In a nutshell, a cyber asset is any physical or software-defined entity an organization uses to conduct its business.
Many organizations still look at cyber assets as just devices and users; things like laptops, workstations, servers, and the people to whom those devices belong to.
This view is particularly outdated for security teams as they design what needs to be protected in today’s post-digital transformation landscape.
Cyber assets can be categorized in many ways; the Cyber Defense Matrix provides a useful approach, defining cyber assets in the following categories:
Physical as well as software-defined, like laptops, phones, workstations, servers, hosts, and storage devices
The software that runs on top of devices, separate from operating systems and firmware, like business or web apps, serverless functions, micro servers, and APIs
Including protocols and channels that enable communication between applications and devices, like TCP/IP, DNS, VPCs, VPNs, or email and web gateways
Information stored, transported, or used by devices, applications, and on the network, including databases, code repositories, and S3 buckets
Identities that utilize the other asset classes, like employees, contractors, outside vendors, or service accounts
Equally vital to understanding asset categories is understanding how assets are interconnected. Organizations use assets together as part of systems to achieve business goals. In the mission to secure them, teams have to view them as an interconnected whole. It is important to know, at a glance:
Thanks to the democratization of IT and adoption of new technologies, business applications and infrastructure can spring to life or be abandoned as needed – much like urban expansion, renewal, and decay.
Trying to collect and make sense of all this rapidly changing asset data is practically impossible.
The good news here is that all this asset data already exists. Data about the assets themselves, their relationships with all the other assets, findings, and configurations – it’s all available. Security teams just need help pulling together and organizing it all in order to operationalize it.
A cyber asset analysis platform centrally collects, connects, and analyzes this data and becomes the system of record for all security questions about cyber assets.
Remember those questions before? These platforms help you answer the essential questions of what assets you have, what's critical, who owns it and if it poses a risk to you, all in one place.
Amidst a sea of point solutions working in a silo, cyber asset analysis platforms help security teams see the bigger picture.
These platforms can spot patterns, detect anomalies, and measure compliance drift. They can see the smoke before the fire, allowing them to take proactive measures to mitigate cyber threats.
In short, cyber asset analysis provides the enterprise's eye in the sky, offering a panoramic view of the cyber threat landscape.
Cyber asset analysis takes you from “This server is vulnerable” to “This server, owned by Brad, is vulnerable, connected to a database with critical business data and has a path to the internet through an improperly configured firewall.”
The first requires investigation to determine what to do next. The second has clear action and direction. (Ah, that Brad, always causing trouble.)
This server is vulnerable
This server
owned by Brad
is vulnerable
connected to a database with critical business data
has a path to the internet through an improperly configured firewall
What is the end goal of cyber asset analysis? It’s something we call unified cyber insights.
Modern security teams understand that the key to the strongest cybersecurity program is to first understand all of their assets, but lists of assets without context are meaningless.
Only with a robust cyber asset analysis platform can you bring unified cyber insights to your security program. Unified cyber insights come from the knowledge gained by cyber asset analysis and used to inform decisions about your environment, know where to place defensive measures, and guide future development.
Once you know what assets you have, and their context to the rest of the organization, your whole security program is strengthened - from vulnerability management to compliance management and more.
At JupiterOne, we feel uniquely qualified to share our vision of what a modern cyber asset analysis platform should look like. Why? Because our founder and CEO built JupiterOne from his struggles as a former CISO to answer those five fundamental questions that asset analysis platforms are built to answer.
Trying to build a solution in-house for this universal cybersecurity problem took up too many resources. With so much at stake, there had to be a better way for security teams to know what they have and where to go, quickly, to remediate priority issues and prevent a breach.
This vision culminated into the launch of JupiterOne, backed by years of development work with some of the brightest engineers in the business.
We believe a detailed understanding of your assets and a comprehensive view of your cyber threat landscape leads to unified cyber insights, empowering enterprises to build robust cybersecurity defenses.
With this approach, it becomes a simple matter to find what you have by asking natural language questions of your cyber asset analysis platform, determine if any vulnerabilities or issues exist, assess the level of risk they present, and assign ownership to remediate the problem quickly.