Securing Petabytes at Scale: How a Global Travel Platform Gained Control of Its Cloud Data in Just 30 Days
In an industry where speed, data, and customer trust intersect, one of the world’s top travel technology companies found itself at a critical inflection point. With hundreds of petabytes of sensitive data dispersed across more than 600 AWS accounts, their security team lacked the visibility and control required to manage risk at scale.
Traditional DLP tools weren’t built for today’s multi-cloud reality—they offered limited insights and reactive alerts. Manual data tagging was slow and error-prone. As compliance demands grew and insider threats became more complex, the organization needed a new approach.
That’s where Sentra came in.
By adopting Sentra’s Cloud-native Data Security (DSPM) platform, the company gained visibility into its sprawling data estate in just 30 days, compared to other solutions that take an entire year to fully implement. Sentra replaced manual tagging with AI-powered classification, and built a scalable framework for enforcing security policies. The result: enhanced risk posture, reduced manual effort, and a powerful partnership built on rapid innovation and enterprise-scale performance.
The Challenge: Lack of Cloud Data Visibility and Control
Before Sentra, the company’s data security strategy relied heavily on legacy DLP solutions that only flagged data after it left the environment—far too late to prevent exposure. This reactive approach created dangerous blind spots in environments where data was constantly moving. Manual tagging compounded the problem. It was resource-intensive, inconsistent across teams, and prone to human error. With more than 600 AWS accounts and hundreds of petabytes of data, the organization had no reliable way to understand what data existed, where it lived, or how it was being accessed. And while their cloud footprint had grown rapidly, their ability to govern data hadn’t kept pace. Sensitive customer data was increasingly at risk of accidental exposure, misconfiguration, and noncompliance.
"The partnership has been really strong... we get custom features developed very quickly."
— Security Engineering Manager, Global Travel Platform
Why Sentra: Scalable, Accurate, and Fast-Moving
After evaluating a broad mix of DLP and DSMP vendors the company chose Sentra for its unmatched combination of scale, classification accuracy, and flexibility. Agentless discovery was key. Sentra’s ability to scan vast, complex environments without requiring agents allowed for faster, broader deployment across the company’s entire AWS footprint.
Why Sentra: Scalable, Accurate, and Fast-Moving
Automated classification replaced slow, error-prone manual tagging with accurate, AI-driven sensitivity labels that helped teams enforce access controls with confidence. Scalability ensured fast time to value as Sentra efficiently handled hundreds of petabytes across hundreds of accounts—something many competitors couldn’t match. But what truly set Sentra apart was the partnership.
“The Sentra speed and support really stood out. We were able to quickly transform our approach to data security from reactive alerts to proactive discovery. We're not just detecting potential risks anymore; we're gaining a comprehensive inventory of our data landscape across hundreds of petabytes, enabling us to truly understand and protect our most critical assets.”
— Security Engineering Manager, Global Travel Platform
Implementation: Tackling Scale and Complexity Head-On
The implementation targeted 600 AWS accounts, 170,000 data stores, and over 28,000 target S3 buckets, involving coordination across six internal stakeholder teams. The environment’s complexity presented early challenges, including performance challenges related to scanning large, complex datasets that significantly expanded during processing. Sentra’s engineering team worked closely with the customer to resolve the technical bottlenecks, tuning the system for high-memory formats and refining scanning cycles.
Deployment was completed on schedule, with phased implementation continuing as classification efforts expanded. Beyond scanning, Sentra helped identify unknown sensitive data exposures, cut down on manual tagging errors, and provided the foundation for a policy-based approach to least privilege and access control.
Real Business Impact: Visibility, Compliance, and Control
Within months, the company achieved what had eluded them for years - true visibility into their data estate. With automated classification and context-aware enforcement, the security team could now respond proactively to risk and reduce operational overhead.
Key outcomes:
- Discovery of sensitive data that had previously gone unnoticed
- Streamlined governance across 600+ AWS accounts
- Accurate classification reduces false positives and alert fatigue
- Improved compliance streamlined ability to meet PCI DSS and GDPR requirements
Sentra enabled the travel tech company to quickly discover previously unknown sensitive data, improve data classification accuracy, and provide comprehensive visibility across their multi-cloud environment, ultimately enhancing their data security posture and compliance capabilities. As the evaluation concluded, the global travel tech giant engaged in a multi-year DSPM agreement with Sentra.
