Sections in this category

2019.33 Release

  • Updated

2019-11-12

New Features

  • Added math support in J1QL queries! Math operations can also be combined with aggregation functions. For example:

    What is my database backup cost per AWS account?

  FIND (aws_db_cluster_snapshot|aws_db_snapshot) as snapshot
  RETURN
    snapshot.tag.AccountName as Account,
    sum(snapshot.allocatedStorage) * 0.02 as EstimatedCost
  • From Landing, if a result result contains the full entity (i.e. the JSON data contains the _id property of an entity), the entity can be selected to show the property panel.

  • Compliance app:

    • Compliance summary legends -- clicking on a summary bar will bring up a legend display with more details.

    • Added Compliance Summary Download option, which includes a CSV that contains the summary status of all requirements/controls of the selected standard in one file.

    • Supports Questionnaire as a specific compliance standard type (in the compliance standard JSON, add "type": "questionnaire").

    This allows you to manage security review questionnaires from partners, customers, or prospects by providing and tracking the "answers" without providing full evidence.

    • Added support to link to externally hosted policies and procedures that are mapped to compliance requirements, using the webLink property. Use the policy-builder CLI to set the webLink.
  • Re-designed UI/UX for the Asset Inventory dashboard with a card-type view on initial load.

  • Added a number of managed/pre-packaged query questions. A catalog will be published soon.

Integrations

  • AWS: Added support for the following services and resources

    • ECR - container repositories (aws_ecr_repository), container images (aws_ecr_image), and image scan findings (aws_ecr_image_scan_finding)

    • ECS - ECS clusters (aws_ecs_cluster), services (aws_ecs_service), container instances (aws_ecs_container_instance), task definitions (aws_ecs_task_definition), and tasks (aws_ecs_task)

    • Batch - compute environments (aws_batch_compute_environment), job definitions (aws_batch_job_definition), job queues (aws_batch_job_queue), and jobs (aws_batch_job)

    See updated AWS integration doc for details, including the relationships, usage patterns, and IAM permissions mapped across the above resources.

  • Azure:

    • Added support for more networking resources: virtual networks (azure_vnet), subnets (azure_subnet), and security groups (azure_security_group).

    • Fixed an issue fetching members of an Azure AD group due to permission configuration.

    See updated Azure integration doc for details, including the relationships across the above resources.

  • Jamf:

    • Enabled raw data collection for Jamf resource entities.

    • Improved parsing of disk encryption status to be more accurate.

    Note there is a bug in Jamf API where the JSON response is missing the boot partition for certain computer objects.

Improvements and Bug Fixes

  • Improved the Trend display of an alert to aggregate alert evaluation data points when the alerted results were identical.

  • Fixed a few UI issues with Compliance app and Alerts/Vulnerability app.

  • Fixed an issue where editing a compliance evidence question immediately after it is created in the compliance requirement view fails.

  • Fixed an issue where certain integration configuration instance not showing up despite correct count of instances.

  • Fixed an issue where the query name of named queries in a question did not show up when the question is being edited in the Compliance app.

  • Fixed a rare UI rendering with graph viewer when nodes are selected in a certain order.

  • Fixed an issue where the first trailing space was unexpectedly trimmed when typing in a query in Landing.

Experimental/Beta Features

  • Allow users to trigger "auto mapping" of policies/procedures and evidence questions for a selected compliance standard.

    The "auto mapping" is based on fuzzy matching of compliance requirement keywords.

🔝

Was this article helpful?

1 out of 1 found this helpful