BigID is a data privacy and security startup that provides an enterprise platform for organizations to discover and manage sensitive data for compliance and protection. Founded in 2016 by Dimitri Sirota and Nimrod Vax in New York City, BigID rose quickly in prominence amid growing global privacy regulations like the EU’s GDPR and California’s CCPA. The company’s core mission is to help businesses “know their data” – identifying what data they have, whose data it is, and how it’s used – in order to safeguard personal information and ensure regulatory compliance.
In less than a decade, BigID has established itself as a leading innovator in data intelligence, becoming a unicorn (valuation over $1 billion) just four years after its founding. Backed by major venture and corporate investors, the startup has pioneered a “data-first” approach to privacy and security, defining new product categories such as Data Security Posture Management (DSPM). By 2024, BigID was reportedly approaching $100 million in annual recurring revenue, reflecting its rapid growth and adoption by large enterprises worldwide.
Founding Story of BigID
BigID’s origin in 2016 was driven by a convergence of regulatory change and technological vision. The idea for BigID emerged as global concern over data privacy was on the rise, with high-profile data breaches and new laws signaling a need for better data accountability. In the spring of 2016, just as the European Union was finalizing the General Data Protection Regulation (GDPR), BigID launched with a $2.1 million seed funding round to build a “privacy management platform” for enterprises. Co-founders Dimitri Sirota and Nimrod Vax – both veterans of the identity and security software industry – recognized that companies lacked visibility into what personal data they held and where it resided. Their founding vision was to rethink data discovery for privacy: instead of relying on policy documents and questionnaires, organizations would need an automated, data-centric approach to find and catalog personal information at scale.
This vision initially faced skepticism. Sirota recalls that when they first pitched the concept in 2016, “people didn’t grok it” – few understood why a privacy-focused data discovery tool was necessary. However, timing was on BigID’s side. GDPR enforcement was looming, and companies soon realized they faced a “data double-edged sword”: customer data was an asset but also a liability if not managed properly. BigID positioned itself as the solution to this new imperative. By mid-2017, the startup had its prototype in early customer trials, and in 2018 – just as GDPR took effect – BigID gained industry validation by winning the RSA Conference’s Innovation Sandbox competition as the “Most Innovative Startup” tackling GDPR challenges. In short, BigID’s founding story is one of prescient timing and clear purpose: it launched at “just about the same time” privacy regulations demanded action, and it delivered a novel technology to meet that demand.
Founders of BigID
BigID’s founders bring deep expertise from the intersection of data security and identity management.
Dimitri Sirota, BigID’s CEO, is a serial entrepreneur with a track record in enterprise security. Prior to BigID, Sirota co-founded eTunnels (a VPN security startup) and later co-founded Layer 7 Technologies, an API security and management company that was acquired by CA Technologies in 2013. With a background in physics and years of business development experience, Sirota had established himself as an expert in protecting data-in-transit and at the application layer before turning to the problem of data privacy.
His co-founder, Nimrod Vax, serves as Chief Product Officer and brings over 15 years of experience in identity and access management software. Vax was a product leader at Business Layers (an identity management firm acquired by Netegrity) and later at CA Technologies, where he managed identity governance products.
This complementary background of the two founders – one a serial entrepreneur with multiple exits in security, the other a seasoned product architect in identity management – shaped BigID’s direction. Both Sirota and Vax had witnessed how enterprises struggled to track personal data scattered across systems. They leveraged their domain knowledge to create an “identity-aware” data discovery technology that maps data to individuals, reflecting their roots in identity management. Under Sirota’s leadership and Vax’s technical vision, BigID’s founding team built a company culture grounded in innovation and compliance expertise. Notably, the founders established dual headquarters in New York (business hub) and Tel Aviv (R&D hub) from the outset, tapping into talent pools on both continents. This global, experienced leadership set the stage for BigID’s rapid growth and credibility in the data privacy industry.
