TL;DR
- We live in a hybrid world.
- Digital transformation and public cloud adoption are increasing at an astounding rate, but on premises deployment and private cloud usage will always be a foundational part of the modern technology stack.
- Devices are still the first thing people think of when they think about technology assets.
- AI is changing the way we work and consume information. How we leverage AI to unlock efficiency and scale will be the biggest game changer.
- JupiterOne is introducing new functionality to better serve our current and future customers.
At JupiterOne, we are obsessed with customer experience and outcomes, and delivering quality solutions. We’ve long been the leaders in cyber asset analysis for cloud-first and cloud-native companies like Databricks and Robinhood. Our API-based, agentless approach to integration and asset ingestion is second-to-none. As we grow and support a more diverse set of customers, our product is growing to meet the needs of the modern enterprise security team.
With that in mind, we are expanding our cyber asset analysis capabilities to include on-premises systems with the launch of the J1 On-premises Collector, simplifying device management with the Unified Device Matrix, and expanding the functionality of J1 AI to make JupiterOne more intuitive and easier to use for practitioners of all skill levels.
These new capabilities, announced today, are currently in the final stages of testing and will be available to our entire user base over the next several releases.
Embracing the hybrid nature of our world
From cars and transportation to working arrangements, currencies, and consumer products like the Apple Vision Pro, our world is an ever-increasing blend of the physical and digital worlds. That reality is true for enterprise infrastructure and technology as well. Given the year-over-year spend on public cloud services from providers like AWS, GCP, and Azure, you’d think that every company has made a full migration to the cloud. But that isn’t the case.
The majority of the companies we engage with are either in the process of moving to the cloud, meaning they still have legacy on-premises infrastructure, or they’ve made a business decision to keep a few of the most important and less ephemeral assets in their own data centers.
Supporting modern enterprises in their digital transformation means supporting the complexity of hybrid environments, including cloud and multi-cloud architecture, on-premises and private cloud deployments, and a range of physical devices, fully expecting that these organizations will have critical assets and resources in every one of these buckets. But no matter where these assets live, they all need to be mapped and understood in order to properly secure them and reduce risk across the entire attack surface.
“These expansions to JupiterOne’s asset management capabilities are critical as we continue to work toward our mission to democratize security,” said Erkang Zheng, founder and CEO of JupiterOne. “As we move toward the future of cybersecurity, it is important to ensure that organizations have complete visibility into their assets, regardless of whether those assets are cloud-based or on-premises, and no matter the technological skillset of the teams which need to know that information.”
Gathering asset data from ‘behind the firewall’
Complete asset visibility means being able to identify, ingest, and analyze assets no matter where they live. We’ve always been the leader in cloud-based cyber asset management. As we grow and support more customers with more diverse, complex architectures, it becomes crucial to ingest data from every corner of these hybrid environments. We’re adding the ability to gather asset information from on-premises and private cloud systems, and send it securely back to JupiterOne.
Once we combine this crucial subset of asset data with your existing cyber asset inventory in JupiterOne, our relationship mapping, asset analysis capabilities, and intuitive investigation capabilities will give you a complete view into your risk posture. With that visibility comes the confidence and knowledge to solve any security challenge.
The new J1 On-premises Collector will install anywhere you can run a Docker container. When configuring an integration, simply select where you want to run the integration – in the cloud or in the collector. The process, data, and insights obtained for you are exactly the same as our agentless, API-based integrations. The collector can be configured from inside JupiterOne, giving you full control over what resources are accessed and how data is transmitted.
Giving devices the first-class treatment they deserve
Of the five main technical asset classes (devices, users, network, applications, data), the majority of security practitioners think of devices first in regards to asset management and security. Narrowing in on device management use cases has also been a focus for us as we support our hybrid customers.
The new Unified Device Matrix in JupiterOne offers an easy-to-use, action-oriented matrix of devices within a customer's environment. With improved device resolution, JupiterOne is better able to identify and deduplicate unique devices. With a single view for investigation and action on all physical devices, you are able to answer some of the toughest device and endpoint-related questions with just a few clicks. Quickly hone in on issues that need to be addressed right away, like devices without active endpoint detection and response (EDR) agents installed, and focus on important, but specific device security use cases for servers, laptops, workstations, mobile devices, and other similar assets.