Sentra for Travel Tech: Setting the Pace for Scalable, Intelligent Data Protection
By adopting Sentra’s cloud-native Data Security Posture Management (DSPM) platform, this global travel technology leader gained real-time visibility into its massive, fast-moving data estate spanning hundreds of AWS accounts and petabytes of sensitive data including unique data types like booking and flight information, in addition to PCI/PII. Manual tagging gave way to AI-powered classification, enabling precise, automated enforcement of data security policies at scale.
In doing so, the company replaced reactive alerts with proactive governance and transformed data security from a compliance bottleneck into a strategic advantage. In an industry where agility, trust, and innovation are everything, Sentra has empowered this travel tech giant to protect what matters
most - without losing speed.
More relevant Case Studies
How a Mortgage Lender Ensures Sensitive Data Gets Masked and Stays Masked
How a Mortgage Lender Ensures Sensitive Data Gets Masked and Stays Masked
One of the largest U.S. mortgage lenders manages over $350 billion in loans across a complex ecosystem of production and non-production cloud environments. They rely on data-intensive applications to support underwriting, processing, and customer management.
Given the nature of their business, mortgage lenders and financial institutions are subject to stringent and multi-layered data protection and privacy regulations, such as; FTC Safeguards Rule, Gramm-Leach-Bliley Act (GLBA), Consumer Financial Protection Bureau (CFPB), SOX, FFIEC guidelines, and increasingly state-level privacy laws like the California Consumer Privacy Act (CCPA). Compliance requires rigorous control over non-production data environments where customer data often gets replicated for development and testing. Most relevant regulations either require or recommend data masking for sensitive customer data.
The mortgage lender had a legacy DSPM solution that generated large volumes of false positives, and lacked the precision to support automated masking workflows needed to ensure compliance. This created significant manual overhead for the data security team.
The financial institution’s data security and compliance teams turned to Sentra and within weeks, they gained column-level visibility into regulated data, automated classification and masking of workflows, and uncovered hundreds of orphaned data stores that could be deleted to both significantly improve regulatory compliance, reduce storage costs and reduce manual workload for the security team.
The Challenge: Manual Masking and Limited Data Visibility
The mortgage lender uses a data masking tool to mask regulated data in non-production environments. Their previous DSPM solution lacked depth and breadth of classification and created too many false positives, leading to over-masking and a labor intensive manual verification process. This made it very difficult to spot what data needed to be masked. Like all financial institutions, the lender also has many sensitive data classifications unique to its business operations that had to be manually tagged. Together, all these classification limitations made it difficult to create data reports to feed to their data masking tool.
For known and correctly classified sensitive data, their data masking tool was able to transform it into realistic synthetic records. Once the original required data masking was performed, there was no reliable way to confirm whether data remained masked after refreshes, especially since the masked data resembled real data so closely. The mortgage lender needed visibility into where PII/PCI and toxic data combinations lived across non-production environments and accurately classified sensitive data before and after being masked.
“The challenge wasn't just masking data; it was the persistent uncertainty of whether that data stayed masked after system refreshes. We needed a reliable way to verify ongoing compliance at a granular level.”
— Chief Compliance Officer, Leading US Mortgage Lender
Why Sentra: Column-Level Precision, Workflow Automation, and Immediate ROI
After a thorough evaluation of leading DSPM vendors, the mortgage lender chose Sentra due to several key capabilities. Its flexible classifier system, which supports both regex and contextual logic using AI-powered classifiers, made it easier to identify masked and unmasked data accurately. The platform’s policy engine offered automated scanning for missing or reverted markers, helping teams detect issues early. Sentra also seamlessly integrated into existing workflows without requiring invasive changes to systems or processes.
Key Outcomes:
- Fast AI-Driven Column-Level Classification: Sentra’s precise tagging engine classified sensitive data across their entire environment in just six weeks, outperforming other vendor tools by automatically identifying PII/PCI, financial data, and compliance-relevant data types.
