Silicon Valley Tech Duo, Amer Deeba and Ravi Ithal, Reveal New Cloud Security Company: Normalyze

Valley veterans Amer Deeba and Ravi Ithal have joined hands for one of the most exciting ventures in the world of cloud data security. Their platform Normalyze markets itself as a data-first cloud security company, providing a holistic solution for cloud-based data security needs. The company recently secured a $22.2 million investment round led by Lightspeed and Battery Ventures. This takes their total funding received so far to $26.6 million.

The Problem

In a world where digital transformation is increasingly shaping the economy, Artificial intelligence and machine learning systems workloads are skyrocketing, which is in turn leading to a data explosion. AI/ML systems have a large appetite for data, which leads to dramatic increases in the volume of corporate data. Enterprise companies are also migrating to the cloud leading to data becoming increasingly scattered as monolithic application architectures give way to microservices architectures. This microservices proliferation is a catalyst for considerable data proliferation

The primary investment that organizations pursuing digital transformation initiatives want to make in the coming years is in strengthening information security defenses. Normalyze places itself in a unique position to solve one of information security’s biggest challenges: cloud data security.

The cloud has enabled enterprises to interact with technology in more intricate ways, but cloud computing has in turn increased the size and complexity of the enterprise attack surface. The cloud also disrupts the conventional network boundary that has historically driven data security solutions. Data security in cloud computing necessitates a new approach—one that takes into account not just the risks but also the complexities of data governance and security models.

Data discovery and data classification are two areas which have posed significant challenges for enterprises. Current categories of tools which include data discovery, data classification, access governance, and compliance are operated individually, across multiple cloud services, which can be a difficult, expensive, and time-consuming endeavor.

The Solution

Normalyze assists companies in understanding the complete range of hazards existing in their cloud data through agentless assessments, data discovery, AI-driven risk prioritization, and comprehensive and actionable remedial insights. This encompasses everything related to cloud data that must be identified and understood, such as apps, infrastructure, configurations, vulnerabilities, and the identities and permissions associated with access. A smart and easy to analyze graph contains all that is required to detect sensitive data, correlate hazards, and provide remedial actions.

The platform allows enterprises to apply an extensive category of tools across cloud-based databases. It also enables companies to comply with data protection and privacy laws and regulations, such as the General Data Protection Regulation, or GDPR, in the EU; the Health Insurance Portability and Accountability Act of 1996, or HIPAA, in the U.S., and others.

The Architecture

Normalyze detects the most vulnerable data after identifying an organization’s cloud systems. The system then discovers  who has access to the data and how much.  The platform also detects and identifies the microservices in use, as well as the vulnerabilities and misconfigurations that put data at risk. Security teams, CISOs, GRC experts, and DevOps teams can examine their entire cloud architecture using Normalyze. They can see where their most important data is and prioritize safeguarding that data depending on risk. This ensures that organizations’ most critical data is always safe.

Normalyze then incorporates all this data security into a graph, connecting every component required to detect business cloud data, correlate risks, and offer the information required for priority repair. Remediation efforts can be sent to a service management platform, or alternative automated steps might be implemented. To address the vulnerability, certain organizations or persons can be notified, or measures can be made to deny access.

An important feature of the Normalyze platform is that it does not gather sensitive data and save it on its system. While carrying out operations, which include, discovery and analysis, detection and prioritization, and remediation and prevention, it only uses metadata, with no storage of specific sensitive data. The solution is available at three price points, with more information available on the Normalyze website.

The Founding Team

The company boasts a strong technical team, with CEO Amer Deeba and CTO Ravi Ithal spearheading the project, and Gautam Kanaparthi as Head of Product).

CEO and Co-Founder, Amer Deeba

Amer Deeba is a Lebanese entrepreneur, engineer, and programmer based in San Francisco, CA, who began his early days as a software developer, working on software such as Acrobat Reader. Deeba’s illustrious career spans over two decades and consists of roles as GM, CMO, CCO, and VP of corporate development and strategic alliances at various tech companies.

He has over two decades of experience in cyber-security management, with 17 of those years spent at Qualys, a prominent provider of information security and compliance cloud solutions. He oversaw all elements of marketing, business development, strategic partnerships, and worldwide enterprise accounts at Qualys (NASDAQ: QLYS). He was also key in bringing the firm public in 2012.

Deeba was also the Chief Operating Officer at Moogsoft, where he led the company’s transition to a SaaS platform with a new sales and marketing strategy, while also doubling the company’s ARR and positioning Moogsoft as a leader in the AIOps market.

He currently holds a go-to-marketing advisory role at two leading cybersecurity firms, Monad, and CyCognito.

CTO and Co-Founder, Ravi Ithal 

Ravi Ithal has almost a decade and a half of professional experience. The Purdue University alumnus began his career as a Senior Software Engineer at Cisco Systems and a Member of Technical Staff at Juniper Networks.

He went on to become the founding engineer of Palo Alto Networks, where he contributed to the development of the world’s first application and user-aware network firewall device and network management systems. His most recent venture was Netskope, a platform that provides enterprises with cloud-native solutions for data security and threat prevention in cloud applications.