In 2022, the amount of corporate data stored in the cloud (compared to on-premises servers) has reached 60%, a sign of how the world of corporate computing is changing. But lest you think cloud = modern = more efficient, when it comes to security, the picture is more complicated: multiple silos mean multiple challenges to visibility, creating security vulnerabilities and driving half of all security breaches. data last year in the cloud, according to IBM.
Now, a startup called Dig Security, which develops security tools specifically to address this complexity, has raised investments that meet the demand it sees.
The company – which assesses and provides real-time monitoring of customer data assets hosted in multi-cloud environments – has raised $34 million, a Series A investment that it will use to further develop its platform. form.
Today, the startup is focused on data in public rather than private clouds, said Dan Benjamin, CEO and co-founder. It integrates with all the major providers – Azure, AWS, Google Cloud – as well as big names in data warehousing like Snowflake and Databricks, and the services it provides include managing the security posture of (DSPM), Data Loss Prevention (DLP), and Data Detection and Response (DDR).
The investment is being led by SignalFire, with Felicis Ventures, Okta Ventures and former backer, cybersecurity incubator and investor Team8 also participating. Dig came out of stealth and didn’t announce its $11 million seed round until May of this year. The reason for the quick follow-up is that the round actually ended (and was used) some time before it was actually announced, Benjamin said; and because the emergence of stealth has caused the company to gain many inbound contacts from customers and investors.
Okta Ventures, the strategic investment arm of the identity and access management giant, falls into these two categories: Dig has strong integration with Okra’s login management products to both monitor potentially malicious activity and also to help put in place stronger protections for bad actors before they set up shop.
Dig’s founders – Benjamin, Ido Azran (VP R&D) and Gad Akuka CTO) – are repeat founders with proven track records at companies like Microsoft, Google, Mimecast, SAP and more, and as Benjamin has explained, there is a strong case for a large third-party player to provide security services for cloud data, simply because it has become a huge, but highly fragmented market with no proprietary “ownership”: due to the prevalence micro-services, organizations rarely use a single service like AWS or Azure; and the data is executed on multiple instances.
“A typical organization has 30 different types of data stores across tens of thousands of instances,” Benjamin said. Even a small organization can have 10 different types of data stores.
This means that while a cloud company can develop a powerful cloud security product, we are still a long way from those products that work effectively on all data, wherever it resides.
I should also point out that Benjamin also predicted that this approach would likely change over time: he worked in corporate development at Microsoft and knows that the appetite of big players like these will be to see how security companies data in the cloud – like Dig – will evolve over time. in the coming years and possibly create one to strengthen this type of functionality.
For now, however, companies like Dig have a clear opportunity to gain market traction.
“Dig is uniquely positioned to help make DDR the standard in data security,” said Nir Polak, venture partner at SignalFire, who himself has a strong cyber background as a founder and president of Exabeam. “The rise of remote working and the rising stakes of cloud attacks require real-time data security capabilities – too many organizations remain exposed to the risks lurking behind the public cloud. SignalFire is pleased to support Dig as the only cloud data security vendor in the market that offers real-time data protection on any cloud and any data store.
It’s not the only player here: a number of others are also seizing the opportunity to provide more holistic security approaches to bridge the fragmentation of most enterprise environments. Others who have raised big funds include Laminar, HYCU, vArmour, JupiterOne. The biggest tech companies making acquisitions to bring more multi-cloud management and security capabilities into their platforms include Google’s acquisition of Siemplify and F5’s purchase of NGINX.