Business Model of BigID
BigID operates a B2B enterprise software model centered on subscription licensing of its platform. The software is typically delivered as a subscription (annual license) that customers deploy either on-premises or in their cloud environment via containerized packages. This allows clients – usually large enterprises in data-sensitive sectors – to run BigID’s tools securely within their own infrastructure. The subscription model yields recurring revenue and ensures BigID continuously updates its software (adding new features and data connectors) to retain and grow each subscription.
Go-to-Market:
BigID primarily targets Global 2000 organizations with pressing privacy and data protection needs. Early adopters included Fortune 500 companies (even some Dow 30 firms), which validated the product’s fit for large-scale environments.
To reach customers, BigID combines direct enterprise sales with an expanding network of partners. The company has invested in global sales teams and also established alliances with major technology vendors to extend its reach – for instance, making BigID available in cloud marketplaces and via reseller agreements with companies like SAP and Microsoft.
These partnerships help embed BigID’s solution into broader enterprise ecosystems. Ultimately, BigID’s business model is that of a high-touch enterprise software provider: revenue comes mainly from software subscriptions (augmented by professional services for deployment support), and success depends on delivering clear value (compliance, risk reduction) to retain those subscriptions over time.
Revenue Streams of BigID
BigID’s revenue primarily comes from subscription fees for its software platform. Enterprise customers typically pay annual or multi-year licensing fees to use BigID’s data intelligence products, often structured as recurring subscriptions based on the volume of data or number of data sources under management.
This recurring software revenue forms the core of BigID’s financial model – as evidenced by the company approaching $100 million in annual recurring revenue by 2024.
In addition to licensing, BigID generates ancillary revenue through professional services. These services include implementation support, configuration, and training for clients deploying the platform across complex IT environments. While necessary for customer success, services revenue is generally a smaller portion of the business compared to software licensing, since BigID also partners with global consulting firms (like Deloitte and PwC) to assist with large-scale deployments.
Another emerging revenue source is BigID’s App Marketplace and add-on modules. In 2020, BigID launched the industry’s first marketplace for privacy and data discovery apps, allowing customers to extend the platform with BigID-built or third-party apps (for example, modules for data retention, consent governance, or breach monitoring). This opens the door for potential revenue sharing on third-party app sales and upselling additional BigID-developed features to existing customers. Moreover, strategic OEM and reseller deals contribute to revenue indirectly: for instance, sales through the SAP reseller partnership or cloud marketplaces result in BigID booking license revenue via those channels.
In summary, BigID’s revenues are driven by recurring software subscriptions, supplemented by services and extensions. The company’s focus on recurring license fees aligns with its growth strategy – emphasizing Annual Recurring Revenue (ARR) as a key metric – while its ecosystem of modules and partners helps expand each customer’s lifetime value.
Funding of BigID
Since its inception, BigID has attracted substantial venture capital financing, reflecting strong investor confidence. As of 2025, BigID’s total funding reached roughly $320 million, and the company attained a valuation above $1 billion (unicorn status) by late 2020. Table 1 summarizes the major funding rounds, from seed through 2024.
Table 1. BigID Funding History (2016–2025)
| Date / Round | Amount Raised | Key Investors | Post-Money Valuation |
|---|---|---|---|
| May 2016 – Seed | $2.1 million | BOLDstart, Genacast, Deep Fork (seed) | – |
| Jan 2018 – Series A | $14 million | ClearSky, Comcast Ventures, SAP.iO, Boldstart | – |
| June 2018 – Series B | $30 million | Scale Venture Partners (lead); previous investors | – |
| Sept 2019 – Series C | $50 million | Bessemer Venture Partners (lead); SAP.iO, Comcast, Salesforce Ventures | “Robust” (not unicorn) |
| Dec 2020 – Series D | $70 million | Salesforce Ventures, Tiger Global | > $1 billion |
| Apr 2021 – Series D ext. | $30 million | Advent International | ~$1.25 billion |
| Mar 2024 – Growth Round | $60 million | Riverwood Capital (lead); Silver Lake, Advent | > $1 billion |
BigID’s funding accelerated quickly after its product found market fit. From 2018 to 2019, it raised roughly $94 million across Series A, B, and C rounds – a rapid infusion used to scale engineering and global sales. Prominent investors such as SAP, Salesforce Ventures, and Comcast Ventures joined early, underscoring the strategic interest in BigID’s technology. Later rounds drew top-tier growth equity firms (e.g. Tiger Global, Advent) that valued BigID as a data-security market leader.
