Trust & Transparency
From our integrations roadmap to our own security policies, how we handle our customer data is important to us. Clarity and transparency are central to our mission at JupiterOne. We believe in a secure future of openness, accessibility, and greater visibility, empowering cybersecurity professionals with tools they can trust to secure their digital world.
View Our PoliciesWe Invest in Your Security
JupiterOne observes key industry best practices and regulatory requirements to protect the security and privacy of our customers’ data.
Data-centric model. Zero-trust architecture. Audited & certified.
Granular segregation and policy enforcements with no “keys to the kingdom” and therefore no single points of compromise. Fully audited, GDPR Compliant and SOC 2 Certified.
Strong yet flexible user access.
Our platform supports OpenID Connect, SAML and multi-factor authentication, combined with fine-grain attribute-based authorization.
“Air-Gapped” environments meet short-lived processes.
No direct administrative or broad network connectivity, such as VPN or SSH access, into production. Processes are short-lived and killed after use. This ensures minimal persistent attack surface.
Watch everything, even the watchers.
All environments are monitored, all events are logged, all alerts are analyzed, all assets are tracked. No privileged access without prior approval or full auditing. We even have multiple systems to “watch the watchers.”
Immutable builds.
Infrastructure as code. Security scan of every build. Full traceability from code commit to production. “Hands-free” deployment ensures each build is free from human error or malicious contamination.
End-to-end data protection.
Data is safe both at rest and in transit, using strong encryption and key management.
JupiterOne Security Policies