Sections in this category

2021.72 Release

2021-06-02

New Features and Improvements

  • Improved tooltip placement on the gear menu so that the tooltips no longer cover up other menu items

  • Newly imported CIS Benchmarks will now have Policies & Procedures disabled by default

  • In-app purchase & products page has been redesigned so it is easier to use now

  • When filtering findings & vulnerabilities:

    • filtering by informational will also include informative and info
    • filtering by no value will also include undefined and null
  • Added support for AWS VPC endpoints and enpoint policy permissions, WAF V2, API Gateway V2, IAM permissions boundary policy and a lot more Integrations capabilities (see details below).

Integrations

AWS

  • Improved permissions analysis for IAM resource policies

  • Improved consistency of the actions, conditions, resources, and principal properties on IAM permission relationships

  • Added normalizedActions property on IAM permission relationships to store action values in all lowercase

  • Renamed WAF to WAF Classic

  • Added support for ingesting the following new resources:

    Service Resource / Entity
    WAF aws_waf_v2_web_acl
    API Gateway V2 API aws_api_gateway_v2_api
    API Gateway V2 Route aws_api_gateway_v2_route
    API Gateway V2 Integration aws_api_gateway_v2_integration
    API Gateway V2 Authorizer aws_api_gateway_v2_authorizer
    VPC Endpoint aws_vpc_endpoint

  • Added support for ingesting the following new relationships:

    Source _class Target
    aws_api_gateway_v2_api HAS aws_api_gateway_v2_route
    aws_api_gateway_v2_route HAS aws_api_gateway_v2_integration
    aws_api_gateway_v2_route HAS aws_api_gateway_v2_authorizer
    aws_api_gateway_v2_integration CONNECTS resource
    aws_api_gateway_v2_authorizer CONNECTS resource
    aws_waf_v2_web_acl PROTECTS resource
    aws_elb CONNECTS aws_instance
    aws_vpc HAS aws_vpc_endpoint
    aws_vpc_endpoint HAS aws_policy

  • Add IAM permissions boundary policy RESTRICTS IAM users or roles relationships

  • Parse DENY statements in IAM policies and create DENIES relationships

  • Add restorableByUserIds property to aws_ebs_snapshot entities. This was already captured as sharedWithAccounts property on the entity. Additionally, when the snapshot is shared with another account, the shared property is set to true. When the snapshot is shared with all, the public property is set to true.

Azure

  • Changed the policy definition entity _key suffix to :latest instead of :${timestamp} to reduce policy state churn during integration invocations.

  • Added ingestion of Azure Management Groups when the configureSubscriptionInstances configuration field is true. This ingestion requires users to assign the Management Group Reader role to the service principal used in the given integration configuration to the Tenant Root Group management group.

  • Added support for ingesting the following new resources:

    Service Resource / Entity
    Gallery azure_gallery
    Gallery Image azure_shared_image
    Management Groups azure_management_group

  • Added support for ingesting the following new relationships:

    Source _class Target
    azure_resource_group HAS azure_gallery
    azure_gallery CONTAINS azure_shared_image
    azure_vm HAS azure_shared_image
    azure_vm HAS azure_image
    azure_management_group CONTAINS azure_management_group
    azure_account HAS azure_management_group
    azure_vm USES azure_service_principal

  • New properties added to resources:

    Entity Properties
    azure_vm_extension settings, extType, publisher
    azure_user isMfaRegistered

Google Cloud

  • Added support for ingesting the following new resources:

    Service Resource / Entity
    BigQuery google_bigquery_table

  • Added support for ingesting the following new relationships:

    Source _class Target
    google_bigquery_dataset HAS google_bigquery_table
    google_bigquery_dataset USES google_kms_crypto_key
    google_compute_disk USES google_kms_crypto_key
    google_sql_mysql_instance USES google_kms_crypto_key
    google_sql_postgres_instance USES google_kms_crypto_key
    google_sql_sql_server_instance USES google_kms_crypto_key

  • New properties added to resources:

    Entity Properties
    google_compute_disk kmsKeyServiceAccount, kmsKeyName
    google_compute_instance integrityMonitoringEnabled, secureBootEnabled, vtpmEnabled, connectedNetworksCount
    google_sql_mysql_instance kmsKeyName
    google_sql_postgres_instance kmsKeyName
    google_sql_sql_server_instance kmsKeyName
    google_storage_bucket kmsKeyName
    google_bigquery_dataset _class: Database #175
    All Entities projectId

  • Support for --integration-polling-interval in the jupiterone-organization-setup CLI

  • #186 - Accept storage-api.googleapis.com and storage-component.googleapis.com services to enable buckets step

  • #171 - Do not fail when App Engine applications and versions cannot be fetched

  • Improved logic that determines whether a google_compute_instance is a shielded VM or not by considering whether vTPM is enabled

  • #151 - Fix duplicate _key on Cloud Run resources

  • #158 - Do not fail when App Engine services cannot be fetched

KnowBe4

  • Ingest retired campaigns

Qualys

  • Use host asset dnsHostName in Finding.targets and Finding.fqdn when available and fall back to host asset fqdn. The latter is often an empty string and not useful for intended purpose.
  • Use host asset hostname as Host.hostname when available.

Slack

  • New properties added to resources:

    Entity Properties
    slack_user appUser, userType, fixed bot

Tenable Cloud

  • Improved handling of processing for asset and vulnerability exports

Bug Fixes

  • Resolved an issue where the Finding Details viewer would not have a max height and would cause large amounts of scrolling to be required

  • Resolved some issues regarding importing rule packs after configuring your first integration

🔝

Was this article helpful?

0 out of 0 found this helpful