Using the Unified Device Matrix, you can easily apply filters to find:
- Devices missing endpoint agents (example: Devices identified by Automox and Microsoft SCCM but not CrowdStrike)
- Endpoint agents not functioning correctly
- Devices not being scanned for vulnerabilities
- Unmanaged or obsolete devices
Using AI to bring ease of use to the forefront of our product
AI is changing the way we work and consume information. How technology companies deploy AI to unlock efficiency and scale will be the biggest game changer for their users. JupiterOne is leveraging these latest technological advances in AI, combined with traditional development best practices in our commitment to give users the best experience possible.
We’re combining our new device and on-premises functionality with AI-powered usability improvements like natural language search, alert remediation guidance, and guided investigations. All of these enhancements leverage J1 AI to make our users more efficient and effective, and our data more accessible to a wider audience of security practitioners. We want to ensure that anyone on your Security or IT team, no matter how technologically savvy, can find the answers they need to mitigate risk and close security and compliance gaps.
We’re rolling out three related but distinct capabilities to make it easier to find the data you need in JupiterOne, and take action on the results.
1. Natural Language Search
We offer a powerful domain-specific query language, a visual drag-and-drop query builder, and a library of hundreds of pre-built questions to find the data you need in JupiterOne. Even with those options, we know it’s much easier to just type in any question using plain english (current language supported) like you would in Google search or ChatGPT. Our new Natural Language Search, powered by J1 AI, is able to understand text-based questions and return the exact query you need to find the answers to complex security problems. These queries can be updated or modified before running for even more specificity.
How this works:
- You type in the question
- JupiterOne generates the query
- You get instant results
Finding critical business context about your cyber assets and security gaps is really that simple.
2. Alert remediation guidance
Continuous monitoring and always-on assurance are critical to staying on top of potential threats. Many customers leverage our policy engine, rules, and alerts in JupiterOne to let them know when there is drift. JupiterOne is now going a step further than just presenting information on recently discovered issues. We can now give you the step-by-step instructions you need to fix the problem, making it easier to produce expert results with JupiterOne.
Our team has compiled remediation guidance for some of the more frequent alerts triggered from security rules. We’re leveraging J1 AI to understand those alerts and surface the proper remediation guidance at the proper time.
A few examples of those rules include:
- Checking if Amazon EKS endpoints are publicly accessible.
- Identifying non-public S3 buckets accessible via public facing EC2 instances and their assigned IAM roles/policies.
- Identifying vulnerable EC2 instances (i.e. with a medium or higher rated open Inspector finding) that are also targets of suspicious activities (i.e. with a medium or higher rated open GuardDuty finding).
3. Guided investigations with suggested questions
Triaging alerts and investigating incidents can be time consuming depending on the nature of the incident, the complexity of your technology stack, and your ability to find information. JupiterOne is going a level deeper to help guide investigations by suggesting additional questions related to your search.
Our question library already contains over 600 out-of-the-box questions to help with your investigations. Leveraging J1 AI, JupiterOne can understand your intent, and suggest additional questions from our library that could be helpful to your analysis. These questions can help users go deeper on a current investigation, or even propose a new question to expand the scope to something they haven’t considered yet.
Important note on J1 AI: We are not currently nor will we ever send any customer information, data, or personally identifiable information (PII) to any artificial intelligence platforms or large language models (LLMs). We’re using only JupiterOne information to train our models and enhance your user experience.
Virtual and in-person opportunities to connect with JupiterOne
As we lean into the reality of our hybrid world, we’re offering both physical and digital ways to see our new product functionality. (No, we haven't embraced the Metaverse quite yet. Maybe we’ll look into that once we’ve mastered AI 😉) Reach out to our customer success team, or schedule a demo to see how JupiterOne is solving asset analysis challenges from one platform.
You can also visit us in person at Black Hat USA in Las Vegas. Keep an eye out for the green pants, and stop by booth #1074 for an in-person demo of the new functionality!
Stop just managing your assets, and start securing your attack surface today with JupiterOne.