November 5, 2021
New Features and Improvements
Assets in the Graph Viewer that have a problem associated with them now have
a visual indication and details of the problem in the properties side panel. 
The Center for Internet Security (CIS) Controls Version 8 is now available as
a standard in the Compliance app with the mapped controls to the default
procedures within the Policies app.
You can now set a default layout for the Insights Graph Viewer widget: select either
mesh, horizontal tree, or vertical tree layout.
You can now upload screenshots, videos, or other files in Resources > Report an issue.
Integrations
You can now schedule integration job runs for a specific hour of the day or day of
the week, depending on your customized polling configuration. This feature prevents
J1 from consuming resources around mission-critical activities. Set the optional
parameter, pollingIntervalCronExpression
, using the JupiterOne platform API to
use this capability.
Note: This functionality is not supported in the UI.
AWS
J1 is no longer adding aws_lambda_function.codeLocation
to assets as it does not
provide any security insight value and only introduces a potential vulnerability and
unnecessary versioning.
J1 is removing any AWS secret access keys from properties that are setting them when
the integration runs. Current values are now overwritten with the latest values and
"REDACTED" appears in the place of the keys.
Azure
- Added support for ingesting the following new resources:
Resources |
Entity _type |
Entity _class |
---|
Azure Kubernetes Cluster |
azure_kubernetes_cluster |
Cluster |
Resource Lock |
azure_resource_lock |
Rule |
Key Vault Key |
azure_keyvault_key |
Key |
Key Vault Secret |
azure_keyvault_secret |
Secret |
- Added support for ingesting the following new relationships:
Source Entity _type |
Relationship _class |
Target Entity _type |
---|
azure_resource_group |
HAS |
azure_kubernetes_cluster |
azure_resource_lock |
HAS |
ANY_SCOPE |
- Added new properties to resources:
Entity |
Properties |
---|
azure_keyvault_service |
enableSoftDelete , enablePurgeProtection |
azure_storage_account |
tableAnalyticsLoggingReadEnabled , tableAnalyticsLoggingWriteEnabled , tableAnalyticsLoggingDeleteEnabled |
- New questions added to the Questions Library:
Are all critical resources protected by resource locks?
Are all Key Vaults recoverable?
Is RBAC enabled on all Azure Kubernetes Services Instances?
GitHub
- When a JupiterOne GitHub application installation does not have permission to
fetch two-factor authentication information for github_user
s, the github_user
mfaEnabled
property is now assigned undefined
instead of false
.
Knowbe4
- Added support for ingesting the following new resources:
Resources |
Entity _type |
Entity _class |
---|
KnowBe4 Phishing Campaign |
knowbe4_phishing_campaign |
Training |
KnowBe4 Phishing Security Test |
knowbe4_phishing_security_test |
Assessment |
- Added support for ingesting the following new relationships:
Source Entity _type |
Relationship _class |
Target Entity _type |
---|
knowbe4_account |
HAS |
knowbe4_phishing_campaign |
knowbe4_account |
HAS |
training_campaign |
knowbe4_phishing_campaign |
CONTAINS |
knowbe4_phishing_security_test |
Kubernetes
- Added support for ingesting the following new resources:
Resources |
Entity _type |
Entity _class |
---|
Kubernetes Cluster |
kube_cluster |
Cluster |
KnowBe4 Phishing Security Test |
knowbe4_phishing_security_test |
Assessment |
Kubernetes Container Spec |
kube_container_spec |
Configuration |
Kubernetes Pod Security Policy (PSP) |
kube_pod_security_policy |
Configuration |
Kubernetes Network Policy |
kube_network_policy |
Configuration |
- Added support for ingesting the following new relationships:
Source Entity _type |
Relationship _class |
Target Entity _type |
---|
kube_cluster |
CONTAINS |
kube_namespace |
kube_deployment |
USES |
kube_container_spec |
kube_cluster |
CONTAINS |
kube_pod_security_policy |
kube_namespace |
CONTAINS |
kube_network_policy |
- New questions added to the Questions Library:
Which Kubernetes container specs admit containers to run in privileged mode?
Which Kubernetes containers are permitted to run as the root user?
Which Kubernetes Pod Security Policies (PSP) admit privileged containers?
Which Kubernetes Pod Security Policies (PSP) admit containers to share the host process ID namespace?
Which Kubernetes Pod Security Policies (PSP) admit containers to share the host IPC namespace?
Which Kubernetes Pod Security Policies (PSP) admit containers to share the host network namespace?
Which Kubernetes Pod Security Policies (PSP) admit containers to escalate privileges?
Which Kubernetes Pod Security Policies (PSP) admit containers with the NET_RAW capability?
Which Kubernetes Pod Security Policies (PSP) admit containers with the added capabilities?
Which Kubernetes namespaces do not have network policies defined?
Qualys
You can now enable or disable Qualys web application scan ingestion based on the integration configuration.
Toggle the new Ingest Web App Scans integration configuration option from the JupiterOne Qualys integration configuration page.
JupiterOne now fetches Qualys findings (qualys_host_finding
) with the Fixed status.
The status filter for host detections is changed to explicitly request and ingest any 'New', 'Fixed', 'Active',
and 'Re-Opened' statuses. By default, 'Fixed' detections are not returned from Qualys unless explicitly specified.
This feature allows you to view the graph detections that are 'Fixed' and to track the changes to detections of any status.