open raven blog

Open Raven Platform Release - A New Data Catalog

Product
June 22, 2021

The first data catalog for security teams

We’re excited to announce the first data catalog for security teams, automating the generation of cloud data asset inventories to save time and enrich information security solutions. To skip to the bulleted notes, click here, or scroll to the bottom for a quick video.

Data teams have catalogs to provide a unified, starting point for extracting useful data insights about their business. Shouldn’t security teams have the same for insights into securing the business? We agree. Without such information, teams designing and implementing information security solutions for threats like ransomware are left assuming where sensitive data is, rather than knowing. Knowing how much of what types of data you have, and where, impacts almost everything from preventative measures to incident response and recovery plans. In addition, such information is useful for streamlining efforts in data governance and compliance.

Whether a cursory look, one-time investigation, first steps toward compliance regulations, or applying for a cyber insurance policy, the data catalog makes answering historically tough questions about your data, fast and easy.

The catalog is automatically updated with each scan and provides information necessary to manage regulatory scope, complete audits, and apply for cyber insurance policies.

How does it work?

The data catalog is automatically updated after each scan is run. Scan schedules can be configured with various filters to better prioritize the frequency at which data inventories are updated--by depth, file type, location, account, data class, etc. The main page of the data catalog provides an overview by data collection, showing the total record and relevant storage bucket count for each. Quick filters are available to view by region, specific account, or data class. Click on an individual data collection to see details further segmented by data class.

See summary data by collection, or by individual data classes within a collection.

Selecting “all” or a specific data class provides the list of relevant S3 buckets, the account ID, bucket size, and the number of records discovered within each. Deep links directly to the AWS console allow 1-click access to further investigate or take action. 

Drill down for a per-bucket summary for the relevant data class or collection with deep links directly to each object within AWS console.

Select a storage bucket to view a per object breakdown, again with a deep link directly into the AWS console from within our portal.

Here we've drilled down to see the specific JSON file housing 7.8k+ US Healthcare data records.

If we go back and switch to the “Regions” view, we'll find that the same data is broken down per AWS region, with filters to view region or account specific details. It's no surprise that engineering teams may use common regions like us-east-* and us-west-*, but with contractors, third-party engagements, and other external work your organization may be doing, sensitive data may end up in regions that are otherwise rarely used. 

Having access to an automated data asset inventory allows security teams to spend less time discovering where work needs to be done, and more time doing it.

Key Use Cases

Streamline regulatory scope management

  • With a readily available data asset inventory, security teams can quickly assess and reduce regulatory scope by seeing opportunities for consolidation, or simply identifying data residing in inappropriate places.
  • Rather than spending time manually investigating where new security controls must be applied, teams can move quickly to implementation planning.

Automate cyber security insurance application and renewal requests

  • The onslaught of ransomware has shifted insurance providers to requiring more information from organizations to better identify and limit risk, like a full data asset inventory. Such information is now readily available and automatically updated with each scan.

Eliminate mistakes during mergers & acquisitions

  • The effort to onboard an organization is massive, and that includes how to arrange and move information systems and the data therein. Often, this can result in a further reduction in data visibility, and a ton of time. An up-to-date view of what each side has streamlines identifying what should be moved, and to where. The catalog serves as a single, unified view of data across the entire cloud estate.


Use Case: Inventory Cloud Data and Assets

Read the full release notes

Learn about classification’s role in security

Visit our Website


Subscribe to our newsletter

Monthly product and event updates

RSS Feed
More related content
author
Igor Shvartser
Back to the Blog