 Most organizations should always look at how to incorporate security into the normal day-to-day flow of development. Security, again, is an enabler. Now, if security is too hard, then developers will try to bypass it. And if security is too easy, then it's not really integrated into the existing workflows. That's why kind of the whole shift-left movement essentially happened in the market. How do we bring this closer to home, into the code? This is your host, Sapil Bhartia, and welcome to TFR Newsroom. And today we have with us Dan Benjamin, CEO and co-founder of Dick Security. Dan, it's great to have you on the show. Thanks for having me. I'm excited to be here. This is the first time we are talking. So I would love to know a bit about the company still. You're a co-founder of companies to talk about because security, first of all, it's a crowded space, but it's also a kind of not a product-based, it's a process, it's not an easy space. So talk a bit about what is the specific problem that you wanted to solve in that space that led to the creation of Dick Security? We co-founded Dick Security about two years ago, we're a cloud data security company, and we help organizations protect data in the public clouds, whether it is on AWS, on Azure, on GCP, on Snowflake, on Databricks, and we help organizations answer three key questions around data. First off, what data do we even own? Second is, how is that data being used? By which applications, users, vendors, machines, and how is that data being consumed inside the organization? And lastly, of course, how do we protect this information, either at rest in motion or in use? Now, we do this by, first off, discovering any piece of information that lives in the customer's clouds. Then of course, we classify any piece of information, whether it is PII or PHI or PCR, any type of regulated data. Then of course, we visualize risk in the data itself. So the whole concept here is building data-centric security, prioritizing risk coming from the data itself. And lastly, of course, how do we detect and respond when something bad happens? How do we detect if your data is being extratraded? How do we detect if someone copies data outside of your cloud or you have illegal data transfers or a developer decides to download the production database to a personal machine or one of your third parties got compromised and is now extratrading information outside of the organization. So, DIG is leading the cloud data security space. We're pioneering a category called DSPM and Data Detection Response, DDR. Team of 70 today, 50 in Israel, 20 in the States, raised almost 50 million dollars. And that's basically it. Quick, quick intro. When we look at, since you've said, you focus on the cloud data security, if you look at, and you said, protect people's data in public cloud, isn't public cloud a magical place where once you move to cloud, everything is taken care of magically. You don't have to worry about security. You don't have to worry about data backup. All you have to worry about is, keep paying your bills and keep your applications running. So I think that with the simplicity that essentially the cloud brings, it also brings a lot of challenges, right? It's much easier to bring up at the end. It's much easier to build a database. It's much easier to kind of spread data and copy data across environments. So I actually think that it's become easier to create more and more data risk. It was, I think it was a false misconception that the cloud is gonna make security easier. I do think that it makes infrastructure management easier because everything is API driven. You don't need to wait two months for a server to essentially come to your office after you ordered that pizza box from Dell or from any of kind of your infrastructure providers. So getting infrastructure setup is easy, but controlling data sprawl and protecting the information I think has become harder. And especially as organizations have kind of transitioned into a multi-cloud environment, most large enterprise today are running across two or three major clouds. As we're talking about, you know, of course, cloud native or if you look at Kubernetes, things have moved to production. Folks are running things in production. Not only that, we are also seeing a lot of new workloads and that's what we're gonna talk about also today is that you folks recently announced new capabilities to secure, you know, of course, LLM architecture. Talk about some of the new, I mean, of course, use cases are very diverse, but new technologies, new adoption that you're seeing which are at the same scale as it was Linux kernel or Kubernetes or Docker containers. And you're like, hey, these are, this is not just a high phase. These are real technologies which are going in production. So we have to secure them. That's a great question. So first off, what we're seeing is that most of these organizations today are being pressured by their board to essentially innovate through Generative Act. Now, with this pressure, every single security leader is now saying, well, how do I protect this? I want to enable, I don't want to be a blocker for my organization to essentially build new types of capabilities, especially if they can accelerate the business. Securities, the security organizations need to be enablers of the business. But on the other side of it, because this is such a new technology, we just don't have the tool set to essentially protect it. Now, especially as Generative AI models are being trained typically on customer data, typically on enterprise information and the information that we already kind of built and safeguarded for many, many, many years. We built around controls and walls and firewalls to essentially just protect this information. And then very, very quickly, you can just plug in a model, it will suck in all the information, train something cool on it, and then how do you basically protect this? All of your controls are gone. So, we thought