latest version.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.8.1.2

Knowledge definition update released November 24, 2023

  • New Microsoft CVEs (November 2023 Patch Tuesday)
  • CIS Update for Red Hat Linux 8 (v 3.0.0)
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.8.1.0

Application released November 14, 2023

  • Fixed an issue causing failure to send email reports in rare cases.
  • Minor improvements in orchestrating vSphere Agentless OS Scanning.

Version 6.8.0.1

Knowledge definition update released November 10, 2023

  • HPE CVEs Coverage - HPE CVEs affecting hardware and firmware now cover vulnerabilities identified since 2020.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.8.0.0

Application released November 7, 2023

  • 🚀 Agentless OS Scanning for vSphere, Early Access — Introducing an industry-first agentless scanning for Windows and Linux hosted on vSphere. Get a comprehensive analysis of guest OS without the increased overhead for agent deployment and maintenance. Agentless scanning is in early access, detecting a thousand vulnerabilities and increasing with each knowledge definition update. You can still contribute with your feedback to shape this functionality and get the most out of it!
  • 🇪🇺 Extended DORA and HPE CVEs Coverage — The DORA Security Profile has been extended to include Windows and Linux Operating Systems. HPE CVEs affecting hardware and firmware now cover vulnerabilities identified since 2021.
  • Improvements to Capacity Management — Trend and forecast chart can now be zoomed in to make specific results easier to read. Resource utilization and allocation charts are optimized to display many clusters, improving performance during initial load and workload simulation.
  • Analysis Summary Report Available in API — Get the latest HTML analysis report for a selected system via public API. The report contains information about configuration issues and drifts detected in the last analysis. You will get a detailed system overview without a need for scripting.
  • Support of VMware Cloud Director 10.5 — Analysis results and Configuration Vault data are now available for version 10.5 of VMware Cloud Director.

Version 6.7.1.4

Knowledge definition update released October 27, 2023

  • Critical VMSA-2023-0023..
  • New Linux CVEs..
  • User Guide Update for Azure Open ID.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.7.1.3

Knowledge definition update released October 20, 2023

  • Vulnerabilities and Exposures for SUSE Linux OS..
  • New Linux CVEs..
  • Enrichment with more vCD Cluster data..
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.7.1.2

Knowledge definition update released October 13, 2023

  • New Linux CVEs (20 RHEL) added.
  • New Microsoft CVEs added.
  • DISA STIG Photon OS profile section for vSphere 8.0 — added.
  • CIS for Windows Server 2016 — updated to version 2.0.0.
  • CIS for Windows Server 2019 — updated to version 2.0.0.
  • CIS for Windows Server 2022 — updated to version 2.0.0.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.7.1.1

Knowledge definition update released October 6, 2023

  • HPE CVEs — from 2022 affecting Hardware and Firmware are added.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Version 6.7.1.0

Application released October 3, 2023

  • Capacity Management for vSphere — Review your cluster capacity utilization, simulate host failure scenarios, or plan future workload deployments. This feature provides VMware admins with an essential, high level usage overview to prevent resource contention and service degradation. Combined with persistent historical utilization snapshots, it serves as an ideal starting point for monitoring growth and shaping the physical expansion strategy for each cluster.
  • CVSS Score for Vulnerabilities — The vulnerabilities view has been enhanced to include a separate column for the CVSS score. This adds another option for filtering and prioritizing detected vulnerabilities.
  • HCL Simulation for vSphere 8 U2 — Is your hardware still compatible? vSphere 8 Update 2 was recently released and the HCL data is already available for upgrade simulations.
  • Content Improvements.
  • With the inclusion of the vCenter Appliance Photon OS Security Technical Implementation Guide, Runecast now comprehensively addresses all of the DISA STIGs for vSphere 7.
  • HPE CVEs affecting Hardware and Firmware have been implemented to cover 2023.
  • BSI C5 security standard for AWS was implemented. C5 (Cloud Computing Compliance Controls Catalogue) assists organizations in showcasing their operational security against typical cyber threats when utilizing cloud services, in line with the German Government's “Security Guidelines for Cloud Providers”.
  • The CIS profile coverage was extended by adding Red Hat Enterprise Linux 9 and Oracle Linux 9 benchmarks.
  • Updated Memory Requirements — With the increased feature set and amount of covered knowledge rules, the minimum resource allocation for Runecast Analyzer has been revised. Please review and adhere to the current requirements.

