Datiphy tracks what data is up to for security, auditing purposes

Datiphy, a service provider founded in Taiwan, has bundled up its technology for sale as a software package to make inroads in the U.S. as a security/data auditing tool that detects and reports suspicious access to databases.

Datiphy, a service provider founded in Taiwan, has bundled its technology for sale as a software package to make inroads in the U.S. as a security/data auditing tool that detects and reports suspicious access to databases.

The company has been selling its service in Asia-Pacific since 2011 but has decided to improve the user interface and give it natural-language search to make it more attractive in the U.S. where the large enterprises it seeks as customers want to have an on-premises platform, says Mike Hoffman, executive vice president of sales and marketing.

Datiphy has also gotten a financial shot in the arm, pulling down $7 million from Highland Capital Partners in its first round of institutional funding that it will use in part to hire staff to pursue partnerships so data gathered by the platform can be shared with other security products.

Customers can configure policies for the platform so it detects when Social Security, credit card and account numbers are being accessed, for example, and to send alerts when it does. It also analyzes data transactions to find anomalies that might indicate breaches.

The platform captures all transactions and processes and records them for later audits or forensic investigations.

The company competes against the likes of Imperva and IBM Guardian, but claims it is less expensive and easier to deploy.

Customers can set policies to flag certain types of activity such as a person authorized for access from 8 a.m. to 5:30 p.m. who accesses a database in off hours looking for credit card numbers. It can list who viewed certain data even if they don’t alter it, the company says.

“We’re data centric,” Hoffman says. “We tell the story of data from the data point of view.”

The company was founded in Taiwan in 2010 by James Lin and marketed auditing and security services in Asia-Pacific. Lin has a long technical background as founder of RapidStream (acquired by WatchGuard), and stints at 3Com, HP and Reti Corp.

ted ho

Ted Ho

Earlier this year Ted Ho, founder of Gigamon, invested in the company and took over as CEO. Later he hired Hoffman, who was vice president of sales at Gigamon from 2008 to 2014.

The company holds six patents on its technology. It currently monitors structured databases and Mongo DB and will be coming out with support for Hadoop next month. It expects to add support for more unstructured databases on a pace of one per month.

Datiphy’s software can be deployed either on a server or a virtual machine that is linked to a router’s TAP or SPAN port or a packet broker. It automatically discovers databases and monitors transactions with them based on the protocols they use and maps to the applications that access the databases.

It doesn’t ping all devices on the network, so an agent has to be deployed on database servers if customers want those that aren’t generating traffic to be discovered as well. The agent is needed to monitor traffic that is encrypted between the servers and applications. It is needed as well to monitor direct connections such as Telnet.

It has a natural language search capability that can, for instance, ask to see every transaction a particular machine has made with any database on the network or all transactions made in the last hour.

The company has sold its capabilities as a service in the Asia Pacific region starting in 2011 where customers are primarily interested in audit and compliance. It developed a software package for sale in the U.S. with a focus on security, which is of greater concern here. A month ago it took about two days to get the platform up and running, but that has been reduced to about 15 minutes for a single deployment.

The platform has an API that third parties could write to so the data gathered can be used by other platforms to enforce policies when violations are discovered. Part of the new funding will be used to develop partnerships with other security vendors to make their products compatible.

The software costs $29,000 to handle 10 million transactions per day, $75,000 to handle 250 million.

Join the CSO newsletter!

Error: Please check your email address.

More about CustomersGigamonHPImpervaRapidStreamSPANTelnet

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts