Data Security Platform Recognized as Leader for AI-Powered Capabilities,Coverage, and Automated Remediation. Read More.

What is DSPM?


Gartner® Innovation Insight: Data Security Posture Management
Get Report
The Normalyze Platform
Supported Environments
Platform Benefits

Reduce Data Access Risks

Enforce Data Governance
Eliminate Abandoned Data

Secure PaaS Data

Enable Use of AI

DSPM for Snowflake




DSPM-chat-Richard Stiennon-Ravi-Ithal-Normalyze
DSPM for Dummies:

Your guide to Data Security Posture Management

Get Your Copy


CYBER 60: The fastest-growing startups in cybersecurity
Get Report

Normalyze is SOC 2 Type 2 Compliant for Its Data-first Cloud Security Platform

Normalyze Displays Commitment to Global Security Standards and Adherence to Industry Best Practices in Implementing Data Privacy


SAN FRANCISCO, SEPTEMBER 7, 2022 – Normalyze, a data-first cloud security platform, today announced they successfully completed the Service Organization Control (SOC) 2 Type 2 audit, a rigorous, independent assessment of internal security controls. This assessment validates Normalyze as a trusted and secure technology for its users and their cloud data.

Developed by the AICPA, SOC 2 is an extensive auditing procedure that ensures that a company is handling customer data securely and in a manner that protects the organization as well as the privacy of its customers. SOC 2 is designed for service providers storing customer data in the cloud. As more enterprises look to process sensitive and confidential business data with cloud-based services like Normalyze, it’s critical that they do so in a way that ensures their data will remain safe.

“As a data-first cloud security platform, we are highly committed to utilize and maintain enterprise-grade best practices to protect our customer’s data. This certification validates Normalyze as a trusted and secure platform and reinforces our ongoing commitment to helping our customers discover, visualize, and secure all of their cloud data,” said Ravi Ithal, co-founder and CTO at Normalyze.

Normalyze uses Drata’s automated platform to continuously monitor its internal security controls against the highest possible standards. With Drata, Normalyze has real-time visibility across the organization to ensure the end-to-end security and compliance posture of our systems.

Conducted by Prescient Assurance, a nationally recognized CPA firm registered with the Public Company Accounting Oversight Board, this attestation report affirms that Normaylze’s information security practices, policies, procedures, and operations meet the rigorous SOC 2 Trust Service Criteria for security, confidentiality, and privacy.

Normalyze welcomes all customers and prospects who are interested in discussing their commitment to security and reviewing our SOC compliance reports to contact them at


About Drata:

Drata is the world’s most advanced security and compliance automation platform with the mission to help businesses earn and keep the trust of their users, customers, partners, and prospects. With Drata, companies streamline framework compliance like SOC 2, ISO 27001, HIPAA, and many more through continuous, automated control monitoring and evidence collection, resulting in a strong security posture, lower costs, and less time spent preparing for annual audits. The company is backed by ICONIQ Growth, Alkeon Capital, Salesforce Ventures, GGV Capital, Cowboy Ventures, Leaders Fund, Okta Ventures, SVCI, SV Angel, and many key industry leaders. For more information, visit


About Prescient Assurance:

Prescient Assurance is a globally recognized audit and security testing organization that offers SOC 1,2,3, ISO 27001/27701, Hitrust CSF assessment, PCI QSA assessment, CSA STAR attestation, HIPAA, GDPR and other attestations and certifications. We work with over 1000 cloud based service providers and help them advance their maturity in security and privacy practices. For more information, please visit us at


About Normalyze:

Normalyze is a pioneering provider of cloud data security solutions helping customers secure their data, applications, identities, and infrastructure across public clouds. With Normalyze, organizations can discover and visualize their cloud data attack surface within minutes and get real-time visibility and control into their security posture including access, configurations, and sensitive data to secure cloud infrastructures at scale. The Normalyze agentless and machine-learning scanning platform continuously discovers resources, sensitive data and access paths across all cloud environments. The company was founded by industry veterans Ravi Ithal and Amer Deeba and has several customers, including Corelight, Netskope, and Orkes. The company is funded by Lightspeed Venture Partners and Battery Ventures. For more information, please visit


Media Contact:

Suzanne Block, on behalf of Normalyze