As 2024 comes to a close, we’re taking a moment to reflect on the incredible strides JupiterOne has made over the past year. From redefining how organizations approach security to delivering cutting-edge features, we’ve worked tirelessly to empower our customers with the tools they need to stay ahead in an ever-evolving threat landscape. Here’s a look back at our most impactful product milestones this year:
Graph Upgrade: Work Faster, Smarter and with Greater Confidence
This year, we rolled out significant enhancements to the JupiterOne Security Graph, which remains the backbone of our platform. The upgrade has expanded the graph’s capacity, enabling organizations to map and analyze relationships over 100 classes, 5,000 asset types, and 20,000 relationships with even greater speed and precision.
This improved infrastructure not only accelerates querying but also enhances the ability to visualize complex attack paths and dependencies across hybrid environments. Security teams can now uncover risks that were previously invisible, transforming raw data into actionable insights in real time.
Continuous Threat Exposure Management (CTEM): Proactive Risk Prioritization
In 2024, security and risk teams sought to transform their approach to vulnerability management to address the challenges of a rapidly evolving threat landscape, emphasizing the need for real-time visibility into the attack surface and the ability to prioritize risks with actionable context.
In this blog, we introduced Continuous Threat Exposure Management (CTEM) to help organizations take a proactive approach to risk management. CTEM enables security and vulnerability management teams to:
- Identify exploitable vulnerabilities that pose real-world risks to business-critical assets.
- Quantify and visualize assets and attack paths to prioritize remediation efforts with measurable outcomes.
- Continuously monitor external and internal attack surfaces enabling faster response to emerging threats in real-time.
By integrating CTEM into JupiterOne, we’ve delivered a solution that not only assesses exposures but also provides clear, actionable steps to mitigate threats—ensuring our customers stay ahead of adversaries.
Continuous Controls Monitoring (CCM): Ensuring Compliance at Scale
Another key milestone this year was the release of Continuous Controls Monitoring (CCM). CCM addresses one of the most pressing challenges in cybersecurity today: ensuring the effectiveness of controls across ever-expanding digital ecosystems.
Designed to continuously test and monitor controls aligned with security standards, internal policies, and compliance frameworks such as SOC 2, ISO 27001, HIPAA, and more, CCM enables organizations to:
- Unified view of custom and standard compliance frameworks like SOC 2, ISO 27001, HIPAA and more.
- Near real-time visibility into control gaps allows organizations to remediate issues before they escalate into significant risks.
- Streamline audit preparation with automated evidence collection and reporting.
Early adopters of JupiterOne CCM have experienced a significant reduction in the manual effort required for compliance, alongside a strengthened overall security posture.
Unified Device: Streamlining Asset Management
Managing a fragmented view of devices across IT, cloud, and OT environments has long been a challenge. In 2024, we introduced the Unified Device feature to provide a single, consolidated view of all device types within an organization.
By consolidating, correlating, and visualizing device data, Unified Device enables organizations to go beyond inventory management to uncover connections, vulnerabilities, and strategic insights, Unified Device delivers:
- Reliable device consolidation without over-merging or creating data noise, based on correlation rules based on weighted attributes like serial numbers, hostnames, and IPs.
- Matrix view and heatmaps provide an intuitive understanding of device relationships, helping bridge technical findings with business goals.
- Reduction in time spent on data management previously spent on reconciling and normalizing device data manually.
By providing a cohesive and actionable view of devices across integrations, it empowers security teams to resolve challenges confidently, streamline workflows, and strengthen their security posture.
Rule Packs: Simplified Compliance and Policy Enforcement
With the introduction of Rule Packs, we’ve made it easier than ever for customers to enforce security and compliance policies. Prebuilt and customizable, these packs provide:
- Ready-to-use rules aligned with industry standards.
- Automated detection of policy violations across the asset ecosystem.
- Seamless integration into existing workflows for faster incident response.
Rule Packs empower teams to operationalize compliance without the heavy lifting, enabling security at the speed of business.
Smart Classes: Enhanced Asset Classification
Understanding and managing the diversity of assets in an organization is critical for effective asset management. Our new Smart Classes feature automates asset classification based on:
- Type, function, and criticality.
- Relationships with other assets.
- Real-time updates from integrations and monitoring.
Smart Classes enable organizations to dynamically manage assets, leveraging advanced querying capabilities to streamline asset identification, prioritize risks, enforce policies, and maintain continuous alignment with security objectives.
More Cloud Properties and Services: Integration Updates
This year has been all about enhancing our integrations with cloud platforms and services, empowering security teams to achieve greater visibility, control, and efficiency. Our AWS integration has expanded significantly, with additional services and properties to strengthen asset visibility and relationship mapping:
- AWS IAM: Added the "expired passwords" property for enhanced user management insights.
- AWS ACM PCA: Introduced support for PCA certificates to streamline certificate management.
- AWS VPC Endpoint: Enabled mapping of VPC endpoint relationships using network interfaces.
- AWS Account: Added the "root user password last changed on" property for improved security monitoring.
- AWS WAF V2: Added support for additional rules to enhance web application firewall capabilities.
These updates are complemented by continued enhancements across GCP and Azure integrations, ensuring broader cloud support for your security operations.
Looking Ahead
As we reflect on these accomplishments, we’re even more excited about what’s to come. From expanding AI capabilities to enhancing asset management with IoT and OT integrations, the future of JupiterOne is focused on delivering transformative innovations that empower our customers to achieve their security and compliance goals with confidence.
Thank you for being part of our journey in 2024. We can’t wait to show you what’s next!
