-
Is there any way to fire an alert when a condition is true for 2 days (or any amount of time)?
The idea is to create an alert that is activated when an entity matches a status for a certain amount of days
-
Do you support SCIM for auto provisioning users?
I want Okta to automatically create J1 users instead of having to manually input users into J1 and then setting up Okta
-
How would you return a list of GitHub repositories AND only the oldest PR for that repo?
I'm retrieving a list of all the GitHub repos for the Security GH Team, and would like to see the oldest PR for each repo (basically a staleness check).
-
Is there a J1 alert we could configure that could fire if/when an integration fails?
Especially when an integration fails several times in a row.
-
Does JupiterOne have a query to address OpenSSL version 3.x vulnerabilities?
Mitigation of any and all vulnerabilities is critical to our day to day security operations.
-
How can I identify which Okta user groups are assigned AWS IAM Roles?
To obtain a list of policies and actions to AWS resources that have been granted to Okta user groups.
-
How can I obtain an AWS Role trust condition specifically the Assume Role Policy Document?
This will allow us to check principal federated roles and it's conditions.
-
What query will locate only internal Azure users?
When I search for azure users in JupiterOne I'm getting matches from people tagged as external to our company with whom we've previously shared content.
-
What is the rate-limit for API invocations?
What is the rate-limit for API invocations? I'd like to automate a few processes on my end.
-
How do I create a list of all Github admins?
I'd like a list of all Github Admins so that I can review it periodically. How do I do that?
-
Should I be using the "SAML Metadata Document URL" and the "SAML Metadata File" with Okta SSO?
I'm setting up Okta Single Sign On in my account. Should I be using the "SAML Metadata Document URL" and the "SAML Metadata File" or just one or the other?
-
How do I access the playground account?
I accepted the invite to the playground account to work with sample data. How do I access the playground account?
-
Is there a way to return the count of aws_instances each individual aws_account itself has?
I'm taking inventory of aws_instances per aws_account. How do I return the count of aws_instances each individual aws_account itself has?
-
Should the Account ID I use to make API calls be the same as my co-workers?
Hi! I'm hoping to make some API calls and need my Account ID to do so. I used the following query to find my Account ID in the JupiterOne app: FIND jupiterone_account as a return a._accountId However, the account ID I found is the same one my co-worker is using. Is that expected?
-
How do I get a COUNT of all active integrations in my JupiterOne account?
Is there a query that will give me a COUNT of all active integrations in my JupiterOne account?
-
What permissions will a user end up if they are in two different J1 groups?
If a user ends up in two different J1 groups, does their access become a combination of their app and query permissions across both? Does J1 use least privilege principle?
-
identify secrets/sensitive information in AWS Lambda Environment Variables?
is there a J1 query we can be use to identify secrets/sensitive information in AWS Lambda Environment Variables.
-
How to obtain ingress and egress security rules in our Azure environment?
Need to generate Inbound and outbound Azure firewall security policies.
-
How do I generate a list of all inactive Jira users?
I want a comprehensive list of all "inactive" Jira users so that I can delete them. How do I generate that list in JupiterOne?
-
Tenable Vulnerability findings do not return consistent results with few properties
Hi team, I am trying to search Tenable Vulnerabilities that are firstSeenOn or scan.completed_at properties but the query is not returning correct results can you please check and assist on this.
-
How to locate dangling elastic IP's to prevent IP Takeovers?
Hello! My team is looking for a way to locate any leftover (Dangling) IP addresses in our environment to help prevent IP takeovers. Is there a query that will help identify if any are present?
-
How can I traverse the graph to find identities that have root-like privileges?
I’m trying to identify all human users that have the ability to become a root user in an AWS production account. How can I traverse the graph of trust to also find identities that have root-like privileges (e.g. admin or impersonation) on those admin accounts, and identities that have permission to those indirect admin…
-
How do I know if I'm vulnerable to the flaw found in Apache Cassandra?
I saw a couple articles on SC Media and Threatpost outlining a new vulnerability found in Apache Cassandra - CVE-2021-44521 Do you have any queries that would help me find out if our systems are at risk?
-
Is JupiterOne a siem tool?
Wanted to know the difference
-
AMA: Find AWS Instances by their Private IP Addresses
How would I construct a query that finds AWS instances by their private IP addresses that return public IPs, AMIs, Accounts, Instance IDs and any tags associated with each?
-
AMA: How to Track Professional Associations, Security Forums, and Threat Intel Sources
"Is there an integration that brings in assets related to this query? What is the data model for the assets that support this query?" Find (professional_association| security_forum|threat_intel_source) -- Bob
-
AMA: Identify S3 Buckets Open to Cross-Account Attacks
"We have been asked to identify any of our S3 buckets that are exploitable by the resource policy trusting the AWS service blindly and not checking for the source account as described in this article. "I found buckets that trust CloudTrail, but haven’t been able to decipher the next part of the query to find them if they…
-
How can I determine if userData secrets are leaked from an autoscaling launch configuration?
I want to avoid exposing secrets from an autoscaling launch configuration that contains EC2 userData.
-
How do I get a list of my most expensive AWS buckets?
Is there a query for the Top 10 AWS S3 Buckets by Size and Cost?
-
Is it possible to store dependency graph in J1?
Similar to this https://npmgraph.js.org/?q=dat ? And query it with the API?