Discover and Classify Data

Automate Cloud Data and Asset Inventory

Bele
Chief Corvus Officer
August 4, 2021

Visibility is often a casualty of migrating to the cloud. Understanding your cloud assets is a challenge when you have many accounts and knowing your data is even harder. Is there a straightforward way to see it all in one place?

See across your organization (and hundreds of accounts)

The AWS Console was simply not built to help you understand what your cloud estate looks like across regions and many accounts. Cloud mapping tools can help, but are commonly built for developers and don’t make it easy to answer seemingly obvious questions a security professional would ask.

Open Raven’s mapping is squarely aimed at helping non-developers visualize even the largest cloud environments and guide them to fast answers to common questions. What’s visible on the Internet? What’s it connected to? What’s the security policy for this network (VPC)? Open Raven puts these answers at your fingertips.

AWS Accounts showing account name, ID, owner, status, and when it was last updated.

Painless S3 Inventory & Audit

Far too long the only clear answers for understanding what’s inside S3 buckets have involved a lot of manual effort, considerable expense, or both. The alternative to periodically understanding what data you have and how it’s protected? Persistent nagging concern and oftentimes an eventual data leak incident.

Open Raven brings S3 bucket inventories and audits within reach, automating the effort of identifying what data you have while protecting your budget through use of an economical, serverless architecture. Optimize analysis for speed, completeness or expense as you see fit. The mapping and classification functions provide teams with an up-to-date cloud asset and data inventory that can be viewed in a list view, as raw data via query or in our interactive map.

Panel showing selected S3 bucket's details including asset properties and data classes found.

Click through for redacted previews and locations of found instances of sensitive data types to save time in verifying or rectifying the presence of sensitive data.

Object details of an arvo file showing AWS Keys' records (partially redacted), location, and keywords.

Like Google Maps, but for cloud security

Exploring any wide ranging area feels it naturally calls for a map; especially when changing frequently. Never has this been more true than in the dynamic, sprawling cloud estates that now define our security posture. Open Raven is designed to enable you to explore your regions and VPCs the same way you would virtually visit a neighborhood. For example, you can identify resources by attribute (encryption, backup, etc.), filter by type or trace Internet connections and peering relationships.

Showing options under the Security Configurations filter – can choose to filter by all, open to the internet, or closed to the internet.

Syncing with your SIEM, CMDB & other friends

No matter how excellent any data inventory or asset list is, it’s better if it's shared with other, central repositories in order to make them more current and complete. The Open Raven platform is built to help keep your SIEM, CMDB or other infrastructure up-to-date with what’s happening with your cloud resources. From one-click integrations with the 4Me CMDB to our streaming firehose API, Open Raven has all the options you need to make fast friends with whatever you use to centralize your security and asset data.

Don't miss a post

Get stories about data and cloud security, straight to your inbox.