Sections in this category

2021.67 Release

  • Updated


📣 We have made Record entities non-billable! This includes things like DNS records, Jira issues, etc. For more details, check out the billing FAQ.

New Features

  • During new account creation/onboarding, allow users to request access to a playground account to play with sample data.

  • Added Considerations to provide better guidance when editing a policy procedure.

  • Automate the following related actions upon the creation of the first cloud infrastructure integration (AWS/Azure/Google Cloud):

    • Trigger the integration to run for the first time
    • Import alert rules related to the integration
    • Import the corresponding CIS benchmark to the Compliance app
    • Trigger the evaluation of all alert rules and benchmark
    • Add the account owner to the daily digest email
    • Display a modal that indicates these actions and progress



  • Requests are now ingested since the last execution time, or up to 14 days in the past, whichever is less. This removes the ability to configure the number of requests to ingest, focusing instead on simply ensuring that recent Requests are continuously ingested. ​


  • Added support for ingesting the following new resources:

    • azure_location
    • azure_network_watcher
    • azure_security_group_flow_logs
    • azure_sql_server_firewall_rule
    • azure_location HAS azure_network_watcher
  • Added encryption to azure_managed_disk. ​

  • Added usesManagedDisks to azure_vm. ​

  • Added queueAnalyticsLoggingReadEnabled, queueAnalyticsLoggingWriteEnabled, and queueAnalyticsLoggingDeleteEnabled to azure_storage_account. ​

  • Added blobAnalyticsLoggingReadEnabled, blobAnalyticsLoggingWriteEnabled, and blobAnalyticsLoggingDeleteEnabled to azure_storage_account. ​

  • Added blobSoftDeleteEnabled and blobSoftDeleteRetentionDays to azure_storage_account

  • Added networkRuleSetDefaultAction and networkRuleSetBypass properties to azure_storage_account.

  • Fixed broken relationships between VM and disk entities. Previously, some relationships between VM and disk did not match case-sensitive, and created unresolvable relationships. Relationships will now be created based on case-insensitive matching of VM and disk IDs. ​

Azure DevOps

  • Initial release of Azure DevOps integration (beta) 🎉

    Check out the docs for details on what's currently supported. ​


  • Fixed an authentication error creating an access token at now throws IntegrationInstanceAuthenticationError so that users no longer see Unexpected error occurred executing integration!.

Google Cloud

Added support for ingesting the following new resources:

  • Compute

    • google_compute_instance_group_named_port
    • google_compute_instance_group HAS google_compute_instance_group_named_port
  • Pub/Sub

    • google_pubsub_topic
    • google_pubsub_subscription
  • App Engine Admin

    • google_app_engine_application
    • google_app_engine_service
    • google_app_engine_version
    • google_app_engine_instance
  • Cloud Run

    • google_cloud_run_service
    • google_cloud_run_configuration
    • google_cloud_run_route


  • Added a tag. property to every entity for each label in the Google Cloud labels property.

    For example, if a google_storage_bucket has a labels property with the values:

    "labels": {
      "myLabel": "myLabelVal",
      "myOtherLabel": "myOtherLabelValue"

    ​ The following individual tags will be copied onto the entity: tag.myLabel, tag.myOtherLabel. ​


  • Added name property to device_user
  • Added version and path properties to the INSTALLED relationship between a computer and a macos_app. This captures the version and path of an application installed on a specific computer and allows users to query that information as needed. ​
  • Fixed failure to retry failed Jamf API requests. ​
  • Fixed failure to ingest entities that contained raw data exceeding the system's allowed upload size. Unfortunately, this required the removal of raw data from some entities. ​

Microsoft 365 - Intune

  • Added support for ingesting a number of Intune resources.

    Please review the updated documentation to learn more. Intune data is ingested only when the Microsoft 365 account has Intune configured. ​


  • Migrated to latest integration SDK for improved error handling and reporting. ​
  • User - ONCALL -> Service relationship has been changed to User - MONITORS -> Service.

Relationships are best expressed as verbs, and MONITORS is the preferred verb in this type of relationship. ​

  • Added the following properties to the User entity:

id, type, email, role, jobTitle, timeZone, billed, description, invitationSent, webLink


  • Host Finding.targets has been adjusted to include only [detection.HOST.IP, assetHost.fqdn, assetHost.ec2InstanceArn].

    At this time, only fqdn and ec2InstanceArn will be used for mapping to the Host entity. This change reflects the two values that are actually used to resolve the relationship, significantly reducing the time spent looking for entities to map based on the global mapping rule.


  • Add emailDomain property to slack_user

Improvements and Bug Fixes

Resolved the following production issues:

  • Broken link to Terms & Conditions in emails

  • Errors when creating a new account

  • A few customers erroneously lost access to the RBAC feature

  • Question Trend Charts were erroneously disabled

  • Controls and policy procedures were not mapped correctly to a compliance item

  • Compliance evidence library does not persist selections properly

  • Uploading evidence to a compliance requirement may cause unexpected behavior

  • Some users were unable to remove an item from the Evidence library in Compliance

  • Some users were unable to remove a mapped question from a compliance item

  • Minor text changes on the Products page

  • Where Question Query Results would have the incorrect vertical sizing

  • Fixed an item related to user input on Policy & Procedure metadata

  • Where the boolean toggles were visible when viewing historical data

  • Low contrast text/UI elements on the Invitations page in the Account Settings view

Other Improvements:

  • Any time setup instructions are available for an integration definition, they will now be shown by default

  • After _class, _type and _displayName, query results will now show attributes alphabetically

  • Updated the search bar on the landing page so that clicking the padding of the bar will now focus the search input as well

  • Added X button to exit the "Create/Edit question" modal in the Landing app

  • Added X button to exit the "Map an existing question" modal in the Compliance app


Was this article helpful?

0 out of 0 found this helpful