Open Raven Platform Release: Smarter Data Classification, Support for On-Premises Data, Reporting, Logging, and UI Enhancements
On this first day of Spring, team Open Raven is proud to announce a batch of fresh new features and enhancements. Specifically, we enhanced our core data classification engine with new scan intelligence, expanded data coverage to include on-premises data, implemented a new view into platform event logs, added the ability to export data from Assets, Data Catalog, and Violations views, delivered a slew of SaaS DLP UI enhancements, and produced several new data classes. Let's dive in.
Smarter Data Classification
There are serious differences between how sensitive data must be discovered across data types, from unstructured files to structured data stores. Files such as PDFs are necessarily analyzed differently than a spreadsheet which has columns and rows, which are different still from a PostGres database with a schema that describes its tables and contents. A truly effective data analysis engine’s job is to gracefully move across these data types, intelligently selecting when to apply tighter constraints for detection and how much guidance to take from “tells” like column names and keywords.
This release of the Open Raven platform represents a leap forward in underlying scanning intelligence that increases our ability to detect more sensitive data without trading off accuracy using a new set of heuristics for choosing the optimal data class type for the type of data being analyzed. Underneath the hood, we have also quietly updated many, if not most, of our data classes with adaptations to better handle the major data variations: unstructured, semi-structured and structured.
So what do you need to do to take advantage of these improvements? Nothing. Zippo. New and existing scans will harness the smarter engine and expanded format of the data classes seamlessly. You may, however, now see an expanded set of results (a bigger data catalog), even when analyzing the same data as before.
Support for On-Premises Data
Open Raven now supports on-premises databases. Customers deploy a container that performs discovery and classification and securely reports back findings to the management application. Assets and data findings are displayed in Assets, Data Catalog, and Violations.
Platform Event Log
Available within Settings, the Platform Event Log captures system and user actions and allows users to review event history. Filters include Event Category, Event Type, Actor, Remote IP, Message, and Date. Examples of uses for the Event Log include determining which users resolved a false positive, disabled an automation, or created a specific scan run.
Data Export
Security teams now have the flexibility to export data from filtered views in Assets, Data Catalog, and Violations. Users can import data into ticketing workflows, provide it to auditors, or manipulate it in spreadsheets. Simply click the Export Report button and provide a name for the report. Users will receive an email with a download link.
SaaS Data Loss Prevention
Remediation Guidance
Remediation guidance is available when reviewing violations within SaaS DLP. When viewing a specific violation within File Details, users can click on the overflow menu to the right of the violation and select "View remediation" specific to the type and severity of the violation.
All Files View
The All Files View view now features a native interface in sortable columnar format with the ability to filter by Data Classes, Data Class Category, and Data Class Collection. The chart features details per file including data findings and General Access settings (Restricted, domain, Anyone with the Link). Clicking on any file displays the file details view.
All Drives View
Similar to the All Files view, the All Drives view provides a complete view of all discovered drives with insights into the number files within, data findings, and created date. Users can filter drives by Data Class, Data Class Category, Data Collection, Drive Name, and Drive Type (My Drive, Shared Drive. Clicking on any drive will bring up the Drive Details View. Drive Details displays the contents, all files and folders, owner info, data findings, and General Access settings.
Internal Users View
The Internal Users View lists all users associated with the workplace domain and summary details regarding sensitive data and sharing permissions. Details include data classes shared with the user, the number of items in their MyDrive, shared drives with permissions, and the number of items shared externally.
Notification Enhancements
We've made two modifications to notifications. First, for email and Slack we added last access and owner information to the notification. For Webhook notifications, we added Drive Name and File Name.
New Data Classes
- Azure Access Key
- Azure Client Secret
- Azure Refresh Token
- Azure Shared Access Signature
- US Bank Routing Number