JupiterOne

JupiterOne

Overview

The JupiterOne integration connects the Praetorian Guard Platform (PGP) with JupiterOne's cyber asset attack surface management (CAASM) platform, importing consolidated asset inventory and findings data into your unified attack surface view. JupiterOne builds a graph of entities and relationships across your cloud, endpoint, identity, and security tooling, and this integration brings that consolidated view into PGP alongside PGP's offensive security perspective.

This integration operates in a read-only capacity. PGP queries the JupiterOne API to retrieve entity and finding data and never modifies queries, entities, or configurations in your JupiterOne environment.

What the Integration Does

When connected, PGP authenticates to the JupiterOne API using your Account ID and API Key and performs a read-only sync against the region (US or EU) where your JupiterOne tenant is hosted. Two independent import streams can be enabled per connection:

  • Vulnerability import -- Findings and Vulnerabilities from JupiterOne are imported into PGP as risks, preserving severity and affected-entity context. Enabled by default.

  • Asset import -- Hosts, Devices, and Applications from JupiterOne are imported into PGP as assets, extending your PGP inventory with entities JupiterOne has correlated from other tools. Disabled by default.

Multiple JupiterOne accounts can be connected by configuring the integration once per account.

Prerequisites

Before setting up the integration, ensure you have:

  • An active JupiterOne account with API access enabled (any plan that includes API access)

  • Your JupiterOne Account ID

  • A JupiterOne API Key with read access to entities and relationships

Finding Your Account ID

  • Log in to JupiterOne at https://apps.us.jupiterone.io (or https://apps.eu.jupiterone.io for EU tenants)

  • Click the gear icon in the top-right corner to open Settings

  • Navigate to Account Management

  • Copy the Account ID displayed on the page

Generating an API Key

  • In JupiterOne Settings, navigate to Users & Access > API Keys

  • Click Create API Key and give it a descriptive name (e.g., "Praetorian Guard Integration")

  • Copy the API key immediately -- it is only shown once

API keys inherit the permissions of the user who creates them. Use an account with read-only access to limit the key's scope.

Setup

  • In PGP, go to Integrations and click Add Integration

  • Select JupiterOne (under Cyber Asset Attack Surface Management)

  • Enter the required credentials and choose your import preferences

  • Click Connect -- PGP will validate the credentials before saving

To connect additional JupiterOne accounts, repeat these steps with a different Account ID and API key.

Field Reference

Field

Description

Required

Account ID

Your JupiterOne Account ID from the Account Management page

Yes

Region

The region hosting your JupiterOne tenant -- US (apps.us.jupiterone.io) or EU (apps.eu.jupiterone.io)

Yes

API Key

A JupiterOne API key with read access

Yes

Import Vulnerabilities

Import Findings and Vulnerabilities from JupiterOne (on by default)

No

Import Assets

Import Hosts, Devices, and Applications from JupiterOne (off by default)

No

Permissions

JupiterOne API keys inherit the permissions of the user who created them -- there are no granular scopes on the key itself. For this integration, the key needs:

  • Read access to entities and relationships (required for both asset and vulnerability import)

  • No write access -- PGP only reads data from JupiterOne and never modifies your environment

We recommend creating the key under a dedicated read-only user account so the integration's access is limited to what it actually needs.