
Data Protection
Immuta Data Security Platform
Attribute-based access governance and policy enforcement for cloud data warehouses and lakes.
Immuta Data Security Platform Overview
What it does
The Immuta Data Security Platform is a Data Access Governance system that centralizes access control and policy enforcement across cloud data platforms such as Snowflake and Databricks. Rather than replicating role-based grants in each system, it applies attribute-based access control through a Policy Entitlement Engine, letting teams author a policy once in natural language and enforce it natively, with dynamic masking, wherever the data lives.
How it works
The platform connects to each data system and enforces controls natively, administering Snowflake row-access and column-masking policies, Databricks Unity Catalog grants, and Starburst rules so users query data in place while policies apply in real time. Data Discovery & Classification tags sensitive data against frameworks like GDPR, HIPAA, and PCI to drive policy, a Policy Entitlement Engine translates natural-language rules into platform-native enforcement, and Unified Audit records who accessed what and why. A Data Marketplace lets stewards publish and authorize access to governed data products. Customers include NVIDIA, General Motors, Merck, and ADP.
Credentials and traction
Immuta maintains SOC 2 Type II, ISO 27001, and ISO 27701 certifications, and is PCI DSS certified through an independent A-LIGN audit, with an externally audited security program reviewed annually. The platform serves Global Fortune 500 enterprises and public-sector organizations across financial services, healthcare, and government, counting NVIDIA, General Motors, Merck, ADP, and Booking.com among named customers. It operates under GDPR as both data processor and controller for its customers.
Key Capabilities
mapped to solution categoriesConsumes sensitivity labels from data classification tools (Purview, Varonis, Nightfall) to apply access governance policies based on data sensitivity tier.
Maps effective permissions to sensitive data stores, identifying every identity with access, at what level, and whether that access has been used recently.
Compliance
certificationsIntegrations
compatible toolsImplementation & support
Info last updated on July 2, 2026