Skip to content

JupiterOne/secops-automation-examples

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

258 Commits

.github/workflows

.github/workflows

 
 

github-codeowners

github-codeowners

 
 

ingest-cyclonedx-sbom

ingest-cyclonedx-sbom

 
 

ingest-log4j-vulns

ingest-log4j-vulns

 
 

npm-inventory

npm-inventory

 
 

playbooks

playbooks

 
 

security-assessment-report

security-assessment-report

 
 

security-assessment

security-assessment

 
 

security-privacy-design

security-privacy-design

 
 

software-bill-of-materials

software-bill-of-materials

 
 

summary-relationships

summary-relationships

 
 

vendor-management

vendor-management

 
 

yarn2npm

yarn2npm

 
 

.gitignore

.gitignore

 
 

CODEOWNERS

CODEOWNERS

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

cortex.yaml

cortex.yaml

 
 

package.json

package.json

 
 

yarn.lock

yarn.lock

 
 

Repository files navigation

Example automation scripts using JupiterOne platform

This repo provides several examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.

The examples are in either bash or javascript/typescript.

These scripts are provided as-is. For questions, please post in the jupiterone-community #dev Slack workspace.

Playbooks

  • Risk Management: An opinionated guide on Risk Management using the JupiterOne platform.

Folder Contents

The following is a list of provided examples and their brief summary:

Automation Folder Description
GitHub CODEOWNERS Creation /github-codeowners Consistent creation of CODEOWNERS files for your GitHub Org.
Ingest CycloneDX SBOM File /ingest-cyclonedx-sbom Ingest CodeRepo -USES-> CodeModule graph data into JupiterOne.
Ingest Log4J Vulns /ingest-log4j-vulns Ingests the output of log4shell_sentinel. Intended for distribution/deployment to all hosts in your environment that you would like to scan and remediate for log4j vulnerabilities.
NPM Inventory /npm-inventory High-fidelity ingestion of CodeRepo -USES-> CodeModule graph data into JupiterOne, for NPM-specific repos.
Security Assessment Reporting /security-assessment-report Query for any assessment object from JupiterOne and its findings to generate a PDF document as output.
Security Assessments and Findings /security-assessment Document manual security testing, assessments, and findings in code (YAML), and publish to JupiterOne graph for reporting and visualization.
Security Privacy Design RFC Template /security-privacy-design RFC Template documenting security considerations at design-time.
Generate SBOM from graph data /software-bill-of-materials Utilize CodeRepo -USES-> CodeModule graph data to create a CycloneDX SBOM file.
Summary Relationships /summary-relationships Create relationship shortcuts that summarize complex IAM traversals to simplify queries.
Third Party Vendors /vendor-management Documenting details about third party vendor in code (YAML), including security review status, vendor managers, who has access, etc. See also vendor-stack below.

Other useful integrations and custom automation utilties outside this Repo

Utility/Integration Location Description
Map Repo Dependencies map-repo-dependencies Ingest data from NPM package files (e.g. package.json) in your local code repos to create entities and relationships in your JupiterOne graph, so that you can query and visualize your code repo dependencies.
Detect and Alert on Specific PRs bitbucket-pr-detector Detect particular kind of pull requests (for example, a RFC document for a new product feature that includes security and privacy considerations) and alert the security team about it.
Enforce Code Review and Security Policies in CI/CD change-management-client A package to enforce code review and security policies for pull request approval, author and reviewer validation, and vulnerability checks by collecting and analyzing data from the JupiterOne graph. For an example of its usage, check out the change-management-example repo.
Discover local/on-prem devices using Nmap graph-nmap Use Nmap to scan local networks to discover on-prem devices and create entities to push to JupiterOne graph.
Detect Leaked Secrets in Code graph-gitleaks-findings Use gitleaks to automate detection of leaked secrets in your code repos and publish the findings to your JupiterOne graph for reporting and visualization.
Ingest Vuls.io Findings graph-vuls-findings Ingest vuls scan reports into JupiterOne graph for reporting and visualization.
Map DNS records to their targets via Shodan data nslookup-shodan Use shodan to enrich the domain records mapping in a JupiterOne graph. Identifies domain records that do not already point to a known internal asset, discovers the asset via Shodan, and maps the record to the target host.
Vendor Stack vendor-stack A library of common technology vendors used by modern companies, and useful properties for each vendor.

Prerequisites and dependencies

For most of the examples and templates included in this repo, you will need jupiterone-client-nodejs. It has been added as a dependency to this project. You can also install it globally:

npm install @jupiterone/jupiterone-client-nodejs -g

You will need the following environment variables in your local .env file

J1_ACCOUNT_ID=yourAccountId
J1_API_TOKEN=yourToken

About

Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

50 stars

Watchers

5 watching

Forks

5 forks
Report repository

Releases 1

ingest-log4j-vulns_v0.0.1-log4shell_sentinel_binaries Latest
Dec 23, 2021

Packages

No packages published

Contributors 11

Languages