Overview
Security Analysis Tool (SAT) is a comprehensive security assessment solution that analyzes your Databricks account and workspace configurations, providing actionable recommendations to help you follow Databricks security best practices.
SAT compares your workspace configurations against a curated set of security best practices and delivers detailed reports for your Databricks workspaces on AWS, Azure, and GCP.
Why Use SAT?â
Databricks has worked with thousands of customers to securely deploy its platform, leveraging security features that meet diverse architectural requirements. While security implementations vary across organizations, there are commonly adopted guidelines and features used by organizations with high security standards.
SAT helps you:
đ Identify Security Gaps
Automatically scan your Databricks environment to find deviations from security best practices.
đ Prioritize Risks
Get recommendations ranked by severity (High, Medium, Low) to focus on the most critical issues first.
đ Access Documentation
Each recommendation includes direct links to relevant Databricks documentation for easy implementation.
â
Verify Compliance
Ensure your configurations align with industry standards and organizational security policies.
What SAT Analyzesâ
SAT performs comprehensive security checks across multiple dimensions:
- đĄī¸ Network Security - Firewall rules, IP access controls, VPC configurations
- đĨ Identity & Access - Authentication, authorization, user management
- đ Data Protection - Encryption, data access controls, secrets management
- âī¸ Governance - Audit logging, workspace settings, policies
- âšī¸ Informational - Configuration insights and recommendations
Each check identifies opportunities to harden your Databricks configurations, services, and resources, with clear explanations and remediation guidance.
Important Considerationsâ
SAT is a productivity tool designed to help verify your security configurations against Databricks best practices. It is not intended to serve as a certification or formal attestation of your deployment's security posture.
Before Making Changesâ
Please review the SAT report with your:
- â Business stakeholders
- â System administrators
- â Security team
- â Compliance auditors
Key points to consider:
- đ Not all deviations require immediate mitigation
- đ° Some recommendations may have cost implications
- đ Some security features may have dependency limitations
- đ Always review the associated documentation before making changes
For more security guidance, visit the Databricks Security and Trust Center for comprehensive resources and best practices.
Project Updates & Supportâ
Continuous Improvementâ
The SAT project is regularly updated to:
- ⨠Improve check accuracy
- đ Add new security checks
- đ Fix bugs and issues
- đ Enhance reporting features
Getting Helpâ
đ§ Feedback & Questions
Contact us at sat@databricks.com or open a GitHub issue
đ Updates
Watch the GitHub repository for the latest releases
Project Supportâ
Important Support Information:
- â ī¸ This code is provided for exploration purposes only
- â ī¸ Not formally supported by Databricks under any Service Level Agreements (SLAs)
- â ī¸ Provided AS-IS, without warranties or guarantees
- â ī¸ Do not submit support tickets to Databricks for issues with this project
How to Get Help:
- đ Submit bugs or issues as GitHub Issues
- â° Issues will be reviewed as time permits
- đ¤ Community contributions are welcome
Licensing:
- đ Source code is subject to the Databricks LICENSE
- đ Third-party libraries are subject to their respective licenses