The global annual cost of cyber crime is estimated to be $6 trillion per year, or 1% of the Global GDP. At the same time, cloud computing is rapidly becoming the dominant model used by business both to develop new services and to host data and applications. Cloud computing dominates, but security is a challenge.
“As organizations continue to increase their reliance on the cloud to centralize their operations, cloud security solutions are seeing tremendous growth and adoption,” Erkang Zheng, founder and CEO of JupiterOne, said.
“In addition, the need to strengthen defenses — in advance of macroeconomic changes that could result in an increase in financially-motivated attacks — boosts the demand for cybersecurity software, especially for cloud environments that hackers may find more convenient to penetrate.”
This is how Zheng justifies JupiterOne's estimated valuation of over $1 billion, which comes after today's announcement of a $70 million Series C funding round. Although unicorns are not what they used to be, with the cybersecurity domain alone listing over 50 of them, this market offers plenty of room.
The cybersecurity market was valued at $217.87 billion in 2021, and it's projected to grow from $240.27 billion in 2022 to $345.38 billion by 2026, exhibiting a CAGR of 9.5% during the years 2022-2026 according to Markets and Markets. According to Gartner, cloud security is the fastest growing segment of the security market, with spending jumping from $595 million in the US in 2020 to $841 million last year.
The need for JupiterOne is there. What's worth looking into is how the company defines and approaches its mission.
A graph-powered cybersecurity platform
Zheng touts JupiterOne as “the first cloud-native cyber asset attack surface management (CAASM) platform built on a graph data model… uniquely positioned to lead this growing market.”
The company promises to help clients easily identify, map, analyze, and secure cyber assets. Its list of clients includes cloud-native enterprises like Cisco, Databricks, Indeed, and Robinhood.
The first step to doing this is to connect to as many systems as possible. As Zheng shared, JupiterOne currently supports over 180 integrations out of the box, with new integrations released on a regular basis. Some examples include cloud providers, vulnerability scanners, authentication and authorization systems, and identity management tools.
JupiterOne connects to all of an organization's infrastructure, cloud, and security tooling and systems in order to collect, integrate, and model all of its cyber asset data. It's an agentless technology that uses API-based connectivity to collect the data, Zheng said.
The company has been developing the breadth and depth of its integrations for over four years. Today, JupiterOne offers open source solutions — such as Starbase — that support its integrations. It also allows third parties to create their own integrations via JupiterOne's public integrations examples and SDK.
JupiterOne's CAASM platform is built on a graph data model to expose the intricate relationships between cyber assets, something which Zheng identified as key to the platform's operation:
“Visibility is of little value without context. The ability to draw connections between your cyber assets enriches your security investigations with a complete understanding of the incident, so you can assess its impact, see what was affected, and optimize your incident response workflows.
“It also allows you to gain structural context about your enterprise to understand not just what is going on, but where. We use a graph-based back-end system to model the nodes (assets) and connections (relationships) in order to provide smart and actionable insights and analysis of your environment.”
Indeed, cybersecurity is one of the domains in which graph shines. It comes down to two things: the flexibility of the data model, which enables integration of data from disparate sources, and the efficiency of the queries, which enables exploration of complex paths and relationships.
Starbase, JupiterOne's open source framework aiming to “democratize graph-based security analysis,” collects assets and relationships from services and systems including cloud infrastructure, SaaS applications, security controls, and more into a graph view backed by Neo4j.
JupiterOne's core product features a custom-built query language (J1QL), prebuilt queries, and a natural language-based search to answer any question.
Elaborating on how cyber asset data is monitored and updated to serve different use cases and requirements, Zheng said, “JupiterOne supports over 500 ‘out of the box' English-language questions that users can ask of their environments with a single click. If those questions don't solve your concerns, you can use our visual query builder or our direct search query language to ask any question of your choice.”
Zheng added, “Ask any question and get any answer. Questions can be turned into continuously monitored queries that are connected to alerts, and all data is available via customizable dashboards”.
One platform, many use cases, strong growth
Besides CAASM, JupiterOne addresses cloud security posture management; security operations and engineering; and governance and compliance. But how can something like GDPR compliance for data generated via application X and stored in cloud provider Y be assessed and monitored?
As Zheng explained, all of the cyber asset data from application X and cloud provider Y are normalized and stored within the JupiterOne graph system. This allows users to ask questions of that data in extremely complex ways.
“Compliance comes from knowing what questions to ask and then asking them with the appropriate frequency to find risks. Once you find the risks, you fix them, thus increasing your security alongside your compliance level,” Zheng said.
What about the monitoring vulnerabilities scenario? For example, how can something like the potential impact of Log4j to a client's applications be assessed and corrective action be suggested?
First, JupiterOne connects to application scanning solutions to determine where a code vulnerability, such as Log4j, would exist in a user's environment. From there, users can ask complex questions like: Who wrote the code that contains the issue? What is their security training level? Is this code running in production? If it is running in production, who is the application owner?
“JupiterOne connects vulnerabilities to the context surrounding them in your environment to help you get to the bottom of issues and remediate them faster than ever before,” Zheng said.
JupiterOne's $70 million Series C funding round brings the company's total raised to more than $119 million and its estimated valuation to over $1 billion. The round was led by Tribe Capital with participation from new investors, including Intel Capital and Alpha Square Group, and existing investors, including Sapphire, Bain Capital Ventures, Cisco Investments, and Splunk Ventures.
Commenting on the company's valuation, Zheng said that financial metrics and growth year over year have been strong. He added that the subscription model promotes customer retention and renewal, which helps project continued growth for years to come.
The funds will be used to grow go-to-market capabilities, expand engineering investments, and increase product development. This is all to address market needs across attack surface management, including unified asset inventory, vulnerability management, and security posture automation.
Additionally, the funds will be used to extend the reach of the company's extensive partnership and integration teams, further expanding the capabilities of the CAASM platform. JupiterOne will look to scale the company's direct and channel sales efforts for enterprise customers while expanding self-service capacity for small and midsize businesses.