Sensitive Data Discovery and Protection

An all-in-one data security solution that provides various features, such as sensitive data detection, classification, grading, and de-identification, to help you meet compliance requirements specified in General Data Protection Regulation (GDPR) and personal information protection


Major Release

Supports sensitive data detection and de-identification for ApsaraDB for OceanBase and ApsaraDB RDS for PostgreSQL.

Forthcoming Features

Sensitive data detection and de-identification for AnalyticDB for MySQL will be supported soon.

New Features

Supports sensitive data de-identification for an entire database or a source table.


Compliance with Requirements of MLPS
Sensitive Data Discovery and Protection (SDDP) focuses on personal information protection and data activity audits. SDDP helps you meet the compliance requirements on data security that are specified in GDPR, Multi-Level Protection Scheme (MLPS) 2.0 Level 2, MLPS 2.0 Level 3, and your requirements for personal information protection.
Security Management and Control for Big Data
SDDP provides comprehensive and centralized data security management for traditional databases and various data lakes and storage services, such as Object Storage Service (OSS), MaxCompute, and Alibaba Cloud Data Mid-End.
Reducing the Risk of Data Leaks
Powered by cloud-native big data and machine learning technologies, SDDP automatically classifies and grades sensitive data, detects sensitive data in your data assets, assesses the assets, and protects your sensitive data by using intelligent algorithms.
Comprehensive Data Security Protection
SDDP provides all-around data-centric protection to ensure the security of your cloud assets. SDDP accurately detects sensitive data, automatically classifies and grades sensitive data, and aggregates your data assets. SDDP also provides diversified de-identification algorithms.


  • Does Not Require an Agent

    You can use SDDP without deploying an agent. This saves your resources. After you activate SDDP, you can directly use the out-of-the-box features that are secure and efficient.

  • Applies to Diversified Data Sources

    SDDP protects the data in diversified data sources on the cloud. You can manage data security in a centralized manner since mainstream databases and different types of big data services are supported.

  • Provides Accurate and Automatic Sensitive Data Classification and Grading

    SDDP accurately identifies, classifies, and grades sensitive data in your cloud assets. SDDP allows you to use various standard algorithms and defense rules to manage sensitive data assets in a centralized manner.


End-to-End Data Monitoring and Management with Data Security Compliance Audits

Sensitive Data Detection
SDDP can discover, determine, and protect the objects in a large amount of data. SDDP performs comprehensive scanning, classification, and grading on structured and unstructured data that SDDP is authorized to access using built-in algorithms and customizable sensitive data detection rules. Then, SDDP provides security protection based on the detection results. For example, SDDP provides fine-grained access control and encrypts and stores the detected sensitive data.

Sensitive Data De-Identification
SDDP provides diversified built-in de-identification algorithms that allow you to create custom de-identification rules. You can use SDDP to de-identify sensitive data in the production environment. Then, you can use the de-identified data in non-production environments, such as development and test environments. SDDP ensures the authenticity and availability of the de-identified data.

Contribution to Security Policies
You can control the security risks and hazards in your enterprise data and optimize relevant security policies based on the information that is displayed in the SDDP console. For example, the SDDP console displays the storage objects that contain sensitive data, visitors that access data, and anomalous data flows and activities.


Our Strengths

Based on years of practices on Alibaba Cloud and extensive experience in the security protection for cloud-based enterprise data, our team has extracted four core data security capabilities to help enterprises deploy businesses on the cloud. SDDP does not require an agent. SDDP detects and monitors sensitive data and data activities at high risks and provides risk management solutions using big data and machine learning technologies. In addition, SDDP provides various sensitive data de-identification algorithms to prevent data leaks.

Technical Focus

  • ▪ Supports sensitive data detection for data assets with different lifecycles

  • ▪ Detects sensitive data in databases and big data services, such as OSS

  • ▪ Provides de-identification services for sensitive data

Our Strengths

SDDP automatically detects sensitive data in a large amount of data and analyzes the use of sensitive data. Based on a data detection engine, SDDP scans, classifies, and grades sensitive data in structured data storage services, such as ApsaraDB RDS, and unstructured data storage services, such as OSS and MaxCompute. This helps you cope with blind spots in data management to protect your data.

Technical Focus

  • ▪ Detects your cloud assets automatically

  • ▪ Detects sensitive data using the semantics recognition feature of natural language processing (NLP)

  • ▪ Allows you to customize sensitive data detection rules

Our Strengths

After sensitive data is detected, SDDP de-identifies the data in the production, test, and analysis environments to prevent data leaks. SDDP provides various de-identification algorithms. You can use SDDP to meet your different requirements on sensitive data de-identification in a flexible manner.

Technical Focus

  • ▪ Supports more than ten advanced de-identification algorithms

  • ▪ Allows you to use various de-identification templates with a few clicks

  • ▪ Provides visualized and extensive de-identification options

  • ▪ Provides comprehensive de-identification logs

Upgraded Support For You

1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Free Tickets.

1 on 1 Presale Consultation

Consulting by experienced cloud experts.Learn More

24/7 Technical Support

Extended service time from 10 hours 5 days a week to 24/7. Learn More

6 Free Tickets per Quarter

The number of free tickets doubled from 3 to 6 per quarter. Learn More

Faster Response

Shorten after-sale response time from 36 hours to 18 hours. Learn More
phone Contact Us