Theom identifies PII, PHI, financial information, and trade secrets using agentless scanning and NLP classifiers, which support custom taxonomies. Theom discovers dark data, data that’s never accessed and shadow data, data whose security posture is different from the primary copy. Theom pinpoints confidential data, e.g., developer keys, in APIs and message queues. Theom estimates the financial value of data to help prioritize risks.
Theom maps the relationships between data, access identities and security attributes to uncover the risks to data. Theom shows how high-value data is accessed by identities (users and roles). Security attributes including user location, atypical access patterns, over-provisioned access, data location and encryption status contribute to data risk. Theom provides a normalized view of data-access relationships regardless of the underlying data store or entity type.
Theom tracks risks to data stores continuously and provides a single view for all users so everyone is aligned on data risks. With every risk, Theom provides criticality and financial impact to help prioritize fixes. Theom provides one-click workflows for remediation with automatic verification.
Theom ensures data security, assurance, compliance controls follow data even as it is transformed, copied or shared–like a bodyguard who always accompanies high-value assets and adapts security to changing environments. Theom abstracts the technical differences across stores, and harmonizes controls consistently. Theom aligns your existing cloud security controls (IAM, infrastructure, and database) to ensure data is protected.
Theom identifies risks to data and compliance violations continuously. Theom provides rules that incorporate best practices for data store access, security, compliance with CIS, OWASP, NIST, HIPAA and HITRUST regulations. Theom automatically pushes rules from its cloud to give you up-to-date protection against recently-disclosed cloud ransomware and breaches.