“The Satori Data Security Platform to help enterprises confidently discover and classify sensitive data, apply security policies and permissions, monitor access to sensitive data, and now, track security posture – all in one place.”
Hi Yoav, welcome to our CIO Influence interview series. Please tell us about your journey in the data management and information security industry. What inspired you to begin at Satori?
I’ve been a “database” guy for as long as I can remember. When I was in elementary school in the 1980s, I took a database class where I learned about relations, foreign keys, aggregations, and so on. I fell in love with the simple elegance of organizing data to make it usable in many different ways and use it to answer business questions.
When I joined Incapsula, a cloud-based application security startup in 2011, I got the opportunity to build and maintain a large-scale, globally distributed data processing system that powered many of our services. That’s also where I met Eldad Chai, my co-founder at Satori. After spending almost a decade together at the intersection of cybersecurity and data, we realized that data was moving rapidly to the cloud and that the paradigms around how data will be secured, managed, and accessed by users were about to change. We decided to take an active part in helping organizations use more of their data without compromising on security, privacy, or compliance – and so Satori was born.
What is Satori and what are your core offerings?
Satori takes a modern approach to data access by maximizing visibility into where sensitive data is stored and who is using it at any given time, all while automatically ensuring data security without compromising accessibility.
Satori’s Data Security Platform is centered around frictionless, just-in-time access to data across all enterprise data stores. Its self-service data portal lets users select the data they need and automatically gain access to it according to the organization’s guardrails and policies. This allows organizations to set data access policies based on attributes (ABAC) such as user identity, as well as roles (RBAC), to alleviate risks associated with over-privileged access and improve time-to-value.
Satori’s award-winning platform provides context-aware and granular data access, and seamlessly integrates into any environment to discover and classify data, automate controls, and deliver complete data-flow visibility.
What kinds of problems do you solve for your customers? Could you highlight some of the use case scenarios that highlight how you help data teams secure controls on DBs, DLs and DWs?
Given the growth of large and diverse cloud-based data, it can be difficult to know who is accessing what data and when. This can lead to serious data security consequences, including over-privileged access and an increased risk of data loss or breach.
Too often, companies are using manual processes to manage data access, wasting data team resources and causing a lack of control over sensitive data. These inefficient processes result in higher security and compliance risk, failed data projects, a drop in engineering productivity, and lower time-to-value for data consumers.
Satori flips the script on these challenges, enabling our customers to:
- Streamline data access requests and approvals without any added code or modifying current data flow
- Quickly access data without complex configurations while enforcing security and compliance policies
- Boost productivity by eliminating overhead on DevOps teams with seamless integrations
- Reduce manual workload on data analysts by automatically applying and enforcing scalable security policies through AI and ML, freeing them to focus on more strategic tasks
- Continuously authenticate, authorize, and validate users before they are granted access to data (and revoke it when no longer needed)
- Support compliance by providing a centralized, rich, and searchable query audit log to demonstrate that data access is on a need-to-know basis
What prompted your team to announce Posture Manager? How does it align with an organization’s data protection strategy?
Posture Manager answers the very basic question that every organization should answer: what data do I have, where is it stored, who has access to it, and how?
Satori’s Posture Manager, powered by our open-source project Universal Data Permissions Scanner, automatically and continuously scans and analyzes all data permissions. Enterprises get a comprehensive view of data access authorization to improve data security posture and eliminate the risks of over-privileged access. Companies can track permissions over time, and at any given point in time, to better secure data and adhere to regulatory requirements.
Our other new capability, Data Store Discovery, automatically scans and monitors an organization’s cloud accounts to identify new data stores. This provides a holistic view of all sensitive data, allowing timely detection and action against even unauthorized “shadow” data stores. Security and data teams can promptly shut down or apply appropriate access controls to rogue data stores to combat risk and strengthen data security posture.
These new features enhance the Satori Data Security Platform to help enterprises confidently discover and classify sensitive data, apply security policies and permissions, monitor access to sensitive data, and now, track security posture – all in one place.
Data exfiltration and ransomware-centric attacks have neutralized all the great progress IT and cloud organizations have made in recent years? How does a company like Satori truly fit into the modern CIO/ CISO’s technology landscape that focuses on preventing data breaches and cyberattacks?
