Formal's mission is to empower security teams to enforce least privilege at the most granular level. For too long, security teams have been forced to choose between locking things down and letting people do their jobs. That tradeoff was already painful — with AI agents now accessing production data autonomously, granularity isn't a nice-to-have, it's mission critical. Formal makes it simple to enforce that level of control across every protocol, every identity, every query.
Founded in San Francisco, Formal came out of stealth in November 2024 with $6.8M in seed funding led by Thrive Capital, with backing from Y Combinator, Abstract Ventures, and founders from Datadog, ClickHouse, Front, and Alan. C-level executives from Rippling, Plaid, Vanta, and Checkout.com also participated.
We started with a simple observation: security teams were stuck duct-taping together legacy tools and custom scripts to control access to their data infrastructure. Native cloud provider tooling wasn't enough. Internal solutions didn't scale. And every new database, API, or AI integration made the problem worse.
So we built a single stateless binary that understands 15+ wire protocols natively — Postgres, MySQL, MongoDB, Snowflake, SSH, Kubernetes, HTTP, MCP, and more. One proxy to authenticate, evaluate policies, mask data, and audit every query. Deployed in the customer's VPC. Zero application changes.
Generic network proxies can't rewrite SQL queries, mask MongoDB fields, or filter MCP tool calls. We parse each wire protocol to enable decisions at the query level.
Sub-10ms overhead. Zero developer friction. Formal is invisible to the engineers using it — that's by design.
No more stitching together 5 tools for 5 protocols. A single binary handles databases, SSH, Kubernetes, HTTP APIs, and AI agents.
Your data never leaves your infrastructure. No SaaS data exfiltration risk. Forensic-grade audit trails that you own.
We're hiring engineers and go-to-market leaders in San Francisco. If you want to build the infrastructure layer that secures every packet flowing through the modern enterprise, we'd love to hear from you.
See open roles →