Name: Sneak Peek DSPM Demo: See the future of Data Security Posture Management in action
Uploaded: 2025-12-26T06:09:22.082Z
Duration: 30 min 12 s
Description: Sneak Peek DSPM Demo: See the future of Data Security Posture Management in action

Transcript for "Sneak Peek DSPM Demo: See the future of Data Security Posture Management in action": Hi, everyone. My name is Prashant Chen. I'm head of product management and product marketing at Cyber Haven. We have the whole product team on the call to answer any questions as we go along. And we will also leave fifteen minutes at the end for q and a. You know us today as a leader in endpoint DLP and insider risk management. We We have reimagined a fairly fossilized DLP market using data lineage to cut down false positives. So security teams aren't searching for the proverbial needle in the haystack 24 by seven. We have reimagined DLP and insider risk from grounds up and designed it to be an easy to operate with a lightweight endpoint agent that stays out of your way and and far more accurate solution because it has full visibility thanks to data lineage, and finally, advanced content inspection using AI. We do this while staying out of the way of legitimate user work and still stopping data exfiltration in the moment when user takes risky actions. At Cyber Haven, our mission is to protect data wherever it lives and goes. We believe that requires three things. First, a holistic visibility of data at rest and in motion across endpoint, on prem, and cloud, as well as how it flows between them. Without it, blind spots mean sensitive data leaks and risky behavior goes unnoticed. Second, autonomous protection. That's intelligent, contextual, and predictive at scale. Without it, false positives overwhelm teams and real leaks slip through, just like with the legacy DLP. Third, a frictionless experience for end users and analysts. Security shouldn't slow productivity or force trade offs between protection and innovation. That's why we built CyberHaven from ground up to meet the needs of this new era and solve the failures of legacy data security once and for all. Here, what we see is that Bill uploaded an Excel called holiday cards to his Dropbox. Is that bad? It's very hard to say. Content inspection would tell you that there are addresses and personal information in there, assuming the file is not encrypted or obfuscated. But that's what you would expect on a holiday card spreadsheet. We need a lot more information or context to know that for sure. With lineage, now our view changes. Instead of just looking at that small part of the picture where Bill uploaded a file, what if we looked at the full historical context? In this case, we could see that data in Bill's holiday card spreadsheet originally came from Salesforce containing customer information that was downloaded and shared across the organization all for legitimate business reasons. It moved across endpoints in and out of cloud apps. But now when Bill upload it into his personal Dropbox, it doesn't look as innocent. And we actually now have the information we need to know to block that upload. I needed needed to review this concept of lineage here briefly because you will see that this is one important piece of how DSPM and DLP work together. Cyber Haven has a lightweight agent on Windows, Mac, and Linux, and a browser extension that provides us visibility on managed end points. With the current launch, we are now extending that coverage from end point to on prem to cloud data repositories. To catalog the data and its movement, whether it is data at rest or data in motion, we have also built an enhanced data model. We offer unified AI and data security platform that protects data wherever it lives and goes. With the addition of DSPM, you can now leverage CyberHaven to gain visibility of not only data in motion event but also data at rest including both structured and unstructured data. At the core of the platform is an AI infused agent that surfaces risky incidents, prioritizes them, and now classifies data with incredible accuracy so that you can spend less time tuning classifiers and simply get to the point of understanding what sensitive data you have across your ecosystem. Before we dive into how our DSPM solution works, let's start with the very basics. CyberHaven delivers a a data security posture management solution that extends our data security platform capabilities. Our DSPM discovers, classifies, and catalogs sensitive of the Security teams simply point to the sources you want to scan. The entire process of connecting to new sources takes few seconds. From there, you get a single view of health and status of your connections. Before we get into demo, let me reiterate. With DSPM, now customers can see complete lineage from endpoint all the way into the cloud. Customers, in fact, asked us to bring the same deep context and lineage they have on endpoints into a full DLP and DSPM solution. With DSPM, we not only show all the hops across the cloud but can also connect them from the endpoint across all your major SaaS, IaaS, PaaS, and other collaboration platforms. That is why we position Cyber Haven as industry's first context aware data security posture management solution that unifies both DLP and DSPM capabilities. In addition to lineage, all the data is connected intelligently between dspm and endpoints. You can connect not just the labels associated with that data to understand the redundant obsolete trivial data but you can also connect those dim data in motion events to the data at rest information at scale. So with that let's pivot into our DSPM demo. As you know, we protect data on your endpoints, Windows, macOS, Linux, workstations using our agents. Think of us as a flight recorder for your data. We monitor file operations when user open, upload, download, copy, move, compress, extract, or rename files. From the moment you install the agent, no policies are required for us to start understanding that metadata. We immediately log and collect that rich metadata about those file correlation engine behind the scene. We take all the raw metadata for every file operation. We derive the lineage of every file or piece of content that is moving throughout your environment. We use that lineage to understand sensitivity, who created the data, where it came from and how it has been used and why that matters for classification