Detect Hidden Data Access Risks. Defend Against Insider Threats.
What is it?
The Data Security Assessment (DSA) is an agentless audit of data access behaviour across IT environments. Using advanced integrations, the DSA rapidly identifies anomalous activity, unauthorized access, and data exfiltration risks—all in a single scan.
It’s not just about monitoring. It’s about understanding who accessed what, from where, using which app—and whether they should have.
What does it do?
The DSA scans your cloud and hybrid cloud environments to produce a detailed report of data access anomalies, based on:
Mail box access logs: Unusual access from foreign IPs, unauthorised mailbox opens, geo anomalies
Fileshare downloads including from SharePoint and OneDrive: Suspicious file downloads using third-party tools or unmanaged devices.
Geo & IP Tracking: Data accessed from cities and IPs outside of your organisations known estate.
App Usage Patterns: Interactions by unexpected or unmanaged OAuth apps
Everything is evaluated against your known good baselines (IP addresses, locations, target UPNs), and results are output as structured, reviewable artifacts for compliance or triage.
Why do I need it?
Modern data breaches aren’t just technical - they’re behavioural.
And most start from within.
74%
of breaches involved human elements like stolen credentials or misuses of access
58%
of Microsoft 365 administrators have excessive permissions
70+%
of insider threat cases go undetected for more than 90 days
Your organisation stores into most sensitive information - emails, documents, customer records - in Microsoft 365.
A DSA helps shine a light on unauthorised access before it becomes a headline
1. Verizion Threat Report 2024; 2. Valence Security, 2023 SaaS Security Report; 3. Proofpoint Insider Threat Report 2024