Proofpoint Signs Definitive Agreement to Acquire Normalyze

social

Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform aiming to address the full spectrum of data security challenges across today’s complex data landscape

SUNNYVALE, Calif., October 29, 2024Proofpoint Inc., a leading cybersecurity and compliance company, today announced it has entered into a definitive agreement to acquire Normalyze, a leader in Data Security Posture Management (DSPM). The acquisition is expected to close in November 2024, subject to customary closing conditions.

With this acquisition, Proofpoint will further enhance its human-centric security platform with Normalyze’s leading AI-powered DSPM technology, allowing organisations to discover, classify and protect data at scale across SaaS, PaaS, public or multi-cloud, on-prem and hybrid environments, while prioritising the reduction of human-centric risks in data security.

Addressing Human Risk in the Data-Driven Cloud Era

As organisations embrace AI and generative technologies to drive innovation, the human element in data security has become increasingly critical. The widespread adoption of AI platforms, Databases as a Service (DBaaS) and Continuous Integration/Continuous Development (CI/CD) practices has created a web of interconnected data environments that security teams can struggle to secure. This rapid technological evolution has led to increased complexity and heightened risks of improper data handling as development teams focus on quick outcomes, often bypassing essential security governance. As more access to data is granted to people and machines, gaps in visibility and control can emerge without appropriate governance or controls from security teams.

This evolving landscape presents complex challenges in discovering, classifying, and securing data, leading to an increased risk of data breaches due to forgotten and misclassified data, as well as overprivileged access. In fact, recent research from Enterprise Strategy Group reveals that over a quarter of businesses don’t know where their sensitive data is. By implementing DSPM technology, organisations are enabled to fill the security gaps created by their teams’ interactions with complex data environments and reduce the total data attack surface. 

“Today, data is at risk because of human behaviour. Modern applications are rapidly changing, driven by small teams of developers working independently on microservices and various data sources, leading to an explosion of data,” said Mayank Choudhary, executive vice president and general manager, Data Security & Compliance, Proofpoint. “These modern applications are highly interconnected, making it hard for security teams to manage the heterogeneous and ever-growing sprawl of their data. By combining Proofpoint’s leading human-centric security platform with Normalyze’s pioneering DSPM technology, we can provide our customers with comprehensive visibility and control of their data posture so they can further mitigate human risk across their organisation.”

With the rapid proliferation of internally developed cloud applications, and use of SaaS applications procured by teams outside of IT, security teams are faced with the daunting challenge of inconsistent visibility and control of their critical data in the cloud,” said Ravi Ithal, cofounder and chief technology officer, Normalyze. “As data has become increasingly difficult to secure, the driving force behind our mission and technology has been to help organisations secure the data they care about, wherever it is. By joining forces with Proofpoint, we can empower organisations to further improve their data security posture, reducing the risk of data breaches caused by human errors and help them to prioritise data loss threats.”

The Normalyze DSPM platform secures even the most complex data landscapes by combining insights into data, access and risk. It simplifies collaboration between data and security teams, enabling them to create effective security and governance plans tailored to the business’ needs. The platform allows organisations to:  

  • Discover and classify data using AI: Normalyze’s agentless One-Pass Scanner™ leverages AI to accurately identify and classify valuable and sensitive data at scale across a wide range of data environments. Scanning is performed in place to keep data under IT control, support compliance with stringent data protection regulations, and enhance operational efficiency.
  • Assess and prioritise risk: Risk is prioritised by impact and likelihood, providing a comprehensive view of risk accurately and at scale. The DataValuator™ assigns monetary value to data and identifies the data stores with the highest impact of potential data loss. The Data Access Graph visualises access and trust relationships to identify human-centric risk, and the Data Risk Navigator highlights attack paths that can lead to data breaches or loss.
  • Remediate security and compliance issues: Actionable insights and comprehensive recommendations, integrated with alerts into service management platforms, help teams address exposures such as over-permissioned access before they are exploited. The solution also streamlines compliance across 500+ benchmarks, ensuring robust adherence to regulatory standards related to data protection.

Normalyze’s in-place scanning and quantified risk analysis set it apart from other DSPM solutions, providing rapid time-to-value while minimising security and cost challenges for data and security teams. Normalyze also offers comprehensive on-premises to cloud coverage and excels in human-centric risk remediation. Normalyze’s solutions are expected to become part of Proofpoint’s offering upon the closing of the acquisition.

Normalyze recently announced its recognition as a Cool Vendor in the 2024 Gartner Cool Vendors™ in Data Security. Read more here: https://normalyze.ai/company/press-releases/normalyze-selected-as-cool-vendor-by-gartner-for-cutting-edge-approach-to-securing-ai-pipelines/

To find out more about Proofpoint’s data protection solutions, please visit: https://www.proofpoint.com/us/products/defend-data

###

About Proofpoint, Inc.

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organisations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organisations of all sizes, including 85% of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at www.proofpoint.com.  

 
Connect with Proofpoint: 
X | LinkedIn | Facebook | YouTube  

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

About Normalyze

Normalyze is the pioneer in Data Security Posture Management (DSPM), enabling organisations to effectively secure data at scale across SaaS, PaaS, public or multi-cloud, on-prem and hybrid environments. Normalyze fills the security gaps created by complex data landscapes, data lakes, shadow data and Generative AI by accurately and quickly discovering, classifying and visualising the total data attack surface.

With Normalyze, data and security teams can quantify risks and prioritise remediation plans to prevent data breaches, enforce least privilege access to valuable and sensitive data, optimise data storage and leverage AI for business. 

For more information, please visit Normalyze.ai.