Securing Access to Sensitive Data Queried With Amazon Athena Within Minutes
Satori helps companies streamline access to data in Amazon Athena by automating access controls and security. With Satori for Amazon Athena, data teams can implement a wide variety of access controls and enforce security and compliance policies without writing code or changing existing data flows.

Key Benefits
Self-Service & Approval Workflows to Amazon Athena
Satori simplifies access control by enabling self-service and approval-based access controls, as well as RBAC and ABAC. Satori does this without adding code, database objects or modifying existing data flows. These capabilities streamline access to data so that more users can access data faster while enforcing compliance and security policies.
Security, Compliance, and Privacy Operations for Amazon Athena
Satori seamlessly integrates into your data operations and automatically applies security, compliance, and privacy policies in Amazon Athena. Satori continuously identifies and tags PII and other sensitive data, applies relevant policies, and generates compliance reports.
Codeless Fine-Grained Access Control for Amazon Athena
Satori enforces granular security controls such as row-level security, column-level security, dynamic masking, and ABAC (attribute-based access control). Apply the access restrictions within minutes without writing additional code or adding any database objects. Define access controls in a human-readable UI using an API or with the Terraform provider for Satori.
Capabilities
Simplified Access Control
- Reduce Complexities in Data Access & Roles - Easily apply access control, including fine-grained access control in Amazon Athena and other data platforms.
- Universal Data Masking - Masking, anonymization, and data redaction profiles applied to known and unknown locations of sensitive data, including to semi-structured data.
- Happy Data Engineers - Security policies can be applied easily without wasting precious data engineering resources.
- Users Directory - Organize your Amazon Athena users by access groups and scale RBAC implementation without writing code or polluting your Amazon Athena account.


Continuous Data Discovery & Classification
- Continuous Data Classification - Out-of-the-box, real-time classification and tagging for sensitive data for structured and semi-structured data.
- Data Inventory - Autonomous data inventory with continuous classification.
- Custom Classification - Add new classifiers based on your specific business needs.


Decentralized Data Access Workflows
- Distributed Stewardship - Delegate data access management and assign business owners to datasets.
- Approval & Self-Service Workflows - Just-in-time, secure, and compliant data access with automated workflows.


Data Auditing & Monitoring

- Data Access Audit - Complete data access audit with identity and data context including built-in reports for compliance and security.
- Aggregated Auditing - Investigate access and query logs from Amazon Athena, as well as data from other data platforms, in one place.


How It Works



“The moment you make the secure way slightly more complicated or slower, people will go the non-secure way. You need to make secure data the fastest way of getting things done and that’s what we do with Satori.”

Dr. Diederik Van Liere
VP Data Science and Engineering, Wealthsimple
“We have built a custom ACL (Access-Control List) engine with Satori, that maps to the organizational hierarchy of our customers That’s what makes our healthcare data platform so specialized for this market. You can easily take that hierarchy and put ACL structures in place to say, as you go higher up in the structure, you get broader access, but you can still limit the access for each level: that’s where data masking, data access policies, and data auditing capabilities of Satori are extremely important.”
Arun Buduri
VP of Engineering, IT and CISO, Innovaccer

“We have all of the data regimes that require the controls that must be implemented for GDPR or region-specific requirements like those for Australia, Brazil, or the US.”
“Being able to have an effective line of sight on which data resides where, how internal stakeholders are consuming that data, and what they need to be successful within their role without increasing the risk of data breach or exposure for their organization – that’s the “why” for DataSecOps and Satori.”

Chaim Mazal
SVP of Technology and CISO, Kandji
Have Any Questions?
Yes. Satori does not abstract your data or modify your interface or protocol for accessing data.
Satori is a SaaS service, so no installation is required. Once your account is active, you can configure your AWS Athena connection within minutes, and start using Satori.
Satori requires data consumers to change the Amazon Athena connection string in their data query tool.
No. Satori works with your existing drivers and tools.
No. Satori does not require any such access.
No. Satori supports your existing authentication scheme.
None. Satori does not create any tables, views, or schemas or make any changes to your configuration.
Satori does not add any meaningful latency to queries.
All AWS, GCP and Azure Regions.
Both options are available.
No.