Mission Control Blog

Discover how to advance your security program with the latest content from our community.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
February 2, 2023
Blog
The top 10 questions that every engineering leader should be able to answer

We polled some of our engineering leaders to see what it takes to succeed. In part two, we see if their answers align with the CISOs we talked to.

Identify compromised versions of Github using JupiterOne
January 31, 2023
Blog
Identify compromised versions of GitHub apps using JupiterOne

As a preventative measure, Github will be deprecating the Mac and Windows signing certificates used to sign Desktop app versions 3.0.2-3.1.2 and Atom versions 1.63.0-

January 30, 2023
Blog
The top 11 questions that every CISO should be able to answer

In part one of this two-part series, we polled some of our top security experts to see what it takes to succeed secure and manage resources effectively.

Cyber Therapy - Let's Unpack That
January 25, 2023
Blog
Best of Cyber Therapy, Season 1

Take a look at the top 5 episodes from Season 1 of Cyber Therapy, a video podcast featuring the humans of cybersecurity!

JupiterOne 2022 product recap
January 25, 2023
Blog
Recapping the top new JupiterOne product developments from 2022

Review of some of the notable new features and updates to JupiterOne from 2022.

Forrester’s Total Economic Impact Study: JupiterOne Yields 332% ROI
January 23, 2023
Blog
Forrester’s Total Economic Impact study: JupiterOne yields 332% ROI

Switching to a new technology solution can be a gamble. With the right information to make your decision, you can be guided to base your purchase on a validated econo

January 20, 2023
Blog
What's new in JupiterOne: powerful, intuitive queries (Part 1)

We’ve revamped the JupiterOne Homepage and Questions Library so you can spend less time asking questions and more time getting to the bottom of any issue.

January 17, 2023
Blog
16 free or open source security and incident response tools to try in 2023

Learn about the open source cybersecurity tools available to your organization, and why you should use them.

January 11, 2023
Blog
Connect your cybersecurity dots with a graph database

Traditional, relational databases are not equipped to meet the demands of a complex, cloud-native, hybrid, or multi-cloud environment. Luckily, graph databases can.

Cybersecurity predictions for 2023
January 4, 2023
Blog
Security prediction for 2023: Security teams will use engineering tools

Kelly Shortridge, Fastly Senior Principal, Product Technology, offered her security predictions for 2023 as part of a CSA panel discussion webinar to close out 2022.

December 30, 2022
Blog
Creating an effective enterprise vulnerability management strategy

A lot of things go into creating an enterprise vulnerability management strategy. Learn how to build a strategy that will meet the unique needs of your organization.

  • Vuln Mgmt
December 30, 2022
Blog
The LastPass Breach: Using JupiterOne to prioritize which users you need to focus on

If you are a LastPass customer, the only thing standing between an attacker and your decrypted vault is a weak password. Find those easily with JupiterOne.

Vulnerability management workflow
December 20, 2022
Blog
Employ a vulnerability management workflow to better secure your organization

Incorporating a vulnerability management workflow will make your vulnerability management efforts and tools more effective and reliable.

  • Vuln Mgmt
December 15, 2022
Blog
Achieving continuous compliance with a cyber asset attack surface management platform

How long does it take you to find out you've become noncompliant? Continuous compliance solutions go beyond point-in-time checks to ensure compliance at all times.

  • Compliance
December 15, 2022
Blog
25 Cybersecurity conferences you should attend in 2023

25 cybersecurity conferences we recommend (and will also attend!).

December 13, 2022
Blog
JupiterOne & Project Discovery: Automating Nuclei with JupiterOne

We are releasing j1nuclei, an open-source tool to automate vulnerability scanning. The tool is available to anyone using the free version of JupiterOne.

5 features of vulnerability management tools
December 12, 2022
Blog
Five features to consider when evaluating vulnerability management tools

Vulnerability management tools are an important part of enterprise cybersecurity. Choosing the right tool will make a huge difference in your cybersecurity program.

  • Vuln Mgmt
December 8, 2022
Blog
What is Attack Surface Analysis?

