Today we’re announcing the general availability of the Normalyze cloud data security platform. For the past 6 months, as part of our design partner program, we have been working closely with forward looking CISOs and their data security teams to build and refine our product. We’re excited to finally take the covers off the platform and share publicly all the cutting-edge cloud data security capabilities that are available to customers with Normalyze.
Detect the Attack Path to the Most Critical Data
A core hypothesis underpinning Normalyze’s approach is that data security cannot be done by evaluating data assets in isolation. Traditionally, data security products (including newer products focused on assessing data security posture) have focused on monitoring data assets and the data within them without context of where the data resides and how it is accessed. While this approach gives customers some understanding of their data security posture, it a) paints an incomplete & inaccurate picture of risk to data b) generates more noise without helping customers pinpoint the actual critical risks that need to be prioritized.
With Normalyze’s unique, patent pending technology, enterprises now have visibility into paths that an attacker can exploit to get to sensitive data. By continuously monitoring & analyzing the risk posture of the cloud environment – including all cloud resources, their configuration, IAM configuration and the resulting access privileges – Normalyze helps customers understand which critical data assets are actually at risk and prioritize their security teams’ efforts in fixing these issues first.
Normalyze platform is built from the ground up with a focus on ensuring the privacy & compliance of customers’ data is never compromised. With a patent pending approach of deploying in-cloud, constant time scanners, Normalyze scans all enterprise data where it is located, WITHOUT copying/moving it either into another location within customer account or copying it into an external account. This unique approach ensures there are no new privacy, compliance issues created for security/GRC teams to address.
As a data security platform fully born in and architected for modern multi-cloud environments, Normalyze is 100% cloud-native and agentless. There are no agents or appliances to deploy. This enables our customers to onboard their cloud accounts and get started with Normalyze in <15 minutes. Within the first hour of starting with Normalyze, customers have full visibility into all their resources including their most critical data assets, access configuration & privileges tied to these assets along with trust relationships between all resources and data assets.
Automatic, Continuous Discovery & Monitoring of all Data Assets
Accelerated adoption of cloud in recent years has led to a) an increasing proliferation of data b) multitude of access paths and c) rapid & continuous changes to applications, data they access. It is impossible for any security team to manually monitor/control these changes without slowing down the business. Normalyze automatically scans onboarded cloud accounts every 15 minutes to provide security teams with up to date state of all the cloud data assets, associated risk posture. With an intelligent approach to scans that monitors and tracks incremental changes, Normalyze minimizes the scan workload in cloud environments, thereby improving scan times without adding unnecessary compute costs.
With Normalyze, security teams can now enable their business counterparts with confidence and not worry about increasing their risk surface area.
One-Pass, Cost-Efficient & Comprehensive Data Classification
Data classification engines used widely in almost every data security product (legacy and modern) are based on a single OEM engine that hasn’t had any incremental innovation or R&D investment for over a decade. This engine requires multiple passes through data for every individual class of data, leading to poor performance and the need for restricting the scans with rules around file types, data types, etc. This creates additional overhead to onboard as well as on an ongoing basis. Security teams that have worked on legacy DLP tools are well familiar with this challenge.
Normalyze’s scanners for data classification are built from scratch without reliance on legacy technology. The scanners are also architected to detect all classes (100+) of data with a single pass through data in customer environments. This enables customers to get full visibility and classification of their data much faster and also in an extremely cost effective manner. For example, when benchmarked against the native cloud provider’s classification engine, Normalyze is 20x cheaper!
Data Access & Privilege Monitoring
Normalyze continuously monitors & analyzes all users, their roles, the access policies & policy statements as well as resource level allow/block permissions to give security teams a clear view of the resulting access grants and privileges available for various users across the cloud data assets. This helps security teams clearly identify which sensitive data stores have users with excessive privileges as well as users that have access but are dormant. Security teams can use this insight to tweak the access policies to enforce least privilege across all critical data assets
Automation to Trigger Remediation Workflows
Create rules based on a variety of criteria – resoruce tags, risk impact score, type of risk, resource name etc. – to trigger notifications via email/Slack or create tickets for the DevOps/Engineering teams via ticketing systems like JIRA. All the information related to a detected risk – including description, resource metadata, instructions to remediate – are included in the notification/ticket so the downstream teams have all the information needed to take an action without having to engage in back-and-forth discussions with security teams.
Normalyze is currently available for Amazon AWS, with continuous discovery and monitoring of ALL resources (storage, compute, IAM etc.). Data classification is supported for unstructured (S3) as well as structured data stores (MySQL, Postgres, Aurora, MariaDB, Redshift).
Update April 2023: Support is currently available for Microsoft Azure, Google Cloud Platform, and Snowflake. See Sensitive Data Discovery and Classification Across Multi-Cloud Datastores.