JupiterOne scores $70M collection C funding, achieves unicorn standing


The worldwide annual price of cyber crime is estimated to be $6 trillion per yr, or 1% of the World GDP. On the identical time, cloud computing is quickly changing into the dominant mannequin utilized by enterprise each to develop new providers and to host knowledge and functions. Cloud computing dominates, however safety is a problem.

“As organizations proceed to extend their reliance on the cloud to centralize their operations, cloud safety options are seeing super progress and adoption,” Erkang Zheng, founder and CEO of JupiterOne, mentioned. 

“As well as, the necessity to strengthen defenses — upfront of macroeconomic adjustments that would end in a rise in financially-motivated assaults — boosts the demand for cybersecurity software program, particularly for cloud environments that hackers could discover extra handy to penetrate.”

That is how Zheng justifies JupiterOne’s estimated valuation of over $1 billion, which comes after as we speak’s announcement of a $70 million Collection C funding spherical. Though unicorns are usually not what they was once, with the cybersecurity area alone itemizing over 50 of them, this market affords loads of room.

The cybersecurity market was valued at $217.87 billion in 2021, and it is projected to develop from $240.27 billion in 2022 to $345.38 billion by 2026, exhibiting a CAGR of 9.5% throughout the years 2022-2026 in line with Markets and Markets. In accordance with Gartner, cloud safety is the quickest rising section of the safety market, with spending leaping from $595 million within the US in 2020 to $841 million final yr.

The necessity for JupiterOne is there. What’s price wanting into is how the corporate defines and approaches its mission.

A graph-powered cybersecurity platform

Zheng touts JupiterOne as “the primary cloud-native cyber asset assault floor administration (CAASM) platform constructed on a graph knowledge mannequin… uniquely positioned to guide this rising market.”

The corporate guarantees to assist shoppers simply determine, map, analyze, and safe cyber property. Its record of shoppers contains cloud-native enterprises like Cisco, Databricks, Certainly, and Robinhood. 

Step one to doing that is to hook up with as many methods as doable. As Zheng shared, JupiterOne presently helps over 180 integrations out of the field, with new integrations launched regularly. Some examples embrace cloud suppliers, vulnerability scanners, authentication and authorization methods, and id administration instruments.

JupiterOne connects to all of a corporation’s infrastructure, cloud, and safety tooling and methods to be able to gather, combine, and mannequin all of its cyber asset knowledge. It is an agentless know-how that makes use of API-based connectivity to gather the info, Zheng mentioned.

The corporate has been creating the breadth and depth of its integrations for over 4 years. At the moment, JupiterOne affords open supply options — akin to Starbase — that assist its integrations. It additionally permits third events to create their very own integrations through JupiterOne’s public integrations examples and SDK.

JupiterOne’s CAASM platform is constructed on a graph knowledge mannequin to reveal the intricate relationships between cyber property, one thing which Zheng recognized as key to the platform’s operation:

“Visibility is of little worth with out context. The power to attract connections between your cyber property enriches your safety investigations with an entire understanding of the incident, so you possibly can assess its affect, see what was affected, and optimize your incident response workflows.

“It additionally means that you can acquire structural context about your enterprise to grasp not simply what is occurring, however the place. We use a graph-based back-end system to mannequin the nodes (property) and connections (relationships) to be able to present sensible and actionable insights and evaluation of your surroundings.”

JupiterOne graphs piled together

JupiterOne’s platform and capabilities are constructed on a graph knowledge mannequin.

JupiterOne

Certainly, cybersecurity is likely one of the domains wherein graph shines. It comes down to 2 issues: the pliability of the info mannequin, which allows integration of information from disparate sources, and the effectivity of the queries, which allows exploration of complicated paths and relationships.

Starbase, JupiterOne’s open supply framework aiming to “democratize graph-based safety evaluation,” collects property and relationships from providers and methods together with cloud infrastructure, SaaS functions, safety controls, and extra right into a graph view backed by Neo4j.

JupiterOne’s core product contains a custom-built question language (J1QL), prebuilt queries, and a pure language-based search to reply any query. 

Elaborating on how cyber asset knowledge is monitored and up to date to serve totally different use instances and necessities, Zheng mentioned, “JupiterOne helps over 500 ‘out of the field’ English-language questions that customers can ask of their environments with a single click on. If these questions do not clear up your issues, you need to use our visible question builder or our direct search question language to ask any query of your alternative.”

Zheng added, “Ask any query and get any reply. Questions could be changed into constantly monitored queries which can be linked to alerts, and all knowledge is out there through customizable dashboards”.

One platform, many use instances, sturdy progress

In addition to CAASM, JupiterOne addresses cloud safety posture administration; safety operations and engineering; and governance and compliance. However how can one thing like GDPR compliance for knowledge generated through utility X and saved in cloud supplier Y be assessed and monitored?

As Zheng defined, all the cyber asset knowledge from utility X and cloud supplier Y are normalized and saved inside the JupiterOne graph system. This enables customers to ask questions of that knowledge in extraordinarily complicated methods.

“Compliance comes from figuring out what inquiries to ask after which asking them with the suitable frequency to seek out dangers. As soon as you discover the dangers, you repair them, thus growing your safety alongside your compliance stage,” Zheng mentioned.

What in regards to the monitoring vulnerabilities situation? For instance, how can one thing just like the potential affect of Log4j to a shopper’s functions be assessed and corrective motion be urged?

First, JupiterOne connects to utility scanning options to find out the place a code vulnerability, akin to Log4j, would exist in a consumer’s surroundings. From there, customers can ask complicated questions like: Who wrote the code that accommodates the difficulty? What’s their safety coaching stage? Is that this code operating in manufacturing? Whether it is operating in manufacturing, who’s the applying proprietor?

“JupiterOne connects vulnerabilities to the context surrounding them in your surroundings that can assist you resolve points and remediate them quicker than ever earlier than,” Zheng mentioned.

JupiterOne’s $70 million Collection C funding spherical brings the corporate’s whole raised to greater than $119 million and its estimated valuation to over $1 billion. The spherical was led by Tribe Capital with participation from new traders, together with Intel Capital and Alpha Sq. Group, and present traders, together with Sapphire, Bain Capital Ventures, Cisco Investments, and Splunk Ventures.

Commenting on the corporate’s valuation, Zheng mentioned that monetary metrics and progress yr over yr have been sturdy. He added that the subscription mannequin promotes buyer retention and renewal, which helps undertaking continued progress for years to return.

The funds can be used to develop go-to-market capabilities, broaden engineering investments, and improve product growth. That is all to handle market wants throughout assault floor administration, together with unified asset stock, vulnerability administration, and safety posture automation. 

Moreover, the funds can be used to increase the attain of the corporate’s in depth partnership and integration groups, additional increasing the capabilities of the CAASM platform. JupiterOne will look to scale the corporate’s direct and channel gross sales efforts for enterprise clients whereas increasing self-service capability for small and midsize companies. 



Latest articles

Related articles

Leave a reply

Please enter your comment!
Please enter your name here