DoControl today introduced a fully Automated SaaS Security Platform, providing data access monitoring, orchestration, and remediation across major SaaS applications, such as Google Drive, Box, Microsoft OneDrive, Salesforce, Slack, Jira, BambooHR, GitHub and more. The company also announced $10 million in Series A funding, led by Datadog investor RTP Global with participation from StageOne Ventures, Cardumen Capital and global cybersecurity leader CrowdStrike's early stage investment fund, the CrowdStrike Falcon Fund. DoControl brings together a world-class roster of advisory board members including Andy Brown, board of directors at Zscaler; Shawn Henry, president of CrowdStrike Services and chief security officer at CrowdStrike; Justin Somaini, chief security officer at Unity; and Nadir Izrael, co-founder and chief technology officer at Armis.
"While leading cybersecurity product management at Google Cloud, I saw firsthand how enterprises struggle with preventing unauthorized access to data stored in the cloud," said Adam Gavish, DoControl co-founder and chief executive officer. "This becomes more complex with SaaS applications serving the entire workforce. Identity providers and zero trust solutions manage users and secure remote access, but security/IT teams have no simple way to dynamically monitor and restrict access to data by former employees, private accounts, external vendors, customers or partners. This creates a huge amount of unmanageable data access, posing significant risks to organizations and increasing the likelihood of data breaches. DoControl solves one of the most complex operational challenges - monitoring and restricting data access to the wrong personnel without slowing down business enablement. We're giving enterprises an efficient platform to balance this operational equation through automation and frictionless, modern user experience."
Andy Brown, board of directors at Zscaler, said: "With so much business data moving outside the network perimeter into SaaS applications, this is becoming a blind spot for CISOs and security teams. It's time for a solution that gives enterprises not only visibility on such data movements but also control on how it is used and shared to drive business without increasing the risk of data breaches."
The DoControl platform is integrated with major SaaS applications to provide three main capabilities: Comprehensive Asset Management providing critical business insights across users, external collaborators, assets, sharing breakdown, and third-party domains; Security Policy Enforcement through intuitive, no-code workflows applied consistently to prevent data breaches at scale; and Slack/Teams Bot engaging with end-users on behalf of security/IT teams to enable a self-service remediation path for human errors, malicious activity, and data leakage.
Only ten months since inception, the company has raised $13.35M total in financing and is trusted by a wide range of organizations globally sharing millions of files, folders, repositories, and other assets with over 10,000 external companies. The funding round will help the company execute its go-to-market strategy by doubling its headcount across R&D, sales, and marketing to accelerate global expansion while delivering an enterprise ready product that supports hundreds of customer feature requests.
Luke Page, partner at RTP Global, said: "The DoControl team is redefining an emerging category affecting almost every company worldwide - SaaS security. We were immediately impressed with the product and engineering background of the founding team, and quickly realized this customer-focused team is driven to solve real-world challenges with a differentiated technology that works at scale. With automated security workflows, DoControl makes data access control painless for enterprises of all shapes and sizes to improve security and operational efficiency."
Shawn Henry, president of CrowdStrike Services and chief security officer at CrowdStrike, said: "CrowdStrike is delighted to participate in DoControl's funding rounds. Their innovative approach reduces the complexities of security maintenance, compliance and data access across SaaS applications, allowing enterprises to strike a better balance between security and business enablement while optimizing the efficiency and effectiveness of their security operations."