Version 6.7.0.5

Knowledge definition update released September 21, 2023

  • New Linux CVEs added.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.7.0.4

Knowledge definition update released September 15, 2023

  • CIS for VMware ESXi 7.0 — updated to version 1.2.0.
  • New Microsoft CVEs added.
  • New Linux CVEs (24 RHEL, 81 Ubuntu) added.
  • Newly added - E8 for AWS..
  • New Kubernetes BPs added.
  • CVEs — from 2022 addedfor Agentless Vulnerability Scanning for AWS (5000+ CVEs).
  • More customizable checks added for Linux rules.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Version 6.7.0.3

Knowledge definition update released September 7, 2023

  • 6 more DISA STIG for vSphere 8.0 (Readiness Guide) profile sections are added.
  • Newly added - TISAX for Azure.
  • More customizable checks added for MS Windows rules.
  • More customizable checks added for Linux rules.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.7.0.2

Knowledge definition update released September 1, 2023

  • New VMware Vulnerability (VMSA-2023-0019) added.
  • Customizable checks added for MS Windows rules.
  • 4 new NSX KBs added.
  • New Linux CVEs (RHEL - 22 CVEs, Ubuntu - 79 CVEs) added.
  • A few manual STIG checks replaced with customizable checks.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Version 6.7.0.1

Knowledge definition update released August 24, 2023

  • DISA STIG for vSphere 8.0 (Readiness Guide) — draft version is added.
  • VCD Config Vault — is enriched.
  • DISA STIG, MS CIS and Azure PCI DSS were improved.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Version 6.7.0.0

Application released August 18, 2023

  • DORA Security Profile for vSphere and NSX — VMware vSphere and NSX engineers can now perform the necessary DORA assessments to demonstrate compliance with the EU financial industry regulatory standard.
  • Extended Coverage of DISA STIG for vSphere 7 — Our new vCenter collection mechanism allows automation of more DISA STIG rules for vSphere 7 and saves you many hours spent on manual validation.
  • Customizable Rules for OS — You can now customize certain site-specific rules for Operating Systems to fine-tune the automatic evaluation based on your organization's needs.

Version 6.6.0.5

Knowledge definition update released August 11, 2023

  • New VMware Vulnerability (VMSA-2023-0017) added.
  • New Linux CVEs (33 RHEL, 187 Ubuntu) added.
  • A few manual STIG checks replaced with customizable checks.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Version 6.6.0.4

Knowledge definition update released August 4, 2023

  • DISA STIG for vSphere 7.0 — updated to the latest version (Ver 1, Rel 2).
  • New Ubuntu CVE (CVE-2023-20867) added.
  • A few manual STIG checks replaced with customizable checks.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Version 6.6.0.3

Knowledge definition update released July 28, 2023

  • 3 Kubernetes CVEs added.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.6.0.2

Knowledge definition update released July 21, 2023

  • Newly added - CIS1.7.1 for Kubernetes.
  • Newly added - HIPAA for AWS.
  • New Microsoft CVEs added.
  • New Linux CVEs added.
  • New Kubernetes CVE added.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.6.0.1

Knowledge definition update released July 13, 2023

  • 3 Critical VMware KBs added.
  • Newly added - Cyber Essentials for AWS.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.6.0.0

Application released July 4, 2023

  • Agentless Vulnerability Scanning for AWS — Request early access to Runecast SaaS from Runecast portal, and perform agentless vulnerability scanning across all your Linux EC2 instances. The newly added option for role-based authentication to your AWS account makes it more secure and easier to set up.
  • Quick Access to Image Scan Results — Access container image scan results page via its URL from Runecast's API or Kubernetes Admission Controller, eliminating the need to manually select the correct organization.
  • More Usability Improvements — Ensure you never miss important information. Failed analyses and expiring licenses are highlighted to capture your attention.
  • Content Improvements — The ISO 27001 profile is enhanced to cover Microsoft Azure. Also, all Ubuntu CVEs dating back to 2020 are now included.

