JupiterOne March 2024 Release
New Features and Improvements
Rule Evaluation Details Page
Provide visibility and clarity with an Evaluation History page for each rule. Whether an alert was created or not, you will be able to see query results and actions run/skipped every time a rule is evaluated.
- What actions were taken, with what query results
- If there are failures, error messaging is provided to help troubleshoot
- Evaluation history is now tied to a rule, so it is always available. Previously it was only visible on an alert, so if an alert wasn’t created there was no way to view the history
- The create/edit rule form inside the rules page is now on a full page, rather than a modal
Insights Dashboards
- New feature for trend data widgets. You can mark a downward trend as good so it shows up green instead of red
- New auditing for dashboard events so you can understand who is modifying dashboards and when. Additional data about the changes that were made
Integrations
New Integrations
Armis (Beta)
Specializes in providing solutions for asset management, risk assessment, and threat detection for IoT (Internet of Things) devices
CyberArk EPM (Beta)
Visualize CyberArk EPM account, policies, devices, application groups and monitor changes through queries and alerts.
Hive (Beta)
A project management and ticketing tool
Microsoft Purview (Beta)
A data governance solution that helps organizations manage and govern their data assets across on-premises, multi-cloud, and SaaS (Software as a Service) environment
Dropbox (Beta)
Visualize Dropbox Folders, Groups and Users in JupiterOne. Use this integration to monitor changes to Dropbox entities using JupiterOne alerts.
Integration Updates
Oracle Cloud
Additional services and steps have been added to the Oracle Cloud integration
- DevOps (Step Disabled by Default): is a set of services and tools provided
- Function Service (Step Disabled by Default) is a serverless computing service
- NoSQL DB (Step Disabled by Default) : are databases that are hosted, maintained, and operated by a third-party cloud service provider
- Object storage (Step Disabled by Default): is a scalable, high-performance storage solution
- Redis (Step Disabled by Default) : Memory Storage
- Resource Manager (Step Disabled by Default) allows you to automate the process of provisioning, updating, and managing your cloud resources.
- Vault (Step Disabled by Default): is a key management and secrets management service
- Streaming (Step Disabled by Default): enables users to build scalable and durable streaming data pipelines
Lacework
- Bug fix: Improve rate limiting
- Scope vulnerabilities by severity, time and whether the vulnerable host is online
- Create relationships between
aws_instanceandlacework_finding
Snyk
- Increased scope of Snyk entities that are processed in the
snyk_project - SCANS-> CodeReporule
SonarCloud
- Bugfix: Fixed bug where integration was not working for certain sonar cloud configurations
AWS
- Bugfix: Changed backoff and retry logic that was causing a small percentage of integration runs to experience errors when running the “Fetch Users” step
- Additional properties to the
aws_transfer_serverentity - Additional regions to the ApiGateway and Lex services
- Add cross account relationships for cloudfront distributions to GateWay entities
- Add relationships between API Gateway Domain Names and ACM Certificates
- Bugfix: Improve error handling and logging for AMI entities
- Add signing properties to AWS lambda functions
- Add
aws_elbtoaws_route53_domainrecord relationships - Add relationships between route53 records and loadbalancers, entities and gateways
- Add date and time properties to AWS key pair entities
- Add backup properties to dynamo db table entities