- Improved Accuracy: With Sentra the compliance and data security teams are able to create a clear view of all the data that needs to be masked and feed this information into their data masking tool for future masking. Sentra can detect whether a dataset contains markers like "@example.com" emails or specially formatted SSNs.
- Automated Data Masking via Jira: Sentra integrated with their existing data masking tool to mask data and pushed alerts to Jira, enabling end-to-end remediation workflows with executive visibility.
- Granular Visibility: By using data classifications and logical negation (e.g., “does not contain marker”), the compliance team can isolate and track both compliant and non-compliant datasets.
- Policy-based Automation: Sentra’s automatic policies engine is set to run on a regular schedule, identifying data assets without expected markers, allowing the compliance and data security teams to take action before audits or incidents occur.
- Compliance Confidence
Able to ensure compliance with multi-layered data protection and privacy regulations and internal security mandates for precise access and masking.
Implementation: From Manual Compliance Burden to Automated Remediation
The mortgage lender deployed Sentra in under six weeks, scanning thousands of data stores across AWS, Snowflake and other cloud and SaaS environments and applied accurate sensitivity labels. Sentra’s classification output determined user roles based on data sensitivity. The integration with Jira and their data masking tool enabled an automated masking workflow, flagging issues to executives and eliminating manual triage.
Following the initial deployment, the financial institution decided to build on this momentum and extend Sentra’s coverage to Google Workspace.
Real Business Impact: Data Visibility, Accurate Masking, and Compliance Confidence
With Sentra, the data security and compliance teams gained deep visibility into sensitive and regulated data across cloud environments and SaaS applications, transforming how they enforce compliance and scale a proactive, automated data protection strategy.
Mortgage Lender and Sentra: Turning Compliance into a Competitive Advantage
What started as a goal to streamline masking and compliance has become a long-term foundation for cloud data governance. The data security team replaced an underperforming legacy DSPM and gained deep visibility into sensitive and regulated data across cloud environments and SaaS applications, transforming how they enforce compliance and scale a proactive, automated data protection strategy. They also implemented a strategic, automated framework for protecting customer data across every environment and ensuring compliance.
Together, the mortgage lender and Sentra have transformed how the financial institution security team supports excellence in development speed, data protection, and regulatory compliance.
Unifying Multi-Cloud Data Security with Sentra: How Valenz Health Scaled PHI Protection Post-Merger
Unifying Multi-Cloud Data Security with Sentra: How Valenz Health Scaled PHI Protection Post-Merger
The Challenge: Post-Merger Complexity Meets Cloud-Scale Risk
The merger of two healthcare entities brought together diverse teams, tools, and data security requirements. While both organizations were focused on strong privacy, security, and compliance, post-merger they sought an efficient way to centralize data security management across multiple cloud platforms and SaaS applications.
"Our merger brought together two companies with IT Infrastructure and Security teams, each with a large amount of data that everyone was now interested in understanding and securing. Sentra allowed us to quickly scan and analyze all of our cloud and SaaS data resources and present them in a single platform that each team could easily view and ingest as needed ."
— Kerry Knopp, VP, Cloud Operations, Valenz Health
Why Sentra: Unified, Automated, and Built for Healthcare
The healthcare provider selected Sentra’s Data Security Posture Management (DSPM) platform to unify and automate data security. Sentra was chosen because it delivers:
- Healthcare-aware classification to accurately identify and protect PHI
- Unified visibility across multiple cloud providers and SaaS applications
- Policy-based controls to enforce consistent governance and compliance
- Policy-based controls to enforce consistent governance and compliance
- Easy analysis of post-merger data with a unified view
Sentra’s ability to normalize security controls across disparate cloud systems, and its rapid integration with AI and data analytics platform, made it the clear choice.
Turning Insight Into Action
Deployment was fast and non-disruptive. The organization also extended Sentra’s protections to its content collaboration platforms and integrated security policies with its broader data analytics tools - ensuring consistent, HIPAA-aligned governance across the enterprise.
Real Business Impact: Compliance, Clarity, and Confidence
By partnering with Sentra, Valenz Health transformed data security into proactive AI-powered governance at scale to secure data without overburdening security teams.
