 In today's world of big data, the norm is that companies collect as much data as they want. Today we have with us Julie Treas, co-founder and CTF Telescope to of course give us a demo of Telescope. But before we go there, first of all Julie, thanks for joining us today. Thanks for having me. Of course we are looking for this demo but talk a bit about Telescope. What do you folks do? What problem do you folks have to solve? Telescope is a data protection platform that is built for automation. The problem we're trying to solve is the problem we faced when we were trying to go IPO at Airbnb. We had to comply with GDPR and all these new laws coming up about privacy, the right to be forgotten and general data security because we were going public. So the first problem we faced was that we didn't know what data we were collecting, how we're storing them, where they all are, and how they're proliferating. So the first step that we do is to auto discover data, including new data and data that is always changing and growing. So it really stems from the work at Airbnb relating to data protection and privacy. What kind of markets and industries you cater to? We cater to all types of businesses from financial companies because they have very highly regulated data, healthcare companies same and also BDCs because they want to protect their customers' data. Of course when we look at some of these sensitive data, financial industries which are very well regulated, of course healthcare provided they are very well regulated. But when we start using all these apps unless you go to the privacy settings then you figure out, hey, even this app has a lot of access to my healthcare data that is stored on my phone or financial data. What are your thoughts about all these companies accessing our sensitive data and in reality, do they really have access to sensitive data or they have access to just general financial and health data? It depends on the company, right? There are companies who collect data that include your personal information and there are companies that collect your data but anonymize or do not store your personal information. They only collect, for example, health data for analytics purposes like how many people are actually using like this running app but not actually storing every single user identifier. So yeah, it depends on the company. So you're not worried about any kind of data breach or it's like limited data they have access to? Oh, I am always worried about that because in today's world of big data, the norm is that companies collect as much data as they want to help them better understand their customers and better market their product and better build their product, right? This is like a lot of companies sole purpose for analytics is to grow their business. And a lot of times what I see in the industry is privacy takes a back seat because product and growth is more important to companies, right? Profit. So I am very happy to see all these privacy regulations coming up, not just in the different states in the United States but globally to protect individuals and make sure that we own our own data, right? And that companies are being responsible when we ask for what data do you have about me or delete all the data about me? And that also wants to bring telescope in the scope that I just explained that you know cater to financial industry, you cater to healthcare industries but will your scope expand beyond these industries and a lot of other companies who do tap into our either financial or healthcare data so that they can pull what they knew without compromising on our data or your scope is limited to only certain industries which are HIPAA compliant or other you know compliance. No, we are not limited to those industries only. We have customers that span many industries, right? Because they want to protect their customers data and their reputation which is the number one value is trust, right? Within a company. So we have customers in like skincare companies travel. Yeah, so I mentioned FinTech and healthcare tech because of their highly regulated data but we do have a lot of customers in the consumer space as well. Yeah, so we like to cater to and advocate for and enable companies to be pro data privacy. Perfect, thank you so much. Now let's see telescope in action. You're going to show us a demo. Let's see it. First I'm going to show you the telescope data protection platform. After that I'll show you the telescopes scan and redact API. So first part of our product is you can see here is the dashboard. This is the first thing that you see when you log into your telescope dashboard. So the first thing that we do is we discover all of your data in different cloud environments or third parties like AWS, GCP, Snowflake, Google Drive and then we tell you what types of sensitive data are within them. So for example, if we go to this RDS cluster we see that there's an accounts database cluster and within that there's a database called accounts and you can see here the categories of information that's being created but we we can go into the column level all the way to the column level to identify hey actually the data elements contained in this are user identifiers and bank account numbers and we go a step beyond identifying what data elements we found and tell you what that data element or who that data element is about. In this case we were able to determine that this belongs to a customer. So that's a very important it seems like a very minute feature but actually it's like one of the most powerful features of data classification right because a lot of data classification tools out there will tell you we found an address but what they don't tell you is who is that address about so most of the time they'll flag addresses that actually are public landmarks or branch bank at I mean a bank branch address or a restaurant's address those are not PII those are public information right the same thing with like names and like phone numbers or like country names or city names we are able to identify if those are PII or not if we found a country name or a city name for example we're not going to flag as a PII because it's just a city name it doesn't belong to a person that's what we do on the data classification side this is continuous and automated so you always have an up-to-date picture of all your data and you can even filter through and for what you want to find out so for example you got a data breach and you want to know what data was compromised so here you can easily tell that user identifies phone numbers first name last name passwords and back account numbers were compromised and you can take action and then let your stakeholders know hey this has been compromised it also helps with investigation and then another thing we do is we surface security issues related to the data source so whether it's database or blob storage or google drive right because we scan all structured and unstructured data so in issues we're able to surface based on criticality level right for example right here we found a database cluster that is open to the world meaning it doesn't it's firewall rules allows traffic from anywhere in the world from anyone it still has authentication but the fact that it's open to the world makes it very susceptible to attacks we mark that as critical because it contains payments and personal information the data category as part of the criticality or severity level is really really important because if because we don't we what we want to do is also eliminate or decrease alert fatigue on security teams so if this database cluster did not contain any sensitive information it would not be flagged as critical users can also enable different compliance standards that they want to adhere to for example NIST or ISO 27001 or GDPR UK GDPR PIPL you name it right we keep our compliances up to date with what's happening in the world and all the laws that come up and speaking of compliance all these privacy laws they always have a clause or people know them as the right to be forgotten just like GDPR right so this is something that we support since we have mapping of all the data we're able to support companies in their efforts to be compliant by giving them a feature to delete data when a customer asks for their data to be deleted this is telescopes data protection platform and all of the information you see here whether it's in issues or the data catalog this is all accessible via API so what our customers do is they build on top of our platform one example is for snowflake for example one of our customers implement automated masking policies based on the data the PII that we find within their data warehouse there's a lot of many use cases like automating access controls for example if you have a payments data database and someone outside of the payments team it's trying to get access to that you can automatically deny that so endless possibilities in terms of building on top of telescope because it is a true platform right a platform is something you can build upon so next what I want to show you is telescopes scan and redact API I should share you this tab with telescope scan and scrub API you can scan data in transit so you can either classify so here for example we were able to classify first name and credit card information and email and phone number or you can scrub right so that the first name when it gets transmitted it gets redacted before it hits where it's going in this case you see that the credit card is not tagged as a credit card number that was detected that's because we validated it and it's an invalid credit card number it's no longer valid so we when we scan for such sensitive information such as like passwords API keys credit card numbers we do validate if they are still valid or not again to eliminate alert fatigue a lot of the use cases around the API is you can use it in your logging aggregator to make sure that you're not leaking sensitive information into logs or to prevent fraud by redacting data between messaging systems within your app or within like your company so that like customers and other customers can't exchange credit card information and then have one of your customers identity be stolen so this one also has endless capabilities so those are the two main parts of our product Julie thank you so much for taking time out today and of course talk about telescope a scope of telescope and also shows this demo excellent great demo there thanks for all those insights and I would love to chat with you folks again soon thank you thank you so thank you for having me talk now