What is DSPM?


Gartner® Innovation Insight: Data Security Posture Management
Get Report

Reduce Data Access Risks

Enforce Data Governance
Eliminate Abandoned Data

Secure PaaS Data

Enable Use of AI

DSPM for Snowflake


The Normalyze Platform
Supported Environments
Platform Benefits


DSPM-chat-Richard Stiennon-Ravi-Ithal-Normalyze
DSPM for Dummies:

Your guide to Data Security Posture Management

Get Your Copy


CYBER 60: The fastest-growing startups in cybersecurity
Get Report

The Most Comprehensive Cloud Data Security Platform Adds Data in Motion and Data Lineage

Ravi Ithal
April 18, 2023
New DSPM features continuously discover and fix risks of cloud data in motion and at rest with one unified platform


As a byproduct of ubiquitous cloud computing, more and more sensitive data has moved into virtual environments far from the safe harbor of legacy on-premises data security controls. A recent survey by ESG found that 86% of respondents have sensitive data stored in a data lake, data warehouse, or data lake-house – usually on more than one cloud platform. The obvious question is, “Are these data secure?” The less obvious question is, “Are these data secure while moving through cloud environments?”

Normalyze specializes in helping cloud security teams  to protect the increasing volume of sensitive data in PaaS, IaaS, and SaaS cloud stores, as well as in private data centers. Our mission is to help organizations protect their sensitive data at cloud scale. The first iteration of our solution, Normalyze Cloud Platform, focused on protection of data at rest. Today we are announcing the expansion of our platform’s Data Security Posture Management (DSPM) capabilities to discover and analyze sensitive data in motion and extract lineage for accelerating remediation of risks as data moves within clouds.

Get ahead of data-in-motion risks with a platform that understands lineage and alerts you to unauthorized data exposure in real time

Normalyze Cloud  Platform was purpose built to put data as the central focus of security operations. Our platform’s cloud native architecture scales to customers’ ever-growing public cloud data assets. 

Normalyze Cloud Platform 2.0 provides new data-in-transit capabilities to gather inventory of all data flows between applications, resources, and data assets in the cloud. This allows security teams to move beyond monitoring security posture for data at rest and better understand how the data are being accessed. Contextual insights allow data security teams to more efficiently identify which data assets are in violation of their data security policy and steps for remediating vulnerabilities.

YouTube video

New capabilities of Normalyze Cloud Platform 2.0 include:

  • Data flow diagram: Data-in-transit mapping gathers all data flows between users, applications, resources, and data assets in the cloud. Interactive graphs visually show teams how the sensitive data is being accessed and which assets are in violation of the data security policy.


  • Data lineage: By analyzing data moving between resources, actual users and resource activity related to sensitive data, security teams can identify where a piece of sensitive data originated, where it is being moved to, and the associated security and privacy risks that need to be addressed.
  • Data access graph: Security teams can now gain a fine-grained understanding of how access is being granted to sensitive data without having to deal with the complexity of roles/policy configuration within cloud platforms. Analysts can now pinpoint the exact changes that need to be in roles/policies or resource access configuration to resolve access governance and compliance issues.
  • Anomaly detection:  Identifies suspicious activity including data exfiltration, potential account takeover by continuously baselining user activity and identifying abnormal behavior that is indicative of risky activity, without relying on pre-configured rules or policies.
  • One-click remediation: Built-in remediation enables one-click options to resolve data access risks such as dormant users and excessive privileges to access sensitive data.
YouTube video

We are demonstrating all these new DSPM capabilities at the
RSA Conference 2023 in San Francisco, at our booth #6476. We hope you can stop by to say hello and we’ll give you a tour of Normalyze 2.0.


Try Normalyze in Your Environment!

We invite you to try Normalyze for free in your environment. Sign up for our Freemium. Setup takes minutes, after which you can see for yourself how Normalyze will provide your security teams with 100 percent visibility and control of cloud-resident sensitive data.

Ravi Ithal

Ravi has extensive background in enterprise and cloud security. Before Normalyze, Ravi was the cofounder and chief architect of Netskope, a leading provider of cloud-native solutions to businesses for data protection and defense against threats in the cloud. Prior to Netskope, Ravi was one of the founding engineers of Palo Alto Networks (NASDAQ: PANW). Prior to his time at Palo Alto Networks, Ravi held engineering roles at Juniper (NASDAQ: JNPR) and Cisco (NASDAQ: CSCO)