-
Do compliance standards, frameworks, benchmarks get continually updated with new version releases?
Do compliance/regulatory requirements, standards, frameworks, benchmarks, etc. get continually updated when they undergo new version releases along with the corresponding changes?
-
Are compliance (GRC) automation tools LIKE JupiterOne accepted by auditors?
Are compliance (GRC) automation tools LIKE JupiterOne accepted by auditors?
-
How can I obtain information about S3 buckets that allow “ALL” permissions?
Need gather both compliant and non-compliant details regarding an S3 bucket that allows all permissions.
-
I would like to create entities relationships through the API.
Using _fromEntity*Id* and _toEntity*Id* works. I was not able to create entities using keys. How does _fromEntity*Key* and _toEntity*Key* work? I wonder if I can create relationships using Ids and Keys, eg: _fromEntity*Id* > _toEntity*Key*.
-
Alert is triggering daily with the same values.
I have an alert that is triggering daily with the same values vs just triggering when there is a change. Do you have any tips to see when either an ExternalID changes or when a new IAM Role shows up with an ExternalID in its trust document.
-
How can I see all Ingress/Egress rules at the SG/NACL level that are being used.
I am currently using the following: FIND aws_security_group as sg
RETURN sg.name, sg.tag.AccountName, sg.accountId, sg.ingressRules,sg.egressRules, sg.region, sg.description
-
Can I see the relationships that pertain to an entity via table format?
Is there a way I can see all of the relationships that pertain to an entity via table format?
-
Is there a way to summarize data using J1QL similar to Splunk’s stats function?
I’d like to get a count of the percentage of buckets that have versioning enabled.
-
I would like to extract something out of the raw data collected on IAM roles.
I am trying to grab a list of all the external Ids in use to make sure there aren’t any “guessable” or weak externalIds in use. Specifically, AssumeRolePolicyDocument->Statement->Condition->StringEquals->sts:ExternalId. Is this possible?
-
AMA: Is there a way to summarize data using J1QL similar to Splunk's stats function?
"Is there a way to summarize data using J1QL similar to Splunk's stats function? For example, I'd like to get a count of the percentage of buckets that have versioning enabled... something like this: find google_storage_bucket | stats count(id) by versioningEnabled Ideally, that would return two rows:true - # of buckets…
-
How to understand if we comply with our security policy and procedure?
I would like to use JupiterOne to understand how effectively my organization is complying with policy and procedure. How do I identify policies that are aligned with procedures, which either have gaps or non-compliant requirements?
-
How to locate all non-compliant host agents?
How do I locate all hosts agents that are non-compliant?
-
How to display 3rd-party users with Insights dashboards?
Can I create a dashboard that displays my 3rd-party user accounts over time within JupiterOne Insights? Specifically, I am wondering how to setup a histogram featuring external users created per month, covering a six month span, within my Insights dashboards?
-
How does J1 use the platform to create a risk registry that shows accepted risk? (using crowdstrike)
How does J1 use the platform to create a risk registry that shows accepted risk? And what's an example? Current query: Find UNIQUE crowdstrike_sensor with reducedFunctionalityMode=“yes” as c
return c.serviceProviderAccountId
-
How to create a formal, compliant cloud-native risk management process?
How do your customers use JupiterOne to create a formal, compliant risk management process? I am especially interested in any opportunities to automate or streamline our risk assessment process, since risk management is difficult in a cloud-native environment.
-
What does "mapping" vs "unmapping" mean for user accounts in JupiterOne?
I have a question about my JupiterOne Insights Dashboard for User Access and how it displays our user accounts by status. The second panel from the bottom is labeled "SYSTEM/SHARED/EXTERNAL/UNMAPPED USER ACCOUNTS". What does "mapping" vs "unmapping" mean for user accounts in JupiterOne?
-
Trying to improve employee onboarding process. How can J1 help?
How do I automate the employee onboarding process, especially the compliance requirement for new hires to review and accept our security policies? Can I use JupiterOne to create a workflow for employee onboarding, including the review and acceptance of policy documents?
-
How to update these values in Policies?
{{privacyOfficerName}} and {{securityOfficerName}}?
-
How do I add contextual details to my compliance controls in JupiterOne?
When one uses the workflow feature to -- for example -- "open" a control for evidence collection, how does one specify context (i.e. the date when the audit is performed, a. project number or code, etc.)? Can one do that?
-
Can I set specific scope filters for my compliance items?
For your benchmarks and compliance standards can we just have specific items included in them? I am interested in sorting my compliance frameworks according to scope to display only in-scope AWS accounts, integrations, and similar.
-
How long does it take for compliance results to show?
Hi, I turned on several Compliance Standards and Benchmark Frameworks and nothing is showing up yet for results?
-
How many security compliance audits are you doing in 2022?
How many audits are you partially - or solely - responsible for next year? Studies show the average CISO is responsible for around 3 audits per year, most commonly HITRUST, HIPAA, and PCI DSS. At software companies, the most common audit is SOC 2.
-
How do I update privacy officer and security officer in my JupiterOne compliance policies?
How do update these values in my JupiterOne compliance policies? I want to define {{privacyOfficerName}} and {{securityOfficerName}}
.png)