JupiterOne Reviews

I have been using JupiterOne for four to five months. I explored JupiterOne during my cybersecurity studies, and it serves as a cloud asset management and security solution for my company.

I use JupiterOne to address issues that my company faces with rating limits to deliver strong values, visibility, and compliance for all of my clients' terms.

The main use cases with JupiterOne involve personalized voice scripts for company assets, including tracking compliance and checks and cloud monitoring.

The best use case for JupiterOne is primarily its privacy capabilities, such as how it operates in private zones.

When S3 buckets are publicly exposed by mistake, JupiterOne flags it immediately through its graph relationship without manual checking of each asset. The compilation reporting is handled automatically instead of manually collecting evidence for SOC 2 or ISO audits. JupiterOne continuously maps infrastructures against compliance frameworks, which helps my company significantly.

Regarding automation with JupiterOne, I added some automations that directly contact clients or utilize the graph of the clients. They can see the live graphs of whatever is behind that situation, and it automatically finds the catalogs of every digital asset like cloud instances, user apps, and devices without manual inputs. The graph-based visualizations handle compliance mapping and policy management effectively.

JupiterOne affects my organization from many perspectives, particularly from a security viewpoint. Organizations gain a complete picture of their entire digital infrastructure with no blind spots, every asset, and every connection in one place. This reduces manual work and enables faster incident response, making compliance easier for standards like ISO and HIPAA. Evidence is automatically collected, which is the main cause of cost savings.

Fewer security breaches result from less manual effort, leading to better risk management. That is why my company uses JupiterOne extensively.

Time saved and money saved are both significant benefits that I have experienced.

Regarding performance and speed scenarios for JupiterOne, queries sometimes take too long, especially when dealing with large datasets or complex graph relationships that can slow down significantly. There is also a steep learning curve, as J1QL, their query language, is powerful but requires time to learn. New users struggle initially, and better onboarding tutorials are needed.

Rate limiting issues can be frustrating, as API rate limits sometimes cause problems.

Price transparency for JupiterOne is an area for improvement. The price is not publicly listed, so you have to contact sales for smaller teams or startups, which becomes a barrier. Another issue is alert noise, as sometimes too many alerts are generated. Better filtering and prioritization are needed so that critical issues do not get lost.

JupiterOne is very good when compared to other cloud asset platforms overall.

I have been working with this solution for seventeen months.

JupiterOne is stable.

The scalability of JupiterOne is quite good. It is built to handle enterprise-scale infrastructures with thousands of assets across multiple cloud environments. As our AWS infrastructure grew with more EC2 instances, more IAM roles, and more S3 buckets, JupiterOne automatically discovered and added them to the graph without any manual interventions. Horizontal scaling was seamless.

The graph database architecture is a smart choice for scalability. As we had more assets and relationships, the graph expanded naturally without restructuring. It is suitable for most mid-sized to large organizations. Only at very large enterprise scale do we feel those performance pressures.

Our experience with JupiterOne's customer support was generally positive. During onboarding, support was strong. When we initially set up the platform, their team provided dedicated assistance for connecting integrations like AWS and GitHub, which made the first two to three weeks much smoother than expected.

JupiterOne has a documentation portal that is quite comprehensive. Most common questions and integration guides are well covered there, and our team relied on it heavily during initial configurations.

For ticket-based support, response time was reasonable for standard issues, usually within twenty-four to forty-eight hours. For critical issues, we sometimes received faster responses.

I would rate the customer service nine out of ten.

Before JupiterOne, we were using a combination of tools including primarily AWS Security Hub for cloud security monitoring, spreadsheets for access tracking and compliance evidence collection, and a separate tool for vulnerability scanning. The problem was that those tools did not communicate with each other, resulting in three separate dashboards, no unified view, and a lot of manual work stretching data together for reporting.

This consolidation issue was the main reason we switched to JupiterOne. We wanted one single platform that could replace all three and give us a connected graph view instead of isolated data silos. That is why we chose JupiterOne, and it was the best decision ever.

I did not evaluate other options and directly switched to JupiterOne.

My overall experience is good. JupiterOne follows a subscription-based pricing model that is not publicly listed, so you have to go through their sales team for actual numbers. In our case, the pricing was based on the number of assets monitored, with more assets resulting in higher costs. For a mid-sized organization like mine, it was a premium price but justified given the value.

The initial configurations took some effort, connecting all integrations like AWS and GitHub. It took about two to three weeks to fully set up and fine-tune. The licensing was a straightforward annual enterprise license.

Overall, it is not cheap, but for what it does, it is a good value.

I have definitely seen a positive return on investment from JupiterOne in a few concrete ways. The first is time savings. Before JupiterOne, our security team spent roughly fifteen to twenty hours per week manually tracking assets and preparing compliance reports. After implementation, that dropped to about three to four hours, saving nearly eighty percent of manual effort in that area.

The second area is audit preparation for SOC 2. Previously, it took four to six weeks of intensive work, but with JupiterOne continuously collecting evidence, that came down to roughly one week. This alone saved significant consultant and employee hours.

