Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
JupiterOne 2020.44 Release - AskJ1 Community
<main> <article class="userContent"> <p>2020-04-30</p> <p>Had a sprint focused on new integration SDK and new integrations. In the past<br> two weeks, our dev team made <strong>160+ commits</strong> to the <strong>new integration sdk</strong> and<br><strong>data model</strong>, plus <strong>250+ commits</strong> across <strong>14 integrations</strong>!</p> <p>See <a rel="nofollow" href="#integrations">Integrations section</a> below for more details.</p> <p><strong>Also, see an important update on an AWS entity class label change below.</strong></p> <h2 data-id="new-features">New Features</h2> <ul><li><p>Lots of improvements made to the <strong>Graph Viewer</strong>!</p> <ul><li>Introducing a new <strong>tree mode</strong> to the graph viewer for a cleaner, more<br> organized graph view. Toggle between <strong>tree / cluster</strong> mode using the<br> graph viewer mode control icon shown below.</li> </ul></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line"><img src="https://us.v-cdn.net/6035534/uploads/ONFKYVLW9ZN6/graph-tree-mode.png" alt="graph-tree-mode" class="embedImage-img importedEmbed-img"></img></p> </div></blockquote> <ul><li>Added <strong>auto-grouping</strong> of graph nodes of the same type, and a <strong>list view</strong><br> to scroll through each item in the group. Select an item in the list to see<br> its detailed properties.</li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line"><img src="https://us.v-cdn.net/6035534/uploads/8YUZJSHALWNW/graph-node-grouping.png" alt="graph-node-grouping" class="embedImage-img importedEmbed-img"></img></p> </div></blockquote> <ul><li>Added <strong>ring decoration</strong> to Finding and Vulnerability entity nodes to show<br> a colored ring/border based on severity.</li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line"><img src="https://us.v-cdn.net/6035534/uploads/KNHMLPBQFOLC/graph-node-color-ring.png" alt="graph-node-color-ring" class="embedImage-img importedEmbed-img"></img></p> </div></blockquote> <ul><li>Improved <strong>pie chart layout</strong> in <strong>Insights dashboards</strong>. Also made long list<br> in legend scrollable.</li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line"><img src="https://us.v-cdn.net/6035534/uploads/0QR0CYV3RNRZ/insights-widget-pie-chart.png" alt="insights-widget-pie" class="embedImage-img importedEmbed-img"></img></p> </div></blockquote> <ul><li><p>New public facing <strong>JupiterOne Questions</strong> site.</p></li> <li><p>Added toggle button to <strong>expand/collapse all sections</strong> in a<br> selected <strong>compliance standard or questionnaire</strong>.</p></li> <li><p>Improved version history diff of security policies and procedures document<br> text.</p></li> </ul><h2 data-id="integrations">Integrations</h2> <h3 data-id="sdk-and-data-model">SDK and Data Model</h3> <ul><li><p>New and greatly improved <strong>Integration SDK v2</strong> to make developing new<br> integrations much simpler:</p> <p><a rel="nofollow" href="https://github.com/JupiterOne/integration-sdk">https://github.com/JupiterOne/integration-sdk</a></p></li> <li><p>Released JupiterOne <strong>Data Model</strong> schemas to GitHub:</p> <p><a rel="nofollow" href="https://github.com/JupiterOne/data-model">https://github.com/JupiterOne/data-model</a></p></li> </ul><h3 data-id="initial-release-of-10-new-integrations-beta">Initial release of 10 new integrations (beta)</h3> <ul><li><a rel="nofollow" href="../APIs_and-integrations/device-management/graph-cisco-meraki.md"><strong>Cisco Meraki</strong></a></li> <li><a rel="nofollow" href="https://jupiterone.vanillacommunities.com/kb/articles/997-digicert-integration-with-jupiterone"><strong>DigiCert</strong></a></li> <li><a rel="nofollow" href="https://jupiterone.vanillacommunities.com/kb/articles/998-duo-integration-with-jupiterone"><strong>Duo</strong></a></li> <li><a rel="nofollow" href="../docs/integrations/heroku/graph-heroku.md"><strong>Heroku</strong></a></li> <li><a rel="nofollow" href="https://jupiterone.vanillacommunities.com/kb/articles/1014-npm-integration-with-jupiterone"><strong>NPM</strong></a></li> <li><a rel="nofollow" href="https://jupiterone.vanillacommunities.com/kb/articles/1016-pagerduty-integration-with-jupiterone"><strong>PagerDuty</strong></a></li> <li><a rel="nofollow" href="../../APIs_and-integrations/code/graph-qualys.md"><strong>Qualys</strong></a></li> <li><a rel="nofollow" href="https://jupiterone.vanillacommunities.com/kb/articles/1022-slack-integration-with-jupiterone"><strong>Slack</strong></a></li> <li><a rel="nofollow" href="../docs/integrations/snowflakegraph-snowflake.md"><strong>Snowflake</strong></a></li> <li><a rel="nofollow" href="../docs/integrations/trend-micro/index.md"><strong>Trend Micro</strong></a></li> </ul><h3 data-id="updates-to-aws-azure-and-other-existing-integrations">Updates to AWS, Azure, and other existing integrations</h3> <ul><li><p><strong>[AWS]</strong>:</p> <ul><li>Added ingestion of <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_nat_gateway</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_vpn_gateway</code> in a VPC</li> <li>Analyze EBS snapshots to determine <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">shared</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">public</code> status</li> </ul></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">Try these two new questions:</p> </div></blockquote> <pre class="code codeBlock" spellcheck="false" tabindex="0">> </pre> <blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <ul><li><strong>Are there EBS snapshots shared with other accounts?</strong></li> <li><strong>Are there EBS snapshots shared publicly?