Sections in this category

2021.80 Release

September 24, 2021

Open Source Projects

Integrations

AWS

  • Created aws_lb_listener entities for Classic Elastic Load Balancers so that the protocol and port data can be queried.

  • Changed aws_load_balancer_connects_listener relationships to aws_load_balancer_has_listener.

GitHub

  • Added support for ingesting the following new entities:
Resources Entity _type Entity _class
GitHub Org Secret github_org_secret Secret
GitHub Repo Secret github_repo_secret Secret

  • Added support for ingesting the following new relationships:
Source Entity _type Relationship _class Target Entity _type
github_account HAS github_org_secret
github_repo HAS github_repo_secret
github_repo_secret OVERRIDES github_org_secret
github_repo USES github_org_secret
github_repo USES github_repo_secret

  • Improved the retry logic for GitHub API response errors.

  • Migrated github_pull_request ingestion to use Octokit v4 GraphQL instead of the v3 REST API to enable the ingestion of related commit details more efficiently.

  • Commit analysis is now executed on every github_pull_request. This analysis is now possible because commit details are always obtained with the pull request. Previously they were collected in separate API calls that would exceed rate limits and prolong execution.

  • Fixed an error where the head branch could not be determined for a pull request.

  • Fixed an error fetching of too many pull requests per page.

  • Fixed an error managing GitHub API "not found" responses when fetching pull requests.

  • Fixed an error where the collaborators collection step could fail when one repository has special permissions settings that prevent access to collaborators.

  • Fixed duplicate key errors and step failures that occurred when GitHub data changes during the execution of the integration.

  • Fixed an error that caused Repo ALLOWS Team relationships to only appear for one team in some circumstances.

  • Fixed the handling of "Secondary Rate Limit" errors on GraphQL queries.

BambooHR

  • Added support for ingesting the following new entities:

    Resources Entity _type Entity _class
    Employee bamboohr_employee Record

  • Added support for ingesting the following new relationships:

    Source _class Target
    bamboohr_account HAS bamboohr_employee
    bamboohr_user IS bamboohr_employee

Microsoft 365

  • Fixed an error where OAuth information was lost, preventing authorization.

OneLogin

  • Fixed the UserApps step failure when a user has no assigned apps.

  • Fixed duplicate onelogin_user ASSIGNED mfa_device relationships.

Tenable.io

  • Added support for ingesting the following new entities:

    Resources Entity _type Entity _class
    Asset tenable_asset HostAgent

  • Added support for ingesting the following new relationships:

    Source _class Target
    tenable_account HAS tenable_asset
    tenable_asset HAS tenable_vulnerability_finding

  • Added support for ingesting the following new mapped relationships:

    Source _class Target
    tenable_asset IS <host>
    <host> HAS tenable_vulnerability_finding
    tenable_vulnerability_finding IS <cve>

  • Removed support for ingesting the following entities:

    Resources Entity _type Entity _class
    Scan tenable_scan Assessment, Service
    Vulnerability tenable_vulnerability Vulnerability

  • Removed support for ingesting the following relationships:

    Source _class Target
    tenable_scan IDENTIFIED tenable_vulnerability_finding
    tenable_scan IDENTIFIED tenable_vulnerability
    tenable_scan SCANS <host>
    tenable_user OWNS tenable_scan
    tenable_vulnerability_finding IS vulnerability

  • Removed support for ingesting the following mapped relationships:

    Source _class Target
    tenable_scan SCANS <host>

Google Cloud

  • Added support for ingesting the following new resources:

    Service Resource / Entity
    DNS Policy google_dns_policy
    Dataproc google_dataproc_cluster
    Cloud Billing google_billing_account
    N/A google_billing_budget
    Cloud Bigtable google_bigtable_app_profile, google_bigtable_backup, google_bigtable_cluster, google_bigtable_instance, google_bigtable_table

  • Added support for ingesting the following new relationships:

    Source class Target
    google_dataproc_cluster USES google_kms_crypto_key
    google_dataproc_cluster USES google_compute_image
    google_dataproc_cluster USES google_storage_bucket
    google_billing_account HAS google_billing_budget
    google_cloud_project USES google_billing_budget
    google_bigtable_cluster HAS google_bigtable_backup
    google_bigtable_cluster USES google_kms_crypto_key
    google_bigtable_instance HAS google_bigtable_app_profile
    google_bigtable_instance HAS google_bigtable_cluster
    google_bigtable_instance HAS google_bigtable_table
    google_bigtable_table HAS google_bigtable_backup
    google_compute_network HAS google_dns_policy
    google_bigquery_dataset USES google_kms_crypto_key
    google_compute_disk USES google_kms_crypto_key
    google_compute_image USES google_kms_crypto_key
    google_pubsub_topic USES google_kms_crypto_key
    google_spanner_database USES google_kms_crypto_key
    google_sql_mysql_instance USES google_kms_crypto_key
    google_sql_postgres_instance USES google_kms_crypto_key
    google_sql_sql_server_instance USES google_kms_crypto_key

  • Changed the following mapped relationships to omit target creation:

    Source class Target
    google_iam_binding ALLOWS ANY_RESOURCE
    google_iam_binding ASSIGNED google_group
    google_iam_binding ASSIGNED google_iam_service_account
    google_iam_binding ASSIGNED google_user
    google_iam_binding ASSIGNED google_domain
    google_user CREATED google_app_engine_version

  • Added the following new properties to resources:

    Entity Properties
    google_sql_postgres_instance logMinMessages
    google_sql_sql_server_instance externalScriptsEnabled
    google_sql_sql_server_instance userConnections
    google_sql_sql_server_instance remoteAccess
    google_sql_sql_server_instance traceFlag

  • Modified the google_bigquery_dataset step to be independent from the google_kms_crypto_key step.

Qualys

  • Service -> Host relationships now map using qualysAssetId instead of fqdn for target filters to improve accuracy.

  • Finding.hostId is now used to map to Host.qualysAssetId.

  • Added new properties to the following resources:

    Entity Properties
    qualys_host_finding hostId

🔝

Was this article helpful?

0 out of 0 found this helpful