Company: DoControl, New York, NY
Nomination Submitted by: Lumina Communications
Company Description: DoControl helps organizations balance security and business enablement by preventing data breaches in common SaaS applications. It provides security teams with automated, self-service tools they need for data access monitoring, orchestration, and remediation within SaaS applications.
Nomination Category: Company / Organization Categories
Nomination Sub Category: Tech Startup of the Year- Software
 Nomination Title: DoControl
- Which will you submit for your nomination in this category, a video of up to five (5) minutes in length about the achievements of the nominated organization since January 1 2021, OR written answers to the questions for this category? (Choose one):
Written answers to the questions
- If you are submitting a video of up to five (5) minutes in length, provide the URL of the nominated video here, OR attach it to your entry via the "Add Attachments, Videos, or Links to This Entry" link above, through which you may also upload a copy of your video.
- If you are providing written answers for your submission, you must provide an answer to this first question: Briefly describe the nominated organization: its history and past performance (up to 200 words):
Total 200 words used.
In 2019, CEO Adam Gavish worked as a product manager on the Google Cloud Security & Privacy team. In talking with customers, he realized that for them to onboard to Google Cloud, they needed to learn, set up, and maintain dozens of different security controls and policies; to keep data access secure, remain compliant, and focus on securing data, while enforcing consistent security controls across all business-critical apps. Thus, the development of DoControl began.
DoControl provides a No-Code SaaS Security Platform that delivers full asset management (i.e. users, assets, third party OAuth SaaS applications, groups, domains, and more), real-time monitoring and control of user activity, and both automated and self-service remediation. DoControl’s target market is enterprises with over 500 employees, across every industry vertical leveraging SaaS. While their main target is enterprise organizations, DoControl is strongly positioned in the commercial and upper mid-market segments.
DoControl enables customers to create an environment where users can be productive and drive their business forward via SaaS apps, while ensuring the security of valuable data. By replacing manual work with automation, DoControl reduces the complexity security teams deal with daily, freeing up time and resources so they can focus on other business-critical tasks.
- If you are providing written answers for your submission, you must provide an answer to this second question: Outline the organization's achievements since the beginning of 2021 that you wish to bring to the judges' attention (up to 250 words):
Total 250 words used.
In January 2022, DoControl announced a significant product update that enables users to extend zero-trust beyond the identity, device and network into the SaaS data layer through Security Workflows.
DoControl’s Security Workflows deliver complete threat modeling coverage that closes the gap on existing SaaS application vulnerabilities and risks through automated, self-service remediation. The limitless workflow customizations can be triggered by any SaaS event, which are customizable and defined from over 100 pre-established templates. This enables centralized enforcement of data access controls across diverse SaaS application environments from a single location. Critically, the Security Workflows engine enables citizen developers to streamline secure automated workflows via a no-code, “drag-and-drop” platform.
DoControl’s research shows that companies host between $500,000 and $10 million in assets in SaaS applications and 18% of that data is shared externally. The scale of this SaaS sprawl has led to high demand for DoControl’s services, with the company experiencing 100% year-over-year growth in 2021.
DoControl has been working closely with Gartner to raise awareness and develop close ties with their top security analysts, resulting in Gartner listing DoControl in their Market Guide for Insider Risk Management, and the Emerging Tech Impact Radar: Security and Cloud-Native reports. Gartner also included DoControl in their Hype Cycle for Cloud Security 2021.
In addition, DoControl was named a 2022 SINET16 Award winner, a 2022 Globee IT World Awards winner for “Startup of the Year in IT Cloud/SaaS” and “Enterprise Data Loss Prevention”, and one of CRN’s 10 Hottest Cybersecurity Startups of 2021.
- If you are providing written answers for your submission, you must provide an answer to this third question: Explain why the achievements you have highlighted are unique or significant. If possible compare the achievements to the performance of other players in your industry and/or to the organization's past performance (up to 250 words):
Total 246 words used.
While there are many solutions to manage identities and provide secure connections for the user, DoControl’s primary focus is reducing risk exposure to prevent data leakage and the exfiltration of sensitive files. Many companies spend large amounts on massive, labor-intensive CASB or DLP solutions. However, CASB solutions are bound by hard-coded policies that require more time and resources to address the problem, and DLP does not support SaaS as an egress channel and provides far too many false positives.
None of DoControl’s close competitors can remediate risk in an automated fashion to the extent that DoControl can. The platform is completely event-driven, which exposes every SaaS event and activity, allowing security teams to create very granular data access control policies. DoControl can centrally enforce strong data access control policies throughout complex environments across every disparate application.
An example of DoControl’s effectiveness is through the customer use case Samsung Next. DoControl has enabled Samsung Next’s SaaS data to be automatically monitored and protected against malicious activity, ensuring that no unauthorized user has access to sensitive company data. The lightweight solution was deployed without the need for any agents and with no impact on the end-user experience. All access reviews are performed seamlessly using the DoControl platform, providing a deep audit trail of end-user access activity that supports various audit requirements. Moreover, the IT team is now better equipped to investigate SaaS data leakage events that present a business risk and focus their attention on more mission-critical tasks.
- You have the option to answer this final question: Reference any attachments of supporting materials throughout this nomination and how they provide evidence of the claims you have made in this nomination (up to 250 words):
Total 153 words used.
The following attachments support DoControl’s nomination and the examples cited throughout. Specifically referencing the Gartner Market Guide for Insider Risk Management, the Emerging Tech Impact Radar: Security and Cloud-Native reports, and the 2021 Gartner Hype Cycle for Cloud Security. In addition, the following attachments will help provide supporting information on DoControl’s impact on the security market and provide additional context on customer use cases referenced.
| Attachments/Videos/Links: |
|---|
|
