Captain's Log, Stardate 2021.04.30

April 30, 2021 | IN Blog, Cyber Asset Visibility and Management | Mark Miller BY Mark Miller

Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack

J1_Ambassador Hunter @2x

Requiring SBOMs And Their Impact On OTDale Peterson
The concept and benefits of a software bill of materials (SBOM) is simple to understand. A SBOM is a list of all software in an application or cyber asset. Vendors need to create and maintain a SBOM to have any chance of credibly supporting their product over time. 

NASA'S Ingenuity Mars Helicopter Second Flight is a Success | The New York Times

NASA’s engineers already made history on Monday with the 39.1-second flight of Ingenuity, a small helicopter, in the thin atmosphere on Mars. On Thursday, they added to their success when the experimental vehicle flew higher, longer and riskier.

What can the OKR software sector tell us about startup growth more generally? | Tech Crunch
How were so many OKR-focused tech upstarts able to raise capital at the same time? And was there really space in the market for so many different startups building software to help other companies manage their goal-setting? OKRs, or “objectives and key results,” a corporate planning method, are no longer a niche concept. But surely, over time, there would be M&A in the group, right?

Grand Jury subpoena for Signal user data | Signal
It’s the first half of 2021 – nearly five years since the “first half of 2016” – but in many ways not much has changed. The United Kingdom is still trying to figure out Brexit, another Justin Bieber song hit #1 on the charts (is it too late now to say sorry?), and Signal still doesn’t really know anything about you.

AMA: How to map the controls and frameworks relationships | JupiterOne
Using the "Edit Control Procedures to Compliance Mapping" query allows you to globally map policies/procedures across multiple frameworks. Any query can also be globally mapped across compliance requirements/controls, too. We are actively working on the feature to globally map controls, e.g., your company’s internal controls, across frameworks, with the ultimate goal of mapping/tuning queries+evidence to controls just one time + mapping said controls (+corresponding queries/evidence) to multiple compliance and/or regulatory frameworks