Version 6.5.6.3

Knowledge definition update released June 27, 2023

  • VMSA-2023-0014 — added.
  • New Microsoft CVEs added.
  • Remediation scripts added to cover DISA STIG profile rules for vSphere.
  • 4 Critical VMware KBs added.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.5.6.2

Knowledge definition update released June 16, 2023

  • VMSA-2023-0013 — added.
  • Newly added - Ubuntu CVEs for 2023.
  • Newly added - CIS Benchmark for Kubernetes v1.24.
  • Newly added - CIS Benchmark for Kubernetes v1.23.
  • Newly added - DISA STIG for NSX-T.
  • New Red Hat CVEs added.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Note: For Linux CVEs the product filter can be used with options Linux Ubuntu, Linux Red Hat or Linux to filter only CVEs of a specific Linux OS type.

Version 6.5.6.1

Knowledge definition update released June 8, 2023

  • DISA STIG for Windows Server 2016 — updated to the latest version (Ver 2, Rel 6)
  • DISA STIG for Windows Server 2019 — updated to the latest version (Ver 2, Rel 7)
  • DISA STIG for Windows Server 2022 — updated to the latest version (Ver 1, Rel 3)
  • Cyber Essentials — security profile updated to the latest version (Ver 3.1)
  • BSI — rules for Linux OS adjusted to show better ** Result Statuses.**.
  • New Linux CVEs from 2020 and 2021 are added (1570 CVEs).
  • New Microsoft CVEs are added (679 CVEs).
  • 2 Critical VMware KBs added.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support/feedback tickets.

Version 6.5.6.0

Application released June 1, 2023

  • Addressed usability issues in large environments.
  • Standard update and maintenance of knowledge rules, HCL records and system packages.

Version 6.5.5.2

Knowledge definition update released May 26, 2023

  • Remediation scripts for ~130 rules added.
  • CIS profile for AWS updated to 1.5.0.
  • Remaining NIST rules for AWS added.
  • Config Vault for VMware now contains more performance information and SMNP config details.
  • VMware BPs for overcommitment.
  • VMSA-2023-0010 regarding NSX-T added.
  • ~220 Red Hat CVEs added/updated.
  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.5.5.1

Knowledge definition update released May 19, 2023

  • 2 Critical VMware KBs added.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover knowledge description.

Version 6.5.5.0

Application released May 17, 2023

  • Simplified dashboard export — - Visualize and download the main dashboard report by clicking the “Export” button with no intermediate steps.
  • Enhancements to the Inventory view — The object selected in the Inventory view is now always revealed when browsing the “Analysis Findings” tab.
  • Configuration Vault improved statuses — - The Configuration Vault user experience has been improved in various statuses when there are no results to display for particular systems or objects.
  • Content — Added DISA STIG official version for vSphere 7 - Organizations using vSphere 7 can now audit their environment against the official version of DISA STIG.
  • Updated BSI IT-Grundschutz Compliance Profile to the 2023 Edition — - With Runecast 6.5.5.0 version Runecast German customers can audit their environments against the latest version BSI IT-Grundschutz: Edition 2023.

Version 6.5.4.2

Knowledge definition update released May 6, 2023

  • 4 — Critical VMware KBs added.
  • 1263 — new Microsoft CVEs added.
  • The NIST Compliance Profile is updated to NIST SP 800-53 Rev.5..
  • Multiple updates and modifications are done on the ISO 27001 and ** TISAX** profiles.
  • Standard update and maintenance of knowledge rules and HCL records.
  • Some rule adjustments to better cover the issues reported in support tickets.

Version 6.5.4.1

Knowledge definition update released April 28, 2023

  • Standard update and maintenance of knowledge rules and HCL records.
  • Added Hardware Compatibility Checks for vSphere 8.0 U1.
  • Some rule adjustments to better cover the issues reported in support tickets.

Version 6.5.4.0

Application released April 18, 2023

  • Exploit Information for VulnerabilitiesVulnerability view is now enhanced with additional metadata indicating whether any exploit information is available for a given CVE. This introduces another layer to risk prioritization based on severity levels.
  • Additional Result StatusesNot Applicable and Not Relevant statuses have been added to make the analysis results even more transparent and easy to consume.
  • Enhanced Inventory View — The Inventory view page has been redesigned to offer cohesive data and interactions across the board. This page displays the same issue grid, filters, and metadata as in other views, so you can quickly gain insights when checking the overall status of your infrastructure.
  • New Compliance Profile: TISAX — The Trusted Information Security Assessment Exchange (TISAX) standard helps to ensure information security in the automotive industry and is now available in the knowledge profiles list.
  • Updated OS Analysis Agent (Action Required) — New version of the OS agent is available. Update of the target systems is required to take advantage of new improvements.
  • Standard update and maintenance of knowledge rules, HCL records and system packages.

