It’s no secret that data is often the ultimate target for some cybercriminals, yet so many organizations don’t have visibility, context or control over data stored in public cloud environments — like the ones run by Amazon, Google and Microsoft — according to Dig. That’s why the startup has developed a data detection and response (DDR) solution, which it claims can help enterprises discover, protect and govern their cloud data in real time.
“Companies don’t know what data they hold in the cloud, where it is or most importantly how to protect it. They have tools to protect endpoints, networks, APIs but nothing to actively secure their data in public clouds,” Dan Benjamin, Dig’s co-founder and chief executive, tells TechCrunch. Prior to founding Dig in October last year, Benjamin led multi-cloud security at Microsoft and mentored CTOs at Google Cloud for Startups.
“If you speak to data security teams in large organizations today, most of them work with manual reports and run manual scans. We help organizations analyze and understand how that data is being used,” he added.
Dig claims, like unlike existing solutions, it analyzes and responds instantly to threats to cloud data, triggering alerts on suspicious or anomalous activity, stopping attacks, data exfiltration and employee data misuse. The solution — a software-as-a-service app — discovers all data assets across public clouds and brings context to how they are used, and also tracks whether each data source supports compliance like SOC2 and HIPAA.
“Just the other week, we integrated with a large financial public American company, and after five minutes, we had alerts. What we discovered is that they had all financial reports being copied to an external AWS account that doesn’t belong to them,” Benjamin says. “We see stuff like this all of the time because no one has real visibility into how this data is being used.”
Benjamin, who founded the startup alongside veteran entrepreneurs Ido Azran and Gad Akuka — the first letters of the co-founders’ names spell “Dig” — tells TechCrunch that Dig currently works with Microsoft Azure and AWS, with support for Google Cloud Platform coming soon. His ultimate goal, however, is to expand beyond public clouds to provide a solution to protect data wherever it sits within an organization.
“Data sits in five main locations for a typical enterprise; endpoints, email, on-premise, SaaS and public clouds,” Benjamin says. “We only cover public clouds, but I believe that, eventually, customers will want a single platform that protects data wherever it is.”
With its $11 million seed round led by Team8, with participation from CrowdStrike, CyberArk and Merlin Ventures, Dig plans to grow its headcount from 30 to 50 by the end of the year, including in the U.S. It also plans to expand the product, with Benjamin noting that the startup “still has a lot to do” across discovery, context and threat protection.