The company fills a gaping hole in data security: authorization — the ability to understand, manage, and control who can and should take what action on what data
Veza, the data security platform built on the power of authorization, announces it is emerging from stealth today. Veza, which was founded in 2020, is also announcing funding totaling more than $110 million from top-tier venture firms, including Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures, as well as angel investments from notable industry leaders, including Kevin Mandia, Founder and CEO, Mandiant; Enrique Salem, former CEO, Symantec and Partner, Bain Capital; Lane Bess, former CEO, Palo Alto Networks; Manoj Apte, former CSO, ZScaler; Joe Montana, Liquid2 Ventures; and, security leaders Niels Provos, Karthik Rangarajan, and many more.
“We are driven to help data and security teams answer: who can and should take what action on what data?” said Tarun Thakur, CEO and Co-Founder of Veza. “We are committed to helping enterprises trust confidently so they can unlock the value of their data.”
Data is rapidly and irreversibly moving to the cloud, but organizations around the world are still missing a critical piece of data security: authorization. Because legacy and first-generation data security solutions don’t work in hybrid multi-cloud environments, data and security leaders face significant challenges related to ransomware, digital transformation, cloud adoption, loss of customer trust due to data breaches, and failed audit and compliance. With the amount of data tripling from 2020 to 2025 and incidents of cyber crime doubling every year, organizations need a data security solution that can give them the power to understand, manage, and control who can and should take what action on what data.
“When we founded the company two years ago, we were driven to help advance the state of data security for decades to come,” said Tarun Thakur, CEO and Co-Founder of Veza. “Data and security teams have been inundated with tools, and yet have not been able to answer a fundamental question: Who can and should take what action on what data? Thanks to the dedication of our team, and the invaluable feedback from our customers, Veza has demonstrated the power of authorization metadata as the source of truth to help organizations modernize data security for the hybrid multi-cloud era. We are committed to helping enterprises trust confidently so they can unlock the value of their data.”
Veza is the first and only data security platform that is built on the power of authorization. The platform supports both on-premise and cloud systems, and makes it possible for data and security teams to understand the sensitive nature of data; manage human identities; and service accounts across hundreds and even thousands of disparate data systems, apps, and cloud services. Veza’s core differentiation is its Authorization Metadata Graph. This includes:
- A high-performance streaming engine that integrates out-of-band and agentless, with multiple cloud and on-premises identity, data, apps, compute and infrastructure systems
- A canonical object model that organizes identities, relationships and granular data objects
- A translation layer that processes multiple system-specific permissions and converts them into a natural language for data and security professionals, delivered in a single control pane
- Data Security applications, including: real-time search about who has access to what; authorization-rich workflows for access governance and privilege management; pre-built least-privilege violation alerts and associated recipes to fix them; automated rules and queries for remediation; recommendations; and much more.
“Finally, a start-up taking on cybersecurity’s biggest challenge: Our collective ignorance to our own data environments,” said Nicole Perlroth, special advisor to Veza; former New York Times cybersecurity reporter and advisor, Cybersecurity and Infrastructure Security Agency. “Until now, no senior executive has been able to say with a straight face that they know where their data lives and who has access to it. Veza gives them no excuse. This platform marks a huge advance for cyber defense.”
Numerous Fortune 500 and emerging organizations across multiple industries, including finance, health care, hospitality, media and technology, high-tech, trust Veza. Veza’s customers include: ASAPP, ATN International, Barracuda Networks, Choice Hotels, InComm, Nozomi Networks, The Translational Genomics Research Institute (TGen), and many more.
“The creation and execution of data security policies is challenging because there is a large variety of data security products that provide specific security controls against specific repositories or processing steps. This emphasizes the need and opportunity for market convergence and emergence of new data security markets that enable appropriate business access privileges to use data or share it with partners throughout its life cycle.”
Hype Cycle for Data Security, 2021
Brian Lowans, Senior Director Analyst, Gartner