Version 6.5.3.5

Knowledge definition update released April 12, 2023

  • Standard update and maintenance of knowledge rules and HCL records.

Version 6.5.3.4

Knowledge definition update released April 6, 2023

  • Standard update and maintenance of knowledge rules and HCL records.
  • Some improvement done on the NIST and STIG rules regarding the Red Hat Enterprise Linux OS.

Version 6.5.3.3

Knowledge definition update released March 30, 2023

  • Standard update and maintenance of knowledge rules and HCL records.
  • CIS for Red Hat Enterprise Linux 8 is improved and updated to version 2.0.0.

Version 6.5.3.2

Knowledge definition update released March 25, 2023

  • Standard update and maintenance of knowledge rules and HCL records.
  • NSX-T and NSX-V SCG (a.k.a SH) profiles are updated.
  • 56 new Microsoft CVEs added.
  • Some rule adjustments to better cover the issues reported in support tickets.

Version 6.5.3.1

Knowledge definition update released March 20, 2023

  • Standard update and maintenance of knowledge rules and HCL records.
  • Newly added - ISO 27001 profile for ** Linux and ** Windows OS.
  • Some rule adjustments to better cover the issues reported in support tickets.

Version 6.5.3.0

Application released March 16, 2023

  • Preventing unexpected startup sequence in rare cases for OVA deployments.

Version 6.5.2.0

Application released March 14, 2023

  • The underlying OS for OVA and cloud image deployments has been upgraded.
  • Added possibility to delete multiple registered OS hosts at a time.
  • Standard update and maintenance of knowledge rules, HCL records and system packages.

Version 6.5.1.2

Knowledge definition update released March 3, 2023

  • Standard update and maintenance of knowledge rules and HCL records.
  • DISA STIG for Red Hat Enterprise Linux 7 was added.
  • ISO 27001 for AWS and vSphere updated.
  • Some rule adjustments to better cover the issues reported in support tickets.

Version 6.5.1.1

Knowledge definition update released February 24, 2023

  • Standard update and maintenance of knowledge rules and HCL records.
  • 37 new Microsoft CVEs.
  • Some rule adjustments to better cover the issues reported in support tickets.

Version 6.5.1.0

Application released February 17, 2023

  • Automated migration of potentially affected filters after upgrade to version 6.5.
  • DISA STIG for RHEL was updated to latest version (ver1, rel. 9)
  • Standard update and maintenance of knowledge rules.

Version 6.5.0.0

Application released February 9, 2023

  • Full Objects View in Issue Detail — analysis findings now include all relevant objects that took part in the issue evaluation with their respective status: Failed, Passed, and Filtered out.
  • New User Interface — introducing brand new dashboards and redesign of the Settings menu to bring more insights, streamlined interactions and better control.
  • Filters in the URL — enables to quickly re-apply desired filter selection on any issue view by storing or sharing the URL.
  • Knowledge profiles updates — Updated VMware Guidelines versions – Each vSphere version has now a dedicated section. Please double-check your filters in order to not affect the results of the analysis.
  • Updated PCI DSS update to version 4.0.
  • Added BSI IT Grundschutz Edition 2022 for Linux Ubuntu, Red Hat, Suse, and CentOS.
  • Added DISA STIG for Windows servers – DISA STIG (V1R1) for Windows Server 2022 and updates to DISA STIG for Windows Server 2016 and 2019 to the latest published version (V2R5)
  • Added CIS for CentOS 7.
  • Updated DISA STIG for RHEL 8.

Version 6.3.1.3

Knowledge definition update released February 3, 2023

  • BSI security standard updated to version 2022.
  • BSI for Linux is added covering Ubuntu, Red Hat, Suse and CentOS.
  • Standard update and maintenance of knowledge rules and HCL records.