Video: Managing GRC with JupiterOne

By

George Tang has recorded a series of videos to show how JupiterOne can be used for GRC. In this session, George covers the usage of policies and procedures within J1 for compliance purposes. 

Not only as the foundation of your security program, but also your compliance program, you'll want to confirm you have a standardized set of policies and procedures for your organization. Within the Policies App, JupiterOne provides nearly three dozen standard security policies that are applicable to most organizations. Each of the policies has one or more procedures associated with each policy. 

During the initial J1 account setup, your admin was given access to the Policy Builder UI. Any changes to your company, officers within your company, or various security and technology tooling can be done through this interface. Updating this information will tailor your policies and procedures so that they are specific to your organization. Documentation for policies and procedures can be appended to, deleted or edited directly from within the J1 interface, including revision and tracking functionality. This documentation can be exported from JupiterOne as a pdf or zip file. 

Watch the video to see George step through the interface. If you like what you see, setup your free account and test it out yourself. 

 

 

For more videos in this series, plus a 15 part series on interrogating your AWS environments with JupiterOne, join us at Command Central for full access. 

George Tang
George Tang

I possess extensive senior information security leadership experience from serving hundreds of clients by assessing, designing, and implementing security + enterprise risk management programs. I assess + advise companies (from Fortune 5 to pre-seed startups) on their businesses', products', and environments’ security architectures. Additionally, I own a rare blend of technical subject matter expertise within the cloud technology space across the major hyperscale cloud service providers, i.e., AWS, Azure, GCP, specifically within the infrastructure security domain. Background: information security, cloud security, cyber security, governance/risk/compliance, assessments + advisory, risk management/risk assessment.

To hear more from George, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

Keep Reading

Identify compromised versions of Github using JupiterOne
January 31, 2023
Blog
Identify compromised versions of GitHub apps using JupiterOne

As a preventative measure, Github will be deprecating the Mac and Windows signing certificates used to sign Desktop app versions 3.0.2-3.1.2 and Atom versions 1.63.0-

The top 11 questions that every CISO should be able to answer
January 30, 2023
Blog
The top 11 questions that every CISO should be able to answer

In part one of this two-part series, we polled some of our top security experts to see what it takes to succeed secure and manage resources effectively.

Best of Cyber Therapy, Season 1
January 25, 2023
Blog
Best of Cyber Therapy, Season 1

Take a look at the top 5 episodes from Season 1 of Cyber Therapy, a video podcast featuring the humans of cybersecurity!

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.