Breaches caused by unauthorized data access remain one of the biggest security threats facing companies today, accounting for nearly one-fifth of all incidents according to IBM’s Cost of a Data Breach report. They also take the longest to identify (327 days) and cost more than any other breach to rectify.
The financial impact of breaches is especially detrimental in today’s economic climate. This is why it’s essential for companies to understand where their sensitive data (like PII, PHI, and financial data) is stored; see who is accessing it, why, and when; automatically apply specific controls and permissions to secure it; and easily monitor and audit to remain compliant with data privacy laws.
The Satori Data Security Platform significantly reduces risks associated with data breaches by applying principles of zero trust to data access; improves productivity by eliminating the overhead on DataOps teams; and supports compliance requirements with a robust and searchable log to prove that access is on a just-in-time, need-to-know basis.
How do you prepare for the AI-led disruptions in your industry? How are AI journeys influencing cloud-based data management?
AI is going to be a driving force for organizations to use more of their data. Traditional approaches for preparing datasets for AI will likely be too slow for the pace of innovation organizations are aiming for. Eliminating the bottlenecks for reducing time to insight from data with AI will be a priority, and new tooling like Satori will play a crucial role in that transformation.
What are your predictions on the future of enterprise data management architecture and the rapid pace of innovation in your domain?
I believe we will see consolidation in the data platform space, with vendors trying to capture more workloads as their growth strategy. The focus is going to shift from core data capabilities such as computing and storage to capabilities that enable users to use more data, such as streamlining access to data, data security, privacy, and compliance. We will also see a new generation of data visualization tools that can make data more accessible to users without requiring technical expertise.
- Burn the midnight candle or soak in the sun? Nowadays I’m more of a morning person so I try to get an early start to my day by going to the gym or the pool.
- Coffee, or Tea? – One coffee in the morning and then it’s tea for me!
- Your favorite Satori automation feature you want everyone to try out? – I’m a huge fan of the time-based, self-service access feature of the data portal. It allows users to get access to the data they need immediately but still protects sensitive data and limits access to a certain time period.
- First memorable experience in your career as a technology leader? That would be the first time I went on a business trip. It was a three-week trip to Brisbane, Australia, to work with an SAP research team on a new and innovative project. Unfortunately, my luggage got lost, but it all ended up pretty well!
- One thing you remember about your employee(s): One of the traditions we started about ten years ago and carry to this day is an outdoor cookout every November. Nothing brings people together like good food and stories around the campfire.
- Most useful app that you currently use: I’m really into Duolingo now – I’m learning Danish and am on a 60-day streak!
Thank you, Yoav ! That was fun and we hope to see you back on cioinfluence.com soon.
Yoav Cohen is the Co-Founder and Chief Technology Officer of Satori Cyber. At Satori, Yoav is building the company’s technology vision and leading the research and engineering teams that build the Satori Data Security Platform. Prior to founding Satori Cyber, Yoav was the Senior Vice President of Product Development for Imperva, which he joined as part of the acquisition of Incapsula, a Cloud-based web applications security and acceleration company, where he was the Vice President of Engineering. Before joining Incapsula, Yoav held several technology leadership positions at SAP.
When he isn’t glued to his laptop or on a whiteboard, Yoav can be found traveling with his wife and four kids in an RV, playing electric guitar, or doing laps at the pool. He is still dreaming about building his own Operating System.
Yoav holds an M.Sc in Computer Science from Tel-Aviv University and a B.Sc in Computer Science and Biology from Tel-Aviv University.
Satori’s mission is to help organizations maximize their data-driven competitive advantage by removing barriers to broad data access and usage while ensuring security, privacy, and compliance. The Satori Data Security Platform is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.
The Satori Data Security Platform seamlessly integrates into any environment to automate access controls and deliver complete data-flow visibility utilizing activity-based discovery and classification. The platform provides context-aware and granular data access and privacy policies across all enterprise data flows, data access, and data stores. With Satori, organizations and their data teams can confidently ensure that data security, privacy, and compliance are in place – enabling data-driven innovation and competitive advantage.
Founded in 2019 by former Imperva senior executives, Satori has received significant market traction and recognition since its founding. Most recently, it was awarded the Data Security Solution of the Year in the 2023 Data Breakthrough Awards and a 2023 Globee Silver Award for Best Data Security Solution. Satori’s investors include B Capital Group, Evolution Equity Partners, and YL Ventures.