Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
JupiterOne 22 April 2022 Release - AskJ1 Community
<main> <article class="userContent"> <h2 data-id="april-22-2022">April 22, 2022</h2> <h2 data-id="new-features-and-improvements">New Features and Improvements</h2> <ul><li>In Compliance, related Policies are now shown at the requirement level, making it easy to identified which procedures relate to individual requirements without having to look at each linked control.</li> <li>The ability to delete multiple controls at once (bulk delete) is supported in Compliance.</li> <li>When creating an Alert rule directly from a query, the action takes you directly to Alerts, rather than opening a pop-up. This update improves load time and performance.</li> <li>Clicking to open Total Alerts from the dashboard widget automatically opens the Alerts page sorted by criticality.</li> <li>You will now see all organizations associated with your email address under your username in JupiterOne. This facilitates easy switching between multiple organization accounts. When switching to a different account you may need to reauthenticate if a different login mechanism is required. For example, if you logged in with SSO but switch to an account which requires username and password, you will need to login with the correct username and password to access this account.</li> </ul><h2 data-id="integrations">Integrations</h2> <h3 data-id="carbon-black-cloud">Carbon Black Cloud</h3> <ul><li>Added weblinks to Device Sensors and Alert Findings entities</li> <li>Added support for instances of the product that don't require a site value in the URL. Additional details on the <a rel="nofollow" href="https://developer.carbonblack.com/reference/carbon-black-cloud/authentication/#building-your-base-urls">Carbon Black Developer Site</a></li> </ul><h3 data-id="cisco-meraki">Cisco Meraki</h3> <ul><li>Fixed an issue related to retrieving <code class="code codeInline" spellcheck="false" tabindex="0">vlans</code> that occured when the integration attempted to retrieve <code class="code codeInline" spellcheck="false" tabindex="0">vlans</code> on an account that didn't have <code class="code codeInline" spellcheck="false" tabindex="0">vlans</code> enabled.</li> </ul><h3 data-id="cisco-secure-endpoint-formerly-amp">Cisco Secure Endpoint (formerly AMP)</h3> <ul><li>Existing integration renamed from AMP to Cisco Secure Endpoint based on name change by Cisco</li> <li>Added new entities</li> </ul><table><thead><tr><th>Resources</th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> </tr></thead><tbody><tr><td>Finding</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">cisco_amp_finding</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Finding</code></td> </tr><tr><td>Vulnerability</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">cve</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Vulnerability</code></td> </tr></tbody></table><ul><li>Added new relationships</li> </ul><table><thead><tr><th>Source Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Relationship <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> <th>Target Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">cisco_amp_endpoint</code></td> <td><strong>IDENTIFIED</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">cisco_amp_finding</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">cisco_amp_finding</code></td> <td><strong>IS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">cve</code></td> </tr></tbody></table><h3 data-id="crowdstrike">CrowdStrike</h3> <ul><li><p>Added a new entity<br></p><table><thead><tr><th>Resources</th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> </tr></thead><tbody><tr><td>Vulnerability</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Finding</code></td> </tr></tbody></table></li> <li><p>Added a new relationship<br> | Source Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code> | Relationship <code class="code codeInline" spellcheck="false" tabindex="0">_class</code> | Target Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <strong>EXPLOITS</strong> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_sensor</code> |</p></li> </ul><h3 data-id="github">GitHub</h3> <ul><li>Ongoing improvements to improve error handling, how pagination is handled, and rate limits are managed.</li> </ul><h3 data-id="gitlab">Gitlab</h3> <ul><li>Improvements to how the integration handles rate limits and retries.</li> </ul><h3 data-id="google-cloud">Google Cloud</h3> <ul><li>Fixed an issue so that the correct value for <code class="code codeInline" spellcheck="false" tabindex="0">blockProjectSSHKeys</code> is ingested.</li> <li>Improved how the integration handles accounts when app engine services aren't present in an account.</li> </ul><h3 data-id="google-workspaces">Google Workspaces</h3> <ul><li>Improved error handling and messaging so that ingestion jobs can complete when some data is not available due to lack of permissions.</li> </ul><h3 data-id="hexnode">Hexnode</h3> <ul><li>Released the initial Hexnode integration.