Skip to content

Posture Manager

Posture Manager analyses and track your organization's database user permissions over time and provides you with a holistic overview of specific user access to your data assets.

Screenshot

Satori Posture Manager helps security and data engineers quickly understand who has access to what data and how by continuously monitoring user permissions to data assets across your entire data infrastructure.

NOTE: User asset access activity is calculated for the last 30 days from the date selected.

How Does It Work?

Satori periodically scans your monitored data stores and collects permission information and analyzes which users have acces to which data assets and provides details about the access path to the data assets. This is particularly useful for identifying duplicate access paths to the same asset.

Authorized Users Graph

The authorized data assests graph displays the current status of your data assets, as well as the previous authorized data assets status.

Use the two graphs to help you uderstand and improve your security posture of authorized access to your orgainzations data assets.

Screenshot

Governed Data Assets Over Time

The Governeed Data Assets Over Time graph displays the data assets that are authorized to users and included in a dataset.

Use this table to visiually track the amount of governed data assets over time.

Screenshot

Time Stamp

Utilize the timestamp function to observe historic user permission configurations to better understand and remedy data access breaches and misconfigurations.

Screenshot

View Role Hierarchy Per User

View the users roles used to access a specific data store data asset. In addition, you also see the classification categories and duplicate permissions utilized by the user to access the same data asset.

Screenshot

Filter Posture Manager Views

You also have access to various filters on the Posture Manager Dashboard, including filters by database user, location, number of duplicate permissions found, and whether or not the location is secured by a Satori Dataset.

Screenshot

Configuration

Follow these steps to enable Posture Manager scanning for a supported datastore type:

  1. These steps must be performed by a database administrator with the requisite permissions.
  2. The overall process is that you will create a new database user and then assign this user requisite GRANTS - these SQL statements may vary for each supported database type. Satori provides a template for each database type to get you started.
  3. In the screenshot below, we are about to configure Posture Manager for a redshift database, and the steps to perform are:
    • first run the SQL statements (make sure you use a strong password), then
    • enter the user and password you created in the previous step, and finally
    • enable auto-scan if desired.

Screenshot

Once enabled, you will have a new, powerful mechanism to determine access details and potential duplicate permissions for the supported database types.