Skip to main content

JupiterOne July - September 2024 Release

New Features and Improvements

Smart Classes

Smart Classes are a mechanism to annotate assets with additional business and technical context, enabling you to enhance your IT management and security use cases. Some intended use cases for Smart Classes include annotating assets with:

  • Criticality levels and business impact
  • Accessibility information, such as whether they are publicly accessible
  • SLAs, RPO, RTO, and other risk tracking metrics

New Smart Class

More information on Smart Classes is available here.

Graph Upgrade

The graph upgrade work was completed through end of July 2024 and all customers are now running on the updated graph. As part of this work some modifications and improvements were made to the query API and responses.

The details of the graph upgrade project are available here.

Since the upgrade we have observed faster query responses for all customers, and greater reliability of data being made available to users.

Query API

Additional improvements were made as part of the Graph Upgrade project to enhance query API usage. As part of that JupiterOne has moved query API consumers to use variable result size queries by default. This improved query API performance and eliminates missing or duplicated data as a result of the legacy pagination approach.

The details of the variable results size API changes are available here.

Further enhancements have also been made to Query API response codes. Historically the GraphQL APIs would always return a 200 response with any errors in the response body. 429 rate limit errors are now returned as a true 429 http response.

Python SDK Ownership Transfer

The JupiterOne python SDK was originally built and maintained by Auth0. This project and it's associated assets were passed to JupiterOne and we are now actively maintaining this SDK.

The client SDK is maintained here: https://github.com/JupiterOne/jupiterone-api-client-python

With the related PYPI package available here: https://pypi.org/project/jupiterone/

There have been significant enhancements made to the Python SDK, please check it out!

Terraform Provider

The JupiterOne Terraform provided is available here: https://registry.terraform.io/providers/JupiterOne/jupiterone/latest

The recent improvements include:

  • Configuring Insights dashboards and widgets
  • Terraform provider bidirectional state synchronization state warning about potential overwriting of non-terraform changes

J1QL Query Editor

The J1QL query editor now supports shortcuts for block quoting lines in the query. Select the line(s) you wish to comment out and use the Cmd-/ (macOS) or Ctrl-/ (Windows) to comment out the selected content.

Alerts / Rule Results

It is now possible to download the results of a rule evaluation as JSON, in addition to the previous CSV format. Check out the Download JSON option when looking at a rule.

In addition the backend system for processing rules has been significantly overhauled allowing for larger and longer running queries and greater result sets to be available.

Insights Dashboards

When viewing an Insights dashboard it is now possible to create a rule directly from a widget. If you see something interesting in a dashboard it's now one step to turn that insight into a rule that can be run continuously against your data and produce actions or alerts.

To use this click on the widgets menu and select Create rule where you'll be presented with a pre-configured rule to save.

Integration Updates

Types Documentation

The following integrations have had their documentation improved. These improvements include detailed types documentation describing the specific properties and attributes these integrations create, this is in addition to the existing summary and data model documentation.

Collector Support

The following additional integrations are now compatible with the JupiterOne Collector

  • ManageEngine Endpoint Central

AWS

More AWS services have been added to the AWS integration:

  • AWS VPC Endpoint
  • Backup recovery points
  • Backup jobs
  • Backup plans
  • Cloudfront public keys
  • Cloudfront key groups
  • Dax clusters
  • Glue connections
  • Glue dev endpoints
  • SSM compliance and association

Product Content

JupiterOne Rule Packs

The following new rule packs are available to all customers:

  • Mitre ATT&CK: AWS Privilege Escalation
  • Mitre ATT&CK: GCP Privilege Escalation
  • Mitre ATT&CK: Execution
  • Mitre ATT&CK: Initial Access

To deploy a rule pack go to Alerts > Rules > Import rules

Mitre Rule Pack

Contents