Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
JupiterOne 2021.67 Release - AskJ1 Community
<main> <article class="userContent"> <p>2021-03-24</p> <p>π£ We have made <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Record</code> entities non-billable! This includes things like DNS records,<br> Jira issues, etc. For more details, check out the <a rel="nofollow" href="../faqs/faqs-account-billing.md">billing FAQ</a>.</p> <h2 data-id="new-features">New Features</h2> <ul><li><p>During new account creation/onboarding, allow users to request access to a<br> playground account to play with sample data.</p></li> <li><p>Added <strong>Considerations</strong> to provide better guidance when editing a policy procedure.</p></li> <li><p>Automate the following related actions upon the creation of the first cloud<br> infrastructure integration (AWS/Azure/Google Cloud):</p> <ul><li>Trigger the integration to run for the first time</li> <li>Import alert rules related to the integration</li> <li>Import the corresponding CIS benchmark to the Compliance app</li> <li>Trigger the evaluation of all alert rules and benchmark</li> <li>Add the account owner to the daily digest email</li> <li>Display a modal that indicates these actions and progress</li> </ul></li> </ul><h2 data-id="integrations">Integrations</h2> <h3 data-id="atspoke">atSpoke</h3> <ul><li>Requests are now ingested since the last execution time, or up to 14 days in<br> the past, whichever is less. This removes the ability to configure the number<br> of requests to ingest, focusing instead on simply ensuring that recent Requests<br> are continuously ingested.<br> β</li> </ul><h3 data-id="azure">Azure</h3> <ul><li><p>Added support for ingesting the following <strong>new</strong> resources:</p> <ul><li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_location</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_network_watcher</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_security_group_flow_logs</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_sql_server_firewall_rule</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_location</code> <strong>HAS</strong> <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_network_watcher</code><br> β</li> </ul></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">encryption</code> to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_managed_disk</code>.<br> β</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">usesManagedDisks</code> to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_vm</code>.<br> β</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">queueAnalyticsLoggingReadEnabled</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">queueAnalyticsLoggingWriteEnabled</code>,<br> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">queueAnalyticsLoggingDeleteEnabled</code> to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_storage_account</code>.<br> β</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">blobAnalyticsLoggingReadEnabled</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">blobAnalyticsLoggingWriteEnabled</code>,<br> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">blobAnalyticsLoggingDeleteEnabled</code> to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_storage_account</code>.<br> β</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">blobSoftDeleteEnabled</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">blobSoftDeleteRetentionDays</code> to<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_storage_account</code><br> β</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">networkRuleSetDefaultAction</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">networkRuleSetBypass</code> properties to<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">azure_storage_account</code>.</p></li> <li><p>Fixed broken relationships between VM and disk entities. Previously, some<br> relationships between VM and disk did not match case-sensitive, and created<br> unresolvable relationships. Relationships will now be created based on<br> case-insensitive matching of VM and disk IDs.<br> β</p></li> </ul><h3 data-id="azure-devops">Azure DevOps</h3> <ul><li><p>Initial release of Azure DevOps integration (beta) π</p> <p>Check out the<br><a rel="nofollow" href="../docs/integrations/azure-devopsgraph-azure-devops.md">docs</a><br> for details on what's currently supported.<br> β</p></li> </ul><h3 data-id="bitbucket">Bitbucket</h3> <ul><li>Fixed an authentication error creating an access token at<br><a href="https://bitbucket.org/site/oauth2/access_token" rel="nofollow">https://bitbucket.org/site/oauth2/access_token</a> now throws<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">IntegrationInstanceAuthenticationError</code> so that users no longer see<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Unexpected error occurred executing integration!</code>.</li> </ul><h3 data-id="google-cloud">Google Cloud</h3> <p>Added support for ingesting the following <strong>new</strong> resources:</p> <ul><li><p>Compute</p> <ul><li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_compute_instance_group_named_port</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_compute_instance_group</code> <strong>HAS</strong> <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_compute_instance_group_named_port</code><br> β</li> </ul></li> <li><p>Pub/Sub</p> <ul><li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_pubsub_topic</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_pubsub_subscription</code><br> β</li> </ul></li> <li><p>App Engine Admin</p> <ul><li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_app_engine_application</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_app_engine_service</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_app_engine_version</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_app_engine_instance</code><br> β</li> </ul></li> <li><p>Cloud Run</p> <ul><li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_cloud_run_service</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_cloud_run_configuration</code></li> <li><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_cloud_run_route</code><br> β</li> </ul></li> </ul><p>Additionally:</p> <ul><li><p>Added a <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">tag.</code> property to every entity for each label in the Google Cloud<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">labels</code> property.