Sections in this category

2021.83 Release

  • Updated

November 5, 2021

New Features and Improvements

  • Assets in the Graph Viewer that have a problem associated with them now have a visual indication and details of the problem in the properties side panel. rn_problems

  • The Center for Internet Security (CIS) Controls Version 8 is now available as a standard in the Compliance app with the mapped controls to the default procedures within the Policies app.

  • You can now set a default layout for the Insights Graph Viewer widget: select either mesh, horizontal tree, or vertical tree layout.

  • You can now upload screenshots, videos, or other files in Resources > Report an issue.

Integrations

You can now schedule integration job runs for a specific hour of the day or day of the week, depending on your customized polling configuration. This feature prevents J1 from consuming resources around mission-critical activities. Set the optional parameter, pollingIntervalCronExpression, using the JupiterOne platform API to use this capability.

Note: This functionality is not supported in the UI.

AWS

J1 is no longer adding aws_lambda_function.codeLocation to assets as it does not provide any security insight value and only introduces a potential vulnerability and unnecessary versioning.

J1 is removing any AWS secret access keys from properties that are setting them when the integration runs. Current values are now overwritten with the latest values and "REDACTED" appears in the place of the keys.

Azure

  • Added support for ingesting the following new resources:
Resources Entity _type Entity _class
Azure Kubernetes Cluster azure_kubernetes_cluster Cluster
Resource Lock azure_resource_lock Rule
Key Vault Key azure_keyvault_key Key
Key Vault Secret azure_keyvault_secret Secret

  • Added support for ingesting the following new relationships:
Source Entity _type Relationship _class Target Entity _type
azure_resource_group HAS azure_kubernetes_cluster
azure_resource_lock HAS ANY_SCOPE

  • Added new properties to resources:

    Entity Properties
    azure_keyvault_service enableSoftDelete, enablePurgeProtection
    azure_storage_account tableAnalyticsLoggingReadEnabled, tableAnalyticsLoggingWriteEnabled, tableAnalyticsLoggingDeleteEnabled

  • New questions added to the Questions Library:

  • Are all critical resources protected by resource locks?

  • Are all Key Vaults recoverable?

  • Is RBAC enabled on all Azure Kubernetes Services Instances?

GitHub

  • When a JupiterOne GitHub application installation does not have permission to fetch two-factor authentication information for github_users, the github_user mfaEnabled property is now assigned undefined instead of false.

Knowbe4

  • Added support for ingesting the following new resources:
Resources Entity _type Entity _class
KnowBe4 Phishing Campaign knowbe4_phishing_campaign Training
KnowBe4 Phishing Security Test knowbe4_phishing_security_test Assessment

  • Added support for ingesting the following new relationships:
Source Entity _type Relationship _class Target Entity _type
knowbe4_account HAS knowbe4_phishing_campaign
knowbe4_account HAS training_campaign
knowbe4_phishing_campaign CONTAINS knowbe4_phishing_security_test

Kubernetes

  • Added support for ingesting the following new resources:
Resources Entity _type Entity _class
Kubernetes Cluster kube_cluster Cluster
KnowBe4 Phishing Security Test knowbe4_phishing_security_test Assessment
Kubernetes Container Spec kube_container_spec Configuration
Kubernetes Pod Security Policy (PSP) kube_pod_security_policy Configuration
Kubernetes Network Policy kube_network_policy Configuration

  • Added support for ingesting the following new relationships:
Source Entity _type Relationship _class Target Entity _type
kube_cluster CONTAINS kube_namespace
kube_deployment USES kube_container_spec
kube_cluster CONTAINS kube_pod_security_policy
kube_namespace CONTAINS kube_network_policy

  • New questions added to the Questions Library:
  • Which Kubernetes container specs admit containers to run in privileged mode?

  • Which Kubernetes containers are permitted to run as the root user?

  • Which Kubernetes Pod Security Policies (PSP) admit privileged containers?

  • Which Kubernetes Pod Security Policies (PSP) admit containers to share the host process ID namespace?

  • Which Kubernetes Pod Security Policies (PSP) admit containers to share the host IPC namespace?

  • Which Kubernetes Pod Security Policies (PSP) admit containers to share the host network namespace?

  • Which Kubernetes Pod Security Policies (PSP) admit containers to escalate privileges?

  • Which Kubernetes Pod Security Policies (PSP) admit containers with the NET_RAW capability?

  • Which Kubernetes Pod Security Policies (PSP) admit containers with the added capabilities?

  • Which Kubernetes namespaces do not have network policies defined?

Qualys

  • You can now enable or disable Qualys web application scan ingestion based on the integration configuration. Toggle the new Ingest Web App Scans integration configuration option from the JupiterOne Qualys integration configuration page.

  • JupiterOne now fetches Qualys findings (qualys_host_finding) with the Fixed status.

  • The status filter for host detections is changed to explicitly request and ingest any 'New', 'Fixed', 'Active', and 'Re-Opened' statuses. By default, 'Fixed' detections are not returned from Qualys unless explicitly specified. This feature allows you to view the graph detections that are 'Fixed' and to track the changes to detections of any status.

🔝

Was this article helpful?

0 out of 0 found this helpful