Aurva

Glossary

Definitions of key terms used in Aurva documentation.

Key terms used throughout the Aurva platform and documentation.

Architecture

Control Plane — The central Aurva service (also referred to historically as the Management Plane) that hosts the UI, APIs, policy engine, and analytics. It receives signals from one or more Data Planes and presents a unified posture across your environment. See Control Plane installation.

Data Plane — A regional Aurva component deployed inside the customer's environment (VPC, VNet, or on-premises network). It handles discovery, classification, query collection, and proxying for assets in that environment, then forwards events to the Control Plane. See Data Plane installation.

Controller — A logical worker inside the Data Plane that owns a set of monitored data assets, executes scans, and relays DAM telemetry.

Database Proxy — An optional inline component that sits between an application and a database to enforce Guardrail policies (block, mask) in real time. See Aurva Database Proxy.

Agents & Collection

AIDA — Aurva Intelligent Database Agent. A lightweight agent installed directly on a database host for query capture where eBPF is unavailable. See AIDA on Linux.

eBPF Agent — Kernel-level packet capture agent that observes database traffic on Linux hosts without requiring database audit logs. See eBPF DAM on Linux Servers.

Cloud Log Exporter — Collection method that pulls query events from cloud-native audit logs (e.g., AWS RDS, Azure SQL, Snowflake).

Capabilities

DAM — Database Activity Monitoring. Continuous capture and analysis of database queries to detect risky behaviour, enforce policy, and produce audit trails.

DSPM — Data Security Posture Management. Discovery, classification, and risk assessment of data assets and their configurations across cloud and on-premises environments.

Data Flow Monitoring — Tracking how sensitive data moves between applications, databases, and third parties.

Prevention Mode — A monitoring state in which the Data Plane proxies database connections inline so Guardrail policies can block or mask queries in real time. See Monitoring Configuration.

Policies

Guardrail Policy — A preventive policy that intervenes in the data path: Block Risk Queries or Mask Sensitive Data in Query. Requires Prevention mode.

Detection Policy — A monitoring policy (Detect & Alert) that observes activity and produces alerts without blocking.

Storage Policy — Configuration on a monitored asset that controls which queries are retained for analysis. See Storage Policy reference.