The third area is incident response.

JupiterOne follows a subscription-based pricing model that is not publicly listed, so you have to go through their sales team for actual numbers. In our case, the pricing was based on the number of assets monitored, with more assets resulting in higher costs. For a mid-sized organization like mine, it was a premium price but justified given the value.

The initial configurations took some effort, connecting all integrations like AWS and GitHub. It took about two to three weeks to fully set up and fine-tune. The licensing was a straightforward annual enterprise license.

Overall, it is not cheap, but for what it does, it is a good value.

I did not evaluate other options and directly switched to JupiterOne.

I have several practical pieces of advice for anyone looking into JupiterOne. The first is to start with clear asset inventory goals. Before you even set up the tools, know what you want to track, such as cloud assets or user applications. Going in without clarity makes the setup overwhelming.

The second is to invest time in learning J1QL early, as it is the key to unlocking JupiterOne's full power. The third is to connect your most critical integrations first, such as AWS and GitHub, and get those running before expanding to others. Do not try to connect everything at once as it becomes messy.

The fourth is to involve your compliance team from day one. JupiterOne's biggest ROI is in audit preparation, but only if compliance requirements are mapped correctly from the start. Finally, use the trial period seriously. Do not just click around; actually run real queries against your infrastructure and see if the insights match your expectations before committing to enterprise pricing.

My overall advice is that if you are a mid-sized or large organization dealing with multi-cloud complexity, JupiterOne is absolutely worth evaluating seriously. I gave this review an overall rating of eight out of ten.

One example in my project is with the European Investment Bank, where JupiterOne has leveraged continuous controls monitoring (CCM) to help stay compliant with different SOX and PCI DSS regulations. This has reduced manual compliance efforts by 80-90%. The system improved fraud detection by accurately correlating data during critical business operations. JupiterOne also integrates with AWS and Azure cloud workloads, detecting IAM role misconfigurations in real-time, thus preventing unauthorized access to sensitive financial data. Overall, it has also reduced mean time to incident resolution from hours to minutes.

Fraud detection stands out as a key feature of JupiterOne. It prioritizes data, especially AI-driven data, and the accuracy of fraud detection is at 95%.

One of the best features JupiterOne offers is its graph-native asset model, which illustrates the relationships between users, workloads, and permissions, particularly in the banking sector. This helps me understand who logs in daily, identifies authorized users versus unauthorized ones, and monitors legal transactions versus improper ones. It provides clarity on transaction types, whether online payments, manual withdrawals, or ATM use. Another excellent feature is continuous controls monitoring, which constantly tracks access systems. Unified Vulnerability Management (UVM) is also a standout feature, along with AI-powered natural language queries that allow querying databases for transaction metrics and user profits, giving an overview of operations.

Skills development is another important area that needs attention, as teams require training in graph-based query language to effectively handle large transaction datasets. Additionally, addressing integration complexity across diverse SaaS and on-prem systems is essential.

JupiterOne has benefited my organization through continuous compliance, allowing valid user access and maintaining audit trails that minimize regulatory risk. I conduct quarterly audits to ensure continuous compliance by understanding system interactions and roles of access, including customer and third-party interactions. Governance automation is another benefit, enabling the mapping and control of multiple frameworks simultaneously. Real-time monitoring has reduced downtime and financial risk, contributing to overall operational resilience. AI-driven prioritization has lessened false positives, enhancing transaction accuracy, ensuring reliability.

Regarding governance and security, JupiterOne offers robust capabilities. It features an AI attack surface management (ASM) option that maps risks across cloud and SaaS systems and integrates AI effectively. AI-driven queries enhance compliance and risk reporting accuracy, allowing for valid data extraction from substantial datasets. The predictive risk modeling identifies attack paths linked to third-party vendor access and enforces policy adherence.

In terms of output accuracy and reliability, JupiterOne delivers trustworthy results. Using AI queries, it processes large data sets efficiently, managing thousands of transactions with precision. In just seconds, it provides accurate counts and results. The governance and security aspects are stable, with restricted access to ensure unauthorized users cannot interfere.

I would advise that JupiterOne is a stable and scalable cybersecurity and governance platform, particularly in financial services and banking sectors. It provides real-time visibility, continuous compliance, monitoring, AI-driven risk prioritization, and governance automation. These features enhance audit readiness and improve fraud prevention. I rate JupiterOne nine out of ten because it is scalable, stable, and well-suited for retail, investment, and banking sectors. It excels in graphical asset management and includes useful AI features, making it superior to other market tools.

Our main use case for JupiterOne is as an asset catalog tool where we document all our assets that are integrated from different platforms such as Device42, Qualys, Microsoft M365, and Defender. We are aggregating all our assets from different tools into JupiterOne.

A specific example of how we use JupiterOne day-to-day is being able to draw a network flow of how network traffic travels through the network, starting from the edge devices to the internal devices. We are also using JupiterOne to track assets that are being brought in and assets that are leaving the environment. Additionally, we are using JupiterOne as the source of truth for many other things that we are doing. Some of my other teammates in areas such as data are tapping into it for asset categorization.

