Enterprises store a lot of sensitive data in the cloud. While the information is a great asset to businesses, it also can be a liability if the data are not protected. If an organization does not protect its sensitive data, it can face major penalties and fines, and lose customers because of reputation losses and diminished goodwill.
To reduce the risk of those business disruptions and revenue losses, organizations need the right tools to respond to data breaches before they happen. It is why Wiz launched its Data Security Posture Management (DSPM) solution, which is now generally available.
Wiz for DSPM enables organizations to monitor data exposure before it becomes a costly breach, arming their teams with the context needed to remediate issues. The Wiz DSPM does this without using agents or network scanners.
Customers told Wiz they want a comprehensive platform that has full visibility across their data items and the ability to identify and retrieve essential data for their domain. Since the public preview, Wiz has released additional capabilities to scan private buckets, self-hosted databases and fully managed NoSQL databases including Amazon DynamoDB.
Wiz offers CIS compliance frameworks covering the database and storage level agentless, providing customers with better compliance.
It also equips customers with custom classifiers, which allows organizations to provide their own RegEx and Wiz scanning for matching data. Custom classifiers extend the existing capabilities of Wiz’s built-in classifiers, helping companies to find entity types that are unique to the business, such as loyalty membership numbers or customer IDs.
DSPM also incorporates schema mapping, which helps surface data lineage information for better detection and triage of issues.
Lastly, Wiz correlates these data risks with other cloud risks such as public exposure, vulnerabilities and lateral movement on the Wiz Security Graph to uncover complex attack paths that pose the greatest threat to your sensitive data.
In short, Wiz for DSPM allows companies to:
- Scan everything agentless, including public and private buckets, data volumes, and hosted and managed databases, and accurately classifies sensitive data such as PCI, PHI, and PII as well as data that is unique to the business.
- Fix what matters with a deep cloud analysis that correlates data risks with other cloud risks to build a single prioritized queue of attack paths and toxic combinations of risk to reduce noise and focus teams on what is important.
- Prevent data exposure by detecting data security policy violations earlier in the development pipeline using the wiz-cli and blocking risky deployments from creating attack paths in the production environment.
Start protecting your cloud data today