Cybersecurity defenses have long prioritized network, application and identity protection — but not data security, where a critical gap has persisted.

That layer is exactly where Superna Inc. has staked its claim, focusing on securing data storage, according to Alex Hesterberg (pictured, left), chief executive officer of Superna Inc.

“If you think about it, every single piece of security technology has always been rooted more in network and application, and identity access management and firewalls and intrusion detection, but not the data,” he told theCUBE. “Not your actual, precious endpoint that’s holding your production data. What we end up bringing to the table here is the tenets of security, the instantaneousness of prevention and locking out and denying access, and we apply it to the storage layer.”

Superna’s Alex Hesterberg and Andrew MacKay talk with theCUBE about how Superna is closing cybersecurity gaps with real-time data security at the storage layer.

Hesterberg and Andrew MacKay (right), chief technology and strategy officer of Superna, spoke with theCUBE’s Dave Vellante at the RSAC 2025 Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how Superna is closing cybersecurity gaps with real-time data security at the storage layer. (* Disclosure below.)

Bridging the data security gap at the storage layer

Superna has built its reputation on real-time data security, with early partnerships through EMC Corporation and Dell Technologies Inc. forming the foundation for its approach. Rather than protecting just networks or applications, Superna focuses directly on the storage layer to detect ransomware and extortion attacks as they unfold, according to Hesterberg.

“We like to think about it as one of the best-kept secrets in cybersecurity,” he said. “The company’s actually been around about 14 years. We started with … real-time data security,  with the ability to then lock out attacks in real time.”

The company’s flagship product, Ransomware Defender, delivers sub-second attack containment at massive scale, even across petabytes of data. This is made possible by continuously monitoring audit logs, analyzing real-time user activity and flagging anomalies immediately, according to MacKay.

“All storage systems have an audit log,” he said. “We’re listening to the changes to your data … doing real-time analytics … and now we’re able to see patterns in the user activities. If I could see your account is renaming a lot of data … and you don’t normally do that … we see that in real time because we’re looking at the business data as it’s being created.”

Superna’s strategy is designed to bridge operational divides within enterprises. Security teams can now respond to data-level threats without needing deep storage expertise, while storage teams can maintain their workflows uninterrupted, according to Hesterberg.

“[Regarding] the Gartner survey that came out at the end of last year … the two areas that popped up with the biggest gap were data security and the ability to respond to an incident at the time of the event,” he said. “We took those two things head-on and brought the data layer into the security world, into incident response [and] into the automation.”

The company’s close relationship with Dell remains a key asset, with Superna’s solutions launching on platforms such as PowerScale, Elastic Cloud Storage solution and, soon, PowerStore. But their reach now spans multiple storage vendors, ensuring support across hybrid and multicloud environments, according to MacKay.

“Unfortunately for the storage world, there’s no common logging format,” he said. “Some of the work is adapting our technology to each of the devices because they all have a different logging format. We probably cover … 80% of the unstructured data vendors in the market today. Most of our customers are multivendor, and occasionally vendors switch … so we allow customers to migrate that licensing around and we can protect their data … wherever it lives.”

Superna’s vision extends beyond recovery into real-time prevention, focusing on stopping exfiltration attempts before data leaves the perimeter. With native integrations into platforms such as CrowdStrike Holdings Inc., SentinelOne Inc. and ServiceNow Inc., Superna embeds data-centric security into existing incident response frameworks, according to Hesterberg.

“If you don’t see nefarious behavior, whether it’s internal or external, once the data’s gone, it’s gone,” Hesterberg said. “It’s not about backup or having a snapshot to recover from … [it’s about] seeing that attack … and being able to detect it and stop it at the data layer and then invoke the security protocols to do quarantining and host lockdown, these are the things we automate.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSAC 2025 Conference event:

(* Disclosure: TheCUBE is a paid media partner for the RSAC 2025 Conference. The sponsors of theCUBE’s event coverage do not have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE