Unveiling what it Means to Protect Data with Security as Code
I have always had a passion for technology. While its impact on all our lives simply cannot be captured in a few words, the one aspect of it that has appealed to me the most is how it makes difficult things simple. And in doing so, it returns time back to people’s lives. Since our funding announcement in January, the world feels like a very different place. Few people will ever look back at 2020 and remember it fondly. With so much uncertainty and risk enveloping us, the value of time feels more important now than ever before.
Manav and I started Cyral to protect organizations from data breaches. The trend of organizations moving from a few self-hosted RDBMSes to a wide mix of different types of databases, data warehouses and pipelines was obvious. It was creating challenges with observability, access control and security, and we felt we had the right experience and expertise to build a solution that could address it. Almost everyone we spoke with shared our point of view, and we were quickly funded and off to the races.
As we started working with early adopters, we noticed another important trend – that of engineering teams in organizations of all sizes moving to an infrastructure as code model, and the efficiencies that came with it. It unlocked the true value of cloud-based provisioning and management, and the benefits that come with adopting a DevOps model. But while it unshackled development and operations teams from the toil of manually provisioning and managing infrastructure, it created more problems for security teams, further rendering their manual processes ineffective and legacy solutions involving agents and proxies untenable. We knew there had to be a better way, and today we all feel giddy with excitement to unveil it.
As we launch our product with endorsement from several experts, customers, and the community as a whole, we have updated our website with details on how our product works. You can learn about our platform, inspect our patent-pending technology, review our docs to get a good feel of how the product works, or read through all of our articles. Our team has worked hard to develop some really interesting technology that we’re very proud of. In the last several months, every technology presentation before a customer has prompted them to tell us how cool it is. However, what I’m personally most excited about is how easy we have made it to consume.
At Cyral, we’re committing ourselves to the Security as Code operating model. We hope it will remove the toil and friction of security teams, just as Infrastructure as Code did for development and operations teams. By building a product that is API-first and putting automation at the heart of all our design choices, we’re fully committed to making it easy for security teams to meet with development and operations team where they can collaborate most naturally. Cyral can be integrated into any CI/CD pipeline, communicates with most DevOps tools, and enables a dynamic policy framework to be incorporated directly into data flows.
Our product is a labor of love, from our team to yours, and I for one hope that it will help security and DevOps teams everywhere to be more efficient, and get their valuable time back.
Unlocking Security as Code by Using GitHub for Managing Cyral Policies
tl;dr Automated CI/CD is a powerful tool for software collaboration, automated testing, and deployment of cloud applications. Following its development, many cloud native technology companies …
The Security Digest: Week 20
Hello and welcome to TSD, your regular blog post with top of mind security issues. TSD began as an internal newsletter that our Security Lead, …