JupiterOne

A collab no one asked for but came together very well. Great pod with Erkang Zheng - former ciso, founder of JupiterOne Davy McAleer - head of code security (Fortinet/Lacework) James Berthoty - Security analyst, Cloud Security engineer Link in comments 1) Initial debate was AI-SPM and CNAPP. We agreed it shouldn't be a new sku as its just additional control to CSPM, DSPM. Also this covers 1st party apps and not the 3rd party apps, so customers shouldn't think they are getting a comprehensive ai security solution 2) We agreed that some of the data and identity issues (access governance) already existed and not new with AI, but AI brings in urgency to solve those, particularly access governance and adding unstructured data sources to DSPM/Data security tools 2) AI security touches multiple tools like CNAPP, Application security (scanning as well as WAF, etc), Data security/ DSPM, Identity, SSPM, etc. We agreed that it makes sense to create a framework that encompasses all the threats, but customers will have to decide if they buy new point tools or full platform or consume these features from existing products. Like do you need an new AI firewall/proxy or do you push your SASE vendor to add support for AI apps? 3) Posture Management: Should Gartner get away from X-SPM taxonomy? My 2 cents is posture management makes sense as we are moving to cloud and posture management covers the infra configuration which is essential. But posture management is not security and you need detection, response and run time for real security. ASPM makes no sense as its not config but mostly vulnerability management 4) IT, Security, Developer disconnect: I see this disconnect thats not helping customers as well as founders/startups. In cloud we started with developers (dev/test workloads) and IT (hence cspm and config) and later ciso's got involved. With AI I see founders talking to CISO's, developers only when CIOs are bringing in AI apps, APIs much faster and those threats need to be addressed first than an AI firewall. Please let us know your feedback and if you want discussion on other topics with this crew.

Last week I had the pleasure of interviewing Enoch Long, JupiterOne’s Field CISO. In Part1 of the interview, Enoch's insights on the impact of emerging technologies in cybersecurity, and his personal tales from the SOC were very insightful. Please now see Part 2 of that interview where Enoch discusses the cybersecurity importance of "Building Resilience Through Visibility and Proactive Defense" Thanks! Enoch Long has global responsibility for providing executive leadership, domain expertise, strategic, technical, operational, and security guidance for the Global GTM organization. Before joining JupiterOne, Enoch held key strategic leadership positions at Regeneron Pharmaceuticals, Alexion, Splunk, and Northrop Grumman. He also served key cyber engineering and advisory roles supporting the Dept of Defense and the intelligence community. #cybersecurity #socs #informationsecurity Enoch Long JupiterOne #visibility #securityandrisk #technologies #infosec

Your Ultimate Guide to Cyber Asset Attack Surface Management (CAASM) Traditional tools struggle to connect the dots across siloed systems, leaving security teams with blind spots and vulnerabilities. CAASM bridges this gap, consolidating data into a single source of truth to help organizations secure what matters most.In our Ultimate Guide to CAASM, we break down:  📚 What CAASM is and why it matters  🎯 Core features and must-have capabilities of a CAASM solution  🔎 Real-world use cases for modern enterprises  ⚖️ How CAASM compares to CSPM, EASM, and other tools  💡 Expert insights on managing emerging risks in 2025 Ready to learn more and take control of your attack surface? Check out the Ultimate Guide now: https://lnkd.in/dHYBtBd8 #CAASM #AttackSurfaceManagement #CSPM #EASM #JupiterOne

I had the pleasure of interviewing Enoch Long, JupiterOne’s Field CISO. His insights on the impact of emerging technologies in cybersecurity, and his personal tales from the SOC are very insightful. Please check it out the interview, Thanks! Enoch Long has global responsibility for providing executive leadership, domain expertise, strategic, technical, operational, and security guidance for the Global GTM organization. Before joining JupiterOne, Enoch held key strategic leadership positions at Regeneron Pharmaceuticals, Alexion, Splunk, and Northrop Grumman. He also served key cyber engineering and advisory roles supporting the Dept of Defense and the intelligence community. #cybersecurity #socs #informationsecurity Enoch Long JupiterOne

Introducing Continuous Controls Monitoring (CCM) from JupiterOne! As cybersecurity threats grow and compliance standards evolve, SRM leaders need proactive solutions to stay ahead. With our CCM solution you can: ✅ Gain real-time insights across your entire tech stack—cloud, on-premises, and beyond ✅ Assess and enhance control performance continuously ✅ Spot gaps, streamline audits, and respond to threats swiftly Discover how JupiterOne’s CCM provides flexible, customizable control monitoring to transform your security posture and keep you a step ahead: https://lnkd.in/evn9EJz5 #ContinuousMonitoring #Controls #Compliance #JupiterOne

Typical challenges that cyber security professionals face these days range from the management of multiple digital assets to ensuring adherence to regulatory frameworks. In today's post, we take a look at how the JupiterOne platform can facilitate cybersecurity management and become a vital tool when integrated into your wider ecosystem. https://lnkd.in/gcw4iqj6 #automation #integration #cybersecurity #mssp #security #compliance

Exciting news for the JupiterOne community: our Public Postman Workspace is now live! Designed to streamline workflows, automate testing, and enhance team collaboration, this resource is packed with: 🔹 Pre-Built API Collections for easy access to asset data and security queries 🔹 Templates for common tasks, like analyzing asset relationships 🔹 Automated Testing and Comprehensive Documentation to keep everything secure and efficient Explore how our Postman workspace can transform your workflows with JupiterOne in our latest blog: https://lnkd.in/eArs9_2z #APITesting #JupiterOne #Postman #Security

How big is the impact of an exposure to your organization? It’s time to know, not guess. Our latest blog dives into how Continuous Threat Exposure Management (CTEM) helps you cut through the noise, prioritize exploitable vulnerabilities, and protect your business’s crown jewels 💎 Learn more: https://lnkd.in/e2mVurTB #cybersecurity #CTEM #vulnerabilitymanagement #cloudsecurity #JupiterOne

💡 A Proactive Approach to Reducing Your Attack Surface See how CTEM is helping organizations shift from reactive to proactive security. Learn how you can prioritize what attackers are actively targeting and protect your most valuable assets. Learn more: https://lnkd.in/ehwkRk-P

It's October. That means it's time to start making people AWARE OF CYBER SECURITY. Or maybe make things safer and blame end users less? I wrote a list of things that disqualify companies from generating more user awareness content. Go fix this before you use GenAI to create some bad animations of someone writing a password on a post-it note.