Cyber Asset Visibility and Management,
Security Operations and Security Engineering
|November 13, 2019 BY JupiterOne Team
Logical Security Operations
When you know exactly what you are looking for, it should be easier – not harder – to get to the data. But security teams know this is rarely the case. Think about your own operations. What steps and how much time would it take to confidently feel like you have the information you need to answer the below questions?
Did we remove all access from employees who left?
Who is the most recent contributor to this repo that left a vulnerability?
Are my production or PHI/PII data stores encrypted?
Who has access to critical or sensitive data?
Pulling together the answers to questions like these take hours of compiling information from numerous locations using clunky UIs with little flexibility. We think it makes much more sense for the information you know you need to be easier to get to. Not harder.
But while blank page can represent endless possibilities, it is sometime valuable to have a jumping off point when you aren’t sure where to start. Knowing that, we’ve assembled a robust catalog of queries for proactively analyzing your digital environment.
Nearly 400 Questions
JupiterOne users can query their environment for insights using ~400 out of the box questions that automatically map to the integrated resources from their environment. These questions are natural language – which makes them easily filterable – and span areas central to the daily, weekly and monthly life of security and compliance teams.
The 80/20 rule applies to everything, even security. JupiterOne’s prebuilt queries were built to cover 80% of the answers your team needs to answer.
In security, however, situational context is often a driver of edge cases that very much matter. This is the 20% requiring 80 percent of the effort. Knowing this, the out of the box questions, like everything else in JupiterOne, are powered by J1QL (JupiterOne Query Language).
This underpinning allows users to take prebuilt queries and customize them to home in on the nuances of their digital environment. Users can also build out queries from scratch.
The results of any query are returned in seconds for in depth analysis.
View the Data in Context
A data table doesn’t provide the context needed to assess what exactly is going on. Knowing that, JupiterOne query results can be viewed on the graph. It is easy to assess risk potential when you understand the relationships and connections to your critical resources.
See the Impact for Yourself
Reducing the time it takes for your to get to the data you need to protect your environment is our goal. See the full capabilities of JupiterOne’s Search Catalog and Query Language on your own Data.
Posted By JupiterOne Team
The JupiterOne Team is a diverse set of engineers and developers who are working on the next generation of cyber asset visibility and monitoring.
To hear more from the JupiterOne Team, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.