Release Notes

Open Raven Platform Release: A New Data Catalog

Chief Corvus Officer
June 22, 2021

The first data catalog for security teams

We’re excited to announce the first data catalog for security teams, automating the generation of cloud data asset inventories to save time and enrich information security solutions.

Data teams have catalogs to provide a unified, starting point for extracting useful data insights about their business. Shouldn’t security teams have the same for insights into securing the business? We agree. Without such information, teams designing and implementing information security solutions for threats like ransomware are left assuming where sensitive data is, rather than knowing. Knowing how much of what types of data you have, and where, impacts almost everything from preventative measures to incident response and recovery plans. In addition, such information is useful for streamlining efforts in data governance and compliance.

Whether a cursory look, one-time investigation, first steps toward compliance regulations, or applying for a cyber insurance policy, the data catalog makes answering historically tough questions about your data, fast and easy.

Data catalog showing all of the data collections the user has in their environment, both premade and custom.
The catalog is automatically updated with each scan and provides information necessary to manage regulatroy scope, complete audits, and apply for cyber insurance policies.

How does it work?

The data catalog is automatically updated after each scan is run. Scan schedules can be configured with various filters to better prioritize the frequency at which data inventories are updated--by depth, file type, location, account, data class, etc. The main page of the data catalog provides an overview by data collection, showing the total record and relevant storage bucket count for each. Quick filters are available to view by region, specific account, or data class. Click on an individual data collection to see details further segmented by data class.

Data catalog showing a list of health care data classes. Users can select to view a specific data class or all health care data.

Selecting “all” or a specific data class provides the list of relevant S3 buckets, the account ID, bucket size, and the number of records discovered within each. Deep links directly to the AWS console allow 1-click access to further investigate or take action. 

Data Catalog with the Data tab selected. User has selected items so All Health Care Data is showing and no other data classes.
Drill down for a per-bucket summary for the relevant data class or collection with deep links directly to each object within AWS console.

Select a storage bucket to view a per object breakdown, again with a deep link directly into the AWS console from within our portal.

Data catalog with Data tab selected. User has selected a number of items to get down to a singular JSON file that shows 7,820 data classes.
We've drilled down to see the specific JSON file house 7.8k+ US Healthcare data records.

If we go back and switch to the “Regions” view, we'll find that the same data is broken down per AWS region, with filters to view region or account specific details. It's no surprise that engineering teams may use common regions like us-east-* and us-west-*, but with contractors, third-party engagements, and other external work your organization may be doing, sensitive data may end up in regions that are otherwise rarely used. 

Data catalog with the table selected on Regions. User can see the data classes and number of S3 buckets in a specific region.

Having access to an automated data asset inventory allows security teams to spend less time discovering where work needs to be done, and more time doing it.

Key Use Cases

Streamline regulatory scope management

  • With a readily available data asset inventory, security teams can quickly assess and reduce regulatory scope by seeing opportunities for consolidation, or simply identifying data residing in inappropriate places.
  • Rather than spending time manually investigating where new security controls must be applied, teams can move quickly to implementation planning.

Automate cyber security insurance application and renewal requests

  • The onslaught of ransomware has shifted insurance providers to requiring more information from organizations to better identify and limit risk, like a full data asset inventory. Such information is now readily available and automatically updated with each scan.

Eliminate mistakes during mergers & acquisitions

  • The effort to onboard an organization is massive, and that includes how to arrange and move information systems and the data therein. Often, this can result in a further reduction in data visibility, and a ton of time. An up-to-date view of what each side has streamlines identifying what should be moved, and to where. The catalog serves as a single, unified view of data across the entire cloud estate.
Don't miss a post

Get stories about data and cloud security, straight to your inbox.