The SecuPi platform seamlessly integrates with Data Mesh tools, such as Starburst/Trino, Denodo, Aerospike, etc., providing automated enforcement of data access policies and data protection operations to quickly comply with real-life scenarios. SecuPi Policy Definition Point (PDP), provides a centralized data governance and security control-plane, with a UI based administration console.
SecuPi leverage attribute from various sources within the organizational ecosystem, to enforce consistent, contextual Attribute-Based Access-Control (ABAC) and access on a ‘need-to-know’ basis.
The SecuPi Policy Enforcement Points (PEPs) are self-contained, maintain the policies distributed by the PDP and execute these in real-time, consistently across data processing (consumption and ingestion) tools, data consumers and platforms.
PROTECTING DATA IN DATA-MASH
Data-mash tools access to data sources through a unified data-mash layer. However, data-mash tools lack similar abstraction of security and access-policies, resulting high costs and complexity.
To streamline operations and eliminate duplications of security policies, the SecuPi Policy Enforcement Point is deployed on the datamash provider cluster (e.g. Starburst Coordinator cluster). The PEP enforces the data access policies for the respective data consumer (human or machine) accessing or processing the data, ensuring data access on a need-to-know basis.
The full transaction audit log is captured and available in real-time within the SecuPi PDP and further exported to the customer’s SIEM/SOC for further processing and enrichment.