very, very hard on, how do we enable these organizations with our existing technology and of course, additional developments to build these types of controls? So, first off, help organizations understand what AI models do they even have? Which AI models are being trained on sensitive information? What do they have access to? What are they doing? Because otherwise, we can't really safely release these different types of AI models into the world. I think we've all kind of seen these different types of attacks that we actually call them prompt attacks, right? That we ask the model to break all of its protections and essentially show us the data that it was actually trained on. Now, if you train data, I mean, if you train a model on sensitive information, whether it is PII or PHI or PCI, you can essentially see all the sensitive information that for years we were trying to safeguard with really, really strict controls. So, with this new announcement that we made a dig, we essentially built specific controls for the age of generative AI. How do we essentially make sure that LLMs are not being trained on sensitive data and if they are trained on sensitive data, how do we essentially build the right controls into that? How do we identify shadow data that goes into models? How do we identify shadow models? We all kind of see that now every single team inside the organization wants to play around with a model. So, what they'll do is they'll copy the entire company database, they'll put it in a site project, they'll start training something and they'll say, oh, this is really, really cool and forget about it. And then you have kind of this model that sits somewhere. You have all this data that was copied somewhere. No one really, really controls it because the engineers just wanted to test something new. So, these types of risks are now something that we're seeing across all of our customer base. We're seeing this across finance and insurance and retail and tech companies that all of them are trying to innovate because they get pressured by their board to essentially bring in these new types of capabilities. But they just don't have to write safeguards in place to essentially do this in a secure manner. So, this is kind of the whole announcement of what we did and how do we identify and put in these safeguards for these organizations to enable these teams? Do you think that, you know, it's enough to just rely on solutions like from DIC security, of course, you know, there is that. But you also feel that, you know, organizations also need cultural change internally. Most organizations should always look at how to incorporate security into the normal day-to-day flow of development. Security again is an enabler. Now, if security is too hard, then developers will try to bypass it. And if security is too easy, then it's not really integrated into the existing workflows. That's why kind of the whole shift-left movement essentially happened in the market. How do we bring this closer to the code? Into the code. If we set up infrastructure as code, then let's make sure that the infrastructure is set up correctly before we even deploy it. How do we make sure that everything is integrated so the developer, even though he doesn't have that security mindset, he will have controls to essentially bring in these types of controls. The problem is with data. Typically that data is only generated at the application level once we start storing sensitive information. You can't really describe what data is going to be saved in the future in a specific bucket or database or analytics data store. And that's kind of why in data, it's actually a shift-right approach. We need to see what happens already in runtime, what's already there being saved there and how that changes over time. So basically in the world of data, first off we need to build a very, very strong data inventory. How do we first off identify what data do we even own across my buckets and VMs running databases and analytics data stores and across the different clouds? We know today that a typical enterprise has at least 20 different types of data stores that they own, across thousands, if not tens of thousands of instances. And that's typically across clouds, sometimes maybe on-prem as well. And we want to have consistent security. That's, I think, the new trend today in the market, especially as we kind of run multi-platform. We want to have consistent security. Then if I protect something on AWS, I want to have the same exact protections on Azure. I want to have the same exact protections on GCP. I want to have the same exact protections across OCI. Same goes in my opinion into AI. We need to put the right safeguards inside the organization to identify these models, to get triggered with a new AI model, to essentially get trained on company information, to have that inventory of these different types of AI actors, and also make sure that we have the right approvals and we have the right verifications. So what we did a dig is we now have a map of all AI actors that have access to sensitive data. We're able to list out any AI model running on any type of company information. Even if someone boots it up on a VM and trains it on a VM, we're able to find it automatically. How do we monitor the data that comes in? And how do we detect if something goes rogue? Some AI models are running on live information. So it doesn't kind of train it on something that was already pre-trained. They run on live information today. And how do we make sure that someone doesn't do this prompt engineering to essentially extract and extricate all the information that sits in the database, even though it should have the right safeguards in place? As these organizations are embracing some of these technologies, talk a bit about what are the challenges that once again security teams or teams will face when it comes to kind of like actually, kind of detecting the false flags or legitimate activities or abnormalities in real