What’s New in


Generative AI and Incident Response

Normalyze now enables a natural language search powered by generative AI. As a result, security analysts can perform a query using natural language – as they would ask another human – to list the top risks most relevant to their task. 

Normalyze’s generative AI engine adds contextual remediation guidance for every risk. The integrated generative AI capability generates detailed instructions for various mechanisms, including commands to run in CLI, actions to perform in the cloud console, Terraform code to use, and so on.

These detailed instructions minimize the need for coordination between security and devops/engineering team members and reduce time to remediation.

Data in Motion and Data Lineage

  • Data flow diagram: Data-in-transit mapping gathers all data flows between users, applications, resources, and data assets in the cloud. Interactive graphs visually show teams how the sensitive data is being accessed and which assets violate the data security policy.
  • Data lineage: By analyzing data moving between resources, actual users and resource activity related to sensitive data, security teams can identify where a piece of sensitive data originated, where it is being moved to, and the associated security and privacy risks that need to be addressed.

And more.

Proactive Compliance Monitoring

The Normalyze security research team has evaluated a variety of compliance frameworks, reviewed each individual control within the framework, identified which of these controls are applicable for the cloud and can be verified programmatically (not just policy based), and built risk checks (rules/policies) within the Normalyze product. 

The number of risk checks available in the product today is over 500, with new checks added every week. The frameworks supported today include: NIST 800-171, NIST 800-53, NIST-CSF, NIST Privacy Framework, GDPR, HIPAA, SOC2, AWS CIS, GCP CIS, Azure CIS, etc.

Onboarding Resources

Sensitive Data in Multi-Cloud Data Stores

Normalyze now supports sensitive data classification in AWS DynamoDB, Azure CosmosDB for Mongo, Azure CosmosDB for PostgreSQL, Azure CosmosDB for Cassandra.

With these additions, Normalyze can now classify sensitive data in more than 30 data stores across various popular cloud platforms and on-premises environments.

Eliminate Blindspots in Snowflake Data

Many Normalyze customers use Snowflake, so it’s useful to describe how our solution helps Snowflake users eliminate security blindspots. Normalyze automatically implements the five Data Security Posture Management principles for cloud environments. The following capabilities will be of special interest to Snowflake users. 


  • Data discovery and cataloging 
  • Privacy-preserving scanning
  • Data Access graph
  • Continuous monitoring and risk detection

Comprehensive Data Access Governance

Normalyze now builds an inventory of all identities – users, roles – across all of your cloud accounts that you can see in a single view.

The Normalyze Platform reads and parses the IAM configuration data and policies from each cloud service provider, resulting in a complete inventory.

This inventory is continuously monitored and automatically updated without any user intervention.

Monetary Value of Cloud Data Risk

Normalyze now assesses and associates a monetary value to every data store discovered and classified in the environment. With our platform’s comprehensive discovery and sensitive data classification capabilities, we already have a full context of 

  1. How much sensitive data exists in any given data store 
  2. What type of data it is 
  3. What type of risks are associated with the data store 
  4. The likelihood of data breach resulting from these risks, and 
  5. The potential impact of a breach 

Synthesizing all of this together with a proprietary algorithm, we can now assess the monetary value of every data store we discover and classify.

US PATENT #11,575,696

Cloud Data Attack Detection

The Normalyze DSPM platform automatically traces network paths at scale between cloud-resident sensitive data and all points of access to determine attack paths. Paths are dynamically displayed to IT, security, and compliance teams, which instantly identify authorized versus unauthorized access – including propagation of breach attacks.

The Normalyze patent details how its technology, via integration, improves systems and methods of separate siloed tools such as cloud security posture management (CSPM), cloud infrastructure entitlement management (CIEM), cloud-native application protection platform (CNAPP), and/or cloud-native configuration management databases (CMDB).