Open Raven launched the Open Raven Cloud-Native Data Protection Platform to
operationalize data security and privacy in the cloud. To prevent data
breaches, it automates asset discovery and data classification, provides
real-time mapping and policy-driven protection for Amazon Web Services
and S3. The Open Raven Platform is generally available today.
The
Open Raven Platform auto-discovers where data is located in the cloud,
what type of data it is -- personal, sensitive, or regulated, -- as well
as who has access to it and where it can flow for full visibility,
control, and protection.
"Before
COVID-19, security and cloud teams were already short-handed. The rapid
shift to remote work driven by the pandemic only increased workload,
further exacerbating the problem," said Dave Cole, Co-founder and CEO of
Open Raven. "We created the Open Raven Platform to help these teams
restore visibility and protection of their cloud data, removing pain
driven from approaches that are manual, time intensive and expensive."
With
the Open Raven Cloud-Native Data Protection Platform, security and
cloud teams now have a unified solution for the following actions:
- Discover all
data and resources in a public cloud environment, including both native
and non-native repositories. Real-time mapping highlights problem areas
at a glance while search allows for pinpointing specific data and
resources.
- Classify data
assets by identifying personal, sensitive and regulated data on a
scheduled, event-driven or continuous basis. Open Raven uses a variety
of techniques from pattern matching to machine learning to describe data
while providing live verification via APIs to further boost accuracy.
- Monitor using
default or custom policies based on Open Policy Agent that combine both
cloud asset and data context in rules that enable continuous or point
in time monitoring for a full range of security, privacy and compliance
use cases.
- Protect cloud
data through proactive alerting on data risk events as they happen,
harnessing a wide range of integrations (via firehose API, webhook), or
generating reports.
Open
Raven's cloud native design is built to handle big data. Discovery and
classification are performed using serverless functions - not agents or
network scanners that are challenging to deploy and struggle to scale
horizontally. Flexible configuration options allow for fine-tuning of
performance, completeness and cost. Being able to assess even large
environments for compliance eliminates previously painstaking manual
efforts to report on data inventory, data transfer and other risk
factors. It can be used to create the foundation for compliance in
accordance with laws and standards such as FFIEC, GDPR, CCPA, PCI-DSS,
HIPAA, and SOC2.
"Open
Raven is helping us transform how we approach data security. Legacy
tools only look at cloud resources or privacy, but don't tell us if data
is safe," said Justin Dolly, Chief Security Officer of Sauce Labs.
"Open Raven is the first platform that gives us real-time visibility
into the safety of our cloud data, helping us to close security gaps
faster."