While the cloud has allowed companies to create new applications and services fast, traditional firewalls and agents for security slow things down. And a simple mistake in not implementing a security update can lead to disastrous breaches like the ones Wyze, Equifax and CapitalOne suffered that can cost hundreds of millions of dollars. Data layer security startup Cyral emerged from stealth today announcing $15 million in funding. VMblog spoke to CTO and co-founder Srini Vadlamani about why companies need new security protections at the data layer.

VMblog:  What is new about securing a company's data in a cloud native world?

Srini Vadlamani:  Traditional security solutions are simply not designed for this new computing environment. They're getting overwhelmed. Companies struggle to just keep track of sensitive data on premises and in public clouds, not to mention keep it secure. And everything is moving so much faster, from business requirements to computing workloads. According to IDC, the world's data will grow from about 29 zettabytes (ZB) in 2018 to 175 ZB by 2025. Security needed to be reimagined from the data layer up. That's what we built with Cyral.

VMblog:  Describe the new cloud native environments Cyral aims to protect?

Vadlamani:  With the widespread adoption of microservices and containers we are in the middle of a shift to a new computing paradigm - cloud native. New lightweight services are written from the ground up, communicating with each other using remote procedure calls (RPC). Instead of the traditional on-prem databases, these services now use cloud-based data repositories, which includes SQL and NoSQL databases, pipelines and data warehouses, all accessed as data endpoints. Very often the repositories themselves are 3rd party SaaS services and their consumers don't have the ability to control them directly. 

We have created a new data layer security solution for this new computing environment.

VMblog:  How does it work?

Vadlamani:  Cyral intercepts requests to data endpoints with no impact to latency or throughput. We continuously examine, normalize, and analyze all request structures for sensitive data access, then automatically generate policies to baseline normal behavior.

These derived policies can then be manually augmented by the user. Cyral alerts on suspicious activity and can block known threats and disallowed accesses.

Cyral integrates directly into existing CI/CD pipelines, fitting nicely into the DevOps framework. The service is also entirely driven by REST APIs so, while we do provide a UI, we can also plug direclty into existing tools and dashboards.

This is a boon for developers. They get critical visibility and functionality without introducing heavy-duty latency or doubling down on "UI fatigue" . This  frees them to focus on the core products and applications they need to be building. We make developers more productive while at the same time businesses can move faster and be better protected.

##