{"id":18374619,"url":"https://github.com/jupiterone/secops-automation-examples","last_synced_at":"2025-04-06T19:32:46.078Z","repository":{"id":36279900,"uuid":"186898901","full_name":"JupiterOne/secops-automation-examples","owner":"JupiterOne","description":"Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.","archived":false,"fork":false,"pushed_at":"2024-01-02T19:12:08.000Z","size":850,"stargazers_count":53,"open_issues_count":1,"forks_count":7,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-03-22T06:12:55.065Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JupiterOne.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"security-assessment-report/.gitignore","support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-05-15T20:34:07.000Z","updated_at":"2024-08-19T19:52:56.000Z","dependencies_parsed_at":"2023-01-17T01:16:25.141Z","dependency_job_id":"fb5d1aa1-57a4-49eb-b4b1-2fff8d15270c","html_url":"https://github.com/JupiterOne/secops-automation-examples","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fsecops-automation-examples","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fsecops-automation-examples/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fsecops-automation-examples/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fsecops-automation-examples/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JupiterOne","download_url":"https://codeload.github.com/JupiterOne/secops-automation-examples/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247539573,"owners_count":20955324,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T00:15:23.982Z","updated_at":"2025-04-06T19:32:45.384Z","avatar_url":"https://github.com/JupiterOne.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Example automation scripts using JupiterOne platform\n\nThis repo provides several examples on how to maintain security/compliance\nas code and to automate SecOps using the JupiterOne platform.\n\nThe examples are in either `bash` or `javascript/typescript`.\n\nThese scripts are provided as-is. For questions, please post in the\n[jupiterone-community #dev][1] Slack workspace.\n\n## Playbooks\n\n* [Risk Management][21]: An opinionated guide on Risk Management using the JupiterOne platform.\n\n## Folder Contents\n\nThe following is a list of provided examples and their brief summary:\n\n| Automation                         | Folder                        | Description                                                      |\n| ---------------------------------- | ----------------------------- | ---------------------------------------------------------------- |\n| **GitHub CODEOWNERS Creation**    | [`/github-codeowners`][14]    | Consistent creation of **CODEOWNERS files for your GitHub Org**. |\n| **Ingest CycloneDX SBOM File**     | [`/ingest-cyclonedx-sbom`][15] | Ingest **`CodeRepo -USES-\u003e CodeModule`** graph data into JupiterOne. |\n| **Ingest Log4J Vulns**             | [`/ingest-log4j-vulns`][16]   | Ingests the output of **`log4shell_sentinel`**. Intended for distribution/deployment to all hosts in your environment that you would like to scan and remediate for **log4j vulnerabilities**. |\n| **NPM Inventory**                  | [`/npm-inventory`][17]        | High-fidelity ingestion of **`CodeRepo -USES-\u003e CodeModule`** graph data into JupiterOne, for NPM-specific repos. |\n| **Security Assessment Reporting**     | [`/security-assessment-report`][3] | Query for any assessment object from JupiterOne and its findings to **generate a PDF document** as output. |\n| **Security Assessments and Findings** | [`/security-assessment`][2]   | **Document** manual security testing, assessments, and **findings in code** (YAML), and publish to JupiterOne graph for reporting and visualization. |\n| **Security Privacy Design RFC Template** | [`/security-privacy-design`][6] | **RFC Template** documenting security considerations at design-time. |\n| **Generate SBOM from graph data** | [`/software-bill-of-materials`][18] | Utilize **`CodeRepo -USES-\u003e CodeModule`** graph data to **create a CycloneDX SBOM** file. |\n| **Summary Relationships** | [`/summary-relationships`][19] | Create **relationship shortcuts** that summarize complex IAM traversals to simplify queries. |\n| **Third Party Vendors**               | [`/vendor-management`][4] | Documenting **details about third party vendor in code** (YAML), including security review status, vendor managers, who has access, etc. See also `vendor-stack` below. |\n\n\n## Other useful integrations and custom automation utilties outside this Repo\n\n| Utility/Integration                | Location                      | Description                                                      |\n| ---------------------------------- | ----------------------------- | ---------------------------------------------------------------- |\n| **Map Repo Dependencies** | [`map-repo-dependencies`][7] | Ingest data from **NPM package files** (e.g. `package.json`) in your local code repos to create entities and relationships in your JupiterOne graph, so that you can query and **visualize your code repo dependencies**.\n| **Detect and Alert on Specific PRs** | [`bitbucket-pr-detector`][8] | **Detect particular kind of pull requests** (for example, a RFC document for a new product feature that includes security and privacy considerations) and **alert the security team** about it. |\n| **Enforce Code Review and Security Policies in CI/CD** | [`change-management-client`][9] | A package to **enforce code review and security policies** for pull request approval, author and reviewer validation, and vulnerability checks by collecting and analyzing data from the JupiterOne graph. For an example of its usage, check out the [`change-management-example`][10] repo. |\n| **Discover local/on-prem devices using Nmap** | [`graph-nmap`][12] | Use **`Nmap`** to scan local networks to **discover on-prem devices** and create entities to push to JupiterOne graph. |\n| **Detect Leaked Secrets in Code** | [`graph-gitleaks-findings`][5] | Use **`gitleaks`** to automate **detection of leaked secrets** in your code repos and publish the findings to your JupiterOne graph for reporting and visualization. |\n| **Ingest Vuls.io Findings** | [`graph-vuls-findings`][11] | Ingest **`vuls`** scan reports into JupiterOne graph for reporting and visualization. |\n| **Map DNS records to their targets via Shodan data** | [`nslookup-shodan`][13] | Use **shodan** to enrich the domain records mapping in a JupiterOne graph. Identifies domain records that do not already point to a known internal asset, discovers the asset via Shodan, and maps the record to the target host. |\n| **Vendor Stack** | [`vendor-stack`][20] | A **library of common technology vendors** used by modern companies, and useful properties for each vendor. |\n\n\n## Prerequisites and dependencies\n\nFor most of the examples and templates included in this repo, you will need\n`jupiterone-client-nodejs`. It has been added as a dependency to this project.\nYou can also install it globally:\n\n```bash\nnpm install @jupiterone/jupiterone-client-nodejs -g\n```\n\nYou will need the following environment variables in your local `.env` file\n\n```text\nJ1_ACCOUNT_ID=yourAccountId\nJ1_API_TOKEN=yourToken\n```\n\n[1]: https://jupiterone-community.slack.com/messages/CJMV4SFV5\n[2]: ./security-assessment/README.md\n[3]: ./security-assessment-report/README.md\n[4]: ./vendor-management/README.md\n[5]: https://github.com/JupiterOne/graph-gitleaks-findings\n[6]: ./security-privacy-design/rfc-template.md\n[7]: https://github.com/JupiterOne/map-repo-dependencies\n[8]: https://github.com/JupiterOne/bitbucket-pr-detector\n[9]: https://github.com/JupiterOne/change-management-client\n[10]: https://github.com/JupiterOne/change-management-example\n[11]: https://github.com/JupiterOne/graph-vuls-findings\n[12]: https://github.com/JupiterOne/graph-nmap\n[13]: https://github.com/JupiterOne/nslookup-shodan\n[14]: ./github-codeowners/README.md\n[15]: ./ingest-cyclonedx-sbom/README.md\n[16]: ./ingest-log4j-vulns/README.md\n[17]: ./npm-inventory/README.md\n[18]: ./software-bill-of-materials/README.md\n[19]: ./summary-relationships/README.md\n[20]: https://github.com/JupiterOne/vendor-stack\n[21]: ./playbooks/risk-management.md\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjupiterone%2Fsecops-automation-examples","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjupiterone%2Fsecops-automation-examples","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjupiterone%2Fsecops-automation-examples/lists"}