Common questions about our platform, pricing, and deployment
The Open Raven Data Security Platform prevents leaks, breaches, and compliance incidents. Far too often, security engineers do not have the right tools to keep pace with the explosive growth of their data. For production and corporate security teams to locate and secure sensitive, toxic, and exposed data within hundreds or thousands of accounts, millions of files, billions of objects, and petabytes of data, existing tools don’t work. They must be able to answer fundamental questions such as “Where’s our data?”, “What types of data do we have?” and “Is it at risk?”. The Open Raven Data Security Platform provides 360-degree data visibility, works at cloud scale, is fully customizable, prevents attacks, eliminates unnecessary costs and risks, and streamlines compliance.
Open Raven discovers IaaS, PaaS, and SaaS datastores on both native and non-native cloud services using a combination of native APIs and machine learning-based fingerprinting (DMAP). Examples of native data stores include Amazon S3, Amazon Redshift, Amazon RDS, Google Cloud Storage, Snowflake, and Google Drive. Examples of non-native data stores include Oracle, MongoDB, MSSQL, or ElasticSearch running on Amazon EC2 or Google Compute Engine.
No. Open Raven performs touchless data scanning using serverless functions and ephemeral compute for data location, inventory, and accurate classification of cloud data where it lies without requiring high risk configuration changes. Access is granted using read-only access roles within the customer account. We don’t require data to be copied or moved for analysis.
Yes, we classify objects such as songs, pictures and video by using the file metadata for analysis. The metadata of a file is often a rich source of information about the contents, from its creator and originating location to its age and sensitivity. Presently (December, 2023), we do not attempt to open or convert such file types and then analyze the resulting contents.
Automated tools and processes monitor the platform for uptime, performance, and behavioral anomalies. A resilient architecture enables the platform to resume operating promptly (hours) in the event of service disruption and minimizes the potential for loss of data. Our SOC2 Type II, available by request for prospective customers, describes the controls we use to ensure both reliable and secure service. Further, since Open Raven does not directly manage or even touch your data, there would be no impact on customer data or operations.
Open Raven automatically updates with no manual effort required. The platform sends notifications when significant new releases are available to inform you of the latest features and capabilities. We can modify how we deliver updates to match organizational preferences if you need additional control. Release notes are posted regularly to our blog.
Open Raven is designed to scale for the needs of large, global enterprises. This starts with the ability to connect to the platform at the organization level versus adding accounts individually.
We are well acquainted with what it takes to analyze many billions of objects and petabytes of data. At the heart of scaling data inventory and classification is relentless optimization and frequent testing. We frequently baseline against other, available services and typically come in at 1/10th of the cost with dramatically faster analysis rates. We know that flexibility is also essential and our unique serveless model allows you to set boundaries for time, sampling rates, and even cost of service consumption.
Scaling also often involves automation. We offer a variety of API endpoints for running data scans to extracting results to minimize the need for manual work. Default integrations are also available to make Open Raven match your existing workflow, from Jira to Slack or Snowflake.
As a SaaS service, we scale the underlying platform on your behalf, allowing you to focus on securing data at scale versus managing a(nother) platform.
Open Raven is delivered as software as a service (SaaS). The platform is located and operated from Open Raven’s cloud with a private, single-tenant design. The platform uses serverless functions (FaaS) within a customer’s environment to perform analysis and communicate back to the dedicated Open Raven cluster in our environment.
During a typical installation, it takes less than 5 minutes to connect Open Raven to your accounts, projects, or organizations. After connecting, discovery happens automatically with the exact time required to your environment depending on its respective size and scale.
We designed our discovery capabilities to be both straightforward and flexible. For DSPM, if you’d like to start with a single account and inventory, let the defaults guide you through the lightweight analysis, and you can visually explore the results after. Add an entire AWS organization and identify all data services and storage for full breadth. Or, select the data stores of interest and your preferred classification for depth of content comprehension. For DLP, Open Raven automatically discovers all Drives (personal and shared) and underlying files.
You can share access to an Open Raven platform with a partner, and you can have more than one workspace in your account.
Configure access for whomever you’d like within a shared workspace, as a user or administrator. You and the partner can view data within Open Raven, or you can forward data to that partner via built-in integrations or streaming API.
From the perspective of an Open Raven customer, classifying SaaS data, such as files within Google Drive, versus objects in a data lake stored in AWS S3 will look and feel almost exactly the same. The Open Raven Data Security Platform uses the same compute (typically serverless functions), data classification engine, data classes, and policy engine. There are meaningful differences in how data classification is performed, in which data classes are emphasized or muted, and in the policies and rules specific to the SaaS services themselves so that they produce only high-fidelity, meaningful alerts. Our aim is to provide a single platform where all sensitive data can be seen, analyzed, and controlled in a straightforward fashion. It’s our job to expose as little of the underlying complexity as possible, making it just as easy to understand a data lake as a shared drive.
Yes. We will provide our certification upon request.
Open Raven requires an IAM role with read-only permissions.
Open Raven does not remove, store, or process the data you have within your cloud. The platform uses native functionality within your cloud service provider to analyze data and return results to your Open Raven cluster. The platform does not enable remote access to data within your cloud environment.
Open Raven has access to and collects specific licensing and platform health information for each of its customers as necessary to ensure a great experience.
Today, the Open Raven Data Security Platform is hosted solely in the United States. We do not move data between cloud regions; service data remains exclusively within your account.
You can, however, use Open Raven in whichever regions you need it. The platform is commonly used to create a complete picture of global cloud estates stretching across many regions and VPCs. Your sensitive and regulated data does not move out of those regions. Metadata alone is created and transmitted as necessary.
Data is retained in a customer's Open Raven account for as long as they have a valid subscription. Upon termination of their account, data will be deleted within 30 days.
Open Raven's annual subscription pricing is straightforward and predictable. Licensing for DSPM and DDR is based on the number of data stores and the amount of data, whereas licensing for SaaS DLP is based on the number of users. All licensing is subscription-based, using flexible terms and typically a 12-month (annual) duration. Multi-year subscriptions are available as well. Read our blog for additional details and thoughts.