Gem Security
Gem Security built a cloud-focused Data Security Posture Management (DSPM) platform that discovers and classifies sensitive data across cloud data stores and maps exposure paths (misconfigurations, over-permissioned access, public sharing) to drive remediation. The company was reported as acquired by Wiz in 2024, indicating strategic consolidation of DSPM into broader cloud security platforms.
Visit WebsiteCompany Overview
Gem Security focuses on DSPM: continuously inventorying cloud-resident data (object stores, databases, and analytics warehouses), identifying sensitive content, and correlating exposure risk based on access paths and security posture (e.g., overly permissive IAM, public access settings, and weak encryption/key-management configurations). The value proposition is data-centric visibility and prioritization—helping security teams answer what sensitive data exists, where it lives, who/what can reach it, and which exposures create actionable risk.
The market has rapidly consolidated and converged: standalone DSPM vendors compete with adjacent platforms (CNAPP/CSPM, data governance, and DLP) that are adding native discovery/classification and risk analytics. Notable acquisitions (e.g., Dig Security by Palo Alto Networks; Laminar by Rubrik) signaled that large security platforms view DSPM as a core capability rather than a niche add-on. Gem’s reported acquisition by Wiz (2024) is consistent with this trend and suggests differentiation sufficient to be absorbed into a leading cloud security posture platform.
Dual-use relevance is credible when framed around regulated, mission-critical cloud environments: defense and intelligence organizations migrating workloads/data to accredited government and sovereign clouds face acute risks from data sprawl, misconfigured storage, over-permissioned identities, and audit/compliance requirements. DSPM capabilities can support continuous sensitive-data inventory, least-privilege enforcement workflows, and incident response triage (e.g., rapid scoping of exposed mission data). Practical adoption will depend on deployment constraints (segmented networks, sovereignty, accreditation) and integration with identity, SIEM/SOAR, and data governance controls.
Dual-Use Assessment
Cloud data security has critical dual-use applications for protecting sensitive and classified data. Defense and intelligence organizations migrating to cloud require discovery and protection of sensitive data stores to prevent unauthorized exposure of operational and intelligence information.
Key Technologies
- Data Security Posture Management (DSPM) for cloud data stores
- Automated cloud data discovery and inventory (agentless connectors/API-based)
- Sensitive data identification and classification (rules + ML/NLP where applicable)
- Exposure path analytics (IAM/ACL permissions, public access, sharing links, network reachability)
- Remediation orchestration/integration (ticketing, IaC, guardrails) and policy-as-code alignment
- Audit/compliance reporting for regulated environments
Use Cases & Applications
- Enterprise-wide discovery of sensitive data across AWS/Azure/GCP storage and data warehouses
- Detection and prioritization of exposed data (public buckets, risky sharing, over-permissioned access)
- Continuous compliance and audit evidence for regulated cloud workloads (e.g., finance/health/critical infrastructure)
- Defense/government cloud data inventory and exposure management for mission and classified-derived datasets (within accredited environments)
- Incident response scoping: identify what sensitive datasets were reachable by a compromised identity or workload
- M&A / cloud migration hygiene: map sensitive data locations and enforce baseline protection controls post-migration
Strategic Value to U.S.-Israel Alliance
Gem provides cloud data discovery and protection capabilities essential for defense and intelligence organizations ensuring sensitive and classified data remains secure in cloud environments.
Interested in this startup?
Learn more about our investment approach or get in touch to discuss opportunities in dual-use technology.