Concentric and other vendors such as Varonis and Netwrix are some of the players in the data security marketplace, all offering their own set of features.
Each company takes a different approach to data risk monitoring and protection, data access governance, data discovery, categorization & classification, remediation, and data stores support.
But only one solution stands out as comprehensive enough to fully support and maintain an organization’s data security posture.
Below is a table summarizing the most important features for robust data security posture management.
A more detailed discussion about these features and how Concentric stands out follows the table.
Jump right to the bottom line for the key bullet points here.
Competitive Comparison
Sample vendors |
Concentric AI |
Varonis, Netwrix/Stealthbits, Spirion |
|---|---|---|
| Platform | ||
| SaaS | Yes | No |
| Private cloud | Yes | No |
| Agent based | No | Yes |
| Works out of the box without rules, regex or upfront policy | Yes | No |
| Accuracy for PII/PCI/PHI | High | Low |
| Accuracy for all biz critical data (contracts, PHI records, design docs, legal etc) | High | Low |
| Data Discovery and Categorization | ||
| Rule based or Pattern matching based discovery of PII/PCI | No | Yes |
| Rule-less or AI based discovery of PII/PCI with context | Yes | No |
| Rule-less or AI based discovery of all biz critical data – contracts, financial docs, NDA, PHI records, source code, design docs | Yes | No |
| Data categorization all biz critical data – PII/PCI, biz confidential data such as contracts, NDA, financial docs, source code | Yes | No |
| Discovery of secrets and keys embedded in unstructured data | Yes | No |
| Classification reliant on end users | No | No |
| Central AI based data classification | Yes | No |
| Data Risk Monitoring | ||
| Data Risk Profiles (Data at risk of being inaccurately shared, wrong location, mis classified etc) | Yes | Very limited |
| Data Access Reviews | Yes | Yes |
| Data Activity Monitoring | Yes | Yes |
| Data risk detection (classification mismatch, wrong entitlement, risky sharing, unauthorized access…) | Yes | Very limited |
| Ransomware detection with context | Yes | Limited |
| Data security incident investigation | Yes | No |
| Employee offboarding | Yes | Limited |
| Thematic search of data | Yes | No |
| Duplicate and near duplicate data detection and remediation | Yes | Limited to duplicates only (no near duplicates) |
| Data Protection | ||
| Auto categorization and classification (including integration with third party like MIP for label application) | Yes | Limited |
| Classification remediation | Yes | No |
| Permission/Entitlement remediation | Yes, including permission remediation | Limited |
| Data management (deletions, moving..) | Yes | Limited |
| Data Stores Support | ||
| Cloud data stores (O365, Box, Dropbox, GDrive, S3..) | Yes | Yes |
| Email and messaging (Exchange, Slack, Teams) | Yes | No |
| On premises data stores (Windows file shares, EMC, NetApp etc) | Yes | Yes |
| Structured data (Snowflake, SQL, BigQuery, RedShift…) | Yes | No |
Concentric: Agentless, SaaS-based and easy to deploy
First, and most critically, Concentric operates on a Software as a Service (SaaS) model, making it a flexible and readily available solution for businesses of all sizes, types, and industries. Concentric works wherever your data is stored: in the public or private cloud, on-premises, structured or unstructured.
But what truly sets Concentric apart is our ability to work effectively straight ‘out of the box,’ without the need for pre-configured rules, regex, or upfront policy. This intuitive functionality, coupled with a high degree of accuracy in identifying Personally Identifiable Information (PII), Payment Card Information (PCI), and Protected Health Information (PHI) makes it a robust choice.
Concentric has demonstrated a high level of accuracy in identifying all business-critical data, including contracts, PHI records, design documents, and legal documentation.
In contrast, Varonis and Netwrix offer solutions primarily focused on an on-premises software model. These solutions are also heavily agent-based systems, as opposed to Concentric’s agentless platform. Plus, they often require the establishment of rules, regex, or upfront policy for proper function, meaning they are much less “plug-and-play” compared to Concentric. As for data detection accuracy, these vendors have shown a lower level of precision in identifying PII, PCI, PHI, and other business-critical data.
