Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
JupiterOne 2019.33 Release - AskJ1 Community
<main> <article class="userContent"> <p>2019-11-12</p> <h2 data-id="new-features">New Features</h2> <ul><li><p>Added <strong>math support</strong> in J1QL queries! Math operations can also be combined<br> with aggregation functions. For example:</p> <p><em>What is my database backup cost per AWS account?</em></p> <pre class="code codeBlock" spellcheck="false" tabindex="0">FIND (aws_db_cluster_snapshot|aws_db_snapshot) as snapshot RETURN snapshot.tag.AccountName as Account, sum(snapshot.allocatedStorage) * 0.02 as EstimatedCost </pre></li> <li><p>From <strong>Landing</strong>, if a result result contains the full entity (i.e. the JSON<br> data contains the <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">_id</code> property of an entity), the entity can be selected to<br> show the property panel.</p></li> <li><p><strong>Compliance</strong> app:</p> <ul><li><p>Compliance <strong>summary legends</strong> -- clicking on a summary bar will bring up a<br> legend display with more details.</p></li> <li><p>Added <strong>Compliance Summary Download</strong> option, which includes a CSV that<br> contains the summary status of all requirements/controls of the selected<br> standard in one file.</p></li> <li><p>Supports <strong>Questionnaire</strong> as a specific compliance standard type (in the<br> compliance standard JSON, add <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">"type": "questionnaire"</code>).</p></li> </ul></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">This allows you to manage <strong>security review questionnaires</strong> from partners,</p> </div></blockquote> <pre class="code codeBlock" spellcheck="false" tabindex="0">customers, or prospects by providing and tracking the **"answers"** without providing full evidence. </pre> <ul><li><p>Added support to <strong>link to externally hosted policies and procedures</strong> that<br> are mapped to compliance requirements, using the <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">webLink</code> property. Use the<br><code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">policy-builder</code> CLI to set the <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">webLink</code>.</p> <ul><li><p>Re-designed UI/UX for the <strong>Asset Inventory dashboard</strong> with a card-type view<br> on initial load.</p></li> <li><p>Added a number of managed/pre-packaged query questions. A catalog will be<br> published soon.</p></li> </ul></li> </ul><h2 data-id="integrations">Integrations</h2> <ul><li><p><strong>AWS</strong>: Added support for the following services and resources</p> <ul><li><p><strong>ECR</strong> - container repositories (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecr_repository</code>), container images<br> (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecr_image</code>), and image scan findings (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecr_image_scan_finding</code>)</p></li> <li><p><strong>ECS</strong> - ECS clusters (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecs_cluster</code>), services (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecs_service</code>),<br> container instances (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecs_container_instance</code>), task definitions<br> (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecs_task_definition</code>), and tasks (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_ecs_task</code>)</p></li> <li><p><strong>Batch</strong> - compute environments (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_batch_compute_environment</code>), job<br> definitions (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_batch_job_definition</code>), job queues (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_batch_job_queue</code>),<br> and jobs (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">aws_batch_job</code>)</p></li> </ul><p>See updated <a rel="nofollow" href="../docs/integrations/aws/index.md">AWS integration doc</a> for<br> details, including the relationships, usage patterns, and IAM permissions<br> mapped across the above resources.</p></li> <li><p><strong>Azure</strong>:</p> <ul><li><p>Added support for more networking resources: virtual networks<br> (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">azure_vnet</code>), subnets (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">azure_subnet</code>), and security groups<br> (<code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">azure_security_group</code>).</p></li> <li><p>Fixed an issue fetching members of an Azure AD group due to permission<br> configuration.</p></li> </ul><p>See updated <a rel="nofollow" href="../docs/integrations/azure/graph-azure.md">Azure integration doc</a><br> for details, including the relationships across the above resources.</p></li> <li><p><strong>Jamf</strong>:</p> <ul><li><p>Enabled raw data collection for Jamf resource entities.</p></li> <li><p>Improved parsing of disk encryption status to be more accurate.</p></li> </ul><p><em>Note there is a bug in Jamf API where the JSON response is missing the boot partition for certain computer objects.</em></p></li> </ul><h2 data-id="improvements-and-bug-fixes">Improvements and Bug Fixes</h2> <ul><li><p>Improved the Trend display of an alert to aggregate alert evaluation data<br> points when the alerted results were identical.</p></li> <li><p>Fixed a few UI issues with Compliance app and Alerts/Vulnerability app.</p></li> <li><p>Fixed an issue where editing a compliance evidence question immediately after<br> it is created in the compliance requirement view fails.</p></li> <li><p>Fixed an issue where certain integration configuration instance not showing up<br> despite correct count of instances.</p></li> <li><p>Fixed an issue where the query name of named queries in a question did not<br> show up when the question is being edited in the Compliance app.</p></li> <li><p>Fixed a rare UI rendering with graph viewer when nodes are selected in a<br> certain order.</p></li> <li><p>Fixed an issue where the first trailing space was unexpectedly trimmed when<br> typing in a query in Landing.</p></li> </ul><h2 data-id="experimental-beta-features">Experimental/Beta Features</h2> <ul><li><p>Allow users to trigger "auto mapping" of policies/procedures and evidence<br> questions for a selected compliance standard.</p> <p><em>The "auto mapping" is based on fuzzy matching of compliance requirement keywords.</em></p></li> </ul> </article> </main>