Mission Control Blog

There are two converging problems for security operations resulting in a big flaming dumpster fire - the expanding modern attack surface and an ever-growing backlog

You’ve identified and collected all your cyber assets into one place. Now what? There are thousands, or even hundreds of thousands assets and potentially countless

Complete cyber asset inventory and visibility is foundational to any security program and strategy. We’ve written a number of pieces that share this sentiment

As the scope of the cyber hygiene challenge outpaces the expert resources available, security teams are losing ground in the effort to protect their organization

Cybersecurity alert fatigue is an issue that is long overdue for a real solution. The average cybersecurity team is facing a backlog of 120,561 findings and alerts

Last month, Yvie Djieya wrote a blog post describing how JupiterOne’s security team manages “meeting evidence” as code. Yvie covered the difficulty of managing

Complete cyber asset inventory and visibility is foundational to any security program and strategy. We’ve written a number of pieces that share this sentiment

Digital transformation has created remarkable and irreversible growth in the cyber asset landscape. Each business shift towards digital workflows has yielded a steady

There’s nothing better than hiring an engineer that takes true pleasure in solving highly complex, brain-bending problems. That’s what we saw when we talked to Ben

Generating a software bill of materials (SBOM) is no small feat. In this post, I’ll walk through the steps I used to generate our SBOM when Sounil Yu joined the

In this post, I’m sharing my favorite resources to stay on top of all the things cloud, security, and self-improvement—because mental well-being is crucial to success

JupiterOne has a much broader definition of cyber assets than other security vendors, covering more than just IP addresses, devices, and internet facing-assets.

In the current microservice landscape, there are more than enough automation tools and infrastructure as code (IaC) solutions to make deployments swift and effortless

Security is a basic human right, but many security teams struggle to answer even seemingly basic questions about attack surface or blast radius due to poor visibility

I started JupiterOne with two strong core beliefs that shape how to address the technical challenges I was facing and overall battles in the cybersecurity industry as

You are likely familiar with the cybersecurity adage: “You can’t protect what you don’t know about.” It’s common-sense enough wisdom, but if we’re being honest, we

Individuals in STEM are often described as innately methodical, detail-oriented, and curious. However, their creative, artistic qualities are the ones that make them

In a world where cybersecurity threats evolve and proliferate at dizzying speed, a confusing and disordered cybersecurity landscape makes it all too difficult to

Every company has a workplace culture and a security culture. Many people would define the former as “flexible PTO and cold brew on tap” (which, of course, is a gross

Auth0 helps enterprise companies solve the most complex, large-scale identity use cases with its extensible and developer-friendly solution. To get to that level of

If you’re anything like me (which I hope you’re not), or let’s say if you’re anything like my mind, you spend 75% of your time overthinking. You reach for the closest

We are honored to announce our company founder and Chief Executive Officer Erkang Zheng, named as Cybersecurity CEO of the Year-North America by the Cybersecurity

Many companies invest in compliance activities to follow various laws and regulations but not necessarily to improve their overall security posture. Whether you are

Eight years ago I took over the OWASP Podcast from Jim Manico, originator of the project. In that time 160 episodes have been published, with over 500,000 downloads

As we prepare to celebrate Lunar New Year, we offer you a personal story of what the new year tradition means to Erkang Zheng, CEO of JupiterOne.

Today, millions of people worldwide are becoming aware of how their personal data is collected, shared, and monetized in our modern digital economy. Studies show that

Recently, life has been chaotic. For two years, events have shattered our perspective on what work, health, and community means to us. As we try to sleep through this

If you couldn’t tell from the video, we are so excited to launch the AskJ1 Community! By bringing together our users, team, and security professionals at large, we’re

As we continue to build our security teams at JupiterOne, we asked Kenneth Kaye, Security Automation Architect, to describe our Red Team approach, and Chasen

Engineers are the individuals who sit in the magical area between an exciting idea and a promising product in any organization. JupiterOne is lucky enough to have

Most security practitioners admit they spend their free time upskilling. Learning can occur in settings ranging from the practitioner’s home labs to security

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from a chapter by Sounil Yu.

On January 9, 2022, journalist and researcher Ax Sharma wrote an article, "Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps".

We’ve all heard of “Red Teams” and “Blue Teams” when it comes to cybersecurity. But what about the “Purple Team”, the “Yellow Team” or the “Blue Team”. What are those

The cybersecurity forecast for 2022: More of the same—only worse. Yes, the sophistication of cyberattacks is growing by the minute. Unfortunately, so are the rewards

It's that time of year where I poll my friends to see what kind of cool downloads and resources they found in 2021. Hopefully, you'll see something you like.

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from a chapter by Yolonda Smith.

JupiterOne published hundreds of blog articles in 2021, including some by our friends in the community. We checked to see how the community voted "with its eyes" this

As you stand knee deep in the water watching waves form, you set your sights on the perfect one to ride into shore. “This is it!”, you think. “It’ll carry me to shore

If you’re neck-deep in Log4Shell remediation and wanting the assurance of an automated process to ensure your hosts are patched and stay patched, the following

We recently helped a customer identify some potential CloudFront/S3 takeover risks. You can find the details of the risk described in the article, "Simple Route53/Clo

2021 is coming to a close, so naturally, we’re feeling a bit sentimental about everything our community has accomplished this year. But without your support, we would

Should you build or buy a CAASM solution? It’s a valid question, especially in an ecosystem rich with open source and low-cost security tools. You don’t need

Let me open by saying that If you are currently remediating the Log4Shell vulnerability in your environment, this article is not designed for you, although some thing

It’s possible to improve your security posture on a shoestring budget. There are a growing number of open source tools for security and compliance, but there are also

On December 8, 2021, our friends at jFrog published an article, "Malicious npm Packages Are After Your Discord Tokens – 17 New Packages Disclosed".

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from a chapter by Keyaan Williams.

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from one of the chapters.

The Business Intelligence Group’s annual BIG Awards for Business results are in and we are so excited to share that JupiterOne has been recognized as “Start-up of the

Over the past 19 months, I was empowered to create a security and compliance function at a Seattle startup. I was a pretty successful Security Director by most

Christian Buckley from the CollabTalk Podcast reached out to me to discuss building communities, given my involvement in supporting massive initiatives within

Today’s digital supply chains are a continuously growing and dynamic ecosystem of web-based services, applications, and IT assets. These ecosystems are enabled by an

The future of compliance is continuous. Since the beginning of technology auditing, auditors have had to rely upon spot-checking to validate whether the entity being

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from one of the chapters.

Cyber asset management is now a critical component of an organization’s cybersecurity hygiene and posture management. The more cyber assets in an organization’s

It’s a good time to be a hacker. Evolving IT architectures and workplace models now offer more entry points than ever for an attack, while simultaneously making it

Zero-day vulnerabilities are the ones that place the most stress on every security team, regardless of the size of the organization. Watering-hole (also known as

Fireside chat: Cisco Sr. Director of Product Management for Cloud Security Munawar Hossain, JupiterOne CEO Erkang Zheng and CMO Tyler Shields discuss the new partners

When Colonial Pipeline CEO Joseph Blount testified before the US Congress, he revealed that the attack was completely avoidable; Blount admitted that Darkside gained

On October 19, 2021, we published the book, "Modern Cybersecurity: Tales from the Near-Distant Future". This is an excerpt from one of the chapters.