Data Security Posture Management

Data is the lifeblood of modern business. Far too often, cloud scale and velocity interfere with data security, governance, and compliance controls. Data Security Posture Management (DSPM) automates sensitive data discovery, classification, and posture assessment across IaaS and PaaS for visibility and control of data residency, privacy, and security risks.
Open Raven connected to four assets. Above the assets are DSPM alerts including Exposed Developer Secrets, GDPR Rule Violation, Public PII, and Personal Data Not Encrypted.

Discover and classify data across clouds.
Apply guardrails. Eliminate risk.

Automate data discovery and classification

The Open Raven Data Security Platform connects to your cloud environment within minutes and works over native APIs and serverless functions. It analyzes the data where it resides without moving it or even touching it— your functions run our analysis engine with you in full control of the sampling rate (0-100%), budget, time constraints, and exclusion logic. Quickly analyze massive amounts of data or slowly build a catalog over time, picking up data not previously seen in follow-on, incremental scans.
Open Raven connected to a customer environment and providing analytics.

Assess data security posture

Open Raven automates both understanding and managing your data security posture. Rules-based policies, ranging from CIS Benchmarks to regulatory standards such as GDPR, precisely identify where data is at risk versus generalized alerts for infrastructure configuration issues from a CSPM.  Focus on the primary target of any leak or breach itself using data context versus chasing lower priority problems.
DSPM alert titled personal and privacy data is not encrypted at rest.

Establish data guardrails

Open Raven’s data guardrails provide automated, straightforward answers to mastering data sprawl and security at cloud scale. The rule-based policies monitor sensitive data for a wide range of conditions from location to configuration. In this fashion, partner data sharing agreements and audit mandates can be moved from paper-based policies into code that allows for efficient enforcement and proof of compliance. When data drifts, automated alerts indicate that a guardrail has been triggered so that data is safe and sprawl is kept in check.
Policy engine monitoring sensitive data.

Eliminate compliance risk

Personal, financial, and health data lives in plain sight in structured data stores and hides in the recesses of log files, account statements, invoices, and other unstructured data inside object storage. With pre-built personal, financial, and health care data collections and the ability to produce custom composite data classes, Open Raven provides essential visibility and control of regulated data to ensure compliance across regions and clouds. 
Customer data found in assets.