Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
JupiterOne 2020.43 Release - AskJ1 Community
<main> <article class="userContent"> <p>2020-04-14</p> <h2 data-id="new-features">New Features</h2> <ul><li><p>Let there be color! Introducing <strong>conditional color settings</strong> of the number<br> value in an Insights widget.</p> <p>This allows you to build more visual dashboards like the <em>Risk Register</em><br> example below:</p> <p><img src="https://us.v-cdn.net/6035534/uploads/HA8VCJTZGEVC/dashboard-risk-register.png" alt="insights-risk-register" class="embedImage-img importedEmbed-img"></img></p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">Check out a corresponding blog of our internal risk assessment automation:<br><a rel="nofollow" href="https://jupiterone.com/blog/building-streamlined-cyber-risk-assessment-process-using-jira-and-jupiterone/">https://jupiterone.com/blog/building-streamlined-cyber-risk-assessment-process-using-jira-and-jupiterone/</a></p> </div></blockquote> <ul><li><p>Interface to configure app access for each user group/role:</p> <p><img src="https://us.v-cdn.net/6035534/uploads/DKOWN7X7JB7R/app-permissions.png" alt="app-permissions" class="embedImage-img importedEmbed-img"></img></p> <p>See <a rel="nofollow" href="../docs/jupiterone-access-controls.md">this doc for more details</a>.</p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">This is an early access feature of PLUS/ENTERPRISE subscription tier.<br> Contact your account manager to request access.</p> </div></blockquote> <p>></p> <blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">BASE subscription tier accounts will continue to have the basic Full Admin<br> vs. Read Only access control.</p> </div></blockquote> <ul><li><p>An exciting new beta app: <strong>My Security</strong>!</p> <p>My Security provides a very focused view for every individual member of an<br> organization -- especially developers. The app contains widgets that help<br> distribute security tasks and their status to each team member in an effort to<br> make security <em>everyone's responsibility</em>.</p> <p>See example screenshot below:</p> <p><img src="https://us.v-cdn.net/6035534/uploads/6BE1V1EMJKLI/my-security-beta.png" alt="my-security-beta" class="embedImage-img importedEmbed-img"></img></p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">This is an early access feature of PLUS/ENTERPRISE subscription tier.<br> Contact your account manager to request access.</p> </div></blockquote> <h2 data-id="integrations">Integrations</h2> <ul><li><p><strong>[AWS]</strong>:</p> <ul><li><p>Added support skipping selected sub-accounts when auto-configuring J1-AWS<br> integrations from an Organizations master account. This is done by adding<br> the optional <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">j1-integration: SKIP</code> tag to the sub-account from AWS<br> Organizations web console.</p></li> <li><p>Mapped <strong>ENI relationships to ES, ElastiCache, and ELB</strong> resources using an<br> ENI.</p></li> <li><p>Added support for <strong>CloudWatch Metric Alarms</strong>.</p></li> <li><p>Added support for <strong>VPC Peering</strong> and create mapped relationships to peer<br> VPC in either the same account or a different one. Type in the keyword <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">VPC</code><br> in query search bar or question library to see included questions:</p></li> </ul></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <ul><li>What are the VPC Peering connections?</li> <li>Are there cross-account VPC Peering connections?</li> <li>Are there cross-region VPC Peering connections?</li> <li>Are there VPC Peering connections to outside accounts?</li> </ul></div></blockquote> <ul><li><p>Correctly parse <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">state</code> of a <strong>CloudFront Distribution</strong> and improved its<br> mapping to Route53 DNS records and S3 buckets.</p></li> <li><p>Added the ability to parse <strong>GuardDuty Finding principal details</strong> and<br> create mapping to IAM user/role/key, AWS account, and/or Person associated<br> with a finding.</p></li> <li><p>Fixed a pagination issue when reading RDS parameters.</p></li> <li><p>Fixed an issue where KMS describeKey receives 400 response that terminates<br> the integration step.</p></li> <li><p>Added more pre-packaged query questions to library, including full support<br> for <strong>CIS AWS Foundations Benchmark</strong>.</p> <ul><li><strong>[Azure]</strong>:</li> </ul></li> <li><p>Added <strong>OS detail</strong> properties to <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">azure_vm</code> entities, including:<br><code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">adminUser</code>, <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">disablePasswordAuthentication</code> (boolean flag), <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">osName</code>,<br><code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">osVersion</code>, and <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">platform</code>.</p></li> <li><p>Added <strong>SQL database transparent data encryption (TDE)</strong> setting ingestion.<br> If <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">TDE</code> is enabled, the property on a <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">azure_sql_database</code> entity will be<br> set to <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">{ encrypted: true }</code>.</p></li> <li><p>Various improvements on handling Azure API throttling and error responses.</p> <ul><li><strong>[Nmap]</strong>:</li> </ul></li> <li><p>Added a new <strong>Nmap</strong> integration to scan local network and add discovered<br> devices to JupiterOne via API.</p> <p>This is a locally executed integration. For details, see:<br><a rel="nofollow" href="https://github.com/JupiterOne/graph-nmap">https://github.com/JupiterOne/graph-nmap</a></p> <ul><li><strong>[Whois]</strong>:</li> </ul></li> <li><p>Added a <strong>Whois</strong> integration to look up details of your domains registered<br> with any registrar. The entities will be created as <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">internet_domain</code> with<br> properties such as <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">expiresOn</code> and domain contact details.</p></li> <li><p>A new <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">domain-expires-in-30-days</code> alert rule can be imported from the<br><strong>JupiterOne Alerts Rule Pack</strong>.</p></li> </ul><h2 data-id="improvements-and-bug-fixes">Improvements and Bug Fixes</h2> <ul><li><p>Added alert threshold level indication to daily digest emails</p></li> <li><p>Added support to allow users to create an alert rule with identical name to a<br> previously deleted rule</p></li> <li><p>Improved processing of compliance requirement status</p></li> <li><p>Improved layout of the question results in Landing</p></li> <li><p>Added Slack body configuration option to visual rule editor</p></li> <li><p>Improved browser tab/window title display across all apps to show app name<br> instead of just "JupiterOne Home" for all apps</p></li> <li><p>Improved error boundaries of several frontend components, such as Query Library</p></li> <li><p>Fixed an issue where editing an alert rule from the alerts view fails, if the<br> rule action contained <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">mapTemplate</code> function</p></li> <li><p>Improved "No Data" UI display of Insights dashboard widgets</p></li> <li><p>Various other UI layout bug fixes</p></li> </ul> </article> </main>