JupiterOne, the industry's leading provider of cyber asset attack surface management (CAASM) technology, today announced that it was named as a Sample Vendor for CAASM in the latest release of the Gartner Hype Cycle for Cyber Risk Management, 2022.
According to Gartner, "In 2022, the global risk landscape continues to be impacted by the ongoing COVID-19 pandemic conditions, the Russian invasion of Ukraine, labor shortage, worsening climate change, and inflation. In particular, the increased inflation rate and labor market tightness mean that organizations must do more with fewer resources."
The Gartner report notes that security and risk management (SRM) leaders continue to struggle to:
"Position risk management as a decision-making practice. Either because of their rigid focus on framework-based controls or inability to scale their security and risk controls for individual projects
Inform cyber and technology decisions in an ever-expanding operating ecosystem
Gain sufficient transparency in evaluating environmental, social and governance risks and incidents, local and worldwide.
Mitigate global supply chain risks as these risks continue to form a web of complexity and volatility.
Look for ways to automate and inform risk assessment with data-driven insights."
One solution category that addresses these challenges is the cyber asset attack surface management (CAASM) space, where solutions aggregate and track assets such as endpoints, servers, devices, and applications. By consolidating internal and external cyber assets, users can use queries to find gaps in coverage for security tools such as vulnerability assessment and endpoint detection and response (EDR) tools. JupiterOne pioneered a graph-based approach to CAASM that allows customers to track and monitor IP addresses and analyze and map all intra-asset relationships.
As the Gartner analysts explained, "CAASM enables security teams to improve basic security hygiene by ensuring security controls, security posture, and asset exposure are understood and remediated. Organizations that deploy CAASM reduce dependencies on homegrown systems and manual collection processes, and remediate gaps either manually or via automated workflows. Organizations can visualize security tool coverage, support attack surface management (ASM) processes, and correct systems of record that may have stale or missing data."
The drivers of CAASM adoption, according to Gartner, include:
"Full visibility into all information technology (IT), Internet of Things (IoT) and operational technology (OT) assets under an organization's control, which improves understanding of the attack surface area and existing security control gaps or serves as part of a wider ASM process.
Quicker audit compliance reporting through more accurate, current and comprehensive asset and security control reports.
Consolidation of existing products that collect asset and exposure information into a single normalized view, which reduces the need for manual processes or dependencies on homegrown applications.
Access to consolidated asset views for multiple individuals and teams across an organization, such as enterprise architects, security operations teams and IT administrators, who can benefit from viewing and querying consolidated asset inventories with a view to achieving business objectives."
The recent Gartner report on Top Trends in Cybersecurity 2022 cited "Attack Surface Expansion" as one of the year's top security trends resulting from the expanding digital footprint of modern organizations. According to the report, "A dramatic increase in attack surface is emerging from changes in the use of digital systems, such as new hybrid work, accelerated use of public cloud, more tightly interconnected supply chains, expansion of public-facing digital assets and increased use of operational technology." In our opinion, security leaders who reinvent the cybersecurity function and technology architecture can better position their organizations to maintain and grow value in an increasingly agile, distributed, and decentralized environment.
JupiterOne was named a Sample Vendor for CAASM in the latest release of the Gartner Hype Cycle for Security Operations, 2022. The report is available for complimentary download from JupiterOne.
Additionally, Gartner recognized JupiterOne as a Representative Provider for CAASM in the Innovation Insights for Attack Surface Management and as a Sample Vendor in the Gartner Hype Cycle for Workload and Network Security, 2022 research reports.
"JupiterOne is honored to receive yet another recognition from Gartner. Right now, the world is full of uncertainty, making it challenging to conduct business. More than ever, businesses must prioritize effective security measures. Security leaders can get invaluable insights by tracking their assets and making efficient use of their resources. Overall, organizations can make better data-driven business decisions while keeping security risks in mind."
Erkang Zheng, Founder and CEO at JupiterOne
JupiterOne is a cyber asset attack surface management (CAASM) platform company providing visibility and security into your entire cyber asset universe. Using graphs and relationships, JupiterOne provides a contextual knowledge base for an organization's cyber asset operations. With JupiterOne, teams can discover, monitor, understand, and act on changes in their digital environments. Cloud resources, ephemeral devices, identities, access rights, code, pull requests, and much more are collected, graphed, and monitored automatically by JupiterOne.