With SaaS becoming the standard for most business software, the security demands on SaaS companies are constantly increasing. Add users who need their data sandboxed from others or kept in a specific geographic region and the workload for development and security teams only increases. Antimatter, which is coming out of stealth today and launching its service into a private beta, offers a different kind of solution to these problems. It provides SaaS companies with the cryptographic infrastructure that can provably guarantee that a service meets their residency, governance and tenancy requirements, using secure enclaves that keeps data encrypted in transit, at rest and during execution.
The company also today announced that it has raised a $12 million Series A round led by NEA, with participation from General Catalyst and UNION Labs. The founders of Snowflake, Okta, Dropbox, VMware, Segment and Databricks also participated in this round.
The company was co-founded by Andrew Krioukov (CEO), the former founder and CEO of workplace management service Comfy (which Siemens acquired in 2018); Michael Andersen (CTO), the group’s cryptography specialist who, like Krioukov, has a PhD in Computer Science from Berkeley; and Beau Trincia (VP of Design), who was also on the founding team at Comfy and spent seven years working on user experience design and product at IDEO.
During the experience of building Comfy, Krioukov and Trincia themselves faced the problem of having to protect the user data of large enterprise customers like Microsoft, BMW, Salesforce and SAP. “That was really hard,” Krioukov said. “It took a lot of engineering time. It took a lot of sales time to try to talk through all this. It delayed — and even killed — some sales for us.” After talking to Andersen, the team realized that they had the right ingredients to solve this problem once and for all, Krioukov explained.
At the same time, companies want more control over their data, even if it is under the auspice of a SaaS company, but it is very hard for SaaS companies to do that. “We realized we had a breakthrough and we could come up with a new solution that is a really different cloud deployment architecture that gives strong guarantees to the buyers and then allows the SaaS vendors to speed up their sales and offer cryptographic proof,” said Krioukov .
With Antimatter’s solution, the data sits in secure enclaves within Kubernetes and the company then uses that to give hardware guarantees that the data is always encrypted, even while being processed. “This gives SaaS vendors a way to prove that their customer data is secure — secure to a higher standard than anyone has ever really aimed for before because the app could be malicious, the employees could be malicious, all these things could go wrong — and the customer data would still be provably secure,” explained Andersen.
He also noted that there is no performance impact when the SaaS application works with that private data inside the secure enclave. There is also no need to make code changes to the SaaS app. Antimatter’s service simply slots in underneath the app, as Andersen explained, and provides these guarantees because no unencrypted data can exit the enclave — and the hardware then guarantees that nobody can read the memory of the server either. All of the major clouds now offer some version of secure enclave thanks to the cryptographic features of modern server chips. Though as the team noted, that’s a great primitive to work from but doesn’t provide the kinds of guarantees Antimatter provides to its customers.
It’s worth highlighting that with Beau Trincia, the team has a design-focused co-founder, something we don’t often see for these kinds of highly technical problems. But as Trincia noted, right from the outset, the team wanted to make sure it designed the right experiences for the services’ target audiences. That may be the CTO who makes the final purchase decision but he also noted that the team wanted to build an intuitive user experience for the developers, as well as good user experience for those users inside a company that should (or shouldn’t) have access to this data. He also noted that part of the design challenge here is to show users that their data is indeed secure. “Being able to show people that events did or didn’t happen — and kind of really clearly explaining that and having an awesome dashboard for giving people that visibility [is important],” Trincia said.
Like most companies at this stage, the team plans to use the new funding to expand the development team as it looks to open up its service to a wider audience soon.
“The crypto tech and years of university R&D that serve as Antimatter’s foundation are a gigantic step forward for highly usable — yet provably correct — secure computing and data privacy,” said NEA venture partner Greg Papadopoulos. “We’re super excited to partner with Andrew and the team as they empower companies to definitively secure customer computing and data.”