2021.66 Release

2021-03-11

New Features

• Brand new Onboarding experience for new accounts

• New In-app Purchase capability to allow free account users to easily upgrade to higher usage limits and feature capabilities

• New Create ServiceNow Ticket alert rule action

Integrations

Azure

• Added securityDefaultsEnabled property to azure_account entities

• Added userType property to azure_user entities

• Added support for Diagnostic Settings:

  • MariaDB Servers
  • MySQL Servers
  • PostgreSQL Servers
  • SQL Servers

• Fixed Virtual Networks step failure when Network Security Groups step fails

• Added mappings of existing managed questions for CIS Azure Foundations v1.3.0

• Added managed questions for CIS Azure Foundations (1.1.0 & 1.3.0):

  • Are there any guest users with access to Azure? (1.3)
  • Are there any custom role definitions with assignableScope of subscription or higher and action of *? (1.23/1.21)
  • Is Azure Security Defaults enabled for all Microsoft directories/tenants? (1.22)
  • Are there any Azure storage accounts that have not enabled Secure Transfer? (3.1)
  • Are all Azure storage accounts configured with "Deny" as the default network access rule? (3.7/3.6)
  • Are "Trusted Microsoft Services" enabled for Azure storage accounts? (3.8/3.7)
  • Is "Soft Delete" enabled for Azure storage accounts? (na/3.8)
  • Are Azure storage accounts encrypted with Customer Managed Keys? (na/3.9)

atSpoke

• Initial release of atSpoke integration (beta)! 🎉

Check out the docs for details on what's currently supported.

Carbon Black

• Redacting activation_code, encoded_activation_code, uninstall_code from sensor entities

GitHub

• Added createdOn and updatedOn to ingested github_repo entities

Google Cloud

• Migrated integration to latest SDK and infrastructure for more reliable execution

• Added the following new relationships

  • GKE: google_container_node_pool HAS google_compute_instance_group

• Added mew properties to GKE resources:

  Service	Resource / Entity	Properties
  GKE	google_container_node_pool	serviceAccount
  		bootDiskKmsKey
  	google_container_cluster	workloadIdentity

  
  

Jamf

• Migrated integration to latest SDK and infrastructure for more reliable execution

Microsoft 365

• Changed Azure Active Directory entity and relationship _type values to reflect that this data is from Azure AD. Please note that installing the Microsoft 365 integration alongside an Azure integration which ingests the same Azure AD tenant will produce duplicate data

• Added ingestion of some Intune resources, additional changes coming soon!

• Fixed Microsoft Graph authentication failure

NPM

• Fixed a malformed mapping rule that prevented mapping npm_package <- PUBLISHED - CodeRepo

Okta

• Fixed timeout processing a large number of applications in some accounts

ServiceNow

• Initial release of ServiceNow integration (beta)! 🎉

Check out the docs for details on what's currently ingested.

The Alerts app now supports a rule action to create ServiceNow incidents.

Improvements and Bug Fixes

• The Visual Query Builder (VQB) is now under its own url path so that it can be linked directly to and and navigated away using the browser's "back" button

• UI improvements in the Visual Query Builder (VQB)

• Compliance app will now navigate to the new standard immediately after one is created

• Fixed a scrolling issue in the account settings modal

• Fixed an error when the policies app was initialized for the first time for a new user

• Fixed an issue where users were unable to check the “enable autocomplete” and “search for recently deleted” checkboxes when using a long query

• Fixed an issue where clicking the “X” to close a query result on Landing page would close the wrong one in the list

Community Projects

• Added a new sample Insights dashboards for GDPR Data Locations