Release Notes

Open Raven Platform Release: A Data-Smart Map of Your Cloud

Bele
Chief Corvus Officer
August 10, 2021

Earlier this summer, we released a first-of-its-kind, automated data catalog built specifically for security and cloud teams. This week, we are excited to announce that the details from the data catalog are now visible directly within Open Raven’s Maps view.

Maps help you quickly and easily view your cloud resources and find answers to common, but historically tough, questions about key security controls: VPC access, security group access, encryption status, etc. Today, we’ve made this map data smart. You can now browse S3 buckets and see summaries of the sensitive data types found within each, with quick links into the data catalog for more granular detail.

Zoomed in map showing a S3 bucket's details on the left showing that the asset is unencrypted and not backed up
Easily locate data, like AWS Secret Keys, stored in buckets within clicks.

Check out all Maps has to offer in our previous post, “Navigate Leaky S3 Buckets with Maps”.

Bringing data intelligence into an easy-to-understand, visual experience with detailed asset properties enables teams to quickly find answers about their data sans all the spreadsheets and interviews (to which teams have  grown accustomed). For example, in just a few clicks, easily locate: 

  • All publicly accessible S3 buckets with personal data
  • All data stores with financial data
  • All data stores with EU personal data
  • Region-specific stores with developer secrets
  • Healthcare data not encrypted at rest

...the list goes on.

To view the findings of a data classification scan, navigate to the map on the left-hand menu, then select the “Data” layer to toggle S3 buckets with “Data Classes Found”. Then click on the S3 bucket marked with the “Data” icon. You'll see a details panel with a list of data classes found.

Filter panel zoomed in, Data filter is highlighted
Toggle the new data layer filter to see data on the map.
S3 bucket with a blue glow underneath
S3 buckets with sensitive data 'light up' on the map.

In the details panel, you will see a list of top five data classes found, as well as a link to view more detail in the Data Catalog. Let’s say you want to investigate the locations of developer secrets, specifically, AWS keys. Use the data filters in the map, select “Developer Secrets”, then click on the highlighted buckets for more information. 

As you explore, you can identify specific objects, and view as far as a preview of individual redacted data findings. This preview gives you a sense of the data found, where the finding is located within the file, and any keywords that triggered the match. For further investigation or action, click the direct link into the AWS Console next to the object in question (assuming those permissions are granted).

Object Details panel open over the Data Catalog showing an AVRO file. Partially redacted records are listed in a table with their location and keywords.
Preview (redacted) instances and locations of sensitive data without leaving Open Raven.

And because you just might need to put this data into some workflow or share findings with others, you can easily export the findings to CSV. We hope this will help security teams better understand their risk and, if necessary, prioritize actions for remediation.

Another big thanks to our customers for helping shape the first data platform purpose-built for security and cloud teams - keep the feedback coming! Stay tuned for our next update, where we’ll have both new additions and improvements: new search, updated scanning and classification, to name a few.

Don't miss a post

Get stories about data and cloud security, straight to your inbox.