Piiano Vault

Two years ago, Piiano was born out of a burning desire to solve a problem that we had been wanting to address for many years. The timing was right, surprisingly, when GDPR was enforced. The world has changed overnight. Having data breaches isn’t cool anymore. The amount of data is rising. System complexity makes it harder to secure everything. Threats are becoming more innovative too. And protecting your customers data is a must even more so. However, we found that the market lacked the necessary infrastructure for developers to easily engineer systems that could effectively secure data. Together with my amazing team we introduce to you Piiano Vault. Piiano Vault 🛡️ - saves you a huge amount of time to build all the features you would need to both secure the data and comply with the privacy regulations. Piiano focuses on developers and sensitive data. Piiano Vault simplifies the implementation of this thing that so many companies waste their time building it again and again. We set out to start with simple RESTful APIs. Now supporting seamless ORM integrations for Python, Java and typescript. So data protection at the app level is so easy and transparent. We have lots of documentation, guides, code examples and sample apps in our github page and a sandbox docker to play locally with our product on your machine. With Piiano you can concentrate on working on your data and not managing encryption keys and building encryption over your SQL databases, we cover you for security and privacy. ❤️I'd like to thank Ben Lang and the rest of the community for helping us here today. Thank you everybody! —--------------------------------- Here’s the rest of the story if you’re really curious about it. Everybody tried to solve data breaches and data exhilaration before. The older remember that for 20 years now the info-security (now cybersecurity) industry has been kicking. And when we started Piiano we thought it’s time for privacy engineering. But boy were we wrong. Hardly, they have security engineering, so now privacy engineering is too much future. Our approach was different, we figured out that we have to focus on PII (hence our company’s name Piiano) and sensitive data. Basically, if a dataset is de-identified and getting stolen, the privacy impact for the data subject is really lowered. Up to the extent you don’t have to report a data breach at all. The problem with data, and we didn’t know it in our previous jobs, is that you have so much of it. So many duplications and copies and it’s out of your control. As a security manager - you hardly know what the developers do in the code after a while, and how will you know what data is collected and where it’s stored. It’s not cool to “collect everything” anymore, not the best practice. We were also deeply frustrated as both hackers and software engineers to talk with a couple of hundreds CISOs and learn that PII isn’t on their priority list. Nor their understanding of why encryption at rest is the biggest fallacy of the cloud era - hint, nobody steals your hard drive from Amazon’s data center. Neither the fact that even stupid SQL injections are still out there and other security bugs in the code - forgetting authorization checks and other attacks. We want to stop all that. We are two founders, we met 20 years ago in the army. But we have been working together for 13 years now. Previously we had a small firm that people called us the Task Force for special software engineering and cyber projects. We did lots of hardcore R&D projects and eventually got acquired by Magic Leap (yes, this AR company with the jumping whale video, from Florida). I became the head of product security, basically everything security that isn’t IT. At the peak I led 700 engineers to build a secure OS, cloud services and even hardware. It was a dream coming true for OS and system-internals geeks like myself. All along the time I worked in the industry I released many 0d’s for Microsoft Windows and other products. And got crazy bounty awards too, I once even got a whatsapp account takeover back in 2012. And for 17 years now I’ve been working and maintaining diStorm - the first disassembler open source library for x64, at the time. Securing systems on one hand, and hacking systems on the other hand, I came to realize enterprise security is so hard. Unfortunately the threading model is not if you get attacked, but when. And we are here to help developers build secure systems to protect their data. And a good security plan starts with the developers with both security and privacy by design. Not to mention that in my previous role I didn’t know how to ask the hard questions about data, because GDPR was so new. But today everybody should know where they store the data, how they encrypt it, when they delete it, who accesses it and why, when they should tokenize the sensitive data, etc. Everything is about how you safely store the data and how you use it. Security can be fun too :)

So good to see a meaningful, data protection focussed product for developers, amid a surge of GPT+AI driven apps. Congratulations on the launch and good luck!

Piiano Vault is a fantastic solution for both startups and large corporates that deal with sensitive customer data. As a CEO, I'm constantly looking for ways to improve our data security and ensure that we're in compliance with privacy regulations. Piiano makes it easy to do both, without having to worry about the technical details. One of the things I appreciate most about Piiano is how easy it is to integrate into our existing systems. With their RESTful APIs and ORM integrations for Python, Java, and TypeScript, developers are able to quickly implement data encryption and other security features. The documentation and sample apps provided by Piiano also makes the integration process a breeze. Another huge benefit of Piiano Vault is how much time it saves. Instead of spending hours building encryption and managing encryption keys, you can focus on improving your product and serving your customers. Overall, I highly recommend Piiano Vault to any company looking to improve their data security and comply with privacy regulations. The product is easy to use, reliable, and backed by an amazing team. Followup question - what is your vision going forward?