2020-06-02 New Features Support bulk add entities or relationships by uploading a JSON or YAML file from the Asset Inventory app. Read instructions here. Bulk upload is also supported via [API][2]. New features in the Graph View: Highlights a selected entity node and its connections (related entities) while unrelated ones are faded out to improve focus and visual contrast. Entity property drawer for grouped entities will show a listing of items in the group. Added support to delete a policy or procedure in the Policies app. Also added support to re-arrange the order of policies and procedures in the UI. New improved timeline view for alerts. Also, sorting by severity in the Alerts view now sorts based on its numeric value instead of string value. Added support to track vulnerability finding exceptions. Admin users can mark a vulnerability finding as an "exception", and provide an exception reason. Added support for "one-to-many" mapping of uploaded compliance evidence -- users can select a previously uploaded evidence file to map to a compliance requirement instead of uploading it again. Integrations Initial release of 4 new integrations (beta) Bugcrowd Detectify NowSecure Snipe-IT Updates to AWS, Azure, and other existing integrations [AWS]: Analyze S3 bucket policy to determine secureTransport status; and added support to obtain bucketSizeBytes and numberOfObjects for S3 buckets via CloudWatch metrics. The latter requires cloudwatch:GetMetricData permission to be added toJupiterOneSecurityAudit IAM policy. [Carbon Black]: Normalize the format of macAddress to all lower case and separated with : every two characters. This allows for more consistent mapping of host agents/sensors to devices based on the MAC address. [Cisco AMP]: Map relationships from endpoint agents to endpoint devices based on hostname or MAC address. [Cisco Meraki]: Map discovered network clients (endpoints) to Host/Device entities. [Jamf]: Normalize Serial Number (serial), MAC address (macAddress) properties. Normalize timestamp properties: createdOn, enrolledOn, lastSeenOn,lastReportedOn. Capture OS details: platform, osName, osVersion, osBuild. Improvements and Bug Fixes Lots of behind-the-scenes improvements to the integration pipeline. Various UI updates including new icons for entities. Improved node grouping consistency in the graph viewer. Improved error handling in policies app. Fixed a bug where the config.json file in downloaded policies zip package contains default provider for a procedure, if the procedure's provider value was deleted via the UI. Improved the UI for adding and updating a policy/procedure document. Fixed an issue with the font size of entity property tabs being too large on certain browsers and screen resolutions. Fixed a bug where certain array items were displayed as a single concatenated string instead of comma separated values in the Asset Inventory table. Community Projects Added GitHub repo web links to integration configuration page for those that are developed as open source projects. Added support for non-interactive publish to Confluence wiki insecurity-policy-builder.
.png)