Open Raven Platform Release: A New Data Catalog
The first data catalog for security teams
We’re excited to announce the first data catalog for security teams, automating the generation of cloud data asset inventories to save time and enrich information security solutions.
Data teams have catalogs to provide a unified, starting point for extracting useful data insights about their business. Shouldn’t security teams have the same for insights into securing the business? We agree. Without such information, teams designing and implementing information security solutions for threats like ransomware are left assuming where sensitive data is, rather than knowing. Knowing how much of what types of data you have, and where, impacts almost everything from preventative measures to incident response and recovery plans. In addition, such information is useful for streamlining efforts in data governance and compliance.
Whether a cursory look, one-time investigation, first steps toward compliance regulations, or applying for a cyber insurance policy, the data catalog makes answering historically tough questions about your data, fast and easy.
How does it work?
The data catalog is automatically updated after each scan is run. Scan schedules can be configured with various filters to better prioritize the frequency at which data inventories are updated--by depth, file type, location, account, data class, etc. The main page of the data catalog provides an overview by data collection, showing the total record and relevant storage bucket count for each. Quick filters are available to view by region, specific account, or data class. Click on an individual data collection to see details further segmented by data class.
Selecting “all” or a specific data class provides the list of relevant S3 buckets, the account ID, bucket size, and the number of records discovered within each. Deep links directly to the AWS console allow 1-click access to further investigate or take action.
Select a storage bucket to view a per object breakdown, again with a deep link directly into the AWS console from within our portal.
If we go back and switch to the “Regions” view, we'll find that the same data is broken down per AWS region, with filters to view region or account specific details. It's no surprise that engineering teams may use common regions like us-east-* and us-west-*, but with contractors, third-party engagements, and other external work your organization may be doing, sensitive data may end up in regions that are otherwise rarely used.
Having access to an automated data asset inventory allows security teams to spend less time discovering where work needs to be done, and more time doing it.
Key Use Cases
Streamline regulatory scope management
- With a readily available data asset inventory, security teams can quickly assess and reduce regulatory scope by seeing opportunities for consolidation, or simply identifying data residing in inappropriate places.
- Rather than spending time manually investigating where new security controls must be applied, teams can move quickly to implementation planning.
Automate cyber security insurance application and renewal requests
- The onslaught of ransomware has shifted insurance providers to requiring more information from organizations to better identify and limit risk, like a full data asset inventory. Such information is now readily available and automatically updated with each scan.
Eliminate mistakes during mergers & acquisitions
- The effort to onboard an organization is massive, and that includes how to arrange and move information systems and the data therein. Often, this can result in a further reduction in data visibility, and a ton of time. An up-to-date view of what each side has streamlines identifying what should be moved, and to where. The catalog serves as a single, unified view of data across the entire cloud estate.