Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/18/2020
05:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Open Raven Launches Cloud-Native Data Protection Platform to Automate Security and Privacy Operations

Platform secures data lakes built on Amazon Web Services and S3.

LOS ANGELES, November 18, 2020/--Open Raven, the company transforming cloud data protection, today launched the Open Raven Cloud-Native Data Protection Platform to operationalize data security and privacy in the cloud. To prevent data breaches, it automates asset discovery and data classification, provides real-time mapping and policy-driven protection for Amazon Web Services and S3. The Open Raven Platform is generally available today. 

The Open Raven Platform auto-discovers where data is located in the cloud, what type of data it is -- personal, sensitive, or regulated, -- as well as who has access to it and where it can flow for full visibility, control, and protection. 

“Before COVID-19, security and cloud teams were already short-handed. The rapid shift to remote work driven by the pandemic only increased workload, further exacerbating the problem,” said Dave Cole, Co-founder and CEO of Open Raven. “We created the Open Raven Platform to help these teams restore visibility and protection of their cloud data, removing pain driven from approaches that are manual, time intensive and expensive.” 

With the Open Raven Cloud-Native Data Protection Platform, security and cloud teams now have a unified solution for the following actions: 

●      Discover all data and resources in a public cloud environment, including both native and non-native repositories. Real-time mapping highlights problem areas at a glance while search allows for pinpointing specific data and resources.

●      Classify data assets by identifying personal, sensitive and regulated data on a scheduled, event-driven or continuous basis. Open Raven uses a variety of techniques from pattern matching to machine learning to describe data while providing live verification via APIs to further boost accuracy. 

●      Monitor using default or custom policies based on Open Policy Agent that combine both cloud asset and data context in rules that enable continuous or point in time monitoring for a full range of security, privacy and compliance use cases.

●      Protect cloud data through proactive alerting on data risk events as they happen, harnessing a wide range of integrations (via firehose API, webhook), or generating reports.

Open Raven’s cloud native design is built to handle big data. Discovery and classification are performed using serverless functions – not agents or network scanners that are challenging to deploy and struggle to scale horizontally. Flexible configuration options allow for fine-tuning of performance, completeness and cost. Being able to assess even large environments for compliance eliminates previously painstaking manual efforts to report on data inventory, data transfer and other risk factors. It can be used to create the foundation for compliance in accordance with laws and standards such as FFIEC, GDPR, CCPA, PCI-DSS, HIPAA, and SOC2.

“Open Raven is helping us transform how we approach data security. Legacy tools only look at cloud resources or privacy, but don’t tell us if data is safe,” said Justin Dolly, Chief Security Officer of Sauce Labs.  “Open Raven is the first platform that gives us real-time visibility into the safety of our cloud data, helping us to close security gaps faster.”

Additional Information

●      The Open Raven Cloud-Native Data Protection Platform is a subscription-based service with annual and multi-year options available. Pricing is based on the amount of storage and number of data stores in the environment, such as the number of AWS S3 buckets and RDS instances. Included in the price of each data store is 10G of data.

●      Open Raven is also offering a free trial of The Open Raven Platform. 

●      For more information, please visit www.openraven.com.

About Open Raven

Open Raven is the cloud native data protection platform that automates security and privacy operations to prevent data breaches, leaks, and compliance incidents. The company was co-founded in 2019 by security veterans Dave Cole and Mark Curphey and is headquartered in Los Angeles. Open Raven has received funding from Kleiner Perkins and Upfront Ventures, as well as cybersecurity leaders, including Niloofar Razi Howe and Phil Venables. Connect with us on Twitter or LinkedIn

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29378
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password [email protected]#y$z%x6x7q8c9z) for the e...
CVE-2020-29379
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does not require authentication for TELNET access.
CVE-2020-29380
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext and conduct a man-in-...
CVE-2020-29381
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a crafted filename...
CVE-2020-29382
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key (specific to V1600D, V1600G1, and V1600G2) is contained in the firmware images.