Starbase

<h1 align="center"> <img src="./docs/assets/logo-light-bg.png" alt="Starbase Logo" width="250" /></br></br> <strong style="font-size:75px;">Democratizing graph-based security analysis 🚀</strong> </h1></br>

Starbase from JupiterOne, collects assets and relationships from services and systems including cloud infrastructure, SaaS applications, security controls, and more into an intuitive graph view backed by the Neo4j database.

Security is a basic right. Starbase's goal is to democratize graph-based security analysis and overall visibility into external services and systems. Our team believes that in order to secure any system or service, you must have:

• Knowledge of the assets that you have
• Knowledge of the relationships between assets that you have
• Knowledge of what questions to ask about what you have

<p align="center"> <img src="./docs/assets/starbase-demo.gif" alt="Starbase Demo"/> </p>

Why Starbase?

Starbase offers three key advantages:

1. Depth and breadth - Deep visibility from a breadth of external services and systems. Thousands of entities (vertices) and relationships (edges) are available out-of-the-box.
2. Uniform data model - The data that Starbase collects is automatically classified, making it easy to develop generic queries.
3. Easily extensible - Starbase graph integrations can be easily developed!

Available Integrations / Connectors

Starbase supports 115+ open source graph integrations!

Here are some highlights:

• Azure
• Bitbucket
• GitHub
• Google Cloud
• Google Workspace
• Jira
• ...

<details> <summary><b>❗Click here to expand a full list of supported graph integrations❗</b></summary>

• [^1]AWS
• Addigy
• AirWatch
• AquaSec
• JFrog Artifactory
• atSpoke
• Auth0
• Azure
• Azure DevOps
• BambooHR
• Bugcrowd
• CbDefense
• Checkmarx
• Cisco Amp
• Cisco Meraki
• Cloudflare
• Cobalt
• CrowdStrike
• Datadog
• Detectify
• DigiCert
• Duo
• Fastly
• Feroot
• Gitlab
• Gitleaks Findings
• GoDaddy
• Google
• Google Cloud
• HackerOne
• Heroku
• HubSpot
• Jamf
• Jira
• JumpCloud
• Knowbe4
• Kubernetes
• Malwarebytes
• Microsoft 365
• Mimecast
• Nmap
• NowSecure
• NPM
• Okta
• OneLogin
• OpenShift
• PagerDuty
• Qualys
• Rapid7
• Rumble
• Salesforce
• SentinelOne
• Sentry
• ServiceNow
• Signal Sciences
• Slack
• Snipe It
• Snowflake
• Snyk
• SonarQube
• Sysdig
• Tenable.io
• Terraform Cloud
• ThreatStack
• Trend Micro
• Veracode
• Vuls Findings
• vSphere
• Wazuh
• WhiteHat
• Whois
• WP Engine
• Zendesk
• Zoom

</details>

Usage and Development

Prerequisites

1. Install Node.js using the installer or a version manager such as nvm or fnm.
2. Install yarn.
3. Install dependencies with yarn install.
4. Register an account in the system each integration targets for ingestion and obtain API credentials.

Configuring Starbase

Starbase leverages credentials from external services to authenticate and collect data. When Starbase is started, it reads configuration data from a single configuration file named config.yaml at the root of the project.

1. Copy config.yaml.example to config.yaml

cp config.yaml.example config.yaml

2. Supply configuration values in config.yaml for each integration

NOTE: The individual graph integration configuration field names can be found in their respective graph-* projects.

For example: https://github.com/JupiterOne/graph-google-cloud/blob/main/.env.example

The config.yaml would resemble the following for Google Cloud:

integrations:
  - name: graph-google-cloud
    instanceId: testInstanceId
    directory: ./.integrations/graph-google-cloud
    gitRemoteUrl: https://github.com/JupiterOne/graph-google-cloud.git
    config:
      SERVICE_ACCOUNT_KEY_FILE: {}
      PROJECT_ID: '...'
      ORGANIZATION_ID: '...'
      CONFIGURE_ORGANIZATION_PROJECTS: false
storage:
  - engine: neo4j
    config:
      username: neo4j
      password: devpass
      uri: bolt://localhost:7687
      database: neo4j

Running Starbase

Starbase exposes a CLI for bootstrapping graph integration development and execution.

❯ yarn starbase --help

Usage: yarn starbase [options] [command]

Starbase graph ingestion orchestrator

Options:
  -c, --config <path>  optional path to config file (default: "config.yaml")
  -h, --help           display help for command

Commands:
  run             collect and upload entities and relationships
  setup           clone repositories listed in config.yaml
  help [command]  display help for command

1. Run yarn starbase setup to clone or update all integrations listed in the config.yaml file as well as install all dependencies for each integration.
2. Run yarn starbase run to collect data for each listed integration and then push collected data to the storage endpoint listed in config.yaml.

For additional information on using Neo4j or JupiterOne as a storage endpoint, please see the README.md provided.

Running Starbase - Docker

Alternatively, Docker can be used to run Starbase, minimizing the need to locally install node and yarn.

1. Run docker build --no-cache -t starbase:latest . to create the Starbase docker image.
2. Run docker-compose run starbase setup to clone or update all integrations listed in the config.yaml file as well as install all dependencies for each integration.
3. Run docker-compose run starbase run to collect data for each listed integration and then push collected data to the storage endpoint listed in config.yaml.

Note that macOS users in particular may see slower execution times when running Starbase in a Docker container.

Customizable Base Container Image

We also make a [base container image av