Detect is one of the Immuta flagship modules. Immuta Detect continually monitors your data environment to help answer questions about your most active data users, the most accessed data, and the events happening within your data environment. This understanding can help drive prioritization of where to place access control policies in Immuta’s other flagship module: Immuta Secure, which is why it is recommended that you start with Detect.
Challenge and goals
Data use has become ubiquitous across every industry and, with it, so have threats to data security. In response, organizations are undertaking a number of enterprise security initiatives, including those aimed at continuously detecting and managing internal data security risks, data security posture management, and identifying and privacy risks.
A key requirement of these initiatives is the ability to inventory and continuously monitor user access behavior and risk across modern cloud data platforms like Snowflake and Databricks. Yet, most existing solutions fall short of giving a complete view of what’s happening with regard to data access in those systems at any given time. To fill the gap, security and data platform teams looking to protect data, manage, and remediate data access risk should seek solutions that make it easy to identify and track sensitive data and monitor data access risk across cloud data platforms.
Immuta Detect provides these capabilities, in addition to Immuta’s established discovery and security capabilities, as part of a comprehensive data security platform. This page explains how Immuta Detect can help you achieve full-spectrum data security, so you can rest assured data is protected and risks are kept at bay.
How does it work?
Immuta Detect provides security and platform teams with granular insights into data activity. With detailed user and data activity views that summarize data source activity by time frame, data access event categorization, most active data sources, and sensitive data indicators, teams receive actionable insights and are able to drill down to specific data sources.
Detect also shows detailed data access behavior analytics like person activity, queries over time, and sensitive data indicators.
Each data source column is assigned a sensitivity level based on its classification under the organization’s respective data security framework, as well as the mitigations applied to a user querying that column.
Incident alerts can be set up so that security and data teams are always aware of risks and anomalies and can be proactive in countermeasures.
Ultimately, Immuta Detect enables data security and platform teams to easily and quickly answer questions:
- What data access activity took place in the last 24 hours?
- Who accessed sensitive data, and what sensitive data was accessed?
- What are the most trafficked data sources containing sensitive data?
- What users were most active in accessing sensitive data?
- How do I quantify, assess, and show my organization’s data security posture?
- How can I stay aware of data security posture changes?