Vuls & Gitleaks Integrations

By

Cloud-based organizations are increasingly leveraging open-sourced tools to help in their security and compliance monitoring. Whether it's trying to keep a handle on cost or just reducing some of the complexity that comes with additional UIs, the move to add open-sourced tools to your security toolkit makes a lot of sense.

Because these are open-sourced tools, we aren't able to develop one of our traditional, managed integrations like with other SaaS solutions. However, this vulnerability data is critical to maintaining your security posture so it needs to be mapped on the JupiterOne graph of your environment.

New Open-Source Tool Integrations

This most recent cycle, we've added open-source integrations for Vuls and Gitleaks.

These integrations pull the vulnerability data returned form the open-sourced tools directly into JupiterOne, mapping to the resources in your organization's environment. By connecting vulnerabilities to resources, users, devices, etc., it is easier to identify what prompted the vulnerability and who is the most appropriate person to take action to correct it.

About Vuls

Vuls is an agentless vulnerability scanner for Linux/FreeBSD designed to help system administrators overcome the resource burden that comes from daily security vulnerability analysis and software updates. The tendency for most system administrators is to manually perform these updates to avoid production downtime, but the reality is, when opting to go manual, this process results in oversight and tremendous time demands.

Vuls combats this cycle by automatically scanning for vulnerabilities and alerting users when and where they arise.

Check out our Vuls integration on GitHub.

About Gitleaks

Gitleaks audits your git repos for secrets to help users find unencrypted secrets and other unwanted data types in git repositories.

Organizations leverage Gitleaks to complete audit for uncommitted changes, Bitbucket, GitHub and GitLab repository scanning, as well as private repository scans, and repositories that require key based authentication.

Check out our Gitleaks integration on GitHub.

A Growing List of Integrations

JupiterOne now provides more than 30 managed integrations with various cloud and DevOps tooling providers. Peeling back that onion a layer deeper to specific services  – like on AWS or GitHub  – JupiterOne gives organizations the ability to ingest data from more than 50 places into a single, searchable graph.

As we build integrations, the depth and reliability of analysis and understanding that can happen for security teams remains our top priority. If there is an integration you would like to see added to JupiterOne, request it here.

JupiterOne Team
JupiterOne Team

The JupiterOne Team is a diverse set of engineers and developers who are working on the next generation of cyber asset visibility and monitoring.

To hear more from the JupiterOne Team, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

Keep Reading

What’s new in JupiterOne: Reducing time to value with the new Query Builder (Part 2)
February 6, 2023
Blog
What’s new in JupiterOne: Reducing time to value with the new Query Builder (Part 2)

The new JupiterOne Query Builder streamlines your querying experience by eliminating errors, simplifying query builds, and reducing time to value.

The top 10 questions that every engineering leader should be able to answer
February 2, 2023
Blog
The top 10 questions that every engineering leader should be able to answer

We polled some of our engineering leaders to see what it takes to succeed. In part two, we see if their answers align with the CISOs we talked to.

Identify compromised versions of Github using JupiterOne
January 31, 2023
Blog
Identify compromised versions of GitHub apps using JupiterOne

As a preventative measure, Github will be deprecating the Mac and Windows signing certificates used to sign Desktop app versions 3.0.2-3.1.2 and Atom versions 1.63.0-

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.