Mission Control Blog

This week, we packed our green pants and sunglasses and headed over to Las Vegas for Cisco Live! and Splunk .conf22 to spend quality time with our partners, exhibit

In March we published The 2022 State of Cyber Assets Report to share how the proliferation of software-defined assets has changed the topology of attack surface

“The Human Element” was the theme of RSAC 2020, just as COVID-19 was making its way across the world and sending us into a global pandemic. This year, at RSAC 2022,

If these first few days of June are any indication of how the rest of the Summer of JupiterOne is going to go, I’d say we’re all in for a treat. After announcing a

It’s a big day for us here at JupiterOne. We just closed a $70M Series C funding round, achieving a $1B+ valuation, and welcomed new investors to the JupiterOne

Good news for JupiterOne and Splunk users! Our companies have joined forces to help make the cyber-world a safer place. This partnership gives our customers the

This summer is shaping up to be one of the busiest summers in years! We’re really excited to hang out with friends, old and new, at the upcoming events during what

Nothing in life is really linear. Reaching our goals often involves setbacks, changed plans, or evolving motives or values. In the moment, it can be hard to grasp you

Orphaned assets are a familiar story for every cybersecurity professional. Like something out of a horror movie, these legacy devices lurk neglected, forgotten, and

To paraphrase the tagline of Capital One’s credit card ads: What’s in your enterprise code? For many companies, the answer to that question has brought considerable

Reinvention is certainly not a new idea, especially for cybersecurity practitioners who are continuously challenged to adapt to new threats, an expanding attack

A couple of months ago, we received the following email from AWS: Hello, You are receiving this email because AWS Lambda is making a change to the IAM policy

“Know what you have, focus on what matters.” That’s our mantra. While that usually directs people toward taking stock of their cyber assets, it also means that you

Organizations are transitioning to the cloud at a rate faster than ever. As your company’s cloud presence grows, so does the importance of your cloud security posture

In the modern world, speed is everything. Customers demand constant innovation, while sudden market disruption makes agility essential for survival. To remain

There are two converging problems for security operations resulting in a big flaming dumpster fire - the expanding modern attack surface and an ever-growing backlog

You’ve identified and collected all your cyber assets into one place. Now what? There are thousands, or even hundreds of thousands assets and potentially countless

Complete cyber asset inventory and visibility is foundational to any security program and strategy. We’ve written a number of pieces that share this sentiment

As the scope of the cyber hygiene challenge outpaces the expert resources available, security teams are losing ground in the effort to protect their organization

Cybersecurity alert fatigue is an issue that is long overdue for a real solution. The average cybersecurity team is facing a backlog of 120,561 findings and alerts

Last month, Yvie Djieya wrote a blog post describing how JupiterOne’s security team manages “meeting evidence” as code. Yvie covered the difficulty of managing

Complete cyber asset inventory and visibility is foundational to any security program and strategy. We’ve written a number of pieces that share this sentiment

Digital transformation has created remarkable and irreversible growth in the cyber asset landscape. Each business shift towards digital workflows has yielded a steady

There’s nothing better than hiring an engineer that takes true pleasure in solving highly complex, brain-bending problems. That’s what we saw when we talked to Ben

Generating a software bill of materials (SBOM) is no small feat. In this post, I’ll walk through the steps I used to generate our SBOM when Sounil Yu joined the

In this post, I’m sharing my favorite resources to stay on top of all the things cloud, security, and self-improvement—because mental well-being is crucial to success

JupiterOne has a much broader definition of cyber assets than other security vendors, covering more than just IP addresses, devices, and internet facing-assets.

In the current microservice landscape, there are more than enough automation tools and infrastructure as code (IaC) solutions to make deployments swift and effortless

Security is a basic human right, but many security teams struggle to answer even seemingly basic questions about attack surface or blast radius due to poor visibility

I started JupiterOne with two strong core beliefs that shape how to address the technical challenges I was facing and overall battles in the cybersecurity industry as

You are likely familiar with the cybersecurity adage: “You can’t protect what you don’t know about.” It’s common-sense enough wisdom, but if we’re being honest, we

Individuals in STEM are often described as innately methodical, detail-oriented, and curious. However, their creative, artistic qualities are the ones that make them

In a world where cybersecurity threats evolve and proliferate at dizzying speed, a confusing and disordered cybersecurity landscape makes it all too difficult to

Every company has a workplace culture and a security culture. Many people would define the former as “flexible PTO and cold brew on tap” (which, of course, is a gross

Auth0 helps enterprise companies solve the most complex, large-scale identity use cases with its extensible and developer-friendly solution. To get to that level of

If you’re anything like me (which I hope you’re not), or let’s say if you’re anything like my mind, you spend 75% of your time overthinking. You reach for the closest

We are honored to announce our company founder and Chief Executive Officer Erkang Zheng, named as Cybersecurity CEO of the Year-North America by the Cybersecurity

Many companies invest in compliance activities to follow various laws and regulations but not necessarily to improve their overall security posture. Whether you are

Eight years ago I took over the OWASP Podcast from Jim Manico, originator of the project. In that time 160 episodes have been published, with over 500,000 downloads

As we prepare to celebrate Lunar New Year, we offer you a personal story of what the new year tradition means to Erkang Zheng, CEO of JupiterOne.

Today, millions of people worldwide are becoming aware of how their personal data is collected, shared, and monetized in our modern digital economy. Studies show that

Recently, life has been chaotic. For two years, events have shattered our perspective on what work, health, and community means to us. As we try to sleep through this

If you couldn’t tell from the video, we are so excited to launch the AskJ1 Community! By bringing together our users, team, and security professionals at large, we’re

As we continue to build our security teams at JupiterOne, we asked Kenneth Kaye, Security Automation Architect, to describe our Red Team approach, and Chasen

Engineers are the individuals who sit in the magical area between an exciting idea and a promising product in any organization. JupiterOne is lucky enough to have

Most security practitioners admit they spend their free time upskilling. Learning can occur in settings ranging from the practitioner’s home labs to security

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from a chapter by Sounil Yu.

On January 9, 2022, journalist and researcher Ax Sharma wrote an article, "Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps".

We’ve all heard of “Red Teams” and “Blue Teams” when it comes to cybersecurity. But what about the “Purple Team”, the “Yellow Team” or the “Blue Team”. What are those

The cybersecurity forecast for 2022: More of the same—only worse. Yes, the sophistication of cyberattacks is growing by the minute. Unfortunately, so are the rewards

It's that time of year where I poll my friends to see what kind of cool downloads and resources they found in 2021. Hopefully, you'll see something you like.

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from a chapter by Yolonda Smith.

JupiterOne published hundreds of blog articles in 2021, including some by our friends in the community. We checked to see how the community voted "with its eyes" this

As you stand knee deep in the water watching waves form, you set your sights on the perfect one to ride into shore. “This is it!”, you think. “It’ll carry me to shore

If you’re neck-deep in Log4Shell remediation and wanting the assurance of an automated process to ensure your hosts are patched and stay patched, the following

We recently helped a customer identify some potential CloudFront/S3 takeover risks. You can find the details of the risk described in the article, "Simple Route53/Clo

Should you build or buy a CAASM solution? It’s a valid question, especially in an ecosystem rich with open source and low-cost security tools. You don’t need

Let me open by saying that If you are currently remediating the Log4Shell vulnerability in your environment, this article is not designed for you, although some thing

It’s possible to improve your security posture on a shoestring budget. There are a growing number of open source tools for security and compliance, but there are also

Detect and respond to malicious Discord tokens in npm packages. Learn proactive security measures to protect your development environment.