Data Discovery, Categorization and Classification
When it comes to data discovery, unlike competing solutions, Concentric does not rely on rule-based or pattern matching for the discovery of Personally Identifiable Information (PII) and Payment Card Information (PCI). Instead, Concentric leverages the power of artificial intelligence for a rule-free discovery process that provides a deeper level of critical semantic understanding of data context. This context extends to all business-critical data — such as contracts, financial documents, NDAs, PHI records, source code, and design documents.
In terms of data categorization, Concentric outshines competitors by comprehensively categorizing all critical business data. This includes not only PII and PCI but also confidential business data such as contracts, NDAs, financial documents, and source code. For businesses managing many types of sensitive data, this level of categorization is critical.
Concentric’s centralized AI-based classification also stands out as the only solution to offer this level of classification.
For discovery, categorization and classification, the choice is clear: solutions from Varonis and Netwrix cannot compare to Concentric. Given the capabilities of all solution, Concentric provides a more advanced, automated, and comprehensive solution.
Risk Monitoring
Knowing where your sensitive data resides and how it must be classified is only the tip of the iceberg for a robust data security posture. Monitoring for risk is a crucial next step.
This is where Concentric clearly excels in many key areas, especially for monitoring data risk profiles, which can detect data that could potentially be inaccurately shared, located in the wrong place, or misclassified. The capabilities of other vendors here are very limited in comparison.
While all vendors provide solid features for data access reviews, Concentric takes the lead in detecting both anomalies and ransomware. Concentric can autonomously identify classification mismatches, entitlement mismatches, and sharing mismatches as well as abnormal activity. These comprehensive capabilities contrast with competitors’ limited anomaly detection features.
In the context of ransomware detection, Concentric demonstrates advanced capability by providing detection with context, something that is only offered to a limited extent by the other vendors. This additional contextual information can significantly enhance the process of identifying and responding to ransomware threats.
Plus, Concentric provides support for data security incident investigation, a feature not offered by other solutions. This can be a critical factor in understanding the cause and impact of security incidents and formulating the proper response.
Adding to its suite of unique features, Concentric offers a thematic search of data, enabling users to search for data based on specific themes or categories — not offered by the other vendors.
Finally, Concentric also enables organizations to detect and remediate duplicate and near duplicate data. While competitors can detect exact duplicates, they fall short when it comes to detecting near-duplicates. The ability to identify and remediate near duplicates can provide significant benefits in data management and risk reduction.
Data remediation
In terms of auto categorization and classification, including integration with third parties like MIP for label application, Concentric stands out as other vendors only offer limited capabilities.
Concentric also leads the pack in classification remediation, offering capabilities not present in either the collective vendors or the third vendor. This allows for errors in data classification to be detected and corrected more efficiently, further enhancing data security.
The landscape changes when looking at entitlement remediation. Concentric stands strong, offering comprehensive remediation, including permission remediation. The collective vendors provide a limited entitlement remediation service, while the third vendor does not offer built-in entitlement remediation. This could pose a significant limitation, as entitlement remediation plays a key role in ensuring that data access permissions remain appropriate and secure.
At the end of the day, while all solutions offer valuable capabilities in the field of data remediation, Concentric provides a more comprehensive and robust solution overall.
The bottom line: 3 key ways Concentric stands out
Most accurate and comprehensive data discovery
- Deep learning for autonomous, accurate data categorization
- Over 250 categories to identify sensitive customer information, intellectual property, business documents, personally identifiable information, PHI etc without rules
- Curated catalog of AI models for high accuracy
Autonomously surfaces risk to business-critical data
- Risk-distance self learns and provides risk-oriented view into sensitive data
- No rules, upfront policy development or end-user involvement
Quick and easy time to value
- Minimal effort to derive value and for ongoing administration
- SaaS solution with zero ongoing administrative burden
- Secures data in SaaS services, the cloud and on-premises
- Easy, seamless integration with 3rd party security investments
With Concentric, you get:
- Autonomous cloud data discovery, classification and remediation
- Agentless integration with numerous cloud products and services
- The freedom to manage risk without rules or regex
- A solution that’s easy to deploy — sign up in 10 minutes, see value in days
Want to see for yourself, with your own data, why Concentric stands out from the competition? Book a demo today.
