Apiture

Sean describes visibility as a fundamental requirement for good security posture. Visibility feeds every part of SecOps from planning to detection, response, and reporting. However, his previous toolset required significant time and manual steps involving multiple roles—DBAs, architects, and service owners, among others. It was clear that such efforts would continue to increase with both the advancement of cloud technology and the growth of the business.

Automating these tasks with Open Raven proved to be invaluable in scaling the effectiveness of Sean's team. The Open Raven Data Security Platform simplified how Sean's team answers fundamental data questions with automated discovery, mapping, and classification across their AWS Organization. Sean’s team found the setup simple, fast, and familiar. Upon connecting, the Map and Asset List began populating with discovered resources and attributes, including asset type, region, account, encryption status, MFA settings, backup status, VPC peering relationships, and security group access. Immediately, Sean and his team were able to quickly confirm assumptions about their environment that would have previously required significant work.

Sean describes his day one impressions of the Open Raven Data Security Platform, “The ease of setup is a huge burden of work lifted from my team and, based on my experience with other tools, is unique and unexpected. And then I get a map of my cloud? Impressive. I was immediately able to see every region in which we have resources, with granular details available in a click. This is exactly what I needed. Automation is critically important in adapting to the speed, variety of changes, and threats in the cloud.”

‍

Sean needed to future-proof his tooling and processes to support the speed of the business. To get there, he needed to streamline risk detection and response without adding bottlenecks such as hard checkpoints.

The Open Raven Data Security Platform enabled Sean’s team to apply policies to specific data types, regardless of location, rather than particular services or storage pools, and automate risk detection of rogue assets and misplaced data. Sean said, “With Open Raven, we can easily translate business rules into enforceable policies that follow the data rather than being enforced where we think all of our sensitive data resides. We don’t need to slow anyone down because we have automated guardrails that tell us when mistakes have been made and need attention.”‍

For Sean, risk is always top of mind. Open Raven provides relief through its immediate visibility and automated data risk detection. Such automation allows his SecOps Team to focus their time on preventing issues and hardening defenses rather than repetitive, manual tasks. “My job as a CISO is to identify and communicate risk. For that, I need hard data points, not assumptions. Before Open Raven, identifying the locations and types of sensitive and financial data required significant time and entirely too much JSON. Now, every morning, I come into the office, log in to Open Raven Maps, and know that we’re on top of all the changes occurring across our infrastructure. With Open Raven, I have automated visibility and control and can better scale my resources. I can’t get this anywhere else, not as quickly nor as affordably.”

‍

The complexities surrounding cloud visibility require significant efforts by Sean’s team. To define and drive proactive security, Sean needed more efficient data discovery, classification, and analysis. Having precise and current supporting information is critical to gaining approval and garnering organizational support for initiatives. Sean and his team spend valuable time discovering assets, evaluating risks, and analyzing viable next steps versus time hardening defenses.

The built-in Splunk-based Analytics Module allows his team to incorporate data findings from Open Raven in SPL queries, reports, and dashboards. Combining infrastructure and data context is valuable beyond Security. Apiture’s Finance and Legal Teams often coordinate across departments to gain point-in-time snapshots into cloud costs and risks. Now, his team has unfettered access to discover and investigate infrastructure much like data scientists, extracting valuable insights for use in continued proactive security.