Frequently Asked Questions

What is Query Layer?
QueryLayer is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data across the cloud.

What are the key benefits?
QueryLayer uses machine learning and pattern matching to cost efficiently discover sensitive data at scale. We automatically detects a large and growing list of sensitive data types, including personally identifiable information (PII) such as names, addresses, and credit card numbers. It also gives you constant visibility of the data security and data privacy of your data stored in the cloud. 

How do I get QueryLayer?
QueryLayer is a cloud native sensitive data detection service. There is no deployments, installation, patching, managing or updating. We integrate directly with your SaaS and data infrastructure products via APIs. This integration is via token-based authentication which allows us to request a limited access token to access the data that these services hold. We are hosted in AWS. We never store or host sensitive data. We retrieve the data, scan within AWS and then discard once the scan is completed. The data continues to reside within the third party services unless you request one of our workflows to delete or modify the data at source. 

How long does it take to get up and running with QueryLayer?
QueryLayer deployment is instantaneous. Once you authenticate and we have token-based permission then we can immediately monitor the source. We are cloud-native and integrate directly via API. This lets our customers get up and running within a few minutes. For SaaS apps like Slack, Confluence, and GitHub, there's no additional configuration or setup required beyond installation. We know exactly what you need to be looking for. 

How does QueryLayer work?
As a starting point we use state of the art natural language processing models which have been pre-trained by Google on some of the largest datasets in the world. We augment these models with datatype specific training sets. The resulting models are used to semantically tag and classify data.

Conventional approaches look at the specific token itself and do not consider the context surrounding a given token in order to classify it. Our approach performs equally well on unstructured and ambiguous data. QueryLayer parses and scans all of the most common file types, including images, screenshots, PDFs, etc. And importantly,  we do not store or track your sensitive data. Our classifications are fed into the QueryLayer platform so you can review & act on the findings. Or use our REST API to build your own workflows using our classifications. 

What types of data does QueryLayer classify?
We classify over all types of sensitive data, including personally identifiable data (PII), protected health information (PHI), payment card information (PCI), credentials & secrets. These data types support compliance regimes like HIPAA, GDPR, HIPAA, PCI-DSS. QueryLayer also provides you the ability to add custom-defined data types using regular expressions to enable you to discover proprietary or unique sensitive data for your enterprise. 

For instance, you might have a specific format for your employee IDs. These custom and often sensitive data types are unique to each customer and are not shared or exposed to other customers. Finally, if there is any data type missing that you need. Simply tell us and we will make it available. 

How does QueryLayer integrate with SaaS services?
QueryLayer integrates directly with your SaaS services. In most cases, installing takes just one click via OAuth. Using SaaS native APIs, QueryLayer monitors content in real-time, and you'll receive notifications when sensitive data is detected.

Does QueryLayer require data to be already tagged?
No, QueryLayer doesn't require data to be pre-tagged. QueryLayer uses machine learning to detect types of sensitive data. It detects these automatically. This includes forms of PII, PHI, PCI, and other sensitive content. Our models leverage context surrounding a specific token to properly identify and classify it, which dramatically improves accuracy over traditional rules-based approaches to DLP.

How does QueryLayer save time?
QueryLayer saves time by automating data detection, classification, and protection of sensitive data. No manual workflows tagging data, auditing data sources or training staff to recognise sensitive data. With QueryLayer you get out of the box automatic workflows to take action on sensitive data proactively, which means you'll reduce time spent manually responding to alerts and reduce time to resolution.

How does QueryLayer make my organisation more secure?
For enterprises who are either moving to the cloud or consider themselves cloud native, sensitive data is sprayed across more and more third-party services like Slack, GitHub, and Intercom. It's a major challenge to see what data is in these silos and is being transmitted across them in real-time. Moreover, data is increasingly complex & unstructured and is created at an unprecedented rate, making it impossible to consistently tag and keep track of. All of this data can be subject to security risks, in the form of data filtration or leakage outside your organisation, resulting in a breach. Likewise, you may be subject to compliance regimes that dictate your use & protection of customer data, such as HIPAA, GDPR, CCPA, and PCI-DSS.

QueryLayer alleviates these burdens by automatically discovering & classifying sensitive data, giving you visibility into your cloud apps, and giving you the ability to respond & mitigate instances of data sharing or data loss that represent security or compliance risks to your business. With these controls in place, you'll have greater visibility into how sensitive data is stored, managed, shared, processed, and protected within your organisation, and reduce the likelihood that this data is compromised by malicious or inadvertent activity.