ceven

Borneo

Automates sensitive data discovery and privacy compliance by linking Borneo scans to remediation workflows and regulatory reporting.

Try Borneo in Ceven

Ask Ceven anything
Standard

Why use Ceven?

  1. AI native Borneo integration

    • Describe the outcome and Ceven picks the right Borneo calls, fills the parameters, and checks the result.
    • Structured, agent friendly tool schemas so each call runs reliably instead of by guesswork.
    • Rich coverage for reading, writing, and querying your Borneo data, across all 153 of its actions.

  2. Managed auth

    • Built in OAuth with automatic token refresh and rotation.
    • One place to manage, scope, and revoke Borneo access.
    • Per user and per environment credentials instead of shared keys.

  3. Agent optimized design

    • Actions are tuned from real success and error rates so reliability climbs over time.
    • Full execution logs so you always know what ran in Borneo, when, and on whose behalf.
    • The agent pauses and asks when Borneo is unclear instead of plowing ahead.

  4. Enterprise grade security

    • Fine grained access so you control which agents and people can reach Borneo.
    • Least privilege by default, read scopes first and only the writes a workflow needs.
    • A full audit trail of every Borneo action to support review and sign off.

Supported tools

Every action Ceven's agents can run on Borneo, and when to use it.

Schedule cloud scan
Use this to initiate and schedule data scans across cloud resources to find sensitive information.
Create DPIA
Generate a new data protection impact assessment for a specific processing activity.
Create processing activity
Define a new data processing activity including its purpose and legal basis.
Evaluate data breach
Document and evaluate the impact of a data breach incident including affected parties.
Create new asset
Add hardware, software, or physical assets to the security inventory.
Get scan iteration
Pull detailed status, results, and metadata for a specific scan iteration by ID.
Export leaf resources
Pull a filtered list of leaf resources for external auditing or analysis.
Create recipient
Register and manage details for entities that receive or process organizational data.
Manage dashboard user
Create, enable, or disable users for the Borneo dashboard and set their roles.
Create infotype category
Establish a structured hierarchy for grouping related sensitive data types.
Archive recipient
Move a discovered recipient to an archived state for compliance and retention.
Download report
Retrieve a comprehensive dashboard report or a specific report edition.
Create legal document
Upload and categorize legal documents like privacy policies with metadata.
Delete processing activity
Permanently remove a processing activity that is no longer required.
Access scan iteration by id
Retrieves detailed information about a specific scan iteration in the borneo integration platform. this endpoint allows users to fetch the current status, results, and metadata associated with a particular scan iteration. it should be used
Add discovered recipients
Adds multiple discovered recipients to the system as confirmed recipients. this endpoint should be used when you have a list of previously discovered recipient ids that you want to officially add to your recipient database. it's particularl
Archive discovered recipient
Archives a specific discovered recipient in the borneo platform. this endpoint is used to move a discovered recipient's data into an archived state, which may be useful for compliance, data retention, or organizational purposes. it should b
Delete data breach by id
Deletes a specific data breach evaluation record from the borneo system. this endpoint should be used when an organization needs to remove an evaluation record, typically in cases where the record is no longer relevant, contains errors, or
Create and schedule cloud resource scan
The createscan endpoint initiates a new scan operation in the borneo integration platform, allowing users to configure and schedule data scans across various cloud resources. this powerful tool enables users to set up both one time and recu
Create dashboard user
Creates a new dashboard user in the borneo integration platform with specified roles, organizational access, and authentication settings. this endpoint allows for granular control over user permissions across different organizations and dep
Create department with translations
Creates a new department in the borneo integration platform. this endpoint allows you to add a department to the system with support for multilingual information. it's particularly useful when setting up the organizational structure within
Create domain with polling frequency
Creates a new domain within the borneo integration platform, allowing for automatic polling and management of connected systems or applications. this endpoint is used to set up a new integration point with a specific name and polling freque
Create dpia for processing activity
Creates a new data protection impact assessment (dpia) for a specific processing activity in the borneo application. this endpoint allows users to comprehensively assess and document privacy risks associated with data processing, including
Create employee with json payload
Creates a new employee record in the borneo integration platform. this endpoint allows you to add an employee to the system with various details such as personal information, job related data, and organizational structure. it's primarily us
Create headquarter entry
Creates a new headquarters entry in the borneo integration platform. this endpoint allows users to register the main office or primary location of a company or organization within the system. it captures essential information about the head
Create legal document entry
Creates or uploads a new legal document in the borneo integration platform with specified metadata. this endpoint allows users to add various types of legal documents, such as privacy policies or data processing agreements, to the system. i
Create new infotype category
Creates a new infotype category in the borneo integration platform, allowing users to organize and group related sensitive data types. this endpoint is used to establish a structured hierarchy for managing various infotypes, such as pii, pf
Create processing activity threshold
Creates a new threshold for a specific data processing activity in the context of lopdp (law on personal data protection) compliance. this endpoint is used to define and assess various risk factors associated with data processing activities
Create recipient with details
Creates a new recipient in the borneo integration platform. this endpoint is used to register and manage detailed information about entities that receive or process data within the system. it captures essential details for compliance with d
Create threshold for processing activity
Creates a new threshold for a specific data processing activity in the borneo integration platform. this endpoint is used to define and set various characteristics and risk factors associated with a data processing activity, which is crucia

