Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
JupiterOne 2020.46 Release - AskJ1 Community
<main> <article class="userContent"> <p>2020-06-02</p> <h2 data-id="new-features">New Features</h2> <ul><li>Support <strong>bulk add entities or relationships</strong> by uploading a <strong>JSON or YAML</strong><br> file from the Asset Inventory app. Read <a rel="nofollow" href="../guides/bulk-upload.md">instructions here</a>.</li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">Bulk upload is also supported via [API][2].</p> </div></blockquote> <ul><li><p>New features in the <strong>Graph View</strong>:</p> <ul><li><p><strong>Highlights a selected entity node and its connections</strong> (related entities)<br> while unrelated ones are faded out to improve focus and visual contrast.</p></li> <li><p><strong>Entity property drawer for grouped entities</strong> will show a listing of items<br> in the group.</p></li> </ul></li> <li><p>Added support to <strong>delete</strong> a policy or procedure in the <strong>Policies</strong> app.<br> Also added support to <strong>re-arrange</strong> the order of policies and procedures in<br> the UI.</p></li> <li><p>New improved <strong>timeline view for alerts</strong>.</p> <p>Also, sorting by <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">severity</code> in the <strong>Alerts</strong> view now sorts based on its<br> numeric value instead of string value.</p></li> <li><p>Added support to <strong>track vulnerability finding exceptions</strong>. Admin users can<br> mark a vulnerability finding as an "exception", and provide an exception<br> reason.</p></li> <li><p>Added support for <strong>"one-to-many" mapping of uploaded compliance evidence</strong> --<br> users can select a previously uploaded evidence file to map to a compliance<br> requirement instead of uploading it again.</p></li> </ul><h2 data-id="integrations">Integrations</h2> <h3 data-id="initial-release-of-4-new-integrations-beta">Initial release of 4 new integrations (beta)</h3> <ul><li><a rel="nofollow" href="../docs/integrations/bugcrowd/graph-bugcrowd.md"><strong>Bugcrowd</strong></a></li> <li><a rel="nofollow" href="../docs/integrations/detectify/graph-detectify.md"><strong>Detectify</strong></a></li> <li><a rel="nofollow" href="../docs/integrations/nowsecure/graph-nowsecure.md"><strong>NowSecure</strong></a></li> <li><a rel="nofollow" href="../docs/integrations/snipe-it/index.md"><strong>Snipe-IT</strong></a></li> </ul><h3 data-id="updates-to-aws-azure-and-other-existing-integrations">Updates to AWS, Azure, and other existing integrations</h3> <ul><li><strong>[AWS]</strong>: Analyze S3 bucket policy to determine <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">secureTransport</code> status; and<br> added support to obtain <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">bucketSizeBytes</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">numberOfObjects</code> for S3 buckets<br> via CloudWatch metrics.</li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">The latter requires <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">cloudwatch:GetMetricData</code> permission to be added to<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">JupiterOneSecurityAudit</code> IAM policy.</p> </div></blockquote> <ul><li><strong>[Carbon Black]</strong>: Normalize the format of <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">macAddress</code> to all lower case and<br> separated with <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">:</code> every two characters.</li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">This allows for more consistent mapping of host agents/sensors to devices<br> based on the MAC address.</p> </div></blockquote> <ul><li><p><strong>[Cisco AMP]</strong>: Map relationships from endpoint agents to endpoint devices<br> based on hostname or MAC address.</p></li> <li><p><strong>[Cisco Meraki]</strong>: Map discovered network clients (endpoints) to Host/Device<br> entities.</p></li> <li><p><strong>[Jamf]</strong>:</p> <ul><li>Normalize Serial Number (<code class="code codeInline code codeInline" spellcheck="false" tabindex="0">serial</code>), MAC address (<code class="code codeInline code codeInline" spellcheck="false" tabindex="0">macAddress</code>) properties.</li> <li><p>Normalize timestamp properties: <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">createdOn</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">enrolledOn</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">lastSeenOn</code>,<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">lastReportedOn</code>.</p></li> <li><p>Capture OS details: <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">platform</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">osName</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">osVersion</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">osBuild</code>.</p></li> </ul></li> </ul><h2 data-id="improvements-and-bug-fixes">Improvements and Bug Fixes</h2> <ul><li><p>Lots of behind-the-scenes improvements to the integration pipeline.</p></li> <li><p>Various UI updates including new icons for entities.</p></li> <li><p>Improved node grouping consistency in the graph viewer.</p></li> <li><p>Improved error handling in policies app.</p></li> <li><p>Fixed a bug where the <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">config.json</code> file in downloaded policies zip package<br> contains default <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">provider</code> for a procedure, if the procedure's <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">provider</code><br> value was deleted via the UI.</p></li> <li><p>Improved the UI for adding and updating a policy/procedure document.</p></li> <li><p>Fixed an issue with the font size of entity property tabs being too large on<br> certain browsers and screen resolutions.</p></li> <li><p>Fixed a bug where certain array items were displayed as a single concatenated<br> string instead of comma separated values in the Asset Inventory table.</p></li> </ul><h2 data-id="community-projects">Community Projects</h2> <ul><li><p>Added <strong>GitHub repo web links</strong> to integration configuration page for those<br> that are developed as open source projects.</p></li> <li><p>Added support for <strong>non-interactive publish to Confluence wiki</strong> in<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">security-policy-builder</code>.</p></li> </ul> </article> </main>