Cloud Security
,
Data Loss Prevention (DLP)
,
Endpoint Security
Integration of DSPM Firm Dasera Enhances Data Protection Across Cloud Environments
Netskope bought a data security posture management startup led by a former McKinsey and HP executive to fill gaps around safeguarding structured and unstructured information.
See Also: 2024 CISO Insights: Navigating the Cybersecurity Maelstrom
The Silicon Valley-based SASE vendor said its acquisition of Silicon Valley-based Dasera will help Netskope bring data protection and security posture management together and better protect Platform-as-a-Service and Infrastructure-as-a-Service settings. Netskope’s Robert Arandjelovic said DSPM fits into the broader SSE landscape as cloud, SaaS and data security posture management tools converge.
“As the SSE market and other analyzes of the market play out, they’re going to recognize that DSPM fits very nicely into the broader, expanded purview of what SSE covers,” Arandjelovic told Information Security Media Group. “We can go through the very natural effort to expand.”
Dasera, founded in 2019, employs 42 people and has raised $20 million in outside funding, including a $12 million Series A round led by Storm Ventures in April 2023. The firm was led since inception by Ani Chaudhuri, who had been general manager for McKinsey’s retail operations solutions and director of product management for HP. Chaudhuri is now Netskope’s vice president of product management (see: Netskope CEO on What Platformization Means for Cybersecurity).
What Sets Dasera’s Approach to Data Security Apart
Arandjelovic said Dasera’s approach to DSPM is highly appealing due to its structured and unstructured data capabilities, its ability to facilitate expansion into cloud environments such as IaaS and PaaS, and its ability to integrate well with Netskope’s existing platform. He praised Dasera for strong cultural and technological alignment, and for being easy to integrate without requiring heavy modifications.
“When we had talked to our customers, they all had interest in this technology, but they did not want to be deploying a separate point solution,” Arandjelovic said. “They looked at the functionality that DSPM offers – both in terms of the expert visibility, the data lineage, and the expanded scope – as something that they would want to see within the scope of an existing platform.”
The acquisition of Dasera is a natural evolution in Netskope’s strategy to provide comprehensive data security everywhere from IaaS to unstructured data environments, which Arandjelovic said requires an integrated approach that fits within a broader platform. The transaction is seen as complementary due to Dasera’s technological approach, which Arandjelovic said doesn’t pose major integration challenges.
“Their ability to help us expand into IaaS and platform as a service specifically really fit well alongside our experience within cloud and endpoint as well as email,” Arandjelovic said. “And so we felt that there’s a really great harmony there.”
Netskope plans to roll out branding updates and console integration for Dasera in the short-term following by a deeper technological integration focused on bringing Dasera’s DSPM and Netskope’s data loss prevention together in a unified platform. Arandjelovic said the integration will give customers streamlined security management, consolidated alerts and policy controls across different vectors.
“You’re going to see a lot of the posture management stuff coming over from Dasera, and the console in between is going to be built on our platform,” Arandjelovic said.
How Data Security Posture Management Fits Into DLP, SSE
As SSE architectures mature, Arandjelovic said DSPM will increasingly be seen as a core component, helping organizations gain better visibility into data flows and enforce more effective data governance. Data is the common denominator across all security posture management tools, and as the industry evolves, he said DSPM will play an increasingly critical role in secure access and zero trust frameworks.
“A lot of the things that DSPM looks to do in terms of getting access to the data and understanding, ‘Where is all the data? What’s being done with it? And is it being protected adequately?’ those are things that many people have been doing from a policy perspective for a long time, and therefore those kind of bleed into SSE,” Arandjelovic said.
Netskope will measure the success of the Desera acquisition based on the integration and widespread adoption of DSPM capabilities across its customer base, Arandjelovic said. He stressed the importance of converging DSPM and DLP functionalities into a single platform to create a unified approach to data security.
“We already have a very high attachment of data protection technologies within our platform,” Arandjelovic said. “So, that would be a great sign of success for us.”
Dasera is the sixth DSPM startup to end up in the hands of a broader security or technology vendor since May 2023, with IBM, Rubrik, Palo Alto Networks and CrowdStrike all entering this red-hot market with nine-figure buys. Most recently in June, Tenable bought DSPM startup Eureka for $29.2 million to help the vulnerability management firm provide data discovery, classification and risk assessment to clients (see: Tenable Boosts Data, Cloud Security With Eureka Acquisition).
This is Netskope’s first deal since summer 2023, when the firm bought digital experience management startup Kadiska to remediate performance issues across both SD-WAN and SSE. The company acquired WootCloud in July 2022 to extend zero trust and give customers visibility into IoT and OT devices and Infiot in August 2022 to address SD-WAN use cases like connecting branch offices to a central location (see: Netskope Buys Digital Experience Management Startup Kadiska).