JupiterOne January 2023 Release

New Features and Improvements

• Your Questions that are enabled to track daily trends are now upgraded with a new visualization to aid you in tracking your data over time.

• The J1 Homepage is refreshed and streamlined, allowing you to easily find answers to your important questions.

  • You can navigate between queries using your browser buttons
  • You can share the query by copying the browser url, which is now a unique url
  • J1 now provides syntax correction for queries

• Use the updated Questions Library to find answers to tough security questions by leveraging the knowledge of JupiterOne.

• Your J1 Insights dashboards now have access controls in the share functionality to allow you to control who can access specified dashboards.

• In-app notifications are now available in J1 to keep you up-to-date on key events.

• A beta release of Query Builder is now available upon request. This feature helps you explore your assets with highly specified queries without needing to learn the syntax specifics of J1QL.
  

Integrations

General

• Added the ability to edit the polling interval for multiple configurations at the same time. For a single integration, you can now select one or more of the existing configurations and change the polling interval for the selected configurations.
• Released a minor UI change on the main integrations page. It is now easier to filter the list of configurations between All, Configured, and Unconfigured. Also, whatever option you select now persists.

Jamf

• Email addresses properties are now set to all lower case on user and device entities to ensure they are consistent with other integrations.

Kandji

• Refactored the integration so that the kandji_app entity is only created once and then referenced instead of being created once for each device that Kandji manages. This update reduces the number of Kandji entities that are created.

LastPass

• Added a question that answers "Are there developers who contribute code with a weak master password?"

Microsoft 365

• Added additional properties:

  Entity _type	Property
  azure_user	active
  azure_user	accountEnabled
  azure_user	userType

• This enhancement allows you to include these properties in your\r queries, so that you can now search or configure alerts based on whether the user is active, their account is enabled or disabled, or the type of (regular, admin, system, etc.).

Microsoft Active Directory

• Added the ability to configure the pagination size.

SentinelOne

• Removed the licensekey property from the sentinelone_agents entity to prevent exposure of the license key.

Snyk

• snyk_finding now uses originalSeverity for severity to match what is displayed in the UI.

• snyk_finding display name was changed to use the package name.

• Added new entities:

  Resources	Entity _type	Entity _class
  Snyk Group	snyk_group	Group
  Snyk Organization	snyk_organization	Organization
  Snyk Service	snyk_service	Service
  Snyk Role	snyk_role	AccessRole

• Added new relationships:

  Source Entity _type	Relationship _class	Target Entity _type
  snyk_account	HAS	snyk_group
  snyk_account	HAS	snyk_service
  snyk_group	HAS	snyk_organization
  snyk_group	HAS	snyk_role
  snyk_organization	HAS	snyk_project
  snyk_organization	HAS	snyk_user
  snyk_service	IDENTIFIED	snyk_finding
  snyk_service	SCANS	snyk_project
  snyk_user	ASSIGNED	snyk_role

Tenable

• Fixed a bug that caused the severity property for the tenable_vulnerability_finding to be populated with riskFactor. It has been corrected to populate with the severity. The corrected values include "info", "low", "medium", "high", and "critical".

XM Cyber

• Released a new integration for XM Cyber. This is a limited, initial release and only ingests the XM Cyber Entity asset.

• The xmcyber_entity lets you query which XM Cyber assets are a chokepoint and/or critical asset.

  Resources	Entity _type	Entity _class
  Entity	xmcyber_entity	Record

Bug Fixes

• Issue resolved with Questions Trend area charts where the represented query was being duplicated.
• Resolved a few bugs related to J1 Alerts timeouts.
• Problems with searching case-sensitive letters in J1 Alerts is resolved.
  • PDF download issues in J1 Policies is resolved.
  • Resolved a known issue with incorrect relationships being shown in the Vulnerabilities & Findings tab.
  • J1 Insights issues with widget timeouts have been resolved.

Coming Soon

• Your J1 Insights dashboard will soon be downloadable as a PDF to help facilitate the sharing of your dashboards offline.
• Access controls are being introduced into J1 Insights. These controls will allow you to control which of your groups and users have access to each J1 Insights dashboard.
• Upcoming releases for in-app notifications will keep you informed on the latest notifications from J1 Rapid Response, Policies, Compliance, and Integrations.
• AWS Config Recorder will soon be a fully supported and generally available service to all J1 users via the J1 Integrations section of the platform.
• Alert trend lines will soon be updated to included rule errors, as well as each instance of the rule being evaluated. These updates allow you to see a holistic view of rules, evaulations, and the outcomes of actions (alerts).
• Introducing: Asset Categories! J1 is reworking how assets are categorized, based on industry standards. These categorizes will persist throughout J1 to make searching, and finding, the right information easier.
• The home experience will become more flexible for your user groups by allowing you as an admin to publish J1 Insights dashboards to you and your user groups landing experience.
• csv exports from query results and assets will soon be pushed to the notification panel to allow for larger exports and a single repository of your downloads.