BigID has leveraged this capital to expand its product (adding new modules and AI capabilities) and its international presence. The March 2024 financing, for example, was explicitly aimed at accelerating innovation in AI-driven data security and potentially funding acquisitions. Overall, the company’s substantial funding has enabled it to invest ahead of the curve in a fast-evolving field, while providing assurance to enterprise customers that BigID is financially robust and in it for the long term.
Competitors of BigID
BigID’s rivals span both specialized privacy-tech firms and broader data management platforms:
OneTrust
The leading privacy management software provider, with a broad compliance platform. OneTrust (over $1B raised, ~$5B valuation) offers features like consent management and vendor risk management, and has added data discovery. Its strength is breadth and ease-of-use, while BigID emphasizes deeper data scanning and identity linkage that OneTrust’s add-on tools historically lacked.
Collibra
A top data governance and catalog platform. Collibra focuses on data cataloging and lineagesumble.com, overlapping with BigID in mapping data assets. Many enterprises use Collibra for overall data governance, sometimes alongside BigID (feeding BigID’s discovered metadata into Collibra). Collibra lacks native privacy enforcement, so BigID competes by providing both discovery and compliance actionability in one.
Securiti
A fast-growing “PrivacyOps” startup (founded 2019) offering a unified privacy, security, and governance platform similar to BigID. Securiti directly competes for the same use cases (DSAR automation, cloud data discovery, etc.). BigID’s advantage is its maturity and proven deployments, whereas Securiti markets a newer, AI-driven approach. Both are seen as innovators, and competition between them is intense in the Fortune 500 segment.
Other Alternatives:
Traditional compliance vendors (e.g. TrustArc) and big IT companies (e.g. IBM, Informatica) offer partial solutions. These often require combining multiple tools to cover what BigID does. For example, an enterprise might use a data catalog plus a separate DLP tool to approximate BigID’s capabilities. BigID’s all-in-one approach – integrating discovery with privacy and security controls – remains a key differentiator against such fragmented offerings.
Competitive Advantage of BigID
BigID’s competitive edge lies in its technology-first approach and its comprehensive coverage of privacy, security, and governance. Key differentiators include:
1. Deep Data Intelligence:
BigID’s strength is its powerful data discovery and identity-correlation engine. It scans virtually any data source to pinpoint personal and sensitive data with great granularity. Critically, BigID maps data to the individuals it belongs to, an identity-centric capability that many competitors lack. This “Google for data” approach (indexing information without moving it) provides rich context – BigID can find hidden connections and duplicates across silos. The result is a complete, accurate inventory of sensitive data, which is a foundational advantage for meeting privacy and security requirements.
2. Unified Platform:
BigID offers a single platform that addresses multiple needs. The same core system handles privacy compliance workflows as well as security analytics, using the shared data inventory. This all-in-one design means organizations do not need separate tools for discovery, privacy, and data protection – BigID bridges them. The introduction of an App Framework in 2020 further extends this extensibility, allowing organizations to take action (remediation, monitoring, etc.) on the discovered data within BigID. This breadth and integration are difficult for point solutions to replicate.
3. Continuous Innovation:
BigID has shown a consistent ability to anticipate and innovate for emerging needs. It was an early leader in automating privacy compliance via data intelligence (earning the “Most Innovative Startup” award at RSA 2018). It has since helped define new categories like data security posture management (being recognized as a leader in DSPM), and has incorporated support for nascent challenges such as AI data governance. Industry recognitions (from organizations like the World Economic Forum and inclusion in the Forbes Cloud 100) further attest to BigID’s status as an innovator.
In essence, BigID’s advantage is its combination of depth and breadth. It provides deep insight into data (finding what others miss) and a broad platform to address all facets of data privacy and protection in one place. This unique combination has allowed BigID to carve out a leadership position despite competition from larger and smaller players.
