The world of privacy and security went through some big changes last year. There were fines from breaches and data leaks that reached into the billions, and new laws that led to massive compliance spend. And while that was happening, Akita moved quickly to help fix all those problems and prepare for a leak free 2020.
The data is fine(d)
In 2019, the FTC fined Facebook $5 billion for its handling of data with respect to Cambridge Analytica. Data leaks and a lack of compliance led to fines of $123 and $230 million for Marriott and British Airways respectively for not complying with GDPR (the EU’s General Data Protection Regulation). In part because of these growing fines, the California Consumer Privacy Act alone led companies to spend $55 billion on compliance. It’s a concerning sum of money that has slowed companies down as they spend millions to plug holes and find solutions.
Building a leak proof solution
The first Akita “office,” November 2018. Photo by Bret Reckard.
At the beginning of 2019, Akita Software had just closed our seed round and was one full-time person (Me! Jean Yang!) working out of an ATM room. We eventually moved into our own office, assembled the rest of our founding team, and built the alpha of our first product. A product that will help companies see how their software uses data, lead to better products, and reduce fines incurred from data leaks. We were up and running.
For me, this had been a long time coming. I based my career on the belief that it’s not only possible, but important, to understand what large, complex software systems are actually doing. A decade ago, I bet that security and privacy was going to be where software understanding was going to matter. The specific problem I sliced off was data tracking in complex software systems. I worked the problem from different angles: static analysis, dynamic analysis, across the application-database boundary, at the API level, and more. When GDPR came along, I saw that it was time to build a real-world solution.
One of our team members giving a tour of our Waverley Street office, summer 2019. Photo by Kohsuke Kawaguchi.
This past year the Akita team and I spoke with security, privacy, and engineering teams across a variety of industries to figure out just how and why it’s getting harder to ensure software applications are doing what they’re supposed to be doing with sensitive data. We learned about data tracking challenges that software teams face in modern, service-based environments, and about just how much damage integration friction and false positives can cause. To build the right solution, we read research papers, built and produced working prototypes, and stress-tested systems until we had something that we knew was going to work.
We’re excited with the result: a next-generation software analysis solution that will not only find and fix data leaks faster but also give crucial visibility into how data flows through software. A product that works for any software project with an API, and runs pre-production, catching leaks before they impact customers. Our solution not only saves companies potentially hundreds of hours in manual audit and data mapping, but also provides a strong layer of assurance against data risk.
We’ve successfully discovered issues in production and open-source code, including leaked tokens, excessive data access, and more. We even found a bug in Wordpress similar to the Robinhood password leak which could have affected millions of Wordpress users.
Here’s to a great new year
Now that 2020 is here, Akita’s first product is ready for implementation. If you’re interested in getting started, sign up for an invite. We can’t wait to start running with you.
Onward ⚡,
Jean Yang
Founder and CEO, Akita Software