Industry
Technology, Cybersecurity
Headquarters
San Jose, CA
Founded
2020
Challenges
Diverse sensitive customer data
Classification accuracy
Deluge of false positives and alert fatigue
Solutions
MIND Cloud DLP
MIND Endpoint DLP
Noname faced challenges with their DLP program: inaccurate classification, alert fatigue with numerous false positives and a lack of context and automation for effective remediation
Industry
Technology, Cybersecurity
Headquarters
San Jose, CA
Founded
2020
Challenges
Diverse sensitive customer data
Classification accuracy
Deluge of false positives and alert fatigue
Solutions
MIND Cloud DLP
MIND Endpoint DLP
Noname faced challenges with their DLP program: inaccurate classification, alert fatigue with numerous false positives and a lack of context and automation for effective remediation
Challenges
- Inaccurate and manual sensitive data classification due to the reliance on users to properly tag files and the unstructured nature of their data.
- Traditional data loss prevention (DLP) tools generated too many false positives, leading to alert fatigue and missed true data loss events.
- Once data was lost, it was difficult to retrieve it, and there was no way to know who else it had been shared with.
Solutions
- MIND™ accurately classified sensitive data, including source code and access keys, and provided context around the data, such as who had access to it and how it was being shared.
- Compared to other DLP tools, MIND reduced false positives to essentially zero for the Noname security team, providing accurate alerts and actionable insights.
- MIND provided visibility into where data was located and who was accessing it, enabling Noname to protect sensitive data by educating users or revoking access.
Noname Security's mission is to protect customers' APIs by taking a complete and proactive approach to API security
As a security company that secures the application programming interface (API) connections that empower today's digital world, Noname Security understands why it's so important to prevent their sensitive data from leaking and how damaging an event like that could be for their brand reputation.
They needed to enforce DLP policies that kept their intellectual property, commercial data and customer information secure without slowing down their business.
Needed a DLP solution that was accurate and efficient to manage
Noname was struggling with their existing DLP solution. It was inaccurate, frequently misclassifying data due to its reliance on manual tagging by users. This inaccuracy also meant that highly sensitive data, such as source code and access keys, was often missed. Additionally, the high volume of false positives resulted in debilitating "alert fatigue" for their security team, and the lack of context around DLP alerts and automation capabilities hindered effective remediation.
“The downside [of our previous DLP tool] is that it generated more noise than actual benefit to the company. And so, over time, we became very numb to the alerts that it would generate. We often would have anywhere from 10% to 25% of the alarms that were false positives.”
Mike Morrato
Chief Information Security Officer & Global Head of IT, Noname
Avoid the same mistakes with past DLP programs and embrace a forward-looking approach to protect their sensitive data
When Noname was looking to improve their DLP program, they had several requirements:
- Easy to use and integrate with their existing IT environments and data sources
- Automatically classify sensitive data
- Classification accuracy they can trust
- Minimal false positives to eliminate alert fatigue
- Provide context around sensitive data, including who had access and how it was shared
- All without requiring a dedicated team or breaking their budget
“MIND was really useful because it just helped us get a grasp on all our files that are stored and say, ‘Yes, this has private access keys for our cloud environment. Let's lock this up.’”
Mike Morrato
CISO & Global Head of IT, Noname
Gained peace of mind with a modern DLP solution that is ready to grow with them
Noname chose MIND because it integrated seamlessly with their IT environments, was highly accurate and automated key tasks. MIND's ease of use and reliable alerts eliminated the need for a dedicated DLP specialist, saving Noname both time and money.
The platform also provided crucial context around data access and sharing, streamlining investigations and remediation actions. Additionally, the MIND team's responsiveness and partnership ensured that the solution evolved to meet Noname's needs.
“MIND has been really good at working with us. They have been very responsive and had the right people invested in our success. They have also taken my past bad experiences with DLP and are making sure they’re not repeating that as well.”
Mike Morrato
CISO & Global Head of IT, Noname
With MIND deployed, the Noname Security team can confidently enforce their DLP policies without disrupting business
Noname observed significant measurable outcomes after deploying MIND, including:
- Time savings: MIND saved Noname 1-2 hours per incident, and in some cases 3-4 hours, by providing context, evaluating risk severity and automating actions, which translated to 25-50% time savings per incident per day.
- People cost savings: Noname avoided hiring dedicated DLP specialists, saving budget and allowing the team to focus on other strategic initiatives.
- Classification accuracy: MIND was 100% accurate in finding sensitive data in their cloud storage repository, compared to their previous DLP tool.
- Elimination of false positives: With MIND, the Noname security team experienced virtually no false positives.
“MIND was a lot more accurate and I can't remember a single case where we had false positives.”
Mike Morrato
CISO & Head of IT, Noname
