Sections in this category

2020.44 Release

  • Updated

2020-04-30

Had a sprint focused on new integration SDK and new integrations. In the past two weeks, our dev team made 160+ commits to the new integration sdk and data model, plus 250+ commits across 14 integrations!

See Integrations section below for more details.

Also, see an important update on an AWS entity class label change below.

New Features

  • Lots of improvements made to the Graph Viewer!

    • Introducing a new tree mode to the graph viewer for a cleaner, more organized graph view. Toggle between tree / cluster mode using the graph viewer mode control icon shown below.

    graph-tree-mode

    • Added auto-grouping of graph nodes of the same type, and a list view to scroll through each item in the group. Select an item in the list to see its detailed properties.

    graph-node-grouping

    • Added ring decoration to Finding and Vulnerability entity nodes to show a colored ring/border based on severity.

    graph-node-color-ring

  • Improved pie chart layout in Insights dashboards. Also made long list in legend scrollable.

insights-widget-pie

  • New public facing JupiterOne Questions site.

  • Added toggle button to expand/collapse all sections in a selected compliance standard or questionnaire.

  • Improved version history diff of security policies and procedures document text.

Integrations

SDK and Data Model

Initial release of 10 new integrations (beta)

Updates to AWS, Azure, and other existing integrations

  • [AWS]:

    • Added ingestion of aws_nat_gateway and aws_vpn_gateway in a VPC
    • Analyze EBS snapshots to determine shared and public status

    Try these two new questions:

    • Are there EBS snapshots shared with other accounts?
    • Are there EBS snapshots shared publicly?
    • Updated relationship mappings between aws_route53_record entities to IpAddress, NetworkInterface, Gateway (e.g. ALB/ELB), SES Service, ACM Service, and other aws_route53_record (alias records) entities.

    • Added mapping of several saved AWS queries/questions to PCI DSS standard requirements

    • Tweaked queries in question "Which IAM policies in addition to "AdministratorAccess" allow full admin access to any and all resources?" to include separate queries/sections for admin-role-inline-policies and exceptions.

    • Fixed IAM policy parsing to set update flag for Change* IAM permissions.

    • Set baseUrl property on aws_s3_bucket entities to: https://${bucket.bucketName}.s3.amazonaws.com

    • Updated the _class on aws_route53_zone and aws_route53_record entities:

    • aws_route53_zone class will be DomainZone (previously Domain and Zone)

    • aws_route53_record class will be DomainRecord (previously DomainRecord and Record)

    Important: Please update your queries in saved questions and/or alert rules accordingly.

  • [Azure]:

    • Added ingestion of Cosmos DB resources: azure_cosmosdb_account, azure_cosmosdb_sql_database.

    • Added ingestion of more Storage resources: azure_storage_file_service, azure_storage_share.

    • Added Key Vault resources: azure_keyvault_service.

    • Set encrypted and enableHttpsTrafficOnly flags and kind property on azure_storage_*_service, as appropriate based on improved configuration analysis.

    • Set azure_managed_disk.encrypted based on presence of encryption.type.

    • Several bug fixes.

  • Improvements and bug fixes in GitHub, Bitbucket, and Carbon Black integrations.

Community Projects

This allows users to write terraform code to describe and provision jupiterone questions (saved queries) and alert rules, similar to how you use terraform code to provision AWS resources. We plan to add resources to describe compliance standards, groups, SAML clients, and more in the future.

  • Added support to publish policies to Confluence in security-policy-builder via the command psp publish --confluence to security-policy-builder; plus several minor bug fixes.

  • Improved policy and procedure templates to better handle HIPAA related statements conditionally.

Improvements and Bug Fixes

  • Fixed issue with setting chart number color when condition equals to 0.

  • Fixed a couple of UI issues with the onboarding wizard.

🔝

Was this article helpful?

0 out of 0 found this helpful