JupiterOne

They loved us 😍 The JupiterOne team is excited to have our booth recognized by the Cybersecurity Marketing Society in their inaugural Beautiful Booth Awards! Inspired by Meow Wolf’s Omega Mart, the grocery concept makes the complex subjects of CAASM and CTEM relatable and understandable through a familiar experience. Interactive elements allowed our visitors to explore products (cyber asset types) hands-on. Interested in seeing the booth in action? Join us at Black Hat in August – booth # 2360! #CAASM #CTEM #BlackHatUSA

CAASM 🤝 EASM Using an analogy of car ownership, we break down CAASM and EASM and show how they work together to protect your organization from all angles. Read the full blog here: https://lnkd.in/eAEBiYiX

Struggling to prioritize vulnerabilities from multiple scanners? Even with tools like Rapid7 and Tenable, prioritizing vulnerabilities can be challenging when data comes from a single source. Discover a better way to get a complete view of your attack surface and effectively tackle the biggest threats.#CAASM #ASM #CTEM https://lnkd.in/gnGdRXwP

Is your organization keeping up with the evolving cyber threat landscape? Gartner's latest report on Attack Surface Management (ASM) highlights the crucial role of proactive security measures. Our new blog breaks down key insights from the report, showcasing how technologies like CAASM, EASM, and DRPS can enhance your visibility and defense mechanisms. Learn the difference between attack surface assessment and management, and discover why investing in proactive security is more critical than ever. Read the full blog here: https://lnkd.in/d7EuSs2w

፨ Got Graph? I've been a long time fan of #graph as a data model and as a technology. Graph databases are emerging as a game-changer technology for cyber. Gartner's latest report, “Emerging Tech: Optimize Threat Detection with Knowledge Graph Databases,” highlights their rising importance. 82% of security providers are now adopting graph databases. Leading the way in graph-based security, JupiterOne has been a pioneer in helping security teams contextualize data, manage risks proactively, and hunt threats efficiently. We’ve leveraged graph databases from day one to create a unified platform that offers unparalleled visibility and proactive risk management. Check out my latest article. #Cyber #Cybersecurity #Graph #ThreatDetection #RiskManagement #AI 

☁ Head in the clouds when it comes to CSPM vs CAASM? ☁ Understanding the nuances between Cloud Security Posture Management (CSPM) and Cyber Asset Attack Surface Management (CAASM) is crucial for a robust security strategy. While CSPM focuses on identifying and mitigating threats within your cloud infrastructure, CAASM extends visibility across all cyber assets, providing comprehensive asset management and vulnerability assessment. By integrating CSPM tools with a platform like JupiterOne, security teams can streamline their processes, enhance threat detection, and ensure a more secure and compliant environment. Float over to our latest blog to explore how these complementary tools can transform your cybersecurity posture: https://lnkd.in/e2wdeyTX

I've always been an advocate for continuous learning and innovation in cybersecurity. I’m incredibly honored to have contributed to the recently released book “97 Things Every Application Security Professional Should Know” published by O'Reilly, alongside 75 other experts and leaders in application security. It was a pleasure working with Yabing W. and Reet K. -- especially Yabing for your editorial help! In the book, I delve into two crucial topics that are shaping the future of application security: 1. Understanding the True Boundaries of Modern Applications In today’s dynamic software landscape, the boundaries of applications have expanded far beyond the monolithic structures of the past. Modern applications are intricate webs of microservices, APIs, middleware, and distributed data stores. They span multiple layers of interconnected components and depend heavily on cloud infrastructure. Defining these boundaries is not just a technical exercise but a fundamental aspect of securing applications in a software-defined world. 2. Automating the Risk Calculation of Modern Applications Traditional risk assessments often fall short in capturing the full picture of an application’s security posture. Automated tools like SAST, DAST, and SCA give us valuable insights, but they don’t account for the nuanced contexts such as the application’s usage, its operational history, or the sensitivity of the data it handles. In my chapter, I introduce the concept of **Continuous Application Risk Evaluation (CARE)**. This **patented** approach continuously assesses an application’s risk by considering its design, implementation, operational context, and the maturity of the team behind it. It’s about creating a holistic, ongoing evaluation process that adapts to changes and ensures robust security measures are always in place. Check out the link to the patent in comments below. -- At JupiterOne, we are passionate about bringing clarity to these complexities. We leverage a graph data model to map and understand these complex architectures, providing the visibility and context necessary to secure modern applications effectively.  For more insights and to grab your copy of the book, check it out here: https://lnkd.in/e6k7BuaY #AppSec #Graph #Risk #Patent

Identity is the new perimeter + also the recent theme of incidents. Our latest blog discusses how to centralize your user identities + permissions with JupiterOne. Integrate IAM data from cloud assets, users, devices, code repositories, and applications to minimize security gaps. Protect your identity. https://lnkd.in/gpvqHWGj

I’ve spent years in the trenches as a cybersecurity practitioner and former CISO, battling endless threats and reacting to incidents. I’ve also seen firsthand the challenges of protecting an organization’s crown jewels. But what if we could get ahead of the game? It’s about finding balance—fortifying defenses while staying on top of immediate threats. It's about capturing and understanding deep insights, combining internal + external visibility with business context, joining the defender's view with the attacker's view. Of course, I am slightly biased towards the solution my team and I have built -- check out how we’re doing just that at JupiterOne in my latest article. With JupiterOne’s new Exposure Management capability, we map out potential attack paths, providing a clear view of what could be accessed if an attacker gets in. Instead of just reacting, we’re helping organizations shift to a proactive stance, stay ahead of threats, and make smarter, faster decisions. #CyberSecurity #CAASM #ProactiveDefense #AI #J1 JupiterOne watchTowr

Discover how JupiterOne helped a SecOps team to quickly respond to critical vulnerabilities and mitigate risks before attacks could exploit them. By leveraging comprehensive asset inventory, relationship mapping, and actionable insights, the team effectively remediated known vulnerable software versions and significantly enhanced their security posture. https://lnkd.in/eAuhkfEB #CyberSecurity #JupiterOne #CAASM