Products and Services of BigID
BigID provides an integrated data intelligence platform with multiple modules addressing privacy, security, and governance needs. Key components include:
Data Discovery & Classification
BigID’s core engine automatically scans and identifies sensitive data across diverse sources (databases, big data stores, cloud services, unstructured files) using ML-driven pattern matching. It builds a catalog of personal and high-risk data, classifying it by type and sensitivity. A distinguishing feature is identity correlation – BigID links disparate data entries to the people they relate to. This gives organizations a unified view of “whose data” they hold and where, which is the foundation for privacy and security efforts.
Privacy Management:
Built on the discovery foundation, BigID’s privacy tools help comply with regulations like GDPR and CCPA. For example, the software automates Data Subject Access Requests (finding and aggregating all of an individual’s data across systems for review or deletion). It also tracks user consent and performs privacy impact assessments. By tying regulatory requests directly to the data inventory, BigID enables privacy teams to respond efficiently and prove compliance. The platform can generate needed reports and alerts based on its comprehensive data knowledge.
Security & Risk:
BigID’s platform includes data security posture management capabilities – analyzing how sensitive data is stored and who has access, and flagging issues like misconfigured data stores or overly broad access rights. It provides access intelligence to reveal which users or applications have access to sensitive information, and can highlight risks such as excess privileges. BigID can also recommend or trigger remediation (for instance, identifying and quarantining exposed files). These features help organizations not only find sensitive data but also reduce its exposure and monitor its usage to prevent breaches.
Data Lifecycle Governance:
BigID assists with data retention and deletion policies. Using its data catalog, it can identify personal data that should be archived or purged (e.g. data beyond its retention period) and facilitate its removal. BigID also integrates with broader data governance programs – for example, by enriching metadata in enterprise data catalogs or feeding its findings into compliance workflows. This ensures that insights from BigID (like where sensitive data resides or how long it’s been kept) inform an organization’s governance and lifecycle management decisions.
AI Data Governance:
Recently, BigID has extended into AI/ML data governance. It introduced features for labeling and tracking sensitive data in AI training datasets and for monitoring AI models’ access to regulated data. These tools help companies maintain privacy and compliance as they adopt AI, ensuring that AI systems do not inadvertently use or reveal protected information.
In summary, BigID’s product suite forms a cohesive platform enabling organizations to “find, understand, manage, protect, and take action on” sensitive data wherever it lives. All modules share the underlying discovery engine, so a single deployment of BigID supports use cases across privacy operations, security risk management, and data governance in one unified system.
Conclusion
In conclusion, BigID’s brand story and strategic trajectory illustrate the rapid rise of a startup in response to a fundamental shift in how organizations handle data. From its founding in 2016 timed with the advent of GDPR, BigID has evolved into a prominent player in data privacy and security by marrying advanced technology with the practical needs of compliance. The company’s formal mission – to empower organizations to know and protect their data – has resonated in a climate of increasing regulatory scrutiny and public demand for data stewardship. Through strong leadership, an effective business model, and substantial venture funding, BigID scaled its innovative platform to serve Fortune 1000 clients around the world, approaching nine-figure annual revenues in under a decade.
Each aspect of BigID’s strategy has reinforced its market position. The founding team’s expertise anchored the company in credibility; the subscription business model ensured recurring revenue and customer engagement; and a clear focus on product excellence set BigID apart from larger competitors. By 2025, BigID has become a high-growth venture and a recognized thought leader helping to define industry standards in areas like data discovery and DSPM. Challenges remain – competition is fierce and the regulatory landscape keeps changing – yet BigID’s story so far demonstrates a capacity to adapt and lead. As enterprises continue to prioritize data privacy, BigID’s strategic choices and innovative spirit position it well to sustain its momentum in the years ahead.
Overall, the rise of BigID exemplifies how regulatory change can create new markets for data-centric innovation, and how a startup can leverage technical differentiation and strategic funding to become a category leader.
Also Read: Skyflow – Founders, Business Model, Funding & Competitors
Also Read: Datavant– Founders, Business Model, Funding & Competitors
To read more content like this, subscribe to our newsletter
