Cavelo uses cookies 🍪 to improve performance and user experience, to provide certain user functionality, as well as to distinguish you from other users when you use our website. Read our Privacy Policy for more information.

Cavelo Announces Data Access Capabilities to Mitigate Security Breach and Systems Misconfigurations Risk

Posted by
Mandy Bachus
Published on
October 18, 2022

New Data Access Discovery Features Limit Internal and External Access to Sensitive Data

WATERLOO, Canada – October 18, 2022 – Attack surface management technology provider Cavelo Inc. today announced the release of data access and data permissions capabilities to support identity and access management (IAM) initiatives.

The volume of data businesses use, store and share constantly rises due to distributed workforce models, cloud adoption and a growing reliance on connected systems. As a result, sensitive company data is frequently copied or moved to external systems and collaboration tools. Legacy data permissions practices struggle to audit data access by type and location, increasing data exfiltration and regulatory non-compliance risk.

“Insider error like system misconfigurations and accidental permissions are leading causes behind countless data breaches,” said James Mignacca, CEO at Cavelo. “Identity-based attacks are successful because attackers are able to target and exploit company officials who have access to data based on title, rather than function. Many organizations struggle to know where company data resides and who has access to it, especially as many teams rely on error-prone manual processes.”

The Cavelo platform combines security best practices with automated solutions to help organizations understand where sensitive data resides, how it’s protected, where it’s used and who has access to it. Powered by machine learning, the platform continuously scans company on-premises and cloud servers, desktops, cloud applications and digital assets to identify, classify, track, protect and report on sensitive data.

Newly released data access features include:

  • Data permissions automation – leveraging automated data discovery, classification and access control capabilities to categorize documents and automate access based on data type and classification.
  • Data access notifications – enabling real-time notifications via email or through company workflow management systems when sensitive data is accessed.
  • Data access review – allowing IT and security professionals the ability to review data access, adjust permissions and run risk reports.
  • Attack surface insights – providing real-time vulnerability information and risk scoring to support operational and security decision making based on data location, type and access permissions.
  • Cloud service integration – offering API integration with cloud services including Microsoft and Google for active directory permissions management.

All businesses have a fiduciary and regulatory obligation to demonstrate that appropriate measures are in place to protect sensitive company data from both unintentional and malicious exfiltration. Inappropriate and nonessential data access permissions expand an organization’s attack surface and increase the risk of costly attacks like ransomware and spear phishing.

“We’re seeing a counter-intuitive technology shift that’s complicating how systems administrators audit company files and who has access to them,” said Mignacca. “In order to strengthen the organization’s security posture, administrators need a multi-dimensional view of the business’s threat landscape that doesn’t require aggregation or additional resources. Zero trust comes down to limiting data access, and that starts with data discovery and classification. By understanding what sensitive data an organization has, a systems administrator can effectively limit access to it.”


About Cavelo

Cavelo helps businesses achieve attack surface management with automated data discovery, classification and reporting. Its cloud compatible cyber asset attack surface management (CAASM) platform continuously scans, identifies, classifies and reports on sensitive data across the organization, simplifying compliance reporting, vulnerability management and risk remediation.