Sections in this category

2020.58 Release

  • Updated

2020-11-17

New Features

  • Modified API to pass account ID via JupiterOne-Account header (it is backwards compatible with the legacy LifeOmic-Account header).

  • Added support to generate integrations API key that can be used to run integrations in your own infrastructure.

These API keys are configured in an integration instance and scoped to that particular integration instance by ID. They can only be used to synchronize data in the selected integration's scope and cannot be used to read the graph or perform any other action in the system.

Sneak peek: We are working on a visual query builder to make it easier to construct J1QL queries. Stay tuned!

Integrations

AWS

  • Updated the accessKeyEnabled flag on aws_iam_user entities such that it is set to true only when there is at least one active access key associated with that user.
  • Fixed missing ECR image findings
  • Added processing of EC2 RunInstances CloudTrail events to create aws_instance entities soon after they're created in AWS

Azure

  • Added managed questions for Azure CIS 2.3 - 2.19

Cloudflare

  • Fixed duplicate _key for cloudflare_account_role entities

GitLab

  • Fixed duplicate gitlab_group_has_user relationships
  • Fixed unhandled authentication/authorization error during configuration validation
  • Fixed unhandled authentication/authorization error in resource API calls
  • Ingest projects of accessible groups in addition to projects owned by the configured user credentials
  • Fixed unhandled 403 response to requests for project merge requests would kill all merge request ingestion
  • Added allowMergeOnSkippedPipeline to project entities
  • Added properties to merge request entities: approved, approvers (names of persons who approved), approverIds, and approverLogins
  • Added approval configuration source to raw data of merge requests

Google Cloud

  • Fixed IAM service account ASSIGNED role relationship duplicates

  • Added a script that allows JupiterOne integration instance creation for every Google Cloud project in an organization

    Example:

  yarn jupiterone-organization-setup \
    --google-access-token $(gcloud auth print-access-token) \
    --organization-id 1111111111 \
    --jupiterone-account-id MY_JUPITERONE_ACCOUNT_ID_HERE \
    --jupiterone-api-key MY_JUPITERONE_API_KEY_HERE

Google Workspaces

  • Fixed relationship duplicate key error users in the same group have the same email address
  • For group members, added name, displayName to mapped users and groups
  • For group member relationships, added member properties email, id, kind, role, status, and type to better expose properties of the membership

Okta

  • Fixed unhandled ETIMEDOUT Okta API errors
  • Added job logging of Okta API errors for customer visibility
  • Fixed issue that could prevent complete ingestion of some Okta users

Qualys

  • Added configuration fields to allow control over finding history ingestion limits

Tenable Cloud

  • Fixed a failure to retry 500 responses fetching vulnerability details

Other Improvements and Bug Fixes

  • Added validation to prevent users from submitting invalid queries for table and graph charts
  • Fixed an issue with insights table chart parsing queries incorrectly in certain cases
  • Fixed an issue that prevented the sharing of an insights dashboard
  • Fixed an issue where non-admin users would be taken to onboarding
  • Fixed an issue where the matrix chart would not scroll when it was overflowing
  • Fixed an issue where an error message was shown in a chart when it should not be
  • Fixed a number of issues identified as part of the Compliance Review Workflow beta testing
  • Updated account IDs to use UUIDs
  • Performance improvements to the integrations data ingestion/processing pipeline
🔝

Was this article helpful?

0 out of 0 found this helpful