Perfectly solving the difficulties of monitoring, alerting, tracking, and tracing data abnormal behavior in cloud environments
1. Background of Requirements
We know that in the traditional architecture, DLP is responsible for monitoring data behavior, while in the cloud/native environment, it is obvious that the traditional DLP products are no longer used, and to some extent rely on zero trust and other solutions to solve;
However, statistics show that more data security risks and accidents are often caused by "legitimate users, compliant behavior" and "excessive and frequent" misuse of data, and there is no good solution for data risks yet;
Therefore, for users whose sensitive data has already been uploaded to the cloud/native environment, they have returned to the old question of how to monitor abnormal behavior of sensitive data in a way that does not affect the business? Real time warning of abnormal data behavior to avoid data leakage?
Especially how to deal with the high incidence of data security incidents where "legitimate users, compliant behavior" but "excessive and frequent" misuse of data.
2. Functional characteristics
> Feature 1: Observability of sensitive data behavior
To achieve observability based on Tracing, Metrix, and User/IP for business packets involving or containing sensitive data, such as URLs/APIs/SQL, and to establish a normal baseline for sensitive data based on this;
> Feature 2: Sensitive Data Abnormal Behavior Early Warning
According to the normal baseline of sensitive data, the behavior alarm strategy of sensitive data is set on the condition of the number of occurrences, frequency, time period, User/IP, etc. of sensitive data, and data anomalies are found in time;
> Feature 3: Sensitive data chain automation topology
Provide full link tracking for specific sensitive data, timely identify blind spots in sensitive data leakage, third-party call risks, low usage call risks, and reduce the incidence of data security incidents;
> Feature 4: Behavioral audit verification of sensitive data
After a data security incident occurs, the audit of the incident behavior can be completed by querying the content of sensitive data, and the original data packet information can be provided to provide data support for the verification of the case.
TCPIPlabs Tech., Inc. © 2022-2024 EULA,Infomation and Code Secunity Statement
Product Center | Scene Centre | Company Related | |
Cloud East-West Security | |||
TiCenter-Multi Scene Center | Cloud Traffic Analysis | Our Insights | |
TiScanner Baseline Probe | Data Behavior Monitoring | To Our Partners | |
TiRunner Stress Platform |
|
Contact Us | |