Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
JupiterOne 2021.62 Release - AskJ1 Community
<main> <article class="userContent"> <p>2021-01-13</p> <p><em>Our first sprint in 2021!</em></p> <h2 data-id="new-features">New Features</h2> <ul><li><p>New <strong>optional relationship traversal</strong> feature added to J1QL!</p> <p>Here's an example showing the syntax with the optional relationship wrapped in<br><code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">()?</code>:</p> <pre class="code codeBlock" spellcheck="false" tabindex="0">Find User (that assigned AccessRole)? that assigned AccessPolicy that allows as permission * where permission.admin=true return TREE </pre> <p>The example above searches for Users that are directly assigned an<br> AccessPolicy granting admin permissions to certain resources, or via an<br> AccessRole assigned to the User.</p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">Note that this is a beta feature and the syntax for describing optional<br> traversals may change in the future to help improve clarity.</p> <p class="blockquote-line">For full documentation, please see the <strong>Optional traversals</strong> section in the<br><a rel="nofollow" href="../docs/jupiterOne-query-language.md">JupiterOne Query Language doc</a>.</p> </div></blockquote> <ul><li><p>Another significant query performance improvement for all types of queries<br> (including aggregate queries, queries with negations, and optional<br> traversals).</p></li> <li><p>Added <em>Cursor</em> support for J1QL queries via the API.</p> <p>See details in the <strong>Querying the graph with J1QL</strong> section of the <br><a rel="nofollow" href="../docs/jupiterone-api.md">Platform API Doc</a>.</p></li> <li><p><strong>Visual Query Builder</strong> now supports</p> <ul><li><strong>Aggregate</strong> returns (i.e. <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">COUNT</code>, <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">SUM</code>, <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">MAX</code>, <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">MIN</code>, <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">AVG</code> functions)</li> <li><strong>Grouping</strong> returns by an attribute value</li> <li>Allowing filter values to be selected as <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">undefined</code></li> </ul></li> <li><p>Added the ability to <strong>assign compliance review owners at the standard level</strong>.</p> <p>Also in Compliance Review editing, the user assignment dropdown shown in the<br> modal now shows names, avatars, and emails to more easily identify user<br> accounts.</p></li> <li><p>Added <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">resultsAre</code> field to J1QL questions. This field will be used for<br> questions mapped to compliance requirements to perform gap analysis, instead<br> of using the <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">name</code> of each query as the key. This allows each query in a<br> question to have a more descriptive name.</p> <p><em>Here's a screenshot of the edit question modal:</em></p> <p><img src="https://us.v-cdn.net/6035534/uploads/RDR5F6DYQ6Q2/query-question-edit-name-results.png" alt="edit-question" class="embedImage-img importedEmbed-img"></img></p> <p><em>See tabs with names in the screenshot below:</em></p> <p><img src="https://us.v-cdn.net/6035534/uploads/TRFN9G4SI7X1/query-question-result-named-tabs.png" alt="question-tabs" class="embedImage-img importedEmbed-img"></img></p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">Note: this change is backwards compatible to any existing question with queries<br> named <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">good</code>, <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">bad</code>, or <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">unknown</code>. These questions/queries will continue to<br> work for compliance gap analysis. Pre-packaged questions have been updated with<br><code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">resultsAre</code> field and more descriptive query names.</p> <p class="blockquote-line">See <a rel="nofollow" href="../guides/compliance/compliance-gap-analysis.md">this doc</a> for details<br> on how the compliance gap analysis is calculated.</p> </div></blockquote> <ul><li><p>Added quick toggles for boolean properties in the entity property panel.</p> <p><img src="https://us.v-cdn.net/6035534/uploads/1MEIKPM9T5N9/entity-property-toggles.png" alt="entity-toggles" class="embedImage-img importedEmbed-img"></img></p></li> </ul><h2 data-id="integrations">Integrations</h2> <h3 data-id="azure">Azure</h3> <ul><li>Diagnostic Settings entities and relationships for Network Security Groups</li> <li>Diagnostic Settings entities and relationships for Activity Logs (Azure Subscription)</li> <li>Improved Azure API error handling to better report failures to users</li> </ul><h3 data-id="google-cloud">Google Cloud</h3> <ul><li>Improved Google API error handling to better report failures to users</li> </ul><h3 data-id="google-workspaces">Google Workspaces</h3> <ul><li>Improved Google API error handling to better report failures to users</li> </ul><h3 data-id="malwarebytes">Malwarebytes</h3> <ul><li><p>Initial release of Malwarebytes integration (beta)! 🎉</p> <p>Check out the <a rel="nofollow" href="https://github.com/JupiterOne/graph-malwarebytes/blob/master/docs/jupiterone.md">docs</a> <br> for details on what's currently supported.</p></li> </ul><h3 data-id="qualys">Qualys</h3> <ul><li>Duplicate values in Finding.targets are removed</li> <li>Fixed memory leak impacting long running instances</li> <li>Advanced the mock Qualys server to facilitate load testing</li> <li>Handling invalid <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">DETECTION.QID</code> values such as <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">'{"#text":"o��t�","��\u001dX�Ď��,</QID'</code></li> <li>Fixed bug in detecting concurrency limit exceeded Qualys API response</li> <li>Fixed bug in concurrency calculation that allowed too many active requests</li> <li>Disabled the <code class="code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline code codeInline" spellcheck="false" tabindex="0">RESULTS</code> field from the Qualys host detections response to save time and memory (data was unused)</li> </ul><h3 data-id="rapid7">Rapid7</h3> <ul><li>Drastically improved developer environment setup for Rapid7 Nexpose Security Console</li> </ul><h2 data-id="community-projects">Community Projects</h2> <ul><li><p>Created a new repository of <strong>Insights dashboard templates</strong>. Check them out at:</p> <p><a rel="nofollow" href="https://github.com/JupiterOne/insights-dashboards">https://github.com/JupiterOne/insights-dashboards</a></p> <p>PRs for Swags!</p></li> </ul><h2 data-id="other-improvements-and-bug-fixes">Other Improvements and Bug Fixes</h2> <ul><li><p>Asset inventory now has a max width for columns so long text items don’t make a row extra long</p></li> <li><p>Experimental Auto Mapping button for a compliance standard has been removed --<br> we plan to bring this feature back in the near future</p></li> <li><p>Fixed an issue that may cause the Compliance app to trigger an infinite load screen</p></li> <li><p>Fixed an issue where a user could not update the audit tracking field for a compliance item via the UI</p></li> <li><p>Fixed an issue where the graph view would refresh if an entity was moved</p></li> <li><p>Added sorting to the rule table in the alerts app</p></li> <li><p>Compliance reviews can now be fully deleted</p></li> <li><p>Fixed an issue with resizing the window while viewing a compliance standard</p></li> <li><p>Increase performance with loading compliance settings menu</p></li> </ul> </article> </main>