</li> <li>Creates the following entities</li> </ul><table><thead><tr><th>Resources</th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> </tr></thead><tbody><tr><td>Account</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_account</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Account</code></td> </tr><tr><td>Device</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_device</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Device</code></td> </tr><tr><td>Device Group</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_device_group</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Group</code></td> </tr><tr><td>User</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_user</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">User</code></td> </tr><tr><td>User Group</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_user_group</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Group</code></td> </tr></tbody></table><ul><li>Creates the following relationships</li> </ul><table><thead><tr><th>Source Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Relationship <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> <th>Target Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_account</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_device</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_account</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_device_group</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_account</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_user</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_account</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_user_group</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_device_group</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_device</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_user_group</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_user</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_user</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">hexnode_device</code></td> </tr></tbody></table><h3 data-id="jamf">Jamf</h3> <ul><li>Added <code class="code codeInline" spellcheck="false" tabindex="0">deviceId</code> property to <code class="code codeInline" spellcheck="false" tabindex="0">user_endpoint</code> and <code class="code codeInline" spellcheck="false" tabindex="0">mobile_device</code> entities</li> <li>Allows SentinelOne host agents to create a mapped <code class="code codeInline" spellcheck="false" tabindex="0">PROTECTS</code> relationship with these if the Jamf <code class="code codeInline" spellcheck="false" tabindex="0">user_endpoint</code> and <code class="code codeInline" spellcheck="false" tabindex="0">mobile_device</code> entities if the <code class="code codeInline" spellcheck="false" tabindex="0">deviceId</code> matches</li> </ul><h3 data-id="jira">Jira</h3> <ul><li>A new feature was introduced that will truncate the <code class="code codeInline" spellcheck="false" tabindex="0">_rawData</code> if it to large to process and store in JupiterOne</li> <li>Resumed ingesting the <code class="code codeInline" spellcheck="false" tabindex="0">_rawData</code> property for the <code class="code codeInline" spellcheck="false" tabindex="0">jira_issue</code> entity</li> </ul><h3 data-id="microsoft-365">Microsoft 365</h3> <ul><li>Added <code class="code codeInline" spellcheck="false" tabindex="0">deviceID</code> property to <code class="code codeInline" spellcheck="false" tabindex="0">Device</code> so that it will conform to the <a rel="nofollow" href="https://github.com/JupiterOne/data-model">JupiterOne Data Model</a>. Property is set to <code class="code codeInline" spellcheck="false" tabindex="0">null</code>.</li> <li>Added <code class="code codeInline" spellcheck="false" tabindex="0">sizeInByte</code> and <code class="code codeInline" spellcheck="false" tabindex="0">version</code> to the <code class="code codeInline" spellcheck="false" tabindex="0">intune_managed_application</code> entity</li> </ul><h3 data-id="qualys">Qualys</h3> <ul><li>Improvements to prevent duplicate key errors.</li> <li>Improved rate limit handling</li> </ul><h3 data-id="slack">Slack</h3> <ul><li>Fixed an issue that sometimes caused the <code class="code codeInline" spellcheck="false" tabindex="0">mfaEnabled</code> property on <code class="code codeInline" spellcheck="false" tabindex="0">slack_user</code> to not be set correctly.</li> </ul><h3 data-id="tenable-io">Tenable.io</h3> <ul><li>Fixed an issue where datetime properties for <code class="code codeInline" spellcheck="false" tabindex="0">tenable_asset</code>s were strings instead of number.</li> </ul><h2 data-id="bug-fixes">Bug Fixes</h2> <ul><li>Fixed a bug where Visual Query Builder return error messages when building a query.</li> <li>Resolved an issue where certain Compliance frameworks were not evaluted on a daily basis.</li> <li>Fixed several small bugs related to the Graph Viewer and button size rendering in different browsers.</li> <li>Resolved an problem with opening compliance gaps queries from Compliance in Search.</li> <li>Fixed an issue where audit events where not correctly populating in the UI and API.</li> </ul> </article> </main>