Normalyze recently secured a Series A funding round of $22.2 million, co-led by Lightspeed Venture Partners and Battery Ventures. This round brings the company’s total funding to $26.6 million to date. Lightspeed is a multi-stage VC firm focused on accelerating disruptive innovations and trends in the enterprise, consumer, and health sectors. The most recent round of funding it has received will be used to expand the engineering and DevOps teams and roll out the company’s go-to-market and sales strategies.
The Normalyze agentless platform employs several tools and analytics to provide cyber security teams with access to data discovery, data classification, risk prioritization, and actionable remediation insights. This allows security teams, CISOs, GRC professionals, and DevOps teams to view their entire cloud infrastructure. They can see in one concise place where their most essential data resides and can then prioritize the securing of that data based on risk. This way, enterprises always know that their most important data is secure.
The duo behind this exciting new venture is Silicon Valley entrepreneur Amer Deeba and Netskope founder Ravi Ithal. Both have been instrumental in gaining insight into the problems faced by enterprise cyber security teams. When Ravi Ithal approached potential investors with an idea about developing a cloud data security platform, he envisioned a comprehensive solution. It would provide a complete view of an organization’s data stores, and then prioritize the value of that data, detail who has access to that data, the associated system vulnerabilities surrounding that data, and more.
Ravi Ithal is the co-founder and CTO of Normalyze. He has an extensive background in enterprise and cloud security. Before Normalyze, Ravi was the cofounder and chief architect of Netskope, a leading provider of cloud-native solutions to businesses for data protection and defense against threats in the cloud. Before Netskope, Ravi was one of the founding engineers of Palo Alto Networks. Before his time at Palo Alto Networks, Ravi held engineering roles at Juniper and Cisco.
Amer Deeba is an expert in enterprise security products and outbound communication. The co-founder and CEO at Normalyze, he is a senior go-to-market executive with extensive experience in driving both product, marketing, and sales go-to-market strategies for enterprise and cloud technologies. In his 17 years tenure at Qualys, Amer led all aspects of marketing, business development, strategic alliances, and global enterprise accounts. He also played an instrumental role in taking the company public in 2012.
“Today’s enterprises ﬁnd their data scattered throughout their various cloud environments with limited visibility of where sensitive data resides. It’s a massive problem that current cloud security offerings aren’t equipped to handle,” said Amer Deeba, cofounder and CEO at Normalyze. “We built Normalyze to classify and secure sensitive data across all public clouds.”
In the last decade, there has been a rapid increase in enterprise clouds, while artificial intelligence and machine learning systems have led to an even faster increase in the amount of enterprise data that resides in the cloud. This proves challenging to security teams as discovering, classifying, and protecting data becomes more complex.
Normalyze addresses these three challenges through one easy-to-use continuous agentless platform. The platform detects the most vulnerable structured and unstructured data once it has determined the organizations cloud systems. It then determines who has access to the data and how much access they have. Normalyze also detects and identifies the microservices in use, as well as the vulnerabilities and misconfigurations that put data at risk. Security teams, CISOs, GRC experts, and DevOps teams can examine their whole cloud architecture using Normalyze. They are provided visibility regarding their most important data in one unified place where a risk priority system allows them to assess what data is most at risk. This provides organizations with a critical strategic advantage where their most critical data is always secure with fewer resources needed to do so.
Since not all data has equal value, understanding where to concentrate their efforts given the limited resources available is critical. Unfortunately, most IT departments lack a sophisticated set of data management capabilities to determine what data lives where in the cloud. As a result, an agentless platform offers cybersecurity teams an option that is less capital intensive which helps determine where data sits without having to re-engineer application infrastructures.
The platform then combines all this data security information and presents it in a graph, connecting every component required to detect enterprise cloud data, correlate risks, and offer the information required for priority repair. Remediation efforts can be sent to a service management platform, or alternative automated steps might be implemented. To address the vulnerability, certain organizations or persons can be notified, or measures can be made to deny access.
“Our graph-powered platform is a hub that connects all data with assets, identities, accesses, misconﬁgurations, and vulnerabilities to help security teams continuously discover sensitive information, determine attack paths and automate remediation efforts to secure it,” said Ravi Ithal, Normalyze co-founder and CTO.
“We are the only platform that is combining data with identity, access, configs, and vulnerabilities to give customers a holistic view about their cloud data security posture and help them orchestrate remediation efforts across all three clouds”.
News of the platform emerging from stealth has been met with a general atmosphere of excitement from the industry with many CISOs remarking upon its use cases. “It’s ideal that I can use the same platform as my engineers and DevOps teams, giving us the ability to visualize our cloud environments in real-time and create signatures that combine sensitive data with access details, conﬁgurations, and vulnerabilities to continuously discover attack paths and drive remediation,” said Bernard Brantley, CISO at Corelight.
Normalyze is being marketed as a freemium product allowing its benefits to reach the maximum number of enterprises, with its premium membership prices at $14,995/year.