Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
JupiterOne, a cybersecurity management automation startup, today closed a $30 million series B round led by Sapphire Ventures. Cofounder and CEO Erkang Zheng says the capital will be used to grow JupiterOne’s engineering, product development, and go-to-market capabilities, including building out its remote workforce and extending the reach of partnership and integration teams.
Cybersecurity asset management, or the process of creating and continually updating an inventory of IT resources, can be a resource drain. According to a 2019 Deloitte survey, executives spend 13% of their time addressing cyber monitoring and operation challenges. Despite this, relatively few businesses are proactive about asset management, perhaps owing to logistical challenges. Gartner estimates that only 35% of companies are designing, documenting, and regularly testing assets using inventory tools and software.
JupiterOne claims to make security teams more efficient by centralizing the data from dozens of cloud services into a single hub for management, analysis, and alerts. Via the platform’s integrations and API, it automatically pulls in read-only data to generate a real-time inventory of resources and assets, including code, repositories, and endpoints. A one-word search across the inventory returns detailed information like account access, devices in use, resources, and even user-made changes to code repositories.
JupiterOne was founded as a subsidiary of Indianapolis, Indiana-based health software company LifeOmic. Zheng served as LifeOmic’s chief information security officer and initially built JupiterOne to support LifeOmic’s security and compliance needs. In pursuit of a cybersecurity asset management segment that’s anticipated to reach $8.5 billion in spending by 2024, according to Zheng, LifeOmic productized the solution as JupiterOne and spun it out in March 2018.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
“JupiterOne was born on the back of the idea that maintaining a deep understanding of what cyber assets are in your environment and how they are interconnected would provide the foundation for any security programs you were trying to build,” a spokesperson told VentureBeat via email. “[The company] provides innovative cyber asset management and governance solutions to over 100 enterprises around the world. Additionally, JupiterOne has a free software-as-a-service offering that any company of any size can use. [The company] believes that security is a basic right for all and provides free service levels to support that level of basic right.”
JupiterOne’s algorithms fetch and classify entities in environments automatically and map them to tools like the compliance dashboard. There, users get an overview of the top-level controls and policies that make up their company’s security framework. Users can dig into specific requirements or use JupiterOne’s policy builder to review, update, and visualize asset relationships and craft a set of procedures from templates covering 24 major security policy domains.
Using the JupiterOne Insights app, customers can build customized reporting dashboards and visualizations with searches and queries for inadvertent self-reviews, suspicious code commits, pull requests, code repos, and more. Each dashboard can be configured as a shared team board or as a personal board, and the layout of each board is individually saved per user, allowing a user to customize layouts without impacting other users.
For alerts, JupiterOne’s rules panel leverages a knowledge graph to factor in things like a user’s permissions and whether multifactor authentication has been enabled before triggering a new alert. JupiterOne boasts a library of preconfigured rules and intelligent rules that can be set to run from every 15 minutes to every 24 hours to ensure security teams remediate when a new, high-severity alert occurs.
“Customers’ primary use case is continuous knowledge of the state of their entire infrastructure and security universe. Specifically, JupiterOne customers gain continuous knowledge of their cyber assets, including but not limited to: cloud providers’ code repositories, vulnerability scanning technologies, training systems, identity providers, and much more,” the spokesperson said. “Many JupiterOne customers build their entire security program around JupiterOne as the underpinning continuous visibility data source.”
JupiterOne, which has 50 employees and recently added strategic investors — including Atlassian CTO Sri Viswanath and Netflix VP Jason Chan — has clients in Reddit, Databricks, and Auth0. It claims to have tripled its annual revenue in 2020 and anticipates tripling revenue again this year.
“JupiterOne grew substantially during 2020. While the pandemic is a negative for all businesses, including ours, JupiterOne was able to navigate the early downturn of business and grow at an exceptional rate in 2020,” the spokesperson said. “We feel very good as we progress into the second half of 2021 and plan to substantially grow JupiterOne as the world exits the pandemic later this year.”
Previous investors Bain Capital Ventures also participated in the round announced today. It brings Morrisville, North Carolina-based JupiterOne’s total raised to more than $49 million.
“We have grown significantly since our series A funding just eight months ago,” Zheng said. “This funding round allows us to expand faster, grow our already amazing employee base, accelerate our go-to-market plan, and bring new capabilities to our customers sooner. In the next 12 months, we are going to take our technology to the next level and really showcase the art of the possible for our customers and free community.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.