and for downstream controls. Here is the risk overview. We are aggregating metadata about the sources and the destinations of these file operations. We pull telemetry via endpoint agents, browser extensions, and API connectors for both data at rest and data in motion across your cloud and endpoint data sources. So now in addition to these endpoint sensors, we have cloud sensors for all major repositories. Customers set these up in connector section. We document the permissions and scopes required for each sensor so teams know exactly what access is needed. Once configured, you get a a single view of sensor health and status across all data sources. So you can quickly see what is connected, which are scanning, and which might need attention. The backward and forward scan is happening automatically. The system is not waking up every couple of months to catch up. We are actively monitoring. And even during backward scan, a file is changed, we pick that data and scan again. So you are catching up with updates near real time. I would also highlight that we designed it this way based on the feedback from our design partner customers because it is critical to not wait on for a day or a week or a month, which would have left our customers' data at risk longer. While our scanning engine allows us to be fast and performant, we also prioritize the forward scans so that the activity that is higher risk happening in real time is prioritized over and above the backward scan. We also pick up an endpoint activity that happens in real time, thereby ensuring all the data in motion events or forward scan events are prioritized above the backward scan events. Once connectors and sensors are running, we start to classify the data in four main ways. First, we support traditional content inspection, regular expressions, pattern matching, exact data matching, proximity checks, and keywords. We offer more than 300 out of the box policies aligned with major compliance frameworks, and you can create your own custom rules. What is is unique is our AI classifiers. If you want to classify something as financial document, you don't need to write a regular expressions for credit card or bank card numbers in there. Instead, you define the intent in natural language, including inclusions and exclusions, and you can easily test and refine that prompt. There is no operational overhead. You do not have to pretrain with us using sample files. You can upload content to see how it would be classified for testing. Another differentiator is provenance, which really only CyberHaven can provide at this level of depth. A document that looks like a highly sensitive financial record with social security numbers, bank information, PII might actually be a personal tax return. We can recognize that as a personal document and avoid blocking and even generating false positives. On the other hand, system is smart enough to recognize pay stubs not that are not mine and those are treated as internal data. Once the labels and connectors are in place, we start logging and cataloging all data at rest and all events for data in motion. And we give you ways to visualize and explore it. This also addresses our customer's use case around compliance and auditing and reporting, which is critical for customers in regulated industries. This is the explorer page. Here, you can pivot on type of data, the patterns, and provenance to to identify areas of risk. Say, I have initiative to find all financial data in my environment. You can click on financial document here and see the document label I'm interested in, which apps have those documents? And I can even filter those further based on my needs. Maybe I only care about internal financial documents, not personal ones. If someone is doing their taxes in work machine, that's not what I want to chase. So I filter the provenance to internal that immediately cuts the shutdown across my repositories. From there, I can further filter by specific SharePoint instances or other app instances, clicking through to see label details such as report that analyzes, summarizes, communicates financial information. So that is a a simple English based prompt for my financial document, and I can change it to suit my needs but also add additional inclusion and exclusion criteria as needed. From Explorer, I can open the data in the catalog. The filters are sticky across the top, so I'm still scoped to the financial data and internal provenance. At a glance, an analyst sees short natural language description of each file. No need to open it to understand what it is. As you can see, this is the third example of how the AI is not bolt on but ingrained into our architecture ground up. You also get low level metadata like hash, creator, and all the places where this data resides. If I want to look at data in motion events for this data, I can click through the events view and see that granular DLP style records. We also show the copies and the locations. For example, one particular dataset might be residing on multiple endpoints, additional additional apps, or even mailboxes. This is the power of unified context aware AI first data security platform. As I promised at the start, a holistic visibility of data at rest in motion for both structured and unstructured data across endpoint, on prem, and cloud repositories even when it is flowing between these areas. Couple of thoughts around the policy engine. Our policy engine is smart. It is front ended by AI assistant. So that basically means customers define the intent and the AI assistant helps them create the policy. I wanted to show a DSPM solution that is integrated tightly with DLP provides you flexibility to start whether at a DLP journey or DSPM journey, but it gives you holistic visibility of your entire data whether it is at rest or is it in motion across endpoint on prem or across the cloud? Autonomous detection and protection that is intelligent contextual and predictive at scale. Last but not the least frictionless experience for end users and analysts. Security should not slow productivity or force painful trade offs between protection and innovation. Thank you for spending your precious time with us. We are looking forward to working with you. You can reach out to CyberHaven sales or your customer success team to learn more about DLP, DSPM, AI security, or insider risk management programs. Thank you.