DevelopersDevSecOpsFeaturedLet's TalkSecurityVideo

DoControl SaaS Security Platform Helps Organizations Mitigate Insider Threats | Omri Weinberg


Guest: Omri Weinberg (LinkedIn)
Company: DoControl (Twitter)
Show: Let’s Talk

When we think about security, we tend to think of bad actors but most cases today are human mistakes. DoControl wants to tackle this problem by integrating with SaaS applications to help mitigate the risks. Furthermore, the platform gives end users the authority to decide if an alert is valid and whether or not permissions need to be revoked. The decision to give end users this authority is part of the company’s philosophy of educating employees and embracing them as part of the security journey.

In this episode of TFiR: Let’s Talk, Omri Weinberg, Co-Founder & CRO at DoControl, talks about the company and the problem they are trying to solve. Weinberg discusses some of the challenges he is seeing in security and why there is a need for more modern tools to deal with them. He goes on to tell us how DoControl helps secure organizations.

Key highlights from this video interview:

  • Weinberg gives us an introduction to DoControl and talks about the origin of the company. He talks about how he met his partner and CEO of the company, Adam Gavish. He goes on to explain about the original problem with access that they saw in big companies like Google and how tools like DLP and CASB are not well suited to solve the problem nowadays.
  • DoControl is primarily focused on interacting with all the SaaS applications that organizations are using, ensuring people can still use them in the way they regularly use them. Weinberg discusses the guardrails they have put in on the sidelines to make sure the data is kept in the correct way, and no one has access to it that should not have.
  • Weinberg talks about the human aspect of security and the cultural change that needs to happen within organizations. He explains how DoControl monitors what employees are doing and sends notifications to alert employees about any anomalies. He discusses how DoControl gives authority to the end user to decide if the alert is valid, and how this helps involve employees in this journey.
  • Weinberg talks about how they integrate with some of the typical tools in organizations. He discusses how many of these tools are meant to be for communication and collaboration but are regularly used as a clipboard for pasting sensitive information and the risks associated with this.
  • Insider threat is a big trend that is being seen in security but nowadays it is easier to track them down with tools and signals that they are connected to. Weinberg talks about how DoControl connects to the different systems, so it can build up a picture from the signals and evaluate the level of risk from any changes.
  • Education is an integral part of security, but how organizations are doing businesses today is very different from ten years ago. Weinberg feels there is a growing demand and growing awareness around security challenges and people are looking for modern tools to solve these problems.
  • Generative AI is a hot topic currently and Weinberg tells us that while they are leveraging technologies like AI/ML to help with learning about their users, they are seeing a spike with ChatGPT and similar apps that users installed. He discusses the risks of these sorts of apps and how DoControl helps them decide on the appropriate action.
  • Weinberg shares his advice for developers and organizations to make sure they have the right practices in place to ensure the security of their workload and environments: to challenge yourself and look to how you can do better to enable your business.

This summary was written by Emily Nicholls.