When I sign up to advise a company, I’ll often do a post to let readers know and discuss the reasons why I like the company. This post is about Cyral, a cloud data security company I’m advising that I’ve been talking with for over a year.
Cyral does cloud data security. I indirectly referred to the company in my 2020 Predictions post, where I talked about a new, data-layer approach to security. Cyral acts as a database proxy on top of every data endpoint in your data layer, watching all the traffic, figuring out (via machine-learning) what is normal, detecting what is not, and either alerting or stopping threats in real-time as they occur.
I remember when I first met co-founder Manav Mital at Peet’s Coffee to discuss the company. He was surprised that I actually understood a thing or two about databases , which was fun. During the meeting a light-bulb went off in my head: why were data breaches always measured megarows or terarows (hundreds of millions to billions of rows) as opposed say rows or kilorows? Can’t we stop these things while they’re going down?
I initially viewed Cyral as a next-generation data loss prevention (DLP) company because I thought DLP was about stopping security problems in real-time. But DLP was more about content than data, more about classification than anomaly detection, and more about business rules than machine learning. DLP could do things like detect email attachments that contained source code and intercept an outbound email with such an attachment. It had nothing to do with monitoring traffic to the data endpoints in a company’s both on-premise and (increasingly) cloud data layer, providing visibility into activity, fine-grained data access control, and real-time protection against data exfiltration. That’s Cyral.
Here are some of the reasons I decided to work with the company.
- Manav is not only a great guy and (a fellow) member of the illustrious Aster Data mafia , he is a second-time entrepreneur, having co-founded Instart Logic, which raised $140M from a top set of investors and built a strong business before eventually hitting hard times in the highly competitive CDN space, ultimately being acquired by Akamai. It’s great to work with Manav because he has the wisdom from both his successes and his failures on his nearly decade-long journey at Instart.
- I think security is a race without a finish line and thus a great and growing market space. In addition to data-layer anomaly detection, Cyral provides fine-grained access control in a world where too many applications defeat security using shared data-layer logins. Cyral can distinguish different users even if they’re coming into the database through the same username/password. What’s more, Cyral provides more than just security, it provides insight by giving you visibility into who’s doing what.
- New cloud data endpoints from Snowflake to Redshift to Kafka introduce complexity that breaks traditional approaches to security. The old approach to security was largely about building a strong perimeter. In a hybrid cloud world, that mixes traditional and cloud data sources, there is no perimeter to defend. The perimeter is dead, long live data-layer security!
When talent meets opportunity, great things can happen.
# # #
 Having worked in technical support at Ingres (RDBMS), as VP of Marketing at Versant (ODBMS), as CMO at BusinessObjects (a BI tool, but with an embedded micro-multidimensional DBMS), as CEO at MarkLogic (XML DBMS), as board member at Aster Data (SQL/MapReduce DBMS), advisor to MongoDB (document-oriented DBMS), and as CEO of Host Analytics (which included a multidimensional modeling engine) well, heck, you think I might have picked something up.
 Aster Data was an amazing well of entrepreneurship and the success of its mafia is an untold story in Silicon Valley. A large number of companies, some of them amazingly successful, were founded by Aster Data alumni including: ActionIQ, Arcadia Data, ClearStory, Cohesity, DataHero, Imanis Data, Instart Logic, Level-Up Analytics, Moveworks, Nutanix, The Data Team, ThoughtSpot, and WorkSpan.