Attack surface analysis is the process of identifying and mapping the areas in your attack surface that need to be reviewed for gaps and vulnerabilities by way of con

November 30, 2022
Blog
JupiterOne and AWS together help customers strengthen security posture

To help organizations of all sizes secure their cloud assets, JupiterOne announced a number of key initiatives with AWS this week at re:Invent.

  • CSPM
  • CAASM
November 23, 2022
Blog
How to visualize your data by use case with JupiterOne

The new Properties Panel and Managed Dashboards in the JupiterOne platform empower you to prioritize speed, efficiency, and organization!

November 23, 2022
Blog
Security will give up on users as a line of defense in 2023

In a recent debate on cybersecurity predictions for 2023, panelists disagreed on plenty. But they agreed: in 2023, security will give up on users as a line of defense

November 21, 2022
Blog
Why JupiterOne security redefined the vendor security risk assessment process

Our redefined process has made JupiterOne security’s vendor assessments significantly more enjoyable, effective, and streamlined. I hope our lessons learned help you

What is a vulnerability management system?
November 17, 2022
Blog
Four key pillars of a successful vulnerability management system

Vulnerability management systems play a crucial role in organizations' defenses by identifying and evaluating vulnerabilities for cybersecurity teams to act on.

  • Vuln Mgmt
Crystal ball, CSPM+
November 15, 2022
Blog
2023 prediction: cloud security will move beyond CSPM

What's next for cloud security? Four security leaders shared their predictions for what we'll see in 2023 - and we don't think he's far off.

  • CSPM
November 10, 2022
Blog
ISO/IEC 27001:2022: 11 new controls on a shoestring budget

What if ‘shoestring budget’ were a state of mind as opposed to a fiscal reality for some of us? I still think many of the best compliance solutions are available at s

November 9, 2022
Blog
How to improve attack surface visibility with JupiterOne

Attack surface visibility is the key to a secure cloud native platform. Visit JupiterOne to see how our platform makes it easy to monitor your entire landscape.

November 8, 2022
Blog
12 predictions you may have missed from the 2023 security predictions panel

Recently, we sat down with four security leaders to hear their top security predictions for 2023. Here are 12 more predictions that didn’t make the cut in the origina

November 3, 2022
Blog
Attack surface and attack paths research - what's next?

The JupiterOne research team has been analyzing data from 2,285 organizations to better understand the attack surface and attack paths. This article discusses what th

Why I joined JupiterOne
November 2, 2022
Blog
Why I joined JupiterOne

It’s not often you get to make big changes in your career, but I’ve been lucky enough to do so recently with a move to London and a shift in the role from being a CIS

a dictionary is open to the term "cyber attack surface" against a dark blue background
November 1, 2022
Blog
Understanding the cyber attack surface

Cybersecurity professionals use the term ‘attack surface’ to describe the totality of all potential entry points into their environment, and may refer to a particular

  • CAASM
How to Choose CAASM Vendors
October 26, 2022
Blog
What to look for in your perfect CAASM vendor

By now, it’s likely that you’ve heard the term “attack surface,” which is the summation of all the possible risk exposures, vulnerabilities, and controls across your

  • CAASM
Preliminary research on attack surface reveals use cases for list vs. graph-based analysis
October 26, 2022
Blog
Preliminary research on attack surface reveals use cases for list vs. graph-based analysis

In “A Tacky Graph and Listless Defenders: Looking Beneath the Attack Surface,” JupiterOne researchers expand upon the 2022 State of Cyber Assets Report analysis to be

Cybersecurity Awareness Month: See Yourself in Cyber With MySecurity
October 19, 2022
Blog
Cybersecurity Awareness Month: see yourself in cyber with MySecurity

JupiterOne is helping to bring the human element back to cybersecurity asset management with MySecurity

  • CAASM
  • IAM
What is SOC 2 for Cloud-native Platforms?
October 19, 2022
Blog
7 steps to achieving SOC 2 compliance for cloud-native platforms

