A critical aspect of DDR is knowing when a particular cloud resource has been accessed and what entity or entities were involved. DSPM captures and displays this information for every resource in your onboarded accounts.
Leveraging the CloudTrail details associated with your accounts, scans looks for resource access details with timestamps and then lists out information including:
- Users, Roles, Resources
- External or Not
- Types of Access Granted (Access Type)
- When Granted (Created At)
- (When) Last Accessed
Access Details provides real-time information identifying all data stores with sensitive data which have been accessed in the past hour. The columns “Access Granted”, “Last Accessed” are populated with the data from this feature.