Adaptive recently announced its modern new approach to data protection—a control plane that brokers access and safeguards sensitive information. By protecting data closer to its source and brokering access across all surfaces, Adaptive aims to minimize sensitive data exposure.
Adaptive uses an agentless architecture that doesn’t require any change to existing workflows and tools, ensuring faster adoption within an organization. By understanding an organization’s data context, Adaptive simplifies protecting data at scale, allowing organizations to manage privileges and mask sensitive information efficiently.
The company's integrated, new approach ends long-standing silos between data security and IAM (Identity and Access Management).
“Data protection will only become increasingly critical for organizations as AI adoption accelerates, leading to more data movement, and as data breaches continue to multiply exponentially,” said Adaptive CEO and cofounder Ronak Massand. “By providing a control plane to manage access and protect data across both human and non-human vectors, Adaptive is at the forefront of the vital new movement to combine IAM and data security, which formerly have been siloed disciplines. This is vital since partial coverage on data protection is ineffective—it’s as good as no coverage at all.”
Adaptive previously raised a round led by Eve Atlas, with other top investors including Hustle Fund, Pareto Holdings, Antler India and engineering leaders from DoorDash, Slack, Amplitude, and others. The additional capital is being used to expand integrations and use cases across data protection.
Adaptive offers both on-prem and SaaS deployments for customers. The company’s customers include M2P FinTech, LambdaTest, CertifyOS, and others.
“At CertifyOS, managing access to sensitive healthcare provider data for our geographically dispersed team of over 150 was a security and regulatory challenge. Adaptive solved this problem seamlessly by handling our access requests while providing continuous monitoring of user activity. Our entire team, both technical and non-technical, adopted Adaptive out-of-the-box without disrupting their existing workflows, making adoption of security and compliance requirements for SOC2, NCQA, and NIST much easier," said Anshul Rathi, CEO, CertifyOS.
“As one of India’s largest fintechs, M2P handles a large volume of highly sensitive banking data. Adaptive helps control access across our multi-tenant infrastructure and supports all our complex use cases. With strong data protection at the source, Adaptive helps us safeguard data while ensuring productivity across the organization. The detailed audit logs and session recordings they provide help us meet the strict compliance standards banks require," says Sujay Vasudevan, Head of Risk & Compliance, M2P Fintech.
“We’re thrilled to have led Adaptive’s latest funding round, fueling the company’s mission to redefine how data is accessed and secured. In today’s landscape, where the volume of applications and users requiring access grow at an exponential rate, managing and securing that access has become a critical bottleneck for both enterprises and startups. Adaptive is a surprisingly elegant approach to solving the core issues surrounding data access and sharing — enabling secure, democratized access to data in a way we only wished was possible before. A solution like Adaptive is needed for any enterprise considering adoption of new generative AI solutions at scale. We haven’t run into an enterprise security or access company before making as large of an impact for their customers, replacing three or more existing products, while expanding agility and flexibility for teams, as Adaptive is doing," says Thiago Olson, Managing Partner, Eve Atlas.
Combining data protection and infrastructure access control on both human and non-human vectors, Adaptive’s platform enables organizations to natively manage privileges and also protect data, for example, masking PII, consistently across a variety of vectors. Those include developer CLI access, BI tools, and ETL pipelines managed from a single platform. Developers and third-party services never need to change workflows. Adaptive does not alter the actual data in the database, and it uses an agentless architecture that doesn’t require an invasive and complex installation. Adaptive:
- Protects sensitive data (PII, PHI, financial data) on human and non-human vectors through masking, tokenization, and granular role-based access. Business use case: Adaptive is a Privacy Enhancing Technology. In breaches, often the penalties are determined by the volume of sensitive records compromised.
- Protects credentials and never exposes true database credentials to anyone in the organization. Business use case: Even today, as much as 61% of breaches involve credentials, either stolen via social engineering or hacked via brute force.
- Provides auditability on every query and every command and attributes them to an identity. This is extremely critical in human access workflows. Business use case: This is important for compliance with SOC2, ISO, HIPAA, and other standards.