Data protection vendors have widely adopted data immutability technologies to prevent ransomware attacks from encrypting it, a technique that has been successful and led some attackers to try stealing the data and hold its return for ransom instead. Titaniam is also designed to stop that.
Titaniam, a San Francisco startup with a name guaranteed to give spellcheckers fits, has announced the availability of their full product offering, the Titaniam Suite. Titaniam is focused on the ransomware issue, and offers something that few security suites do today, a defense against data exfiltration attacks. This is designed to foil attackers who choose to physically steal data to get ransom for its return, if data immutability and other modern defenses stop them from using traditional encryption in place to collect the ransom. It also allows Titaniam to position itself as a unique one-stop-shop to handle all aspects of a customer’s anti-ransomware, data protection, and privacy needs.
Titaniam just got their seed round in February – but they have been around somewhat longer than that and had strategic reasons for delaying the availability of their full product suite.
“We have been around since the middle of 2019,” said Arti Raman, CEO and founder of Titaniam. “In the data protection encryption and use space in which we play, we learned the people who are most vulnerable here won’t work with an unproven technology. It has to be NIST [National Institute of Standards and Technology] certified. With NIST, if you make a change, like to your engine or algorithms, you have to certify again. So we built out the full suite, and then we certified. The modules have been sold individually since July 2021, but this is the first time the entire suite has been available. Because we are NIST-certified, we have been able to get publicly traded organizations to actually sign up with us.”
Titaniam’s technology is a mix of their own innovations combined with those certifed NIST encryptions that they believed were essential to bring a new company to market in their space.
“Our technology is a combination of our own new patents with traditional encryption,” Raman said. “We looked at how large data platforms performed, and ensured that our patterns are encrypted indexes with known and certified NIST encryptions.”
The ability to go beyond protection through immutability to foil attackers who want to steal data they can’t encrypt and then hold it for ransom is the focus of Titaniam’s work.
“We stop exfiltration of data to ransom it back to user if data immutability or other techniques make it too hard to encrypt for ransom,” Raman said. “There are not many companies who can do this. Traditionally the way to deal with it would be tokenization, and there are lots of options there. The payment industry has been tokenizing the credit card industry for 15 years. Using this method, however, once the stolen data is exfiltrated and lost, it’s gone. The companies we replace offer these restrictive tokenization technologies, but unlike them, data in our format continues to be usable. The data will still be in our Vault and all searches will still work.
There is another type of competitor that Raman said is not significant, statistically.
“The homomorphic encryption vendors are minor because with them, compute requirements go up 500% and storage requirements can go up to 10,000%,” she noted.
Titaniam’s offerings are, however, designed to work well with other products.
“We attach onto existing platforms really nicely,” Raman said. “We have partnered with AWS on two of their product lines, and we protect AWS Open Search. There are other such relationships in the works.”
Five products are available at launch: Titaniam Vault; Titaniam Plugin; Titaniam Proxy; Titaniam API; and Titaniam Studio.
“Think of them as building blocks,” Raman said. “Titaniam Vault allows for storage and analysis of data with Zero Trust security without decryption. Titaniam Plug in and Titaniam Proxy provide in-place protection. Titanium API lets protected data leaving other Titaniam products be easily translated into clear text or other formats by downstream applications. Titaniam Studio pulls it all together, managing all the other products.”
Raman said that all modules can stand alone, and some customers have just one.
“Most do buy at least two though,” she indicated. “Titaniam Vault customers, for example, tend to buy Titaniam API because they want to come out of Vault in an encrypted form.”
Other more industry-specific offerings are on the way.
“There is a product we will be announcing soon for the legal market,” Raman said.
Raman indicated that Titaniam specifically targets four types of customers. “They are SaaS companies, enterprise customers, especially regulated ones, product companies and government,” she said. “We also have partnerships where the partner provides us as-a-Service, which gets us to smaller enterprises and SMBs. Palo Alto Networks is a publicly referenceable customer where we are under their hood, and we are globally available through Palo Alto Networks.”
It is still early days for Titaniam’s channel, but they have a plan to build one out, which has already begun.
“We are actively developing a channel, and have a few deals coming through now, through resellers, distributors, and MSPs,” Raman said. “We are getting ready to announce our program.”