Accelerating incident response with JupiterOne's new insights dashboards

By

When you can't account for every single cyber asset in your digital environment and you want to conduct a security investigation or run a query to retrieve specific information, you might as well consult a Magic 8 Ball to provide an answer. Even the smallest gap in visibility will keep you in the dark about something critical that needs your immediate attention. With such gaps, the accuracy of your querying results are akin to your Magic 8 Ball's "reply hazy, try again."

With JupiterOne, you gain complete visibility across all cyber assets in your ecosystem. However, querying such depth and breadth of visibility can be overwhelming and time consuming without a starting point. That's why we've created the Insights Dashboards for Incident Response.

Dashboard: Insights > IR - Cloud Instance/Workload Analysis

Imagine you've lost your keys somewhere inside your home. If you live in a studio apartment, looking for your keys will take you a lot less time than if you lived in an 18-room, two-story mansion. Similarly, when your digital environment spans multiple cloud service providers (CSPs) with several instances within them storing hundreds of thousands of entities, finding your "lost keys" can take you substantially longer than if your cloud operations were limited to one provider and a manageable number of instances and entities. With the Insights Dashboards for Incident Response, that's all about to change.

JupiterOne's new Insights Dashboard for IR - Cloud Instance/Workload Analysis puts all the information you need about any cloud instance or workload at your fingertips, including:

  • Resources connected to a specific instance or workload
  • The impact or blast radius of a compromised instance or workload
  • How resources are connected to the internet
  • Who has access to target resources
  • What data stores the instance or workload has access to
  • What problems or configuration issues exist in any instance or workload
  • And much more

In a matter of seconds, you can navigate through this valuable data in traditional list format or by interacting with the JupiterOne graph viewer. Drill down and visually analyze the connections between resources in your cloud instances or workloads.

2_1_IR - Cloud Instance-Workload Analysis

2_2_IR Cloud Instance-Workload Analysis

If you leverage a multi-cloud strategy, JupiterOne lets you toggle between your cloud environments without having to use a different tool, log out and log back in, or even change dashboards. Simply enter a different query variable — such as host name, instance ID, or IP address — without leaving the dashboard, and immediately get updated insights on any instance or workload, be it in AWS, Azure, or Google Cloud. The new query variable automatically appends to the dashboard's URL, giving you and others a direct way to access that specific instance or workload's dashboard anytime in the future. Include the link in your ticketing system or incident report and make it easy to collaborate with fellow incident responders on your team.

Optimizing your incident response wouldn't be complete without giving you this same level of in-depth analysis for your endpoints. Fortunately, we have a new dashboard for that as well. 

 

Dashboard: Insights > IR - User Endpoint Blast Radius

Now you know that, no matter how many rooms you have in your digital "mansion", finding your "lost keys" doesn't have to be a hassle. But what if you knew for a fact that you left them somewhere specific and that, since they're no longer there, someone must've taken them or placed them somewhere else? You would probably also want to know if this key thief took or moved other things around, who let them into your home, and what rooms they entered. Or more importantly...did they sit on your favorite chair?! This calls for an investigation.

The same goes for the security investigations in your digital environment. JupiterOne's new Insights Dashboard for IR - User Endpoint Blast Radius lets you visualize the impact and scope of exposure of any specific endpoint. This dashboard allows you to quickly understand everything that an endpoint has access to, determine how it is connected to other users, accounts, endpoints, and applications, and see findings and problems related to that endpoint that you may need to address.

2_IR - User Endpoint Blast Radius

Both dashboards are included in the latest version of the JupiterOne platform. Take advantage of them today so you can:

  • Get to the bottom of any security investigation - Drill down on any specific endpoint, instance, or workload to find answers to specific questions that can help you solve any security investigation.
  • Accelerate your incident response times - Save valuable time by accessing all the pertinent information about any instance or workload in one place, no matter what major cloud provider or providers your infrastructure is built on.
  • Uncover new risks - See how all cyber assets in your endpoints, instances, and workloads are related to each other to reveal suspicious connections, out-of-policy access rights, and other security risks.  


Want to learn more? Check out this brief demo video of the new Insights Dashboards for Incident Response or request a demo to speak with a JupiterOne representative today.

 

Ale Espinosa
Ale Espinosa

Ale is JupiterOne’s VP of Product Marketing and Partnerships. With over 20 years of experience in high-tech marketing, including a decade in cybersecurity, Ale has navigated the alphabet soup of infosec acronyms throughout her career, including EDR/XDR, DFIR, SIEM, UEBA, SOAR, AI/ML, and now, CAASM.

Keep Reading

Identify compromised versions of Github using JupiterOne
January 31, 2023
Blog
Identify compromised versions of GitHub apps using JupiterOne

As a preventative measure, Github will be deprecating the Mac and Windows signing certificates used to sign Desktop app versions 3.0.2-3.1.2 and Atom versions 1.63.0-

The top 11 questions that every CISO should be able to answer
January 30, 2023
Blog
The top 11 questions that every CISO should be able to answer

In part one of this two-part series, we polled some of our top security experts to see what it takes to succeed secure and manage resources effectively.

Best of Cyber Therapy, Season 1
January 25, 2023
Blog
Best of Cyber Therapy, Season 1

Take a look at the top 5 episodes from Season 1 of Cyber Therapy, a video podcast featuring the humans of cybersecurity!

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.