On Tuesday, Formalis emerged from stealth mode as a security startup with a notable list of investors and an intriguing product positioning. The company has designed a reverse-proxy for data stores and APIs, allowing security teams to more easily secure access to sensitive data.
What is Formal?
In practical terms, Formal is a proxy that you deploy in your virtual private cloud (VPC) where it logs every request made to your data stores — say a database with customer information for instance — and enforces access policies. This means that Formal acts as an abstraction layer for visibility on and control of data flows.
The Founder’s Background
Formal is the brainchild of founder Mokhtar Bacha, a 24-year-old who began his tech career at Consensys while still a teen. At the age of 17, he was lucky enough to connect with one of the co-founders of Ethereum — Joseph Lubin — and was recruited as a software engineer for Consensys, which is behind MetaMask and other wallets.
Bacha explained that technically, it was incredibly interesting, but he didn’t feel like he was working on something that was very useful. This led him to apply to Y Combinator as a solo founder when he was still just 19 (with Maytana, a cash management platform for multinational startups). A pivot later, his initial startup idea became Formal, a security product that chief information security officers (CISOs) and CTOs may find useful.
Raising $5.8 Million in Seed Funding
In late 2023, Formal raised a $5.8 million seed round with Thrive Capital leading the round and participation from Y Combinator. Abstract Ventures, Kima Ventures, and a bunch of business angels, including Alexis Lê-Quôc, Charles Gorintin, Mathilde Collin, Aaron Katz, Jean-Denis Greze, and Matt MacInnis, also joined the round.
Access and Control
While data access management isn’t new, what makes Formal special is that it allows security teams to more easily secure access to sensitive data. With Formal, you can log every request made to your data stores and enforce access policies, ensuring that only authorized personnel have access to sensitive information.
How Does Formal Work?
Here’s how Formal works:
- Deployment: You deploy the Formal proxy in your VPC.
- Logging: The proxy logs every request made to your data stores.
- Access Policy Enforcement: The proxy enforces access policies, ensuring that only authorized personnel have access to sensitive information.
The Benefits of Using Formal
Using Formal offers several benefits:
- Improved Security: By logging and enforcing access policies, you can ensure that only authorized personnel have access to sensitive information.
- Increased Visibility: With Formal, you gain visibility into data flows and access patterns, allowing you to identify potential security risks.
- Simplified Compliance: Formal makes it easier to comply with regulatory requirements by providing a clear audit trail of all access attempts.
Conclusion
Formalis a promising security startup that’s out of stealth mode with an intriguing product positioning. With its reverse-proxy for data stores and APIs, Formal allows security teams to more easily secure access to sensitive data. If you’re interested in improving the security posture of your organization, consider checking out Formal.
About the Author
Mokhtar Bacha is the founder of Formalis. He has a background in computer science and has worked on various projects related to security and data management. In his free time, he enjoys writing about technology and its applications.
