Security Content Release Notes

January 2025

Addition to JupiterOne Questions Library for Lansweeper integration. Checks basic configuration best practices. These will be useful for gaining more insight into your lansweeper environment.

• integration-question-lansweeper-inactive-hosts
• integration-question-lansweeper-hosts-outside-of-allowed-ip-range
• integration-question-lansweeper-list-operating-system-types
• integration-question-lansweeper-users-with-bad-status
• integration-question-lansweeper-out-of-date-operating-systems

Additions to "MITRE ATT&CK: AWS Privilege Escalation" rule pack

• integration-question-aws-search-for-secrets-in-lambda-functions

Addition to JupiterOne Questions Library. This question will allow an AWS user to search for keywords to ensure that there are no AWS exposed secrets in lambda function metadata. This will also enable a user to turn the question into an alert. https://ask.us.jupiterone.io/question/a4db06a7ae955bc6c22896c651bd5cb7f0cc32e8?search=lambda&tagFilter=all

• privileges-unused-for-90-days

Addition to existing 'AWS Config' rule pack. Checks for aws role privileges that have been unused for 90 days or greater. It is recommended to review results returned and remove unused privileges.

• aws-public-facing-resources-list

Addition to existing 'AWS Threat' rule pack. This alert returns all AWS resources that are public facing. Useful for delta detection and trending over time.

• aws-high-privilege-lambda-function-wildcard
• aws-high-privilege-lambda-function-lambda:*
• aws-high-privilege-lambda-function-get-policy
• aws-high-privilege-lambda-function-get-function
• aws-high-privilege-lambda-function-get-function-configuration
• aws-high-privilege-lambda-function-list-functions