Proofpoint to Acquire Normalyze

0

Cybersecurity and compliance company Proofpoint has entered into a definitive agreement to acquire data security posture management company Normalyze.

With this acquisition, Proofpoint will boost its human-centric security platform with Normalyze’s leading AI-powered DSPM technology, allowing organisations to discover, classify and protect data at scale across SaaS, PaaS, public or multi-cloud, on-prem and hybrid environments while prioritising the reduction of human-centric risks in data security.

Addressing Human Risk in the Data-Driven Cloud Era

As organisations embrace AI and generative technologies to drive innovation, the human element in data security has become increasingly critical. The widespread adoption of AI platforms, databases as a service (DBaaS) and continuous integration/continuous development (CI/CD) practices has created a web of interconnected data environments that security teams can struggle to secure.

This rapid technological evolution has led to increased complexity and heightened risks of improper data handling as development teams focus on quick outcomes, often bypassing essential security governance. As more access to data is granted to people and machines, gaps in visibility and control can emerge without appropriate governance or controls from security teams.

This evolving landscape presents complex challenges in discovering, classifying, and securing data, leading to an increased risk of data breaches due to forgotten and misclassified data, as well as overprivileged access. Recent research from Enterprise Strategy Group reveals that over a quarter of businesses don’t know where their sensitive data is. By implementing DSPM technology, organisations are enabled to fill the security gaps created by their teams’ interactions with complex data environments and reduce the total data attack surface.

“Today, data is at risk because of human behaviour,” said Proofpoint’s Mayank Choudhary. “Modern applications are rapidly changing, driven by small teams of developers working independently on microservices and various data sources, leading to an explosion of data/ These modern applications are highly interconnected, making it hard for security teams to manage the heterogeneous and ever-growing sprawl of their data. By combining Proofpoint’s leading human-centric security platform with Normalyze’s pioneering DPSM technology, we can provide our customers with comprehensive visibility and control of their data posture so they can further mitigate human risk across their organisation.”

“With the rapid proliferation of internally developed cloud applications and use of SaaS applications procured by teams outside of IT, security teams are faced with the daunting challenge of inconsistent visibility and control of their critical data in the cloud,” said Normalyze Co-founder and CTO Ravi Ithal. “As data has become increasingly difficult to secure, the driving force behind our mission and technology has been to help organisations secure the data they care about, wherever it is. By joining forces with Proofpoint, we can empower organisations to further improve their data security posture, reducing the risk of data breaches caused by human errors and help them to prioritise data loss threats.”

The Normalyze DSPM platform secures the most complex data landscapes by combining insights into data, access and risk. It simplifies collaboration between data and security teams, enabling them to create effective security and governance plans tailored to the business’ needs. The platform allows organisations to:

  • Discover and classify data using AI: Normalyze’s agentless One-Pass Scanner leverages AI to accurately identify and classify valuable and sensitive data at scale across a wide range of data environments. Scanning is performed in place to keep data under IT control, support compliance with stringent data protection regulations, and enhance operational efficiency.
  • Assess and prioritise risk: Risk is prioritised by impact and likelihood, providing a comprehensive view of risk accurately and at scale. The DataValuator assigns monetary value to data and identifies the data stores with the highest impact of potential data loss. The Data Access Graph visualises access and trust relationships to identify human-centric risk, and the Data Risk Navigator highlights attack paths that can lead to data breaches or loss.
  • Remediate security and compliance issues: Actionable insights and comprehensive recommendations, integrated with alerts into service management platforms, help teams address exposures such as over-permissioned access before they are exploited. The solution also streamlines compliance across 500+ benchmarks, ensuring robust adherence to regulatory standards related to data protection.
Share.

Comments are closed.