Datiphy, a service provider founded in Taiwan, has bundled its technology for sale as a software package to make inroads in the U.S. as a security/data auditing tool that detects and reports suspicious access to databases.
The company has been selling its service in Asia-Pacific since 2011 but has decided to improve the user interface and give it natural-language search to make it more attractive in the U.S. where the large enterprises it seeks as customers want to have an on-premises platform, says Mike Hoffman, executive vice president of sales and marketing.
Datiphy has also gotten a financial shot in the arm, pulling down $7 million from Highland Capital Partners in its first round of institutional funding that it will use in part to hire staff to pursue partnerships so data gathered by the platform can be shared with other security products.
Customers can configure policies for the platform so it detects when Social Security, credit card and account numbers are being accessed, for example, and to send alerts when it does. It also analyzes data transactions to find anomalies that might indicate breaches.
The platform captures all transactions and processes and records them for later audits or forensic investigations.
The company competes against the likes of Imperva and IBM Guardian, but claims it is less expensive and easier to deploy.
Customers can set policies to flag certain types of activity such as a person authorized for access from 8 a.m. to 5:30 p.m. who accesses a database in off hours looking for credit card numbers. It can list who viewed certain data even if they don’t alter it, the company says.
“We’re data centric,” Hoffman says. “We tell the story of data from the data point of view.”
The company was founded in Taiwan in 2010 by James Lin and marketed auditing and security services in Asia-Pacific. Lin has a long technical background as founder of RapidStream (acquired by WatchGuard), and stints at 3Com, HP and Reti Corp.
Earlier this year Ted Ho, founder of Gigamon, invested in the company and took over as CEO. Later he hired Hoffman, who was vice president of sales at Gigamon from 2008 to 2014.
The company holds six patents on its technology. It currently monitors structured databases and Mongo DB and will be coming out with support for Hadoop next month. It expects to add support for more unstructured databases on a pace of one per month.
Datiphy’s software can be deployed either on a server or a virtual machine that is linked to a router’s TAP or SPAN port or a packet broker. It automatically discovers databases and monitors transactions with them based on the protocols they use and maps to the applications that access the databases.
It doesn’t ping all devices on the network, so an agent has to be deployed on database servers if customers want those that aren’t generating traffic to be discovered as well. The agent is needed to monitor traffic that is encrypted between the servers and applications. It is needed as well to monitor direct connections such as Telnet.
It has a natural language search capability that can, for instance, ask to see every transaction a particular machine has made with any database on the network or all transactions made in the last hour.
The company has sold its capabilities as a service in the Asia Pacific region starting in 2011 where customers are primarily interested in audit and compliance. It developed a software package for sale in the U.S. with a focus on security, which is of greater concern here. A month ago it took about two days to get the platform up and running, but that has been reduced to about 15 minutes for a single deployment.
The platform has an API that third parties could write to so the data gathered can be used by other platforms to enforce policies when violations are discovered. Part of the new funding will be used to develop partnerships with other security vendors to make their products compatible.
The software costs $29,000 to handle 10 million transactions per day, $75,000 to handle 250 million.
This story, "Datiphy tracks what data is up to for security, auditing purposes" was originally published by Network World.