ATLANTA--(BUSINESS WIRE)--Today, Adaptive announced its modern new approach to data protection — a control plane that brokers access and safeguards sensitive information. By protecting data closer to its source and brokering access across all surfaces, Adaptive minimizes sensitive data exposure. Adaptive uses an agentless architecture that doesn’t require any change to existing workflows and tools, ensuring faster adoption within an organization. By understanding an organization’s data context, Adaptive simplifies protecting data at scale, allowing organizations to manage privileges and mask sensitive information efficiently.
The company is at the forefront of an integrated, new approach that ends long-standing silos between data security and IAM (Identity and Access Management).
New data protection to address escalating insider threats
Massive data breaches continue to demonstrate the shortcomings of traditional security software and the difficulty of insider threats. According to the Ponemon Institute, 67% of companies are experiencing between 21 and more than 40 insider threat incidents per year, an increase from 60% in 2020. Ponemon also found that companies in North America experienced the highest total cost to resolve insider threats over a 12-month period, and that businesses largely aren’t ready for AI-powered cyberattacks, with 63% unprepared. Many have obsolete cyber risk strategies. What’s more, IBM recently reported a 71% year-over-year increase in cyberattacks that used stolen or compromised credentials.
Traditional data protection tools focus on protecting data at rest. However, in modern organizations, a large number of identities consume data for reporting, analysis, internal tools, ETL pipelines, and more. Protecting data at rest doesn't work as data needs to be consumed in its original form by various human and non-human identities. That means the only way to protect data is to manage and control access across channels. Thus, data protection in modern organizations is actually an access problem. Since data protection tools and access management systems have operated in silos, they leave blind spots in an organization’s security and don’t solve for escalating insider threats and cyberattacks. Adaptive uses a unique, combined approach that protects data closer to its source and brokers granular access across all data consumers.
“Data protection will only become increasingly critical for organizations as AI adoption accelerates, leading to more data movement, and as data breaches continue to multiply exponentially,” said Adaptive CEO and cofounder Ronak Massand. “By providing a control plane to manage access and protect data across both human and non-human vectors, Adaptive is at the forefront of the vital new movement to combine IAM and data security, which formerly have been siloed disciplines. This is vital since partial coverage on data protection is ineffective — it’s as good as no coverage at all.” Recent Gartner research has pointed to the convergence of IAM and data security to solve long-standing challenges.
Excited customers and investors
Adaptive previously raised a round led by Eve Atlas, with other top investors including Hustle Fund, Pareto Holdings, Antler India and engineering leaders from DoorDash, Slack, Amplitude, and others. The additional capital is being used to expand integrations and use cases across data protection.
Adaptive offers both on-prem and SaaS deployments for customers. The company’s customers include M2P FinTech, LambdaTest, CertifyOS, and others.
“At CertifyOS, managing access to sensitive healthcare provider data for our geographically dispersed team of over 150 was a security and regulatory challenge. Adaptive solved this problem seamlessly by handling our access requests while providing continuous monitoring of user activity. Our entire team, both technical and non-technical, adopted Adaptive out-of-the-box without disrupting their existing workflows, making adoption of security and compliance requirements for SOC2, NCQA, and NIST much easier.”
– Anshul Rathi, CEO, CertifyOS
“As one of India’s largest fintechs, M2P handles a large volume of highly sensitive banking data. Adaptive helps control access across our multi-tenant infrastructure and supports all our complex use cases. With strong data protection at the source, Adaptive helps us safeguard data while ensuring productivity across the organization. The detailed audit logs and session recordings they provide help us meet the strict compliance standards banks require.”
– Sujay Vasudevan, Head of Risk & Compliance, M2P Fintech
“We’re thrilled to have led Adaptive’s latest funding round, fueling the company’s mission to redefine how data is accessed and secured. In today’s landscape, where the volume of applications and users requiring access grow at an exponential rate, managing and securing that access has become a critical bottleneck for both enterprises and startups. Adaptive is a surprisingly elegant approach to solving the core issues surrounding data access and sharing — enabling secure, democratized access to data in a way we only wished was possible before. A solution like Adaptive is needed for any enterprise considering adoption of new generative AI solutions at scale. We haven’t run into an enterprise security or access company before making as large of an impact for their customers, replacing three or more existing products, while expanding agility and flexibility for teams, as Adaptive is doing.”
– Thiago Olson, Managing Partner, Eve Atlas
Key infrastructure access + data protection use cases
Combining data protection and infrastructure access control on both human and non-human vectors, Adaptive’s platform enables organizations to natively manage privileges and also protect data, for example, masking PII, consistently across a variety of vectors. Those include developer CLI access, BI tools, and ETL pipelines managed from a single platform. Developers and third-party services never need to change workflows. Adaptive does not alter the actual data in the database, and it uses an agentless architecture that doesn’t require an invasive and complex installation. Adaptive:
- Protects sensitive data (PII, PHI, financial data) on human and non-human vectors through masking, tokenization, and granular role-based access. Business use case: Adaptive is a Privacy Enhancing Technology. In breaches, often the penalties are determined by the volume of sensitive records compromised.
- Protects credentials and never exposes true database credentials to anyone in the organization. Business use case: Even today, as much as 61% of breaches involve credentials, either stolen via social engineering or hacked via brute force.
- Provides auditability on every query and every command and attributes them to an identity. This is extremely critical in human access workflows. Business use case: This is important for compliance with SOC2, ISO, HIPAA, and other standards.
About Adaptive
Adaptive provides a modern approach to data protection with its unique control plane that safeguards data and brokers access for human and non-human identities. By protecting data closer to the source, Adaptive ensures strict access control over every database connection, minimizing sensitive data exposure. Adaptive’s combined approach to data access and protection eliminates blind spots in data security making it ideal for modern organizations where data is constantly in motion. Due to its agentless architecture, Adaptive doesn’t require any change to existing workflows and tools, ensuring faster adoption within the organization. Customers include M2P FinTech, LambdaTest, CertifyOS, and others. Adaptive operates in Atlanta and globally.
