Formal Protocol Security

Formal is a protocol-aware reverse proxy that sits between users and datastores/APIs to provide visibility and control over data access. The platform operates as a sidecar deployment that intercepts and monitors database queries and API calls in real-time. The product includes a Data Graph component that learns organizational data flows, classifies sensitive information including PII and PHI, and generates policy recommendations. Security teams can view detailed logs of all data access patterns, including who accessed what data and when. Access control capabilities include dynamic data masking, dynamic data filtering, role-based and attribute-based access control (RBAC/ABAC), just-in-time access provisioning, multi-factor authentication for datastores, device trust verification, and secret-less authentication. The platform supports session management and can terminate active sessions. Formal provides anomaly detection with alerting capabilities and continuous monitoring of data consumption patterns. The platform includes collaboration features such as commenting on logs and policies, live collaboration, and ChatOps integration. Policies can be configured through both no-code interfaces and code editors. The deployment model uses a single statically-linked binary packaged as a distroless Docker image. Infrastructure-as-code support is provided through Terraform and Pulumi, with SDKs available for TypeScript and Python. The platform is designed to deploy within customer VPCs and integrates with existing development workflows.