Release Notes

GA Release of the Open Raven Cloud-Native Data Protection Platform 1.0

Chief Corvus Officer
November 18, 2020

Today is a major milestone for Open Raven: we announced the release for general availability (GA) of our commercial product, the Open Raven Cloud-Native Data Protection Platform. A colossal amount of work by the Open Raven team that owes a considerable debt to the fantastic group of design partners who have been piloting the platform.  If you’ve taken the time to speak with us or especially if you’ve used the earlier versions of the platform, we greatly appreciate it and want you to know that it’s made all the difference. In a year chock full of distractions and mayhem, we certainly don’t take it for granted.

Product Launch

Open Raven Platform 1.0 is a giant leap beyond the Community Edition version we announced in February that focused on cloud asset and data discovery.

Some of the key product capabilities in Platform 1.0 include:

  • Data Inventory - we can now not only show you where all your data is located across AWS, but we quickly inventory the files allowing for a MacOS like experience for navigating S3 contents. We’ve tested this to work to the billions of files limit thus far. Using the same serverless analysis we introduced earlier this year for fingerprinting, it’s a true differentiator vs. alternative solutions that simply can’t horizontally scale in the same fashion (and stay within a reasonable budget).
  • Data Classification - Using the same Lambda-based model, Open Raven can now automatically classify a wide variety of personal, sensitive and regulated data types. At launch we’ll offer a range of defaults (PII, Healthcare, Financial, Developer Credentials, etc.) alongside the ability to customize with pattern matching, data adjacency tuning & the ability to call validation APIs during classification for assuring accuracy. Why trust when you can verify?
  • Policies & Monitoring - We now allow you to harness the rich context of nearly any AWS resource, plus an in-depth knowledge of your data to monitor data protection in real-time (e.g., for data exposure, data misuse, compliance violations, etc.). Policies can be chosen from a set of defaults or built from scratch as code-based statements.
  • Real-time Maps - Our new 3D maps not only received a red-hot makeover, but show real-time status and support a number of important use cases. One of our favorites is the ability to quickly visualize how data can flow across an environment - especially geographic regions - which is more important than ever given that Privacy Shield was invalidated this past July.

With Open Raven Platform 1.0, we’re frequently asked how we compare to AWS Macie, Amazon’s native data classification service for S3. We’re dramatically different from Macie. If you’re only interested in data classification, then Open Raven is better, faster, and less expensive for identifying sensitive, personal or regulated data. But most SecOps, privacy and cloud teams we talk to want more than a data classification service. They want an end-to-end operational platform, tightly integrating discovery and classification with policy-based monitoring and enforcement to proactively protect their data in AWS from breaches and leaks. And they’d rather not have to build such a platform themselves.

Open Raven key differentiators from Macie include data location (e.g., on EC2), more powerful classification, end-to-end operationalization, visualization across an entire AWS estate, as well as short-term scope beyond S3 and mid-term scope beyond Amazon (i.e., Snowflake and Google Cloud Platform in 2021). Macie’s opaque pricing model is also a sticking point for many. Our straightforward pricing model (we bill by data store w/ 10GB included per store) has been well received by our design partners.

Our design partners are using Open Raven Platform 1.0 to solve a growing list of key challenges with protecting cloud data. The use cases we see most often include:

  • Find every instance of a specific type of data (especially developer secrets)
  • Know when data is exposed, and when the protection doesn’t match the data type (e.g. personal, sensitive, regulated)
  • Run a quick assessment to identify data at risk
  • Eliminate any customer data mistakenly left behind by customer facing teams
  • Monitor where data can flow and who has access, then respond to violations
  • Streamline data-related audits and reporting
  • Automate privacy operations

Getting Started with Open Raven - A Few Changes

This month, we quietly launched a SaaS-based free trial of Open Raven Platform 1.0. While we still offer our hybrid deployment - where we deploy directly into a customer’s cloud environment – we now lead with a SaaS based trial which is quicker and easier for many. We received consistent feedback that SaaS was fine in most environments, albeit the hybrid model is still available when required by the circumstances.

With the trial version readily available, we have begun to transition our free entry point (what we called Community Edition) to a full open source offering. We are hammering out the details of a clearer, more compelling open source strategy to be announced early next year.

It’s Time for a Modern, Cloud-Native Approach to Data Protection

We are consistently reaffirmed that the timing of the Open Raven Platform 1.0 release couldn’t be better. The need for visibility and control of cloud data security and privacy is pervasive as organizations accelerate their transition to the public cloud and accumulate massive amounts of data along the way.  The existing amount of manual work, time, expense and resulting number of incidents are clear indications that existing solutions, from cloud providers and security vendors alike, aren’t working.

We’ve been working since early last year to reimagine data protection and we can’t wait to help you. To map your entire cloud infrastructure in minutes. To pinpoint critical data sitting in petabyte-scale S3 buckets. To make compliance absolutely painless and even a little pretty. Drop us a line to Request a Demo today.

Don't miss a post

Get stories about data and cloud security, straight to your inbox.