JupiterOne published hundreds of blog articles in 2021, including some by our friends in the community. We checked to see how the community voted "with its eyes" this year. Here are the Top Five Most Viewed Articles in 2021.
Cyber Asset Relationships Matter
By the JupiterOne Team
Relationships matter. They matter in life, they matter in business, they matter in nearly everything we do. This is especially true when it comes to your cyber assets.
Here's the problem: most companies have no visibility into the cyber assets within their system environments, and more importantly, how those assets connect and interact with each other. Anyone can collect data, define and track their assets, but most can't put the relationships and impact of those connections, in context, as part of a broader IT strategy.
I didn't want to be a CISO
By Sounil Yu
Over the past year, I thoroughly enjoyed my time at YL Ventures as their CISO-in-Residence, meeting brilliant entrepreneurs and brainstorming creative approaches for solving wickedly hard problems in cybersecurity. The team at YL Ventures is truly world class and I learned a lot about venture capital through the decisions that the partners made and the discipline that they showed in a red-hot market with rocketing valuations.
I also had the chance to test my Cyber Defense Matrix to see if it can be used to find gaps in the market and promising investment opportunities. (It worked in finding gaps, but it'll be a few years before we see if the gaps were actually good investments.) Although the partners at YL Ventures graciously gave me the opportunity to serve longer, I felt that the CISO-in-Residence role is one that, in my humble opinion, deserves someone with fresher ideas and more recent scars from hard fought battles.
JupiterOne Raises $30 Million Series-B Led by Sapphire Ventures
By the Erkang Zheng
For Star Wars fans, May the 4th is a very special day. We get to make all sorts of silly puns, memes, and jokes based on our love of a series of movies. For JupiterOne, this particular May the 4th is at a whole other level of significance. The space theme ties in with JupiterOne and is certainly really cool by itself. But this morning, we have an even more important fact to share.
Today, May the 4th, 2021, JupiterOne is announcing our B round of venture funding led by Sapphire Ventures. That is a grand total just shy of $50M invested into our business in under 9 months! Absolutely astonishing, if you ask me. This is a reflection of our business growing like crazy, our amazing customer count taking off, and attracting the most talented people to join our cause. It's a great time to be on the JupiterOne rocketship — we are the best in the biz, or should I say, the force is strong with this one.
The Absolute Minimum Every Developer Must Know about AWS Security
By the Nishant Thorat
The cloud is becoming increasingly popular. It is the driving force of the modern world, and engineers are starting to shift their careers accordingly. Whatever your profession, chances are you will have to work or interact with the cloud. Terms such as VPCs, subnets, security groups, and ECS will no longer sound unfamiliar. But have we really grasped the gravity of this seismic shift?
Until now, most of us have been most concerned about cost when we thought about "moving to the cloud", with cost savings being the primary motive during the first wave towards adoption. SaaS companies or consultancies that emerged during this first wave were focused towards cost optimization. Tools which identify idle cloud resources, allow scheduled cloud shutdowns, and allow the fetching of a spot instance with the lowest cost are used as examples of potential cost savings. But there is something more fundamental and more important than cost that we need to pay attention to: Security.
CAASM is the Future... CSPM is Dead
By the Akash Ganapathi
Beyond the classic CSPM tools like Dome9, DivvyCloud, etc. now even infrastructure and workload scanners claim CSPM as part of their capabilities. CSPM capabilities should be evolving because cloud configuration management is only becoming more complex, instead we are seeing the same old misconfiguration checks coming out of every CSPM offering with no depth or flexibility to modify the monitoring rules. How can we monitor user defined configuration baselines? There are many configs that are unique to our cloud environment. How can we monitor more than just basic property checks such as the relationships between assets?
CAASM can do everything CSPM does and more. Even though it's a mouthful of an acronym (I didn't invent it), CAASM goes beyond the basic cloud configuration checks and allows us to monitor custom configurations important to our unique security architecture. CAASM also visualizes and monitors our entire attack surface from the public cloud and beyond, exposing unique toxic combinations of misconfigurations and relationships that CSPMs simply cannot.