30 actions · scroll to see them all

Frequently asked questions

Ceven monitors your Borneo scan iterations using the Get scan iteration action. When a scan completes, the agent parses the results for sensitive data flags. If the scan finds PII in an unauthorized location, Ceven can trigger a sequence of events such as creating a ticket in your project management tool or notifying a security lead. It does not just alert you that a scan happened but analyzes the metadata to determine if the finding violates a specific internal policy you have defined in the workflow layer.
Yes. Ceven uses the Create DPIA action to initiate assessments. By pulling data from your asset inventory and the specific processing activity details, the agent can pre populate the assessment with technical details. This means the DPO only needs to review and sign off on the legal interpretations rather than manually entering the technical specifications of the data flow. This significantly reduces the time from project inception to privacy approval.
Ceven can use the Create department with translations action to ensure your organizational structure is reflected accurately across different regions. When you onboard a new global office, the agent can push the department name and descriptions in multiple languages simultaneously. This ensures that the Borneo dashboard remains usable for local admins in different countries while maintaining a centralized global view for the head office security team.
Ceven treats the Borneo asset inventory as a dynamic registry. When a new cloud resource is detected via a scan, Ceven can use the Create new asset action to log it. Conversely, if a resource is decommissioned in your cloud provider, the agent can call the Delete asset by id action to keep the inventory clean. This prevents the common problem of stale assets cluttering your privacy maps and causing false positives during audits.
When a breach is detected, you can trigger a Ceven workflow that uses the Evaluate data breach impact action. The agent prompts the user for required details, such as the number of affected records and the type of data leaked, then pushes this into Borneo. Simultaneously, it can pull the list of affected recipients from Borneo to generate notification letters, ensuring that the legal timeline for breach notification is met without manual data gathering.
Yes. Borneo enforces strict rate limits on its scan scheduling and export endpoints to prevent system degradation. If a workflow attempts to trigger too many cloud scans in a short window, Borneo will return a rate limit error. Ceven handles this by implementing an exponential backoff strategy, queuing the requests and retrying them automatically. Users should be aware that very large leaf resource exports may take several minutes to generate before the download link becomes active.
Ceven can automate the onboarding and offboarding of dashboard users. By connecting your HR system to Ceven, the agent can call Create dashboard user when a new security analyst joins and Disable dashboard user by username when they leave. This ensures that access to sensitive privacy data is strictly controlled and aligned with your company's employee lifecycle, removing the need for manual admin work in the Borneo console.
Ceven uses the Create legal document entry action to upload new versions of privacy policies or data processing agreements. The agent can be configured to archive the old version and upload the new one whenever a document is updated in your central legal repository. This creates a verifiable audit trail in Borneo, showing exactly which version of a legal document was active at any given time for a specific processing activity.

Alternatives to Borneo

Other tools that solve a similar problem. Ceven supports these too, so you can switch or run more than one at once.

OneTrust logoOneTrustBigID logoBigIDTrustArc logoTrustArc

Try Ceven on your stack

Plug Ceven on top of the tools you already run. Connect Borneo and the rest of your stack, describe the outcome, and its agents handle the work end to end, days of it in minutes.

Get started for free