Launching Starbase: A New Open-Source Contribution from JupiterOne

I started JupiterOne with two strong core beliefs that shape how to address the technical challenges I was facing and overall battles in the cybersecurity industry as a whole. First, I believe to win cybersecurity battles, we must work together openly as a community to make products that are accessible to organizations of all sizes, not just the well-funded enterprises that can afford them. Second, I believe we must modernize by taking an engineering-based approach to building security products with the developer experience in mind.

These core beliefs led us to build a true data-driven platform that prioritizes robust APIs, a flexible query language, strong developer tooling, and an immense investment in open-source (we currently have over 130 public projects on GitHub). We also decided to offer a community tier version of the JupiterOne platform available to anyone, free of cost, forever.

Today, we extend upon our promise to further our investment into open-source with the launch of the new Starbase project that unifies all of JupiterOne’s open-source integrations into one place, backed by the Neo4j graph database, to make graph-based security analysis available to everyone. To learn how to get started with Starbase today, I invite you to read this blog from our engineering team and take a look at this short video introduction:


Security is complex, especially for an organization or security professional that is starting to build a security program from scratch. Attack surfaces are growing exponentially as organizations embark on their digital transformation journey. The explosive growth of cyber assets, or digital resources that require security protection against vulnerabilities, outpaces employees 500 to 1. Cyber assets aren’t just IP addresses and devices, but all resources from cloud infrastructure, traditional and SaaS applications, code, networks, data, user identities and access—every single element in digital operations counts.

Security must embrace this complexity and break through the noise. It begins with understanding your assets and learning why asset relationships matter. A graph-based approach to cyber asset management and analysis gives you the power to truly understand the structure of your cyber infrastructure and digital operations. This structural awareness enables you to identify gaps and unknown risks, reduce incident response time, add context to cloud security, prioritize vulnerability remediation, continuously monitor controls, and automate compliance.

Security is a basic right. The more accessible we make effective security technology available in the hands of security practitioners, developers, researchers, and students, the stronger that technology will grow and ultimately, the safer our community will become.


Posted By Erkang Zheng

I envision a world where decisions are made on facts, not fear; teams are fulfilled, not frustrated; breaches are improbable, not inevitable. Security is a basic right.

I am a cybersecurity practitioner and founder with 20+ years across IAM, pen testing, IR, data, app, and cloud security. An engineer by trade, entrepreneur at heart, I am passionate about technology and solving real-world challenges. Former CISO, security leader at IBM and Fidelity Investments, I hold five patents and multiple industry certifications.

I am building a cloud-native software platform at JupiterOne to deliver knowledge, transparency and confidence to every digital operation in every organization, large or small.

To hear more from Erkang, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.


cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.