Initially, it was to get an idea of where sensitive data was, but now, the way I've been using it is to supplement our CNET where we have a view list. So, when I get the findings there, I'll go look in Cyera and make sure that there's no sensitive data, and if there is, that'll help me build a better story when I go to get it remediated by the stakeholders.

We're using its latest version. It's deployed on Azure and AWS.

It has been an added benefit for me in dealing with vulnerabilities and other risks.

I like how they model the data. They find data in different places that we didn't know, and they can give us a good idea if it's sensitive or not. They understand whether or not something is in the right region because, with the cloud posture management tool, we could see certain things in the infrastructure, but the way they dig into the data is what we like.

Anytime I ask them for something that they don't have, they're always willing to go in and start building it. They're pretty fast. It's what I like, and they take feedback well. Ultimately, they just need to add a few things in the UI from an enterprise perspective, but outside of that, they've put in integrations. They work with us and help us where we're stuck on things. They keep building out new functionality. I like it. They're starting with this posture management tool, but they're scanning out and looking at other data sources and other ways to protect the data. They just released a detection and response feature. I really like what they're doing.

They need to add a few things in the UI from an enterprise perspective. It's more along the lines of being able to self-service, have integrations, build alerts, and things like that. Outside of that, they work with us on the API and getting alerts into our SIEM and things like that. There's always a way to do something, and they're always available, which is nice.

I'd like to add support for Box and maybe some open support for additional data store companies, Elastic searches, and things like that. There could be some more integrations, but when that happens, we ask the question, and they start working on it.

I've been using this solution for a few months.

I don't think I've ever had an issue with it going down. In terms of bugs or issues, it has never been anything too crazy. It has been very minor. If anything, it was just like a feature enhancement.

It's primarily our team that's using it. We also extend access to some devs or infrastructure engineers for added context, but it's primarily used by the security team. We have five or six people on the team.

It's scalable. I haven't seen it having an issue with scaling, especially because there are no agents, and there's no infrastructure. You have to roll it on your end. It's all permissions, and it's all cloud-based, so everything just works.

It's used daily. I go in there and look for things. Sometimes, I'll get an alert, and I just go back into it to check what kind of data is in that data store. It gets a lot of use. We've automated alerts around it.

We have a direct Slack channel with them, and we work with their solutions engineers or architects. We get very good support from them. I'd rate them a ten out of ten because they're very helpful. They take good feedback. They're great to work with.

We weren't using any similar solution in this space. We had whatever was included with Microsoft. It was Microsoft Purview, but it was pretty messy. There's just so much going on there.

We went with Cyera because they were very good at building a relationship with us. When we talked to them, they were talking about integrations with different vendors. The main thing that we were looking for was an integration to understand sensitive data in MongoDB Atlas, which is the cloud version of MongoDB. No one else is really looking at that. From a DSPM perspective, it was nice to have something that was agentless, easy to set up, and something that could eventually integrate with our other tools. So, the main thing was the ease of deployment, the agentless solution, and the fact that we could get all data storage in here for the scanning of sensitive data.

It's easy, as long as you have access. That's what we really like about agentless solutions. You give it permission, and it just goes and scans around.

It took minutes. It's very fast. The only thing that takes a long time is if you have large data stores. In that case, it would take a while to scan and model the data, but for some of the smaller data storage, we started seeing results pretty quickly. The deployment itself takes minutes.

It was implemented in-house.

I haven't seen any other quotes from other companies, but products like these are not cheap. They come at a price.

I don't know how much exactly it costs, but I know that it's a yearly thing. It's something that will cost money for any company because they're storing all this information. They're doing all this machine learning, and there are a lot of services on their backend that they got to pay for. I'm sure it gets translated back to the customers unless you have everything completely on-prem. If you're not doing much in the cloud, then I could see how it'd be cheaper, but if you have anything that's cloud-hosted and does all the work for you, there's going to be a cost associated with it.

The licensing has been pretty straightforward. The pricing was on a per gig or per terabyte basis, and then everything was included in it including support. Their support has been good.

I'd definitely recommend it, but you should always look at a few things and see what's good for your environment. That's because some people might have a few different data sources. They might not use a cloud, CSP, or a certain vendor. From what we've experienced, it has been nothing but good.

I'd rate it a nine out of ten because I feel some of the things that we need aren't there yet, such as the Box integration and some of the UI features. Outside of that, they make up for it by keeping an open dialogue and fixing it. I really like dealing with this company.