Okera Spotlight Provides Critical Usage Insights to Mitigate Data Lake Risk

Okera, provider of a platform for discovering, auditing, and protecting data at scale, has announced Okera Spotlight for Amazon Web Services (AWS), a solution to provide full visibility with real-time and continuous audit of Amazon Simple Storage Service (S3) data lakes. Okera Spotlight applies tagging rules to automatically identify sensitive data and provides access patterns across the data lake. This enables data lake owners and stewards to get actionable insights to mitigate risks associated with data breaches and evolving privacy regulations.

According to Okera, the new solution includes two main features: Data Classifier and Visibility & Insights. The solution crawls the data lake to detect sensitive data which can be auto-tagged based on rules. It offers a holistic view of data lake activity, which enables data lake owners to answer important questions such as: 

  • What data is being accessed in the lake, especially sensitive data? 
  • Which users have accessed sensitive data? 
  • Which tools are accessing the sensitive data and how much did they read?

“Data lake owners, whether just starting on their journey or with very large deployment, are looking for one place to monitor every actionable activity across their data lake in real-time. Despite a plethora of tools in the marketplace, no single tool captures all activity in one place such as identifying users and applications as well as data size and type,” said Nong Li, Okera CEO and co-founder. “Okera Spotlight can be installed in under an hour, works with all existing applications, and offers actionable insights immediately, including full visibility into data lake usage and access patterns for sensitive data without being in the data path for any applications.” 

Okera Spotlight crawls the data lake and builds upon data from AWS CloudTrail to automatically discover schemas and apply rules for tagging sensitive fields at scale. The solution automatically identifies sensitive data such as credit card numbers or email addresses. Users can also create tags and rules to find their own domain-specific data. This enables data owners and stewards to gauge the risk from governance and regulatory exposure.

The enriched audit activity can be integrated with SIEM and log management tools such as Splunk or Sumologic. Through a real-time dashboard or in conjunction with existing workflows, data stewards and security personnel can see anomalies in data access patterns and potentially prevent a data breach attempt from being successful by configuring alerts.

In addition, with Okera Spotlight installed, organizations can upgrade to the Okera Active Data Access Platform, which allows businesses to create and enforce policies for unified access control on their sensitive data.

For more information, go to