Cybersecurity Mesh Architecture (CSMA) is an approach that aims to provide modular design for security with shared data and control plane interoperability across security product silos, enabling hybrid security products to work together. In effect, CSMA gives up on platforms and centralized product silos and advocates for interoperability and integrations. However, this approach is no different than what the security industry has been dealing with for years: complexity.
CSMA isn’t a product, it is not a thing you can buy off-the-shelf. Like Zero-Trust and other coined buzzwords, CSMA advocates for security products to work together, and at JupiterOne we agree. More open APIs, simplified ways to publish and subscribe to changes in the security environment, and simplified visualization and consumption models for security state are a core part of our roadmap. Our product thrives on complex integrations and making those simpler by applying graphed relationships between assets in the environment. If CSMA leads more customers to push for integrations between products we are supportive.
JupiterOne is a CSMA accelerator. We believe the only way you can truly mesh your security controls is by knowing what assets you have and the controls applied to your environment. This starts with asset management and the insights you have to have about your security capabilities. You need to know if they are fully deployed, up-to-date, and connected to your operations.
How is JupiterOne a CSMA accelerator?
Any enterprise seeking to employ Cybersecurity Mesh Architecture will likely be concerned with reducing complexity and increasing the efficiency of its security operations. JupiterOne is uniquely positioned to help accelerate this transformation in several areas.
Adoption of CSMA - Know what you have
In defining an architectural mesh of data, identity, policy, and controls, the natural first questions are:
- What do I have?
- How does it work together?
- How does it not?
- What are my gaps?
JupiterOne answers these questions easily via over 180 integrations. Modular design means that products should be able to be swapped, added, removed, or changed but the same security outcome should be achieved. Without a layer of assurance that the same control objectives are being met, CSMA would just be the current architecture of ‘expense-in-depth.”
Improving security integration outcomes
Utilizing a relationship-first, not list-first approach to your security integrations, it is faster to gain key insights into data that is missing, duplicated, out of date, or misaligned. This helps work back to the source of the information and get it cleaned, deduplicated, normalized, and performant, ensuring you aren’t wasting your most precious resource - the efforts of your team.
Single-pane-of-engagement (not glass)
Having an API-first technology partner like JupiterOne means you can integrate JupiterOne data in with where you want your architects, analysts, engineers, and responders to be working - in their workflow. Slack, Jira, SOAR solutions, and even custom-built tools can be enabled and enriched with JupiterOne data.
Does JupiterOne have dashboards? Of course, but those can be easily copied, formatted, and embedded into where your team does its work. Only use JupiterOne’s dashboards when it makes sense for you.
Abstraction as a superpower
One of the key challenges to a hybrid environment is the taxonomy of security tools. Information security policies are often not consistent, which leads to mistakes in translation between your policy objectives and the technologies that implement them.
Leveraging abstraction, JupiterOne creates a digital twin for thousands of entities in data and security products, and automatically maps the relationships between these entities. This enables simple queries to be asked repeatedly across the entire architectural stack, and as tools are added or removed, the same standards are achieved.
Broad insights
Having a visualization layer sitting above the many dashboards available within security siloed solutions, which is also completely customizable and API-driven, provides a layer of abstraction that meets the design goals for CSMA. Adding or removing security products should not change your entire workflow or visualization. Consistency and transparency is confidence in security and being able to clearly see if goals are being met should not require ‘swiveling your chair’ metaphorically between screens and tabs to get answers.
Layers of CSMA analytics
Insights for Cybersecurity Mesh Architecture come from horizontal layers. JupiterOne helps by illuminating various component design goals:
- Security analytics: Know that your security tools are applied to the assets you believe they are, are up-to-date, and are operational. Find gaps quickly and trigger workflows for people to fix when a drift occurs, not after an incident occurs.
- Identity analytics: Knowing the IdP, SaaS, local account, and key material issued to each of your users and their roles is achievable in CSMA only if you have the right partner integrating that data and tying the information to a user. Additionally, keeping consistent compliance questions answered across federated identity systems can only be done with the right integrations.
- Policy and posture analytics: JupiterOne is a ‘write-once, use many’ technology partner that helps analyze infrastructure as code deployments, cloud design and posture issues, and identify key gaps quickly and consistently. By building relationships between environments and their risks, important actions that need to be taken are bubbled to the top and not buried.
Many top enterprises will likely explore employing CSMA in their environment. With broad integrations, visibility into cyber assets, and a wealth of analytics, JupiterOne can provide an invaluable boost to your CSMA adoption efforts.