The proliferation of cloud systems and increased reliance on them by enterprises has presented DevSecOps teams with a fresh set of challenges. In a rapidly evolving landscape, one company is making the job of the DevSecOps team easier – Normalyze. This data-first cloud security platform is disrupting the cloud security landscape by providing security teams the ability to analyze, prioritize, and respond to data threats in real-time, saving enterprises millions.
Despite being around for only a short time, the company has already won the 2022 Digital Innovator Award by Intellyx. The Digital Innovator Award was started by Intellyx to honor trailblazing enterprises that are worth keeping an eye on.
Normalyze has been created by Silicon Valley’s cybersecurity veterans, Amer Deeba and Ravi Ithal. According to Deeba, enterprises make three common mistakes when it comes to securing their platforms. First, they tend to ignore what they can’t see. Second, security measures are adopted to ensure base-level compliance. And third, security resolutions are sought without an effective strategy. These mistakes only give the illusion of a safe platform, when in fact, it is vulnerable to cyberattacks.
Normalyze has been designed to address these three common mistakes. It focuses on the individual needs of each user, thus providing tailor-made solutions. When dealing with security issues, Deeba recommends keeping an eye out for suspicious behavior. This is why Normalyze provides DevSecOps teams the opportunity to continuously monitor their data storage. This guarantees the identification of suspicious activity in a timely manner.
Deeba and his team have designed an agentless platform that scans the user’s data that has been stored in the cloud. To ensure the safety of data, only metadata is scanned which is used to produce graphs. After the scan, Normalyze categorizes the data based on sensitivity. The results of the scan are displayed as graphs.
The age-old adage, you cannot protect what you don’t know is still relevant for cloud data security. This is why Deeba and Ithal have focused on visual representations throughout their product to make it easier for security teams to analyze critical points. The visual representation includes real-time information, providing users quick access to process names, IAM roles, and data store fingerprints.
The cybersecurity duo conceived the product after extensive market research, seeking to end the most common problems in cloud data security. Investors were quick to see the potential in Deeba’s product. The startup came out of Series A funding with $22.2 million, funded by Battery Ventures and Lightspeed Ventures. As of now, the company has a funding of $26.6 million. Even though the startup only just came out of stealth, it already has an impressive list of clients, including Orkes, Netskope, and Corelight.
Deeba has already integrated his product with Corelight, a leader in NDR tech. “The Normalyze Platform has been able to go toe-to-toe with Corelight’s critical cloud infrastructure needs, with the ability to benefit the entire team – from the CISO to the security engineer, analyst, and DevOps professionals – to discover data, classify its risk and attack paths, and remediate risks,” said Deeba.
Normalyze’s successful integration with Corelight is a big achievement for the nascent company as Corelight’s customers include government agencies, Fortune 500 companies, and research universities.
Soon after Normalyze was deployed by Corelight, the company was able to immediately identify the location of its sensitive data. This was possible because of Normalyze’s graph and one-pass scanner. This feature connects the user’s data with associated assets and identities, and any misconfigurations. To their surprise, they spotted data in areas they did not expect. Corelight was immediately able to complete compliance profiles. These were used to detect personally identifiable information and ensure compliance with Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR). Corelight was also able to gain knowledge about weak surfaces that may result in data breaches. These weaknesses were fixed immediately.
Normalyze’s platform harnesses the power of machine learning and artificial intelligence to provide instantaneous results. The benefits reaped by Corelight are available to any enterprise and can easily be trialed because of the company’s freemium offering.
This isn’t Normalyze’s only success. The company recently announced that it had completed the Service Organization Control (SOC) 2 Type 2 audit. SOC 2 is a thorough and independent evaluation of internal security controls. Completing this rigorous assessment means that Normalyze can be trusted by enterprises as a secure and trustworthy technology.
SOC 2 has been developed by AICPA. It is an extensive evaluation that checks if the technology handles the data of its clients securely, without compromising on privacy. This evaluation has been specifically designed for service providers that have access to the client’s cloud storage. As the list of Normalyze’s clients continues to grow, it is important that their data is being handled securely. Successfully completing the SOC 2 evaluation means that its current and prospective clients can rest assured that their data is secure.
In another step to build customer confidence, Normalyze also joined the Cloud Security Alliance (CSA). This organization has been working towards raising awareness of best practices that guarantee cloud computing security.
About: Normalyze’s CEO, Amer Deeba, is a Silicon Valley veteran, with a career spanning three decades. He has worked at some of the leading biggest companies in the IT sector, including Adobe Systems and Qualys. At Adobe, his work ensured that pdfs could be opened in web browsers. Whereas at Qualys, Deeba played a significant role in getting the company publicly listed. He is a senior executive, with years of experience in a go-to-market advisory. In addition to being the CEO of Normalyze, Deeba also advises two other cybersecurity enterprises, Monad Inc and CyCognito. Deeba has a masters in computer science from Santa Clara University, and a degree in electrical engineering from the American University, Beirut. As the Middle East Liaison for Eduarte Courtot Foundation, he is working towards making education accessible in the Middle East. You can learn more about him at www.amerdeeba.com.