Mission Control Blog

Today’s episode begins with Seba Deleersnyder, project lead for the Software Assurance Maturity Model, or SAMM. The mission of this OWASP Flagship Project is to

Before I became a Security Engineer at JupiterOne, I was the sole security automation and cloud compliance engineer at LifeOmic. We built the JupiterOne platform to

"What did you do this weekend"? It's a typical question that gets asked a million times a day, around the world, every Monday. We posed the question to our team a

In this panel originally recorded for CyberSecurity Summit 2021 in Silicon Valley, speakers from JupiterOne, axiad, Duo Security, Gigamon, Recorded Future, and

This is part of an ongoing podcast series, highlighting the OWASP Flagship Projects that will be featured at the OWASP 20th Anniversary Celebration in September.

"Security engineering is the process of incorporating security controls into the information system so that they become an integral part of the system's operational

In security, when you think of the term 'asset', where does your head go? Chances are, you're thinking of employee laptops and bare-metal servers on-premise or in

Caroline Wong and I recently had a call to discuss something that’s been bothering me for years… how do we assess financial risk before a data breach happens. How do

In this panel originally recorded for CyberSecurity Summit 2021 in Dallas, speakers from JupiterOne, Cobalt, Code42, Netenrich, Securonix, Spirion, and Venafi discuss

In this panel originally recorded for CyberSecurity Summit 2021 in Nashville, speakers from JupiterOne, Code42, Venafi, and Abnormal Security discuss the various fact

When I was in middle school, my science teacher, Mr. B., introduced me to the original Star Trek series. And it had me shook. Ever since, the series has been my stand

For Star Wars fans, May the 4th is a very special day. We get to make all sorts of silly puns, memes, and jokes based on our love of a series of movies.

I was watching the movie Heat today. For those of you that don’t know anything about the movie, it’s an amazing cops and robbers story featuring an all star cast that

JupiterOne CEO Erkang Zheng has traveled the journey of a healthtech CISO with 20+ years of cybersecurity experience. In this fireside chat delivered at HealthConDX

In 2020, Security Magazine listed Sounil Yu as one of the most Influential People in Security, in part because of his work on the Cyber Defense Matrix, a framework

Over the past year, I thoroughly enjoyed my time at YL Ventures as their CISO-in-Residence, meeting brilliant entrepreneurs and brainstorming creative approaches for

Cloud technology saved many businesses from catastrophe during this past year, but it's also introduced additional challenges to security, compliance, and governance

I rode my bicycle across the United States in 1996 (Everett, Washington to Washington DC), and up into Nova Scotia. That summer I logged over 4400 miles on my bike.

"The future of application development and infrastructure is in public clouds — and for many organizations, it's not just the future; it's today. Securing data, apps,

At JupiterOne, we are always trying to find new and exciting ways for you to draw meaning from your data. Every spring we are reminded that digital assets and living

The purpose of the JupiterOne Dashboards is to have a centralized set of dashboards that can be used by your security team to view, edit, and share with all teams in

You’ve seen it, you’ve been a part of it. Alert fatigue sets in with warnings coming from multiple domains: cloudsec, infrasec, netsec, data security, appsec, seceng

The OWASP Top 10 is considered one of the most important community contributions to come out OWASP. In 2003, just two years after the organization was started, the

DevOps Connect: DevSecOps, this year co-organized by JupiterOne and MediaOps, has been part of the RSA Conference agenda for 5 years. Each spring, we put together

As recently as just a few years ago, products, infrastructure, and security tooling were all on-premise and designed without thought for API-based integrations.

