The Data Security module helps discover and classify data stores to implement Data Access Governance (DAG), which prevents data exfiltration. The Data Security module provides detection and remediation guidance to reduce the time it takes to address data security leaks.
This is accomplished by analyzing access logs, database logs, and event logs from data sources like object stores and databases. Data Security discovers data, finds the data lineage, data silos, events of exfiltration and the risk assessment of data and data alerts.
Data Security Capabilities
Data Security capabilities include:
- Discovering and classifying all data stores into correct Personal Identifiable Information (PII) categories to implement Data Access Governance (DAG).
- Assisting with implementation of access privileges for your data stores which prevents data exfiltration.
- Discovering user and application data access behaviors to operate your data.
- Unlocking Generative-AI guided detection and remediation for data security incidents which reduces your down-time.
- Reducing security risk posture by detecting siloed and unencrypted data resources and dormant users.
For Data Security configurations, see Configure Data Security.
Supported Data Stores and Entities
List of data stores and entities that Data Security supports:
Structured Data Stores (Databases):
| Name | Data Store Type | Entity | Module Version |
|---|
Snowflake | Database | Database | Data Security |
Unstructured Data Stores (Object Stores):
| Name | Data Store Type | Entity | Module Version |
|---|
Amazon Simple Storage Service (S3) | Object Store | Bucket | Data Security |
Navigate Data Security
These pages show how to navigate through the supported databases and object stores:
Data Security Overview
On Cisco Secure Application, the Overview page displays these Data Security insights:
Overview UI Screenshot
