Skip to content

Database Activity Monitoring

The Satori Data Security Platform provides a comprehensive framework for discovering, monitoring, and securing data across various environments and data stores. One primary use case organizations adopt the Satori platform for is modernizing their existing DAM program across their on-prem and cloud environments.

The Problem

Legacy DAM solutions are constrained by outdated technology and cannot overcome the tradeoff between the level of functionality they provide and the operational overhead they incur. The more functionality the organization requires, the greater the operational overhead and complexity of the DAM program.

Legacy DAM

Legacy DAM vendors primarily base their solutions on one of two technologies: Agent audit log collection and Native audit log collection.

  1. Agent-based audit log collection utilizes a software agent delivered by the DAM vendor that links itself to the database's OS process.
  2. Native audit log collection utilizes the available logging functionality of databases. The DAM solution connects to the native audit log and exports the logs to a central location.

The Solution

Satori’s DAM solution breaks away from the tradeoff between functionality and operational overhead by leveraging new, proxy-based audit log collection technology alongside traditional native audit log collection. With Satori, organizations can deploy native audit log collection where a passive monitoring approach is preferred and proxy-based auditing where real-time enforcement, mitigation and remediation capabilities are required.

Satori’s proxy-based DAM uses a component called the Data Access Controller, or DAC. The DAC is a Kubernetes-based application that can be deployed on any cloud provider or on-prem data center. Logically, the DAC sits between the database clients and the databases, intercepting queries, exporting audit logs, and enforcing fine-grained data access and security policies in real-time.

Capabilities

Satori Data Security Platform helps compliance and security officers, security/DevOps engineers and engineering leaders to guarantee the integrity of their data in accordance with common industry standards such as SOX, HIPAA and PCI.

  • Collect query-level audit logs across on-prem and cloud environments by deploying one or more Data Access Controllers.
  • Generate reports to provide auditors with detailed information on who is using what data and why.
  • Enforce policies to implement regulatory requirements.
  • Receive alerts when users fail to conform to policies.
  • Implement just-in-time access workflows to move from passive alert-based compliance to proactive security.