Amer Deeba and Ravi Ithal
By Exec Edge Editorial Staff
Normalyze is the world’s first one-stop solution for cloud data security solutions for DevSecOps teams. The product has been designed to enhance the security of its customer’s data, infrastructure, identities, and applications. Normalyze uses machine learning to scan for sensitive data, resources, and access paths across cloud databases.
Amer Deeba and Ravi Ithal have joined forces for this venture, both of whom are cybersecurity specialists. Deeba serves as the CEO, whereas Ithal is the CTO of Normalyze. Deeba and Ithal are both based in San Francisco, CA.
Deeba has developed a reputation as a successful serial entrepreneur. Deeba has been working in tech for over twenty years. He got his start in the industry as a software developer for Adobe Systems. Most of his career was spent working at Qualys, where he was instrumental in making the company go public. He excels in cybersecurity management and has overseen multiple business elements, such as strategic partnerships, business developments, and market strategies. He is also currently a GTM advisor to CyCognito and Monad – both of which are leading cybersecurity firms.
Ithal is a graduate of Purdue University, who has been in the industry for more than fifteen years. Ithal entered the industry as a software engineer at Cisco Systems. Ithal helped develop the first user-aware network firewall device, as the founding engineer at Palo Alto Networks. In his previous role, he was the Chief Architect and co-founder at Netskope, a platform that provides its customers with cloud data security and threat prevention.
Normalyze came out of stealth after $22.2 million in Series A funding. Series A was backed by Battery Ventures and Lightspeed Venture Partners and the round was closed in June 2022. The initial seed was led by Lightspeed Ventures, which was closed in December 2021. To date, the company has received a total funding of $26.6 million. The company has currently employed 25 people in the US and India and is continuing to hire more. It has employed a bottom up GTM strategy, starting with a freemium model. This means Normalyze will invest in their product, allowing it to sustain hypergrowth.
When Deeba and Ithal started brainstorming ideas for cloud data security, they conducted extensive market research. Through the several interviews, a common theme was cloud data security. Users were concerned about the location of their sensitive data, who could access it if it was prone to breaches, and if they were complying with regulations. In response to the common concerns, their goal was simple: help customers understand their data.
In recent years, there has been a massive increase in reliance on cloud computing. Most companies have shifted their data onto the cloud and this has resulted in more complex enterprise attack surfaces. As data and microservices continue to proliferate, it is becoming difficult for DevSecOps to manage the bulk of data. The rapid changes in configurations, intricate data storage, and evolving privileges have made misconfiguration of workloads more likely.
While this problem has been exacerbated by the extensive use of cloud computing, it is by no means new. Top enterprise security teams have been facing this problem for years. The unique shift that has been brought about by cloud computing is the shift from protecting assets to protecting data.
Normalyze is the solution to these problems. It is a cloud platform that prioritizes data and protects the cloud infrastructure of its customers. It achieves this by utilizing the power of visualization, which facilitates the discovery of the customer’s cloud data attack surface. Using machine learning, Normalyze can provide real-time information in a matter of minutes. Customers are then able to control and manage access, configurations, and sensitive data.
The agentless scanning platform discovers data across all cloud platforms. The platform’s processes can be neatly divided into three distinct steps.
First, the platform conducts discovery and analysis. The results of the step are provided visually as a graph. This graph displays details about the data’s location, access, trust relationships, and vulnerability. Second, the platform conducts detection and prioritization. This involves improving the security of cloud data by prioritizing the detected threats. These risks are prioritized based on the sensitivity of the data involved. All these checks are performed in real-time. And third, it provides steps for remediation and prevention. This is achieved through generating alerts for security risks, such as those stemming from vulnerabilities, excessive permissions, and misconfigurations. The platform also generates route alerts for parties responsible for rapid mediation.
In conclusion, Normalyze gives its users the ability to analyze data, prioritize risks, and respond to threats in real-time, thereby preventing data leakage. It is a product that answers all the questions raised during the initial market research by its founders. It tells users about their sensitive data’s location, its access, whether it’s prone to breaches, and if it is complying with regulations.
Normalyze announced the availability of its freemium offering at Black Hat USA 2022, held in Las Vegas, NV. Black Hat Briefings is a cybersecurity conference that has happened annually for the past twenty years. The event seeks to address the needs of the security community and is a space for industry leaders to come together. Normalyze was present at Booth #IC13 and conducted a detailed presentation about their product for the conference’s attendees.
Normalyze’s freemium offering provides its users with full visibility of cloud accounts. It helps them discover sensitive data and helps them secure it. All of this is done while simultaneous continuous integration and continuous delivery (CICD) cycles.
The freemium excels on account of its accuracy and ease of use. Using Normalyze’s freemium users will be able to discover data with visual graphs, utilize its comprehensive UI, take advantage of historical tracking for up to 30 days, and automate workflows for remediation. Upgrading to a full trial will give users access to vulnerability scanning, sensitive data classification, APIs, and more.
“Securing cloud data is like the wild, wild west, and security engineers are spending way too much of their time and energy trying to harness it,” said Deeba, “It was important to us to offer a free offering with a low barrier to entry for the DevSecOps community. Freemium is the first step to get users started with the visibility they need to continuously discover data and secure it.”