In 2021, SOC 2 took the crown for most popular audit for cybersecurity, IT, quality assurance, internal audit, finance, and other industries. SOC 2 is a voluntary com

How one compliance-as-a-service provider uses JupiterOne
October 18, 2022
Blog
How one compliance-as-a-service provider uses JupiterOne

For most people, compliance is stressful. Tracking down relevant paperwork, heavy workloads, deadlines that always seem too close, and the issue of “passing” an audit

CAASM Is Officially a Must In Your Tech Stack — And Don't Just Take it From Us
October 13, 2022
Blog
CAASM is officially a must in your tech stack — and don't just take it from us

The CISO’s role is not for the faint-hearted. In their hands and the hands of their team lies a massive responsibility – keeping the organization safe from security

  • CAASM
Reduce Hours Spent on Cyber Asset Identification by 85%
October 12, 2022
Blog
Reduce hours spent on cyber asset identification by 85%

The average security team is responsible for 165,633 cyber assets and is likely to have additional ghost assets lurking in their environments. Cyber asset identificat

  • CAASM
Cyber Asset Management: What It Is and Why It Matters
October 11, 2022
Blog
Why basic security hygiene should include cyber asset management

People always tell you to get your head out of the clouds. In the case of today’s rapid migration towards cloud-based, software-defined, and everything-as-a-service

  • CAASM
  • GRC
How to Identify Critical Assets in Cybersecurity To Alleviate Alert Fatigue
October 7, 2022
Blog
How to identify critical assets in cybersecurity to alleviate alert fatigue

The need for comprehensive cybersecurity is the greatest it's ever been, with no signs of slowing down. We have a backlog problem. Security practitioners everywhere

Introducing JupiterOne Stellar Partner Program
October 6, 2022
Blog
Introducing JupiterOne Stellar Partner Program

We’ve reached a new milestone! Today, we’re excited to announce the official launch of JupiterOne’s Stellar Partner Program. Our company is founded on partnerships,

What to do After a Data Breach
October 5, 2022
Blog
What to do after a data breach

There's likely two reasons you've come across this blog: one, you've recently experienced a data breach or two, you want to prepare yourself in the event of a data br

Top 5 Things to Know This Cybersecurity Awareness Month
October 5, 2022
Blog
Top 5 things to know this Cybersecurity Awareness Month

It's October, which means that, in addition to ghosts and goblins, it's also National Cybersecurity Awareness Month! The Department of Homeland Security and the Natio

What are ghost assets and are they costing your org?
October 4, 2022
Blog
What are ghost assets and are they costing your org?

Ghosts, zombies, and shadows are not just the stuff of spooky movies and Halloween haunts. These descriptors pop up across several asset management categories: “ghost

A Summer of Awards for JupiterOne
October 3, 2022
Blog
A summer of awards for JupiterOne

Summer 2022 has been prime time for awards and we are excited to announce four awards that JupiterOne and CEO and founder Erkang Zheng won.

Why IT Teams Should Be Using JupiterOne
September 29, 2022
Blog
Why IT teams should be using JupiterOne

The type of infrastructure your organization is leveraging (Cloud / Hybrid / On-Prem) may already be complex, or is heading in that direction. New products are added,

Don’t be a (privilege) creep! 3+1 best practices for effective access reviews
September 28, 2022
Blog
Don’t be a (privilege) creep! 3+1 best practices for effective access reviews

Security practitioners are no strangers to long, manual processes - especially the kind that are neglected for so long that they end up in the abyss of the backlog.

  • IAM
Reduce Hours Dedicated to Compliance Certifications by 75% with JupiterOne
September 27, 2022
Blog
Reduce hours dedicated to compliance certifications by 75% with JupiterOne

Regulatory compliance is a necessary headache for all sizable organizations. Aside from avoiding costly government fines, reaching SOC2 or CIS compliance is a quality

Security vs. Safety: Should We Reframe Cybersecurity to Make It More Recession-Proof?
September 21, 2022
Blog
Security vs. safety: should we reframe cybersecurity to make it more recession-proof?

