Mission Control Blog

JupiterOne published hundreds of blog articles in 2021, including some by our friends in the community. We checked to see how the community voted "with its eyes" this

As you stand knee deep in the water watching waves form, you set your sights on the perfect one to ride into shore. “This is it!”, you think. “It’ll carry me to shore

If you’re neck-deep in Log4Shell remediation and wanting the assurance of an automated process to ensure your hosts are patched and stay patched, the following

We recently helped a customer identify some potential CloudFront/S3 takeover risks. You can find the details of the risk described in the article, "Simple Route53/Clo

Should you build or buy a CAASM solution? It’s a valid question, especially in an ecosystem rich with open source and low-cost security tools. You don’t need

Let me open by saying that If you are currently remediating the Log4Shell vulnerability in your environment, this article is not designed for you, although some thing

It’s possible to improve your security posture on a shoestring budget. There are a growing number of open source tools for security and compliance, but there are also

Detect and respond to malicious Discord tokens in npm packages. Learn proactive security measures to protect your development environment.

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from a chapter by Keyaan Williams.

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from one of the chapters.

Over the past 19 months, I was empowered to create a security and compliance function at a Seattle startup. I was a pretty successful Security Director by most

The Business Intelligence Group’s annual BIG Awards for Business results are in and we are so excited to share that JupiterOne has been recognized as “Start-up of the

Christian Buckley from the CollabTalk Podcast reached out to me to discuss building communities, given my involvement in supporting massive initiatives within

Today’s digital supply chains are a continuously growing and dynamic ecosystem of web-based services, applications, and IT assets. These ecosystems are enabled by an

The future of compliance is continuous. Since the beginning of technology auditing, auditors have had to rely upon spot-checking to validate whether the entity being

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from one of the chapters.

It’s a good time to be a hacker. Evolving IT architectures and workplace models now offer more entry points than ever for an attack, while simultaneously making it

Cyber asset management is now a critical component of an organization’s cybersecurity hygiene and posture management. The more cyber assets in an organization’s

Zero-day vulnerabilities are the ones that place the most stress on every security team, regardless of the size of the organization. Watering-hole (also known as

Fireside chat: Cisco Sr. Director of Product Management for Cloud Security Munawar Hossain, JupiterOne CEO Erkang Zheng and CMO Tyler Shields discuss the new partners

When Colonial Pipeline CEO Joseph Blount testified before the US Congress, he revealed that the attack was completely avoidable; Blount admitted that Darkside gained

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from one of the chapters.

JupiterOne recently added support for ingesting GitHub Org, Repo, and Environment secrets.

On October 19, 2021, we published a book, "Modern Cybersecurity: Tales from the Near-Distant Future". Over the next few weeks, we'll be publishing excerpts from the

The speed of change and the tools of adversaries make it extremely hard to envision a long-term, executable vision for the future of security. However, without ponder

Team retreats are an excellent way to bring a company together. For a remote-first company like JupiterOne, I’d say they are essential. It is a great way to strengthe

Identity and Access Management (IAM) for Google Cloud uses IAM Role Bindings, which link three constructs together

You open your email and there it is. Finally, the company that you really wanted to work for has extended you an offer. You feel a rush of adrenaline as you open it

I’m the Director of Cybersecurity at Esper, a cloud-native startup that offers powerful cloud tooling for Android device deployment and application management at scal

Our customers are at the core of everything we do at JupiterOne. And every security strategy and journey is different for every customer. JupiterOne is starting a mon

Boardroom Conversations on Security is an ongoing series on how to discuss and present cyber security concerns to your board. It comes from an extended conversation b

We’re honored to share that JupiterOne has been recognized for its innovation, excellence, and growth as part of the 2021 NC TECH Awards program. JupiterOne is a fin

Last week, we published an article on a recent Chrome zero-day exploit (worth reading if you want see the history of the issue). There was a new announcement this

Boardroom Conversations on Security is an ongoing series on how to discuss and present cyber security concerns to your board. It comes from an extended conversation b

In this panel originally recorded for CyberSecurity Summit 2021 in Charlotte, speakers from JupiterOne, Gigamon, Duo Security, Sonatype, Vectra and Center for

Cyber criminals have upped their game in the past two years to take advantage of a world distracted in its battles with a global pandemic. Cybercrime is growing conti

Boardroom Conversations on Security is an ongoing series on how to discuss and present cyber security concerns to your board. It comes from an extended conversation

On Monday, September 13, Travis CI put out a security bulletin obliquely mentioning a security problem. “As a reminder from the Support Team, cycling your secrets is

The team at JupiterOne was well underway building version 2.0 of our Compliance App when I joined the company this summer. The primary motivation for the work on 2.0

Boardroom Conversations on Security is an ongoing series on how to discuss and present cyber security concerns to your board. It comes from an extended conversation

We are honored to receive this significant industry recognition as the 2021 SINET 16 Innovators Award winner. We know that the market competition is fierce, so we

If you recently read about the breaking fix JupiterOne introduced to maintain J1QL language correctness as defined by De Morgan's Law you may have found yourself in

The cloud is becoming increasingly popular. It is the driving force of the modern world, and engineers are starting to shift their careers accordingly. Whatever your

Boardroom Conversations on Security is an ongoing series on how to discuss and present cyber security concerns to your board. It comes from an extended conversation

Beyond the classic Cloud Security Posture Management (CSPM) tools like Dome9, DivvyCloud, etc. now even infrastructure and workload scanners claim CSPM as part of the

Boardroom Conversations on Security is an ongoing series on how to discuss and present cyber security concerns to your board. It comes from an extended conversation

We are excited to announce that JupiterOne has been selected as a Winner in the WorldFestival 2021 Innovation Awards in the Cloud Computing category! We are extremely

AWS S3 has long become a standard for storing file object data. Despite the many efforts in making S3 secure, we continue to see data in private buckets exposed or ex

Boardroom Conversations on Security is an ongoing series on how to discuss and present cyber security concerns to your board. It comes from an extended conversation

Guest author Chris Hughes, CISO and Co-Founder of Aquia, offers a view of the "Shared Responsibility Model".

This week JupiterOne launched Query Anywhere. As you might guess, this feature will allow J1 users to access the core 'search for anything' functionality of J1QL no

A couple weeks ago I read an article by Chris Roberts. The headline screamed, “Security Solved!” Security solved? What the hell was he talking about. Everyday

We are starting to make waves in the cybersecurity universe. Turns out, people love us and we are crushing this awards season (like Bong Joon-Ho's Parasite).

If you only read the first two sentences of this blog, this should be your takeaway: Policy as Code provides a roadmap to verify the processes in security and govern

Anyone reading this article already understands the importance of Data Classification. Increased regulation has been a by-product of greater understanding of the dang

We just received the awesome news that JupiterOne Founder and Chief Executive Erkang Zheng has been selected as one of The Top 25 Cybersecurity CEOs of 2021 by

Today, we are proud to announce two additional strategic investors, Cisco Investments and Splunk Ventures, to the JupiterOne journey. This announcement reflects our

Azure role-based access control (RBAC) allows for expressive access policies through the use of Azure role assignments. Azure role assignments are nodes that link

Cloud adoption, digital transformation, and API-first architecture are fundamentally changing how we build, manage and secure the enterprise. Enterprises use speciali

I’m old. When I began my career, IT asset management (ITAM) meant going around, from computer to computer, and putting stickers with barcodes and numbers on every