2020-09-22
New Features 
Added Account Management view where admin users can change the account display name and view the number of entities/billable entities/relationships in the account.
Customers can now start trials for specific apps on their own.
Users can now map/unmap a question to a compliance requirement directly from the requirement view without opening the question editor to edit the mapping.
Added
defaultRevision
flag to the policies PDF download.
Integrations 
AWS
- Added support to capture S3 object-level logging and Lambda function logging enabled via CloudTrail
This requires the
cloudtrail:GetEventSelectors
permission to be added to the IAM policy attached to the JupiterOne integration IAM role, if you are not using the AWS managedSecurityAudit
policy.
- Added
webLink
toaws_cloudtrail
entities - Added
webLink
toaws_cloudtrail - LOGS -> aws_s3_bucket
relationships - Added
webLink
toaws_cloudtrail - LOGS -> aws_cloudwatch_log_group
relationships - Added
aws_s3_bucket_object_logging - SENDS -> aws_s3
relationships - Added
aws_lambda_function_logging - SENDS -> aws_lambda
relationships - Added
aws_s3_bucket_object_logging - SENDS -> aws_s3_bucket
relationships - Added
aws_lambda_function_logging - SENDS -> aws_lambda_function
relationships - Added additional queries to managed question "Is CloudTrail logging enabled?" using those new relationships
Azure
- Added support to configure an Azure integration instance without a subscription ID to skip resource ingestion. This is useful when you only want to ingest Azure AD configuration.
- Added
ingestResourceManager
flag so that Resource Manager steps can be disabled - Added
azure_dns_zone
entities - Added
azure_resource_group|has|azure_dns_zone
relationships - Added
azure_dns_record_set
entities - Added
azure_dns_zone|has|azure_dns_record_set
relationships - Added
azure_private_dns_zone
entities - Added
azure_resource_group|has|azure_private_dns_zone
relationships - Added
azure_private_dns_record_set
entities - Added
azure_private_dns_zone|has|azure_private_dns_record_set
relationships - Added
azure_container_registry
entities - Added
azure_resource_group|has|azure_container_registry
relationships - Added
azure_container_registry_webhook
entities - Added
azure_container_registry|has|azure_container_registry_webhook
relationships - Added
azure_service_bus_namespace
entities - Added
azure_resource_group|has|azure_service_bus_namespace
relationships - Added
azure_service_bus_queue
entities - Added
azure_service_bus_namespace|has|azure_service_bus_queue
relationships - Added
azure_service_bus_topic
entities - Added
azure_service_bus_namespace|has|azure_service_bus_topic
relationships - Added
azure_service_bus_subscription
entities - Added
azure_service_bus_topic|has|azure_service_bus_subscription
relationships - Added
azure_cdn_profile
entities - Added
azure_resource_group|has|azure_cdn_profile
relationships - Added
azure_cdn_endpoint
entities - Added
azure_cdn_profile|has|azure_cdn_endpoint
relationships
Google G Suite
- Capture
managerEmail
on ingested users to allow mapping aPerson
to their manager
Duo
- Added
duo_phone
entities
Note that we plan to use mapping to create normalized
smartphone
entities instead ofduo_phone
entities since the "phone" devices are not exactly "Duo phones".
- Added
duo_integration
entities - Added
duo_account_has_group
relationships - Fixed
duo_group_has_user
relationship was not working correctly
Fastly
Steps are enabled or disabled based on role of configured Fastly user account
- The User role fails Fetch Users, Fetch API Tokens, and Fetch Services steps
- The Engineer role allows everything except for the Fetch API Tokens step
- The Superuser role allows ingesting data from all of the steps
Jira
- Project keys are validated at the beginning of execution and feedback provided to users
JFrog Artifactory
- Initial beta release
- See docs for more details
Improvements and Bug Fixes 
- Significant performance improvement to the
security-policy-builder
CLI tool. It will also delete orphaned policies/procedures that were not part of the latest publish. To upgrade to the latest version, run:
npm upgrade -g @jupiterone/security-policy-builder@latest
Resolved an issue where deleting an api key would throw an error in the UI
Fixed an issue where deleted entities were showing up in all queries and were also not formatted correctly
Markdown can now render markdown inside of admonitions in the policies app
Fixed an issue causing insights to load with the wrong url
Fixed an issue where insights board would be loaded without a layout
Added failed request retry logic so all parts of the app should hopefully be a bit more resilient now
Fixed an issue where incorrectly formatted queries would not give a helpful error message
Fixed an issue where compliance standards would show duplicates in the UI
Comments
0 comments
Please sign in to leave a comment.