AIARCOASC Docs

DSPM

Data Security Posture Management: find sensitive data, score risk, drive egress policy.

What it is

DSPM connects to your data stores (managed relational databases, object storage, warehouses) and classifies what's in them (PII, payment cards, health data, secrets, credentials). Findings feed a posture score per store and per project, and can drive egress policy automatically.

When to use it

  • Find where PII actually lives — even when nobody documented it.
  • Prove to an auditor that PII never leaves a region.
  • Block exfil based on classification — not allowlist.

Quickstart

asc shield dspm connect postgres prod --uri postgres://...
asc shield dspm findings list --severity high
client.shield.dspm.connect(kind='postgres', name='prod', uri='postgres://...')
client.shield.dspm.findings.list(severity='high')
await client.shield.dspm.findings.list({ severity: 'high' });

Limits & quotas

LimitDefaultBurstNotes
ConnectorsPostgres, MySQL, object storage, warehouse
ClassifiersPII, PCI, PHI, secrets, credentialsCustom on Enterprise

Pricing

See pricing. Pay-as-you-go, billed monthly via Stripe.

API surface

  • POST /v1/shield/dspm/connections
  • GET /v1/shield/dspm/findings

Required scope(s): shield:read, shield:write. See Scopes.

Security

All access is authenticated and scoped. See Auth & scopes and Network controls.