Do a quick Google search for the terms “security” and “safety,” and this is what you’ll get: Security: the state of being free from danger or threat Safety: the con

How to Prioritize Vulnerabilities by Real Business Impact
September 14, 2022
Blog
How to prioritize vulnerabilities by real business impact

Nobody would argue that vulnerability scanners are a negative addition to the cybersecurity landscape. These days, it’s much easier to catch vulnerabilities and be

  • SecOps
In 2020 Did We Open a Security ‘Pandora's box’ We Have Yet to Close?
September 12, 2022
Blog
In 2020 did we open a security ‘pandora's box’ we have yet to close?

It’s March 2020. Mandatory stay-at-home orders have just gone into effect, and your organization is scrambling to nail down WFH policies while your IT team is tasked

Navigating Cloud Security Posture Management Vendors
September 7, 2022
Blog
Navigating cloud security posture management vendors

The modern attack surface is an ever-evolving organism that requires constant vigilance. Verizon’s 2022 Data Breach Investigation Report states that the 13% jump in

  • CSPM
  • CAASM
Cost Savings or Suck? How to Turn the Cloud Into a Cost Saver
August 29, 2022
Blog
Cost savings or suck? How to turn the cloud into a cost saver

Security practitioners are well versed in the concept of risk. The risk that’s currently on everyone’s minds? If you guessed the possibility of an impending recession

  • CSPM
Cybersecurity doesn’t have to suck. Let’s fight cynicism and burnout.
August 25, 2022
Blog
Cybersecurity doesn’t have to suck. Let’s fight cynicism and burnout.

Amidst all of the learning and conversations I had in Vegas during Hacker Summer Camp, this quote wormed its way into my brain, bothering me like a scab over a wound

  • CAASM
Optimizing your Splunk SOAR deployment with JupiterOne
August 24, 2022
Blog
Optimizing your Splunk SOAR deployment with JupiterOne

You’ve probably already heard about our recent partnership announcement with Splunk. (Wait, you haven’t? Well, check it out here!)

  • SecOps
Solving a '20s Problem When the Market Offers Solutions from the '90s
August 19, 2022
Blog
Solving a '20s problem when the market offers solutions from the '90s

As organizations increase their reliance on the cloud to quickly and cost-effectively scale their digital operations, new security challenges arise. The convenience

Highlights from Hacker Summer Camp 2022
August 18, 2022
Blog
Highlights from Hacker Summer Camp 2022

JupiterOne was in incubation mode the last time everyone gathered in the sweltering heat of Vegas for #hackersummercamp, so here’s a recap of our experience!

3 Risk Management Exercises to Prepare for a Recession
August 15, 2022
Blog
3 risk management exercises to prepare for a recession

While economists debate the technicalities of whether we are in a recession or not, the rest of us are left preparing ourselves for a downturn. With a wave of tech

  • CSPM
  • CAASM
  • SecOps
JupiterOne participates in new Open Cybersecurity Schema Framework (OCSF) industry initiative
August 10, 2022
Blog
JupiterOne participates in new Open Cybersecurity Schema Framework (OCSF) industry initiative

At JupiterOne, we recognize the importance of building community — not just for the benefit of every cybersecurity professional out there, but for the organizations

  • CSPM
  • CAASM
Engineering Spotlight: Samuel Poulton
August 9, 2022
Blog
Engineering spotlight: Samuel Poulton

How does one go from hating their computer science class to becoming an engineer anyways? That’s what one of our Senior Software Engineers, Samuel Poulton, did!

  • SecOps
The Ultimate CAASM Guide for 2022
August 3, 2022
Blog
The Ultimate CAASM Guide for 2022

Cybersecurity is all about cyber assets, attack surface management, and understanding cyber asset context. When companies are hacked, be it through their software

  • CSPM
  • CAASM
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

  • This is some text inside of a div block.
  • This is some text inside of a div block.
  • This is some text inside of a div block.
  • This is some text inside of a div block.
  • This is some text inside of a div block.