Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
JupiterOne 25 August 2022 Release - AskJ1 Community
<main> <article class="userContent"> <h2 data-id="new-features-and-improvements">New Features and Improvements</h2> <ul><li>Favorite Insights dashboards, allowing you to easily find the dashboards that are important to you.</li> <li>Navigate the J1 graph using the built-in zoom functionality, using the buttons on the graph.</li> <li>Advanced search for J1 Assets: When searching within J1 Assets, you can now use two methods to accomplish the same outcome - <code class="code codeInline" spellcheck="false" tabindex="0">Basic</code> or <code class="code codeInline" spellcheck="false" tabindex="0">J1QL</code>. <code class="code codeInline" spellcheck="false" tabindex="0">Basic</code> search uses the filters to search for assets, which is now powered by J1QL. For advanced users of JupiterOne, you can find assets by writing a query.</li> <li><p>You can now search using special variables to find context for a current user within JupiterOne. The special variables are used in place of variables (<code class="code codeInline" spellcheck="false" tabindex="0">${value here}</code>) in Search, Search Anywhere, and Insights. New variables add:</p> <p><code class="code codeInline" spellcheck="false" tabindex="0">me.email</code><br><code class="code codeInline" spellcheck="false" tabindex="0">me.givenName</code><br><code class="code codeInline" spellcheck="false" tabindex="0">me.familyName</code><br><code class="code codeInline" spellcheck="false" tabindex="0">me.name</code></p></li> </ul><h2 data-id="integrations">Integrations</h2> <h3 data-id="aws">AWS</h3> <p>New entity added:<br></p><table><thead><tr><th>Service</th> <th>Resource / Entity</th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">CodeCommit</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">aws_codecommit_repository</code></td> </tr></tbody></table><p>New relationship added:<br></p><table><thead><tr><th>Source</th> <th>_class</th> <th>Target</th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">aws_codepipeline</code></td> <td>HAS</td> <td>aws_codepipeline_pipeline</td> </tr></tbody></table><h3 data-id="azure">Azure</h3> <ul><li>Added tags to <code class="code codeInline" spellcheck="false" tabindex="0">azure_storage_container</code> entity</li> <li>Improved error messaging to prevent erroneous error entries from being reported in the DNS Zone steps</li> </ul><h3 data-id="crowdstrike">CrowdStrike</h3> <p>This update will change some of the default behaviors of the integration:<br> - By default, J1 ingests vulnerabilities with a severity of <code class="code codeInline" spellcheck="false" tabindex="0">Critical</code>, <code class="code codeInline" spellcheck="false" tabindex="0">High</code>, <code class="code codeInline" spellcheck="false" tabindex="0">Medium</code>, and <code class="code codeInline" spellcheck="false" tabindex="0">Unknown</code><br> - By default, J1 does not ingest vulnerabilities with a status of <code class="code codeInline" spellcheck="false" tabindex="0">Closed</code>, or a severity of <code class="code codeInline" spellcheck="false" tabindex="0">Low</code> or <code class="code codeInline" spellcheck="false" tabindex="0">None</code><br> - There is a configuration option to include <code class="code codeInline" spellcheck="false" tabindex="0">Closed</code>, <code class="code codeInline" spellcheck="false" tabindex="0">Low</code>, or <code class="code codeInline" spellcheck="false" tabindex="0">None</code> , if required.<br> - J1 is also adding the following properties:<br> | Entity | Property |<br> | --------------------------- | ---------------- |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">description</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">exploitability</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">impact</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">open</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">public</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">publishedOn</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">references</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">severity</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">score</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">vector</code> |<br> | <code class="code codeInline" spellcheck="false" tabindex="0">crowdstrike_vulnerability</code> | <code class="code codeInline" spellcheck="false" tabindex="0">weblink</code> |</p> <h3 data-id="datadog">Datadog</h3> <p>Added optional configuration field <code class="code codeInline" spellcheck="false" tabindex="0">DATADOG_ORG_PUBLIC_ID</code>, allowing you to enter the public ID of your organization, resulting in the integration being able to fetch details about it. If not provided, a default account entity is created instead.</p> <h3 data-id="jupiterone-integration">JupiterOne Integration</h3> <p>The JupiterOne integration adds data from JupiterOne into your graph so that it can be queried, used to create alerts, among other things.</p> <ul><li>Added a <code class="code codeInline" spellcheck="false" tabindex="0">status</code> property to the <code class="code codeInline" spellcheck="false" tabindex="0">jupiterone_integration</code> entity so you can query for <code class="code codeInline" spellcheck="false" tabindex="0">COMPLETED</code> or <code class="code codeInline" spellcheck="false" tabindex="0">FAILED</code> integration jobs.</li> <li>Added an <code class="code codeInline" spellcheck="false" tabindex="0">integrationType</code> property to the <code class="code codeInline" spellcheck="false" tabindex="0">jupiterone_integration</code> entity.</li> <li>Updated the <code class="code codeInline" spellcheck="false" tabindex="0">displayName</code> property so it is more human-readable. This property correlates to the name entered in the configuration page when the job is created.</li> </ul><h3 data-id="github">GitHub</h3> <p>Added a configuration option to adjust the max limit of pull requests. Default is 500 per repo. The default can be overriden by updating this option.</p> <h3 data-id="google-cloud">Google Cloud</h3> <ul><li>Added support for additional Google Cloud compute regions.</li> <li>Improvements to the code to reduce the number of API calls to <code class="code codeInline" spellcheck="false" tabindex="0">serviceusage.googleapis.com</code> and the KMS project location API.</li> </ul><h3 data-id="microsoft-365">Microsoft 365</h3> <ul><li>Added an option to enable raw data ingestion for managed devices.</li> <li><p>New relationship added:</p> <table><thead><tr><th>Source</th> <th>_class</th> <th>Target</th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">azure_user</code></td> <td>USES</td> <td>{device_type}</td> </tr></tbody></table></li> </ul><h3 data-id="orca">Orca</h3> <ul><li>Both API keys and API tokens are supported for authentication.</li> <li>Assets are no longer a dependency for findings.</li> <li>Informational findings are no longer ingested.</li> </ul><h3 data-id="snyk">Snyk</h3> <p>Added new properties:</p> <table><thead><tr><th>Entity</th> <th>Property</th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">snyk_project</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">repoFullName</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">snyk_project</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">repoOrganization</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">snyk_project</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">repoName</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">snyk_project</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">directoryName</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">snyk_project</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">fileName</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">snyk_project</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">environmentAttributes</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">snyk_finding</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">fixedIn</code></td> </tr></tbody></table><h3 data-id="tenable">Tenable</h3> <p>Updated the <code class="code codeInline" spellcheck="false" tabindex="0">firstSeen</code> and <code class="code codeInline" spellcheck="false" tabindex="0">lastSeen</code> properties on the <code class="code codeInline" spellcheck="false" tabindex="0">tenable_asset</code> entity so they are human-readable</p> <h2 data-id="bug-fixes">Bug Fixes</h2> <ul><li>Fixed a few issues related to sign-in.</li> <li>Resolved a bug with IP restrictions on publicly shared dashboards for J1 Insights.</li> <li>Addressed an issue with alert rules and tagging assets where the alert rule did not complete its run.</li> <li>Resolved an issue with Compliance reviewers not receiving review emails.</li> <li>Fixed a few bugs related to questions and the questions library.</li> </ul><h2 data-id="coming-soon">Coming Soon</h2> <ul><li>Alerts is getting a design refresh! We are continuing our look-and-feel updates over J1 Alerts.</li> </ul> </article> </main>