top of page

Protecting Vulnerable Assets with DSPM

It is estimated that there are approx. 40 million bacterial cells in a single gram of soil. The microbial ecosystem housed in that soil 'container' represents a complex biomass of varying diversity, prevalence, and persistence.

When considering organizations with a cloud footprint, we find that data proliferates like microorganisms, and left unchecked has an ever increasing attack surface. While many cloud ecosystems may house just a few hundred cloud accounts, each with a few hundred storage instances, contrast that to the tens to hundreds of millions of files that can persist in unstructured & structured data collections in a similarly sized environment. Added to that complexity is the diversity in volume, content categorization, shifting context, overly permissive rights, and multi-access modalities. It is no wonder why data is such a difficult construct to consistently protect.

There was a time when protecting cloud assets such as storage buckets, administrative interfaces, and IaaS resources seemed sufficient as a preventative mechanism to thwart breaches, however, these well-defined constructs do little to properly protect data assets. For this, we look to the nascent area of Data Security Posture Management (DSPM).

Gartner's Hype Cycle for Data Security, 2022 (published Aug '22) report claims that less than 1% of companies leverage DSPM today - though if recent entrants into the vendor market for this category are any indication of anticipated importance, we expect this number to ratchet up dramatically.

  • Theom, founded 2020, $16.4M raised, Bay Area

  • Laminar, founded 2020, $67M raised, Tel Aviv

  • Cyera, founded 2020, $64.5M raised, San Mateo

  • Dig Security, founded 2021, $45M raised, Tel Aviv

  • Sentra, founded 2021, $23M raised, Tel Aviv

  • Flow Security, founded 2020, $10M raised, Tel Aviv

  • Polar Security, founded 2020, $8.5M raised, Tel Aviv

  • Eureka Security, founded 2021, $8M raised, Tel Aviv

  • Concentric AI, founded 2018, $22M raised, Bay Area

  • Symmetry Systems, founded 2018, $18M raised, San Mateo

  • Securiti, founded 2019, $156M raised, Bay Area

  • Open Raven, founded in 2019, $39.1M raised, LA Area

  • Wiz, founded in 2020, $600M raised, Tel Aviv (just entered the DSPM market)

As you consider this category of disruptor, be on the lookout for the following characteristics in the vendor you choose.

  • Should be API-based and deployed across your cloud assets quickly

  • Works across unstructured and structured data (analytical stores, databases, object stores, data in transit)

  • Can handle petabytes of data without requiring large security teams

  • Can discover and categorize data, access rights, access patterns, anomalous behavior

  • Operates as a SaaS solution, analyzing posture in-place

  • Data security, assurance, and compliance controls follow the data

  • Risk from breaches is quantifiable in terms of Single-Loss Expectancy (SLE) for each time a risk arises

  • Vendor can provide Proof of Action for every transaction as assurance that they have not manipulated data

Ink8r monitors this space closely and has interviewed several vendors in the space, with our most recent interview being with Theom (see Podcast). Please have a listen and let us know where you are in your DSPM journey.

85 views0 comments

Recent Posts

See All


Please Reach Out

  • Spotify
  • Deezer
  • YouTube
  • LinkedIn

Please reach out and let us know what your own perspective is on this topic!

Satbir Sran -, (202)-431-0558

Darren Boyd -, (408)-204-9779

bottom of page