JupiterOne Unveils Starbase for Graph-Based Security

  /     /     /  
Publicated : 23/11/2024   Category : security


JupiterOne Unveils Starbase for Graph-Based Security


The open source asset management tool lets security analysts collect asset information all across the organizations digital operations and run queries to understand their relationships.



JupiterOne has announced Starbase, an open source tool for security analysts to collect information about the organizations assets and their relationships and pull them into an intuitive graph view for cyber asset management. The graph-data model, based on open source graph data platform Neo4j, makes it easier to see relationships between different assets and to perform complex relationship analysis, the company said in a statement.
As a CSO, Im a big advocate of bringing graph-based technology to security, given its power to reshape how we think about security threat defense, said Sean Catlett, CSO at Slack.
Security teams are tasked with protecting a rapidly growing number of assets — including systems with IP addresses, devices, cloud resources, traditional and software-as-a-service applications, source code, network configurations, data, user identities, and access control rules — from a dizzying array of threats. The challenge is compounded when dealing with transient environments, where cloud and virtual resources change IP addresses, new systems are being added and removed regularly, and users are constantly moving.
JupiterOnes president and CEO, Erkang Zheng, estimates that assets outpace employees 500 to 1.
True vulnerability and attack surface management lies in asset relationships, including direct and indirect ones, Zheng said in a statement.
Organizations cant defend what they dont know. Many security teams struggle to know what assets they have and have poor visibility into how they relate to each other.
This knowledge is key to identifying security vulnerabilities, attack vectors, and the blast radius of compromise, wrote Austin Kelleher, principal security engineer at JupiterOne, in a
post explaining Starbase.
The information can help prioritize vulnerability remediation, reduce incident response time, and help identify security gaps and unknown risks.
Starbase integrates with over 70 different systems that range from cloud service providers, source control providers, internal developer platforms, vulnerability management platforms, and human resources platforms, Kelleher said. Analysts can also query the data from the graph view, asking questions such as: Which user accounts represent my employees? Which of my employee user accounts have MFA disabled? Which of my source control repositories are accessible to outside collaborators?
A graph-based approach to cyber asset management and analysis gives you the power to truly understand the structure of your cyber infrastructure and digital operations,
Zheng said in a blog post announcing Starbase
.
Starbase is available on GitHub
.

Last News

▸ Innovative Trojan targets passwords in new way. ◂
Discovered: 23/12/2024
Category: security

▸ Global cybercrime costs estimated at $400 billion. ◂
Discovered: 23/12/2024
Category: security

▸ Scammers on TweetDeck steal Twitter IDs using OAuth ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
JupiterOne Unveils Starbase for Graph-Based Security