Open Raven at 3: New Customers, Fresh Funding, and an Expanded Platform
“So I just type in ‘passport’ and hit return. That’s it?”
Types passport into https://buckets.grayhatwarfare.com/
“Ohhhhhh!!! Is it real?”
“Sadly, it is…”
The exchange above was between my son and I a few weeks ago as I was explaining why I had an early call that day to speak with a company who had accidentally leaked sensitive data. The amount of data now in the public cloud is so vast and accelerating at such a pace that the gaudy numbers used to illustrate them have lost meaning. The inevitable leaks and breaches that accompany such breakneck growth have not— incidents bring more pain than ever before due to staffing shortages, overburdened teams and a complex web of data security and privacy regulations.
When we founded Open Raven in 2019, we saw that the data economy would require security and cloud engineering teams to achieve full operational visibility and control of their data to prevent a tidal wave of future security incidents. Not consumer data focused solutions for privacy and rights automation. Not tools for data teams looking to govern access to known data stores. But purpose-built tools for preventing incidents, creating guardrails, and supplying essential data intelligence to other security functions such as incident response, vulnerability management, and monitoring.
While the world has changed dramatically since the Spring of ‘19, never has the need for modern cloud data security more urgent. Today we’re pleased to announce our latest milestone in our mission to end data exposure: our Series B financing along with new customers, a deeper partnership with AWS and the expansion of our data security platform itself.
I’ve been building security products for over 20 years. Never have I seen a problem harder than securing data at cloud speed and scale. There are billions of objects of nearly every file type imaginable. Petabytes of data typically spread across hundreds of accounts or projects. Further, there are serious constraints that have to be overcome, such as:
- Safety and privacy: no data security solution should require data to be moved or transferred. Or require dangerous changes to security groups. And the platform cannot store all the customers’ sensitive data. The cure can’t be worse than the illness itself, so to speak, by creating more risk than the product aims to reduce.
- Cost: efficiently analyzing data at scale has often been a non-starter due to the price tag alone. Analyzing petabytes of data will never be free, but making the value received match the expenditure is a key aspect of any scaling journey.
- Automation: at scale, manual solutions for data location, inventory, classification and security analysis are not an option. Anything less than results delivered with a light touch will relegate data security to the back of the priority list where it’s sat for far too long.
Anyone can build a data security product. Very few can build one that satisfies the constraints above at considerable scale. And without taking shortcuts such as analyzing only a percentage of files or solely sampling file contents. Let’s get real: there’s no way you can tell whether toxic data is going to be in a specific file or at what line number. We don’t accept limitations like this anywhere else in security, we should not with our unstructured data either.
Scaling up our platform to meet the needs of our customers has been a journey like none other. I’m immensely proud of the creativity and determination our team has shown while we knocked down obstacle after obstacle in order to give our customers full data intelligence and control for AWS S3— arguably the very first and grand daddy of all cloud services. Standing on this foundation, we could not be more pleased to announce our expansion into structured data starting with AWS RDS. The next round of supported data services and cloud service providers are this year and the hints of where we’re going are hiding in plain sight inside our GitHub account under Project Magpie.
Alongside ensuring we can give our customers complete visibility, making it easy to take action is just as important. How organizations manage data risk is as unique as their data itself but there is a clear mandate: “Match my current workflow.” In this spirit, we're publishing APIs for both pulling data and triggering scans (e.g., on newly discovered or changed buckets, new RDS instances, etc.). Often responding to data risk means tagging the resources storing the data for special handling. This is now easily done within Open Raven. Jira integration for creating tickets? No problem. And so on. Getting results from our platform has never been more straightforward.
This past year we added a significant number of new customers to the platform. We owe a huge debt to our customers, especially those who have worked with us from deep within the pandemic during 2020 as we stood up the platform for the first time. More recent customers have been instrumental in working with us on a number of fronts, from operationalizing results to now expanding to new data sources. I'm incredibly proud of what we've been able to accomplish together.
Our latest round of financing was led by Pelion Venture Partners with follow-on investments from Kleiner Perkins and Upfront Ventures. Pelion is no stranger to cybersecurity, having invested previously in Cloudflare, Venafi and UpGuard. Pelion’s Jeff Kearl has joined Open Raven’s board of directors as has Seksom Suriyapa from Upfront Ventures.
New and existing independent investors including Mike Stoppelman and leadership from Google Cloud and Amazon Web Services participated in the round as well. The proceeds of the financing will serve as fuel for Open Raven’s continued growth both in go-to-market as well as in expanding engineering to support a broad set of data stores and service providers.
Expanded AWS Partnership
This Summer Open Raven was selected for the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, aligning our go-to-market efforts even more tightly with the AWS Sales team. The ISV-A program opens the door for broad collaboration with the AWS field sellers globally and affords us a better view into the needs of their customers than ever before. To achieve this status at such an early stage is an honor we don’t take lightly.
The AWS team have been outstanding partners to us throughout the young history of our company, from go-to-market programs like ISV-A to technical consulting as we push the boundaries of serverless technology.
Full Speed Ahead
During one of the most extraordinary times in recent history, we’ve built a company that’s increasingly setting the standard for securing data at cloud scale. We could not be more proud of our customers, investors, and partners and we owe each of you a debt of gratitude for the opportunity you’ve given us. We intend to make the most of it— full speed ahead.