Locate icon

Discover

Finally, a clear view of your cloud estate

Open Raven automatically maps all cloud resources, fingerprinting data stores in a single real-time view that makes clear where all company data is located. We concretely answer the question of “where’s our data?” and “what type of data do we have?”, making it straightforward to avoid common exposure incidents based on poor visibility.

  • Hands-free identification of cloud resources & key attributes across regions, accounts
  • Interactive filters for one click visibility into Internet-visible resources, security group policies, peering relationships and more
  • Discovery performed using function as a service (FaaS) and native APIs with safe read-only access
  • The full picture with zero gaps- no agents, no sidecars
Open Raven's map discovering assets, buckets, etc.
Open Raven's map showing where data is located
Classify icon

Classify

Know your data at any scale

Security and cloud teams have long been at a disadvantage: while data teams have sophisticated tooling for making use of large data stores, the same has not been available for those responsible for protecting it.  Legacy vendors can’t meet cloud demands and privacy solutions focus on the needs of compliance teams, typically failing to meet operational requirements. Open Raven is purpose built to deliver full data understanding to the cloud and security professionals entrusted with keeping our data safe.

  • Classifies personal data, health care data, financial data, developer secrets & more
  • Wide range of default classes along with straight-forward creation of custom data classes - help readily available if needed
  • Accuracy achieved through use of a combination of techniques: patterns, machine learning, adjacency analysis & validator APIs
  • Data Class as a Service: delivered via AWS Lambda and easily tuned to meet specific goals (time, cost, breadth, depth, etc.)
Monitor/bell icon

Monitor

Prevent incidents

Leaks and breaches can be prevented by making sure data is properly secured at all times. Open Raven monitors for exposure conditions where there’s a mismatch between the type of data and how it is being protected (e.g., use of encryption, back-up, access permissions, MFA, etc.). From personal data exposed in a log file (“toxic logs”) to health information that’s Internet accessible (improper configuration), we enable security and cloud teams to proactively solve data exposure problems.

  • Hands-free analysis of data, infrastructure or both at the schedule & frequency of your choosing
  • Rules combine asset attributes (tags, repository type), security group attributes, detailed data criteria, etc.
  • Based on Open Policy Agent, fully customizable policy as code
  • Default policies for exposure monitoring or one-time assessments (e.g., PCI, CIS Benchmarks, ISO 27001, SOC2, CSA, HIPAA, GDPR)
  • Proactive alerting on exposed data, high risk configurations, compliance violations, etc.
Open Raven's map showing violations
Open Raven map showing a policy violation and how to act upon it
Protect icon

ACT

Quick fixes and effortless response

No one needs more work and let’s face it, alerts mean more work. But what if a minute or two spent on a detection event prevented you from a time-consuming clean up project?  Open Raven’s rich, full context detections mean you’re getting full signal each time and our flexible options for notifications and integrations allow you to keep a pulse on what’s happening while staying in your usual workflow.

  • Quick remediation using direct links to data & resources in the AWS Console
  • Alerts sent to email, ticket or Slack using pre-built integrations or other destinations using webhooks
  • SIEM or BI tool integration via streaming API for ingesting results as they become available
  • Report catalog covering data risk, asset & data inventory, data processing locations一 summary & details

In a world where inadvertent data losses are skyrocketing, Open Raven is giving security professionals a lens into their own environments with a platform that maps, classifies, assesses and ultimately protects data – wherever it resides."

Additional Resources