time. Also, we talked, when we look at the whole thing, AI has been around in the security space for a very long time. How is generative AI, LLMs, is not just looking at them as a workload, but also they are helping teams or helping tech security to kind of look at some of these threats. A very big part of what we do here at DIG is classify information. Now we classify information today. If I'm not mistaken, 14 or 15 languages, we need to have a deep understanding of context in a customer environment. Because if we don't understand their data, how can we protect it, right? So that's a very big part of this DSDM category. How do we understand data? Now, up until now, take a couple of years ago, everything was based on Regex, right? That we look for a specific pattern in data and if that pattern was met, then we essentially say, oh, this is a credit card. But we all know that not every 16 digit number is a credit card number, right? With the use of AI, we can essentially fine tune and better classify information and understand information that up until now was too complex to understand. Take a document, for example. How do you understand that this document belongs to the HR team versus the contracting team? How do you understand that this is a standard contract versus a deviated contract? How do you understand that this is, for example, an offer that was made to a new employee? So the ability to understand more complex data types has been enabled through the use of AI. AI is a good thing, not a bad thing. We just need to enable organizations to use it securely. And a dig, this is super helpful for us because today we can understand images. Dig is probably the only vendor today in the market that does OCR to properly understand images. What's in the image today in a typical environment? And images, of course, is something that most organizations are now keeping maybe old receipts. Maybe they're keeping PDFs or driver's light stampers, anything that we need to verify when we kind of authenticate through our phone. And also, how do you understand audio as well? Many of organizations today have now call transcriptions. Call transcriptions or summary of team meetings. How do you understand which audio recordings are sensitive and not sensitive? How do you transcribe this information? And again, as a data security company, we need to understand the data. Now, up until now, each one of these different companies had to build their own models. I had to build a model for audio transcription. I had to build a model for understanding images. Today, it just becomes more of a commodity. And how do you operationalize it to make security teams thrive in this world of kind of data democracy? Security itself has changed evolve over time from the early days. And then when we look at the cloud native, Kubernetes, public cloud space, how do you see it's going to further evolve, especially with the new workloads, new kind of use cases are coming in this space? Of course, it's very hard to really predict. But what are the things that you're seeing where you can talk a bit about, hey, this is where we are seeing the cloud data security is going to evolve for the next few years. I was talking with a CISO friend of mine the other week. And the funny thing he said to me, is he said, over the years, I've accumulated a portfolio of data security products. And I kind of took that sentence and it bothered me a lot. I was thinking about it for a couple of days. And he said, well, I have one product that only does unstructured data on-prem. I have one product that only does Oracle. I have one product that only does MongoDB. I have one product that only does my Salesforce. I was like, this is nuts. Now, eventually a data security team needs to control and govern data. Where for data lips in the modern enterprise, whether it is public clouds, whether it is AWS or Azure, whether it is on-prem, whether it is SaaS applications, or whether it is the endpoints. Now, this fragmentation is a killer. And I think that what we're gonna see as in any other market today is a lot of consolidation. We already consolidated across clouds, right? Up until now, AWS data security was different than Azure data security and was different than GCP data security. So we already did this consolidation into the cloud. But I think that we're gonna see more and more consolidation also in the on-prem space and SaaS space and creating a single pane of glass where data security teams can essentially govern any type of data that the organization lives to make it not only compliant, to make it suitable for privacy standards of each type of governing country or each type of governing states, right? And to earn the trust back of their users, most users today lack trust of the enterprises that they keep information in. And if we want to have more automation in our life, we need to be able to trust organizations with our information. Let's say even if we wanted an assistant to help us manage our day-to-day lives. But for that assistant to essentially do their job, they need to understand and know you better. That means that you need to safeguard a specific company or a set of companies with all your sensitive information. So how do we make sure that we have the right controls to earn that trust of the end user customers? And eventually how do we build this ecosystem of products that talk to each other that make security teams better? I think XDR was kind of one aspect of it that essentially integrates a texture and response across different types of security products. But on the other side of it, I think that we're gonna see more and more consolidation and ecosystems of products that essentially talk to each other. Dan, thank you so much for taking time out today and of course talk about security and also how this whole landscape is changing and how you are helping folks to lower the barrier of entry and to stay secure. Thanks for all those insights and I would love to chat with you again. Thank you.