</strong></li> </ul></div></blockquote> <ul><li><p>Updated relationship mappings between <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_route53_record</code> entities to<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">IpAddress</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">NetworkInterface</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Gateway</code> (e.g. ALB/ELB), <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">SES Service</code>,<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">ACM Service</code>, and other <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_route53_record</code> (alias records) entities.</p></li> <li><p>Added mapping of several saved AWS queries/questions to <strong>PCI DSS</strong> standard<br> requirements</p></li> <li><p>Tweaked queries in question "Which IAM policies in addition to<br> "AdministratorAccess" allow full admin access to any and all resources?" to<br> include separate queries/sections for <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">admin-role-inline-policies</code> and<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">exceptions</code>.</p></li> <li><p>Fixed IAM policy parsing to set <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">update</code> flag for <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Change*</code> IAM permissions.</p></li> <li><p>Set <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">baseUrl</code> property on <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_s3_bucket</code> entities to:<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">https://${bucket.bucketName}.s3.amazonaws.com</code></p></li> <li><p>Updated the <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">_class</code> on <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_route53_zone</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_route53_record</code> entities:</p> <ul><li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_route53_zone</code> class will be <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">DomainZone</code> (previously <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Domain</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Zone</code>)</li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">aws_route53_record</code> class will be <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">DomainRecord</code> (previously <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">DomainRecord</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Record</code>)</li> </ul></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line"><strong>Important:</strong> Please update your queries in saved questions and/or alert rules accordingly.</p> </div></blockquote> <ul><li><p><strong>[Azure]</strong>:</p> <ul><li><p>Added ingestion of <strong>Cosmos DB</strong> resources: <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_cosmosdb_account</code>,<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_cosmosdb_sql_database</code>.</p></li> <li><p>Added ingestion of more <strong>Storage</strong> resources: <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_storage_file_service</code>,<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_storage_share</code>.</p></li> <li><p>Added Key Vault resources: <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_keyvault_service</code>.</p></li> <li><p>Set <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">encrypted</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">enableHttpsTrafficOnly</code> flags and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">kind</code> property on<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_storage_*_service</code>, as appropriate based on improved configuration<br> analysis.</p></li> <li><p>Set <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_managed_disk.encrypted</code> based on presence of <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">encryption.type</code>.</p></li> <li><p>Several bug fixes.</p></li> </ul></li> <li><p>Improvements and bug fixes in <strong>GitHub</strong>, <strong>Bitbucket</strong>, and <strong>Carbon Black</strong><br> integrations.</p></li> </ul><h2 data-id="community-projects">Community Projects</h2> <ul><li><p>Released beta version of <strong>JupiterOne Terraform Provider</strong>:</p> <p><a rel="nofollow" href="https://github.com/JupiterOne/terraform-provider-jupiterone">https://github.com/JupiterOne/terraform-provider-jupiterone</a></p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">This allows users to write terraform code to describe and provision<br> jupiterone questions (saved queries) and alert rules, similar to how you use<br> terraform code to provision AWS resources. We plan to add resources to<br> describe compliance standards, groups, SAML clients, and more in the future.</p> </div></blockquote> <ul><li><p>Added support to <strong>publish policies to Confluence</strong> in<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">security-policy-builder</code> via the command <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">psp publish --confluence</code> to<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">security-policy-builder</code>; plus several minor bug fixes.</p></li> <li><p>Improved policy and procedure templates to better handle HIPAA related<br> statements conditionally.</p></li> </ul><h2 data-id="improvements-and-bug-fixes">Improvements and Bug Fixes</h2> <ul><li><p>Fixed issue with setting chart number color when condition equals to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">0</code>.</p></li> <li><p>Fixed a couple of UI issues with the onboarding wizard.</p></li> </ul> </article> </main>