JupiterOne has announced Starbase, an open source tool for security analysts to collect information about the organization’s assets and their relationships and pull them into an intuitive graph view for cyber asset management. The graph-data model, based on open source graph data platform Neo4j, makes it easier to see relationships between different assets and to perform complex relationship analysis, the company said in a statement.
“As a CSO, I’m a big advocate of bringing graph-based technology to security, given its power to reshape how we think about security threat defense,” said Sean Catlett, CSO at Slack.
Security teams are tasked with protecting a rapidly growing number of assets — including systems with IP addresses, devices, cloud resources, traditional and software-as-a-service applications, source code, network configurations, data, user identities, and access control rules — from a dizzying array of threats. The challenge is compounded when dealing with transient environments, where cloud and virtual resources change IP addresses, new systems are being added and removed regularly, and users are constantly moving.
JupiterOne’s president and CEO, Erkang Zheng, estimates that assets outpace employees “500 to 1.”
“True vulnerability and attack surface management lies in asset relationships, including direct and indirect ones,” Zheng said in a statement.
Organizations can’t defend what they don’t know. Many security teams struggle to know what assets they have and have poor visibility into how they relate to each other.
“This knowledge is key to identifying security vulnerabilities, attack vectors, and the blast radius of compromise,” wrote Austin Kelleher, principal security engineer at JupiterOne, in a post explaining Starbase. The information can help prioritize vulnerability remediation, reduce incident response time, and help identify security gaps and unknown risks.
Starbase integrates with over 70 different systems that range from cloud service providers, source control providers, internal developer platforms, vulnerability management platforms, and human resources platforms, Kelleher said. Analysts can also query the data from the graph view, asking questions such as: “Which user accounts represent my employees?” “Which of my employee user accounts have MFA disabled?” “Which of my source control repositories are accessible to outside collaborators?”
“A graph-based approach to cyber asset management and analysis gives you the power to truly understand the structure of your cyber infrastructure and digital operations,” Zheng said in a blog post announcing Starbase.