The JupiterOne Insights Application allows you to create customized dashboards in multiple ways. In this video, Jayson Jensen shows you customization strategies using

In this session, Jayson Jensen, takes a quick look at the Insights Application of JupiterOne, with a high-level overview of how to use the tool. The Insights App

Tyler Shields and Erkang Zheng presented at Cybersecurity 2021 on March 4, 2021. Instead of the usual slidedeck presentation, they had a little chat to talk through

Visibility is a problem we all have when it comes to cyber assets and security. How do we keep track of all of the cloud assets we have in AWS, GCP, and Azure? What

Compliance Workflows make it possible to collaborate internally with your team members or externally with your auditors. George Tang shows how to use the pre-built

We announced today that several new industry leaders across SaaS and Cybersecurity organizations have joined their strategic board of investors. Frederic Kerrest, Exe

In this "Bite-size Security Showcase", Erich Smith walks through a common developer security scenario, dealing with vulnerable third party dependencies.

Brand is perception, and perception is important. We all want to be seen by others as having certain values, ethics, morals, and vision. The interesting thing about

For compliance purposes, whether going through an external audit or for an internal initiative, it will be required to demonstrate to auditors or other stakeholders

We live in a world where security is something that you have to do, and very rarely something that you want to do. In the world of young companies and startups,

George Tang continues his exploration of JupiterOne GRC capabilities with this video on how to map policies and procedures to specific controls or requirements within

George Tang has recorded a series of videos to show how JupiterOne can be used for GRC. In this session, George covers the usage of policies and procedures within J1

Relationships make life rich. Together, we can do so much more than a single person alone – inspire change on micro and macro levels, recover and restore hope from

When Shannon Lietz and the team at DevSecOps.org published the DevSecOps Manifesto six years ago, security was uppermost in their minds. The manifesto starts with a

You might have noticed something different, a new name for the podcast, at the beginning of the program today. Keeping a feel of the pulse of the industry is one of

This is one in a series of short, simple J1 queries that will help you interrogate your AWS environments. The JupiterOne platform used to run these queries is free.

In this J1 Query example, we're going to be searching for people who are not the owners of an S3 bucket, but still have full control and meta-permissions for that

You've heard it before, "People, Process, and Technology". It's become a meme and a mantra that has lost meaning through overuse. It headlines hundreds of slide

Thank you for being part of our growing community at JupiterOne. Sincerely, thanks for your support in 2020 as we continue to grow the J1 universe. We are truly happy

Hello, my name is Henry Garrett. I developed the J1 Visual Query Builder to help you understand our query language and use a "no code" solution to write your own J1QL

In Cyber Asset Relationships Matter – Part One, we defined what the term "cyber asset relationship" means and explained the importance of modeling those relationship

As we go through our days as developers, there is a tendency for certain types of maintenance activity to be deprioritized or forgotten about. It might be because

Relationships matter. They matter in life, they matter in business, they matter in nearly everything we do. This is especially true when it comes to your cyber assets

In 2020, as we round out what has turned out to be a terrible start to the new decade, cyberattacks and breaches continue trending up. Threats are growing faster than

If all it takes is one bad apple to spoil the entire bunch, should the owner of an apple orchard do a statistical sampling to look for the bad apple, or should they

Three years ago, I joined LifeOmic, the latest of three companies founded by successful serial entrepreneur Donald Brown, with the crazy idea of building a startup in

I recently discovered an open source Google Apps script from Slack that describes some difficult questions one of their engineers was asking about their G Suite organ

Whether it's a self-assessment or an official audit or examination, evidence collection is central to how you evaluate your organization's compliance with security

LifeOmic, the creator of JupiterOne, the LIFE mobile apps and the Precision Health Cloud platform in use at major medical and cancer centers, today announced the

For most organizations – whether cloud-native or going through a digital transformation – managing your cloud and non-cloud digital assets has followed form with

Risk assessment is a foundational step to any security governance program. It is a mandatory step by regulations and compliance frameworks like HIPAA and GDPR.

Printed confidential information remains one of the leading culprits of data breaches organizations faced. But why is something like this still happening when a

RSA 2020 | JupiterOne | Simplified Security Operations

For most cloud-based organizations, the number of resources, services and users make keeping up with changes across your digital environment nearly impossible.

There is no doubt multi-factor authentication (MFA) is a simple and effective way to reduce account compromise, yet only 11% of all enterprise accounts use a MFA