</p> <p>For example, if a <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">google_storage_bucket</code> has a <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">labels</code> property with the<br> values:</p> <p>```json<br> "labels": {<br> "myLabel": "myLabelVal",<br> "myOtherLabel": "myOtherLabelValue"<br> }</p> <pre class="code codeBlock" spellcheck="false" tabindex="0">β The following individual tags will be copied onto the entity: `tag.myLabel`, `tag.myOtherLabel`. β </pre></li> </ul><h3 data-id="jamf">Jamf</h3> <ul><li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">name</code> property to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">device_user</code><br> β</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">version</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">path</code> properties to the <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">INSTALLED</code> relationship between<br> a <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">computer</code> and a <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">macos_app</code>. This captures the version and path of an<br> application installed on a specific computer and allows users to query that<br> information as needed.<br> β</p></li> <li><p>Fixed failure to retry failed Jamf API requests.<br> β</p></li> <li><p>Fixed failure to ingest entities that contained raw data exceeding the<br> system's allowed upload size. Unfortunately, this required the removal of raw<br> data from some entities.<br> β</p></li> </ul><h3 data-id="microsoft-365-intune">Microsoft 365 - Intune</h3> <ul><li><p>Added support for ingesting a number of <strong>Intune</strong> resources.</p> <p>Please review the <a rel="nofollow" href="../docs/integrations/microsoft365/index.md">updated documentation</a><br> to learn more. Intune data is ingested only when the Microsoft 365 account has Intune<br> configured. β</p></li> </ul><h3 data-id="pagerduty">PagerDuty</h3> <ul><li><p>Migrated to latest integration SDK for improved error handling and reporting.<br> β</p></li> <li><p><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">User - ONCALL -> Service</code> relationship has been changed to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">User - MONITORS -> Service</code>.</p></li> </ul><blockquote class="UserQuote blockquote"><div class="QuoteText blockquote-content"> <p class="blockquote-line">Relationships are best expressed as verbs, and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">MONITORS</code> is the preferred<br> verb in this type of relationship.<br> β</p> </div></blockquote> <ul><li><p>Added the following properties to the <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">User</code> entity:</p> <p><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">id</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">type</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">email</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">role</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">jobTitle</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">timeZone</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">billed</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">description</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">invitationSent</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">webLink</code><br> β</p></li> </ul><h3 data-id="qualys">Qualys</h3> <ul><li><p>Host <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Finding.targets</code> has been adjusted to include only<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">[detection.HOST.IP, assetHost.fqdn, assetHost.ec2InstanceArn]</code>.</p> <p>At this time, only <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">fqdn</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">ec2InstanceArn</code> will be used for mapping to the<br><code class="code codeInline code codeInline" spellcheck="false" tabindex="0">Host</code> entity. This change reflects the two values that are actually used to<br> resolve the relationship, significantly reducing the time spent looking for<br> entities to map based on the global mapping rule.</p></li> </ul><h3 data-id="slack">Slack</h3> <ul><li>Add <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">emailDomain</code> property to <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">slack_user</code></li> </ul><h2 data-id="improvements-and-bug-fixes">Improvements and Bug Fixes</h2> <p>Resolved the following production issues:</p> <ul><li><p>Broken link to Terms & Conditions in emails</p></li> <li><p>Errors when creating a new account</p></li> <li><p>A few customers erroneously lost access to the <strong>RBAC</strong> feature</p></li> <li><p>Question Trend Charts were erroneously disabled</p></li> <li><p>Controls and policy procedures were not mapped correctly to a compliance item</p></li> <li><p>Compliance evidence library does not persist selections properly</p></li> <li><p>Uploading evidence to a compliance requirement may cause unexpected behavior</p></li> <li><p>Some users were unable to remove an item from the Evidence library in Compliance</p></li> <li><p>Some users were unable to remove a mapped question from a compliance item</p></li> <li><p>Minor text changes on the Products page</p></li> <li><p>Where <strong>Question Query Results</strong> would have the incorrect vertical sizing</p></li> <li><p>Fixed an item related to user input on Policy & Procedure metadata</p></li> <li><p>Where the boolean toggles were visible when viewing historical data</p></li> <li><p>Low contrast text/UI elements on the Invitations page in the Account Settings view</p></li> </ul><p>Other Improvements:</p> <ul><li><p>Any time setup instructions are available for an integration definition, they will now be shown by default</p></li> <li><p>After <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">_class</code>, <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">_type</code> and <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">_displayName</code>, query results will now show attributes alphabetically</p></li> <li><p>Updated the search bar on the landing page so that clicking the padding of the bar will now focus the search input as well</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">X</code> button to exit the "Create/Edit question" modal in the Landing app</p></li> <li><p>Added <code class="code codeInline code codeInline" spellcheck="false" tabindex="0">X</code> button to exit the "Map an existing question" modal in the Compliance app</p></li> </ul> </article> </main>