JupiterOne has had a significant impact on our organization. Previously, when looking at security alerts, we would need to examine different tools separately. Now, we often take the IP address or the FQDN and input it into JupiterOne, which usually tells us what that asset is. We are ingesting data from places such as AWS, Azure, Device42, Qualys, Defender, and Trend Micro. These are different tools that, on a good day without JupiterOne, we would have to look at separately to determine where a particular asset is. JupiterOne helps us aggregate all those things on one single platform, allowing us to quickly identify what environment that asset lives in and what type of asset it is.

One feature we also value is the ability to enter custom tags so we can create asset types or asset locations and detail who owns the asset. These features have positively impacted us at Landmark Information Group.

I think one of the best features JupiterOne offers is blast radius, being able to see assets that could be directly or indirectly affected by any cyber incident or to see how some assets communicate with other assets and some do not communicate with other assets. I also think it is easy to query assets and find assets using queries and build out graphs that often make it easy for us to drill down on certain types of assets or categories of assets.

The blast radius feature has helped our team because, in security operations, one of the first places we look when investigating an alert is JupiterOne. We might enter the IP address or the FQDN of the server to find out where it is, who owns it, and what it does. At that point in time, we identify other assets that might be in the same environment or the same place where that asset lives, which helps us when we are doing security operations and investigating alerts.

There are some features that I have shared with our customer service manager. One of them that is relevant to us at this time is the need for better determination of unified devices. Currently, JupiterOne uses hostname weights, MAC addresses, or IP addresses to tie devices together, but we have actually requested a way for us to make those determinations ourselves. For example, when externally scanning a device using Qualys, internally it gives an IP address or FQDN, while externally it might be different. We want to be able to decide ourselves that these two devices are the same device even when they have different names and IP addresses for external and internal use. The unified devices feature is valuable and did not used to exist, and it has been fantastic. However, I believe more can be done regarding unified devices, and giving users the privilege to tie them together would be a good addition to the platform.

One of the other things that interest us in JupiterOne and why we really wanted to use the tool is the compliance feature. We wanted to use it to track our compliance since we are ISO 27001 certified. However, the compliance module has not worked well, and we have had to continue tracking our compliance manually with the tools we use. Although there are some works in progress to improve the compliance part of the tool, I think if they can get it up to speed, that would be a really good improvement.

I have been using JupiterOne for three years. I was initially recruited with Landmark Group to be a subject matter expert for JupiterOne.

JupiterOne has many features. Although none comes to mind almost immediately, I know it often depends on how we are able to write or craft the queries. JupiterOne has been very instrumental to me in my work. Being the subject matter expert for JupiterOne at Landmark, I think it has been very beneficial for me.

JupiterOne has been quite helpful to us, especially in information security. One of the things it helps us with is housekeeping, allowing us to see where there are duplicates and address those.

I would rate JupiterOne an eight. JupiterOne is a strong tool, and there are some issues that need to be addressed, but overall, I think it is a good tool. The reason I am giving it an eight is that there are features that are not its strengths, which is understandable, but it performs very well in the aggregation of assets from different platforms.

I would definitely recommend JupiterOne because some of the features I have mentioned here are part of what makes it strong. The aggregation of tools from different platforms into one single repository allows you to easily query assets by typing their IP address, hostname, or FQDN. I believe that is JupiterOne's greatest strength. Additionally, you can create dashboards or widgets for a high-level overview, and JupiterOne can track trends over time, telling you if something is increasing, decreasing, or remaining stable. Those are part of the great features that JupiterOne has, and I would recommend it to anyone needing a single cyber asset tool.

We use the solution for writing all the queries. There is a lot of variation for machine learning projects like data processing, data analysis, and pipeline creation. It has the flexibility to work on different kinds of things like ML projects and clustering algorithms like regression analysis.

The product’s UI is pretty decent and fast. You can increase GPUs and other features like importing files and everything, which is tricky in Google Collab but better in Jupiter.

There should be more integration or an update to the visualization part of the charts or other graphs we plot. Currently, it integrates from your local directive with your local PC. If it is integrated into other platforms, that would be great. You can only write Python queries in Jupiter, not other languages, like, SQL or PySpark. Databricks is a software that provides writing queries in different languages. Jupiter should allow us to write in different languages.

I have been using JupiterOne for more than three years. We are using the latest version of the solution.

The product is stable. I rate the solution’s stability an eight out of ten.

We have 50+ users using this solution. I rate the solution’s scalability a seven out of ten.

There is not much support needed for the software.

I’ve used PyCharm before, but I switched to Jupiter because of its interface, query writing, and sequence capabilities. I find it better to write short-form notebooks, as these are easier to see and understand. The flow is also more intuitive, and the output certificate is displayed on the same line.

The initial setup is decent and takes a minute to deploy. It would have taken maybe 15 to 30 minutes for the first time, but it’s not a difficult job to do. One person is enough for setup and maintenance. I rate the initial setup an eight, where one is difficult, and ten is easy.

Overall, I rate the solution an eight out of ten.