Skip to main content

Functionality

The Security Analysis Tool (SAT) is an observability utility designed to improve the security posture of Databricks deployments. It helps you identify deviations from established security best practices and monitor the security health of your Databricks workspaces.

SAT Functionality Overview

Core Features

How SAT Works

SAT is typically run daily as an automated workflow within your environment:

  • Data Collection
    Collects configuration details from Databricks accounts and workspaces via REST APIs.

  • Historical Tracking
    Persists results in Delta tables within your storage environment for historical tracking and trend analysis.

  • Centralized Reporting
    Displays results in a centralized Databricks SQL dashboard, categorized into five distinct sections to help stakeholders review relevant workspace settings.

Security Categories

SAT evaluates over 60 security best practices across five key categories:

  • Network Security - Network policies, VPC configurations, and network isolation
  • Identity & Access - User management, group memberships, and access controls
  • Data Protection - Encryption, data classification, and data governance
  • Governance - Compliance, audit logging, and policy enforcement
  • Informational - Observations and recommendations for continuous improvement

Severity Levels:

  • High - Critical issues requiring immediate attention
  • Medium - Important issues to address soon
  • Low - Minor issues for continuous improvement

Getting Started

  • Installation Guides - Set up SAT using standard installation or Terraform
  • Usage Guide - Instructions on running workflows, viewing dashboards, and customizing security checks