Open Raven Platform Release: A Data-Smart Map of Your Cloud
Earlier this summer, we released a first-of-its-kind, automated data catalog built specifically for security and cloud teams. This week, we are excited to announce that the details from the data catalog are now visible directly within Open Raven’s Maps view.
Maps help you quickly and easily view your cloud resources and find answers to common, but historically tough, questions about key security controls: VPC access, security group access, encryption status, etc. Today, we’ve made this map data smart. You can now browse S3 buckets and see summaries of the sensitive data types found within each, with quick links into the data catalog for more granular detail.
Check out all Maps has to offer in our previous post, “Navigate Leaky S3 Buckets with Maps”.
Bringing data intelligence into an easy-to-understand, visual experience with detailed asset properties enables teams to quickly find answers about their data sans all the spreadsheets and interviews (to which teams have grown accustomed). For example, in just a few clicks, easily locate:
- All publicly accessible S3 buckets with personal data
- All data stores with financial data
- All data stores with EU personal data
- Region-specific stores with developer secrets
- Healthcare data not encrypted at rest
...the list goes on.
To view the findings of a data classification scan, navigate to the map on the left-hand menu, then select the “Data” layer to toggle S3 buckets with “Data Classes Found”. Then click on the S3 bucket marked with the “Data” icon. You'll see a details panel with a list of data classes found.
In the details panel, you will see a list of top five data classes found, as well as a link to view more detail in the Data Catalog. Let’s say you want to investigate the locations of developer secrets, specifically, AWS keys. Use the data filters in the map, select “Developer Secrets”, then click on the highlighted buckets for more information.
As you explore, you can identify specific objects, and view as far as a preview of individual redacted data findings. This preview gives you a sense of the data found, where the finding is located within the file, and any keywords that triggered the match. For further investigation or action, click the direct link into the AWS Console next to the object in question (assuming those permissions are granted).
And because you just might need to put this data into some workflow or share findings with others, you can easily export the findings to CSV. We hope this will help security teams better understand their risk and, if necessary, prioritize actions for remediation.
Another big thanks to our customers for helping shape the first data platform purpose-built for security and cloud teams - keep the feedback coming! Stay tuned for our next update, where we’ll have both new additions and improvements: new search, updated scanning and classification, to name a few.