Public Cloud Data Protection Needs a New Approach. Here’s Why
When Amit and I began our Laminar journey together, we asked ourselves: what is the biggest problem in the data security space today? What will hold back valuable data innovations? The answer was clear: data breaches. We immediately knew that if we could solve it, it would make a major impact on CISOs and data protection teams — and companies’ success overall. Data is no longer a commodity; it is a currency, and it is as valuable for attackers as it is for business. The result: the data breach culture.
“Data is no longer a commodity; it is a currency, and it is as valuable for attackers as it is for business.“
To solve this, we went back to first principles. How do data breaches occur today? We compiled a list of dozens of recent, major breaches, and a pattern immediately emerged – they nearly all originated from public cloud infrastructure.
We knew there was a problem, and so we knew there must be a solution. But what are the basic requirements for data protection in this new cloud infrastructure environment?
First, we have to be cloud-native. And by “we,” we mean the company and its culture, not only the solution. If we are to solve problems that are cloud-native, we must be cloud-native ourselves.
Second, data protection teams are almost blind when it comes to data residing in public cloud infrastructure. Therefore, our solution must start by integrating with the public cloud itself, using a modern, agentless approach – and identify where and which types of data reside there. This way you can focus on what matters most.
Third, we knew that when it comes to cloud infrastructure that drives and powers the business, you simply cannot slow it down or disrupt it. The solution must not impact the performance in any way, and it must not be in-line. Proxies are a big no-go, as well as solutions that use the same data plane as the workloads themselves.
Finally, we must take a zero-bullshit approach. We despise FUD. Everything we do, must tie back to real-life scenarios and to real, important actions that data security teams can take in order to better protect the data.
So with that in mind, we assembled not just a team, but the perfect team. We’re a bunch of Capture the Flag (CTF) players, kernel hackers, vulnerability researchers and experienced engineers. What unifies us is that we truly believe anything is possible.
The solution: Discover and Classify, Secure and Control, Detect Leaks and Remediate
Our solution is easily deployed by integrating with the cloud provider account. Once this is done, our platform immediately starts looking for data assets, weak spots and potential risks. Actionable, crisp and detailed information is delivered to you within minutes.
Discover and Classify: understand your data
Our technology first identifies resources which potentially store sensitive data. Then, it inspects an ephemeral snapshot of the data in order to understand and classify the data within. Here, the devil is in the details – we developed a novel technology that allows us to do that whether the data asset is managed by the cloud provider or not, whether it is a “formal” data store or if it’s only a shadow copy, and whether it’s public or isolated. Customers told us they need a complete and accurate view. They didn’t want us to stop at just managed data stores like S3 buckets. We needed to enable observability for an entire cloud account.
Secure and Control: resolve issues around controls, blast radius and data segmentation
Once our platform identifies the data that is at risk, it gathers all the metadata about it: How is it configured? What are the access controls? How segmented is the data? Is there a shadow copy of it, anywhere? From where does the data originate, and to where is it flowing? etc.
By analyzing this data we just gathered and by following rules and policies built by our Laminar Labs team, our technology understands what are the most critical issues to tackle, and delivers them to the user in a precise and actionable way. Every issue is resolvable, period.
Detect Leaks and Remediate: monitor and block unwanted data access
The last line of defense is to monitor for data access and block those that are unsanctioned. Our platform consumes audit logs, network flow logs and various data sources in order to build a profile for each and every data access. If and when an unsanctioned one is identified, it then blocks it through our cloud provider integration.
The journey only begins
At Laminar, we’re on a mission to make data safe in the cloud.
We have built some novel technology for a difficult problem that allows continuous monitoring and control for your sensitive data in the public cloud. But that’s only the start: from here, we will be constantly listening and learning from our customers in order to make our product even better.
If you’re an awesome engineer, and you’re inspired by solving the biggest problem in cybersecurity today, you should join us! Visit our careers page!