Automating continuous Classifying, Modeling, & Auditing of data actions
with Navindra Yadav, Theom
We at Ink8r have long been advocates for calibrating protection against threat modeling exercises to properly align protection for assets. When it comes to securing production resources in the cloud this often means extending beyond Cloud Security Posture Management (CSPM) and including Data Security Posture Management (DSPM), among other capabilities, to properly address threats. With Theom we find not only a complete data security solution but also a platform that has truly thought through what the enterprise practically requires.
Theom leverages NLP classifiers to discover/classify your data in the cloud across analytical stores, object stores, and relational databases (all at a granular level) and even monitors how that data is accessed (in-flight observations). With this approach, Theom can determine potential financial exposure by combining metadata of the entities accessing/actioning the data along and determining the sensitivity of that data. Historically, determining Annualized Loss Expectancy has been challenging. Organizations typically must determine an Annual Rate of Occurrence (ARO) and multiply it by the Single-Loss Expectancy (SLE) for each time a risk arises. With Theom this becomes infinitely easier and allows for a quantitative view of risk for your critical assets. WOW!
And that is just the beginning. Theom will also determine anomalous behavior regarding entity activity to help curtail overprovisioned access and help thwart more complicated 'slow leak' attacks. Activity can include actions on data, as well as how the data is being accessed. By looking at API access and comparing against Swagger specs for the API, Theom can expose discrepancies between spec and actual API configuration/exposure. Another WOW!
A final note on Theom has to do with platform design and the team's foresight regarding architecture. By leveraging Distributed Ledger Technology (DLT) Theom has placed a priority on security from several perspectives. They immediately deliver Proof of Action for every transaction including proof that Theom doesn't manipulate any customer data (i.e., all analytics happens in the customer environment, without data movement of any kind); all data analytics incur minimal costs to the customer (e.g., we are talking under $20/day, which is incredible); and an entire world opens up for futures around concepts such as Proof of State (e.g., imagine an auditor or cyberinsurance company validating state directly - without interacting with Theom at all).
Founded in late 2020, Theom continuously discovers data and using techniques such as NLP classifiers - determines the data 'value' in terms of potential exposure. They do this by combining data classification with actions from entities which ultimately serves to safeguard your data position. By applying determination to the data itself, Theom security posture follows the data thwarting any attempt to circumvent your policies.
All activity is immutably logged to a Distributed Ledger Technology (DLT) for Proof of Action driving confidence and representing an important focus for your cybersecurity program.