.png)
Vulnerabilities and Support for Availability Zones added to CrowdStrike Integration
- Integration: CrowdStrike (https://github.com/JupiterOne/graph-crowdstrike)
- Version: 2.2
- Release Date: Monday, June 13, 2022
Description
JupiterOne is adding vulnerabilities to the CrowdStrike integration. This will allow you to query any vulnerabilities that are discovered by the CrowdStrike sensor.
We are also adding the ability for customers to specify an availability zone in a CrowdStrike configuration if needed.
What changes are coming?
Vulnerabilities Ingested
A new entity and relationship has been added to the CrowdStrike integration
Resource | Entity _type | Entity _class |
|---|---|---|
Vulnerability | crowdstrike_vulnerability | Finding |
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
crowdstrike_vulnerability | EXPLOITS | crowdstrike_sensor |
To ingest Vulnerabilities your API token must include the Spotlight Vulnerabilities scope. If this scope is not available, the integration will continue to run, but vulnerabilities will not be ingested and there will be a warning in the job log.
Availability Zone
If customers need to configure an availability zone for the CrowdStrike APIs that are used in the integration, a new field has been added to the configuration screen. If no value is entered, it will default to the standard API URL, https://api.crowdstrike.com.
If an availability zone is added, such as us-2, then the API URL used to retrieve data from CrowdStrike will use the availability zone, https://api.us-2.crowdstrike.com.
Permissions
To ingest Vulnerabilities your API token must include the Spotlight Vulnerabilities scope. If this scope is not available, the integration will continue to run, but vulnerabilities will not be ingested and there will be a warning in the job log.
Release Process
The changes that are being made to the CrowdStrike integration will be released to all customers on Monday, June 13, 2022.
Billable Assets Impact
The crowdstrike_vulnerability is a non-billable entity.
Additional Information
The code for this integration is available in the public repo on GitHub: https://github.com/JupiterOne/graph-crowdstrike
This Month's Leaders
Categories
- 336 All Categories
- Featured Categories
- 7 About the AskJ1 Community
- 11 Product Announcements
- From Mission Control
- 1 Rapid Response
- 3 How J1 Uses J1
- Topics
- 131 Asset Management
- 56 Compliance & Reporting
- 65 Security Operations
- 40 Security Engineering
- 5 Open Source
- 18 News, Careers and More