DSPM (Data Security Posture Management).

A class of tools that discover, classify, and continuously monitor sensitive data across multi-cloud, SaaS, and data-lake environments, then surface posture risk such as exposed PII or over-permissioned datasets. Pertence à categoria Segurança em nuvem da cibersegurança.

A class of tools that discover, classify, and continuously monitor sensitive data across multi-cloud, SaaS, and data-lake environments, then surface posture risk such as exposed PII or over-permissioned datasets.

Data Security Posture Management (DSPM) emerged as a recognized category around 2022 to cover what CSPM and DLP missed: the data itself. A DSPM platform crawls cloud storage (S3, GCS, Azure Blob), databases (RDS, BigQuery, Snowflake, Redshift), data lakes, SaaS apps (Drive, Box, Salesforce), and unstructured stores, then classifies what's there (PII, PHI, payment card, source code, secrets) and links each data store to its access graph — which IAM principals, applications, and humans can reach it, and how. The output is a posture view: 'this Snowflake database contains EU PII, is accessible by a service account whose key is also in a public Lambda environment variable, and has not been read in 14 months.' DSPM features overlap with CSPM (configuration), CIEM (identities), and traditional DLP (egress), and the categories are converging into broader CNAPP and 'data-first' security platforms. Vendors in the space include Cyera, Dig (acquired by Palo Alto Networks), Sentra, BigID, Rubrik (Laminar), Wiz Data Security, and Symmetry.

As defesas contra DSPM (Data Security Posture Management) costumam combinar controles técnicos e práticas operacionais, conforme detalhado na definição acima.

Nomes alternativos comuns: Data Security Posture Management, Cloud data security.