- Effective Friday, July 14th, query results will be delivered via a jupiterone.io URL. The new domains used for data retrieval will be
download.eu.jupiterone.io. Please ensure these new domains are added to your allow list as a result of this update.
New Features and Improvements
J1 now offers the field j1_severity on Findings which presents a normalized severity for most Integrated tools that provide findings to JupiterOne. For example, you can now the following queries to return findings across multiple sources of findings data:
find Finding with j1_severity = "high": This returns a list of all findings with a normalized severity of “high”.
find Finding with j1_severity != undefined as f RETURN f.[j1_severity], count (f): This returns a count of all findings in j1 grouped by j1_severity.
Note: The following
_typesdo not currently support the
j1_severityfield. Please let us know if you would benefit from any of these being included:
Your J1 Questions can now be configured to collect trend data on different polling intervals. If your query produces results that change throughout the day, you can now track trends on intervals of 30 minutes, 1 hour, and 1 day.
We have updated permissions to J1Questions so that users with “Read” access to “Shared: Questions” can view questions and share questions but cannot edit, delete, or duplicate the question. Users with “Write” access to “Shared: Questions” can view questions, share questions, edit questions, delete questions, and duplicate the question.
We now support querying for additional compliance entities including the following:
reviewer Person ID
We have updated our
Access Permissionsentity views for
aws_iam_userto be a matrix visualization to help you gather more information at a glance of the types of access to AWS resources these identity types have.
We have made usability/accessibility enhancements in the J1
data-tableto allow for you to use keyboard shortcut keys like
CTRL+Cto copy values more easily from the
Alerts and Rules
We have made it easier to view and update the Rules that power your alerts within the Alerts UI by surfacing Rules to sit alongside Alerts in the view's primary actions.
Policies and Compliance
- In J1 Policies, we now support downloading to HTML in addition to downloading to PDF.
- Workday: We have added Workday to our list of official integrations. Read more about our Workday integration.
- Custom File Transfer: Added new integration
Custom File Transferto enable users to create more robust file transfer jobs that can be scheduled, with all of the flexibility and auditability of normal integrations.
- AWS: AWS integrations will now be automatically deleted when the related AWS account is closed.
- Azure: Allow the ingestion of 'Disabled' subscriptions in addition to the other subscription states supported: ‘Enabled’, ‘PastDue’, ’Warned’ and ’Expired’. You can enable the importation of 'Disabled' subscription by activating the Import Disabled Subscriptions toggle within your Azure integration instance. Note that your Azure integration instance must already have the Configure Subscription Instances toggle enabled for you to ingest disabled subscriptions.
- CrowdStrike: Added CrowdStrike Zero Trust Assessment (ZTA) data to be ingested.
- GitLab: Will now consume GitLab Vulnerability Findings.
- Google Cloud Platform: Added a relationship from the
Rootentity to the GCP Organization entity.
- Google Cloud Platform: Consume guest VM properties via OS Config API, including Hostname, OS Name, OS Version, Kernel Version, OS Architecture, Agent Version and Last Updated Time.
- Microsoft Intune: Added properties
- Polymer: Added mapped relationships from Polymer findings to Google Workspace, Slack, and GitHub to indicate ownership of findings and other additional context. Note: This integration is currently in beta.
- SalesForce: Added the ability to filter ingested users by user Role and Profile to avoid rate limits and improve performance.
- ServiceNow: Added the capability to ingest a customizable level of ServiceNow CMDB data. Includes relationships showing to whom assets are assigned and who owns/manages the assets.
- Tanium: Added ingestion of Software Inventory data from "Tanium Asset" add-on capability.
- AWS: Resolved issue causing
404error if alternate contact not found
- CircleCI: Resolved issue where duplicate pipelines were being ingested, causing the integration job to fail
- GoDaddy: Resolved issue which was causing a
429error (too many requests)
- SonarQube: Update query approach to reduce issues with hitting API return limitations
- Tanium: Updates to match recent changes to Tanium API