Theom
AI-native data operations center platform to discover, track, and protect enterprise data in cloud environments.
Website: https://www.theom.ai/
Cover Block
PUBLIC
| Field | Value |
|---|---|
| Name | Theom |
| Tagline | AI-native data operations center platform to discover, track, and protect enterprise data in cloud environments |
| Headquarters | San Jose, California, United States |
| Founded | 2020 |
| Stage | Series A |
| Business Model | SaaS |
| Industry | Cybersecurity |
| Technology Type | AI / Machine Learning |
| Geography | North America |
| Growth Profile | Venture Scale |
| Founding Team | Repeat Founder |
| Funding Label | Series A |
| Total Disclosed | ~$36,000,000 |
Links
PUBLIC
- Website: https://www.theom.ai/
- LinkedIn: https://www.linkedin.com/company/theom-security
- Crunchbase: https://www.crunchbase.com/organization/theom
Executive Summary
PUBLIC
Theom is a San Jose-based cybersecurity company building what it calls a Data and AI Operations Center, a platform designed to discover, govern, and defend enterprise data as it moves through cloud warehouses, lakes, and AI applications [Theom, retrieved 2025] [Crunchbase, retrieved 2026]. The company emerged from stealth in September 2022 with $16 million in seed funding and, in May 2025, announced a $20 million Series A led by Wing Ventures with strategic participation from Databricks Ventures, Snowflake Ventures, and SentinelOne's S Ventures [SecurityWeek, Sep 2022] [Theom, May 2025]. Co-founder and CEO Navindra Yadav previously founded Tetration Analytics, which Cisco acquired, and served as a Cisco Fellow before launching Theom in late 2020 [Cisco Blogs, retrieved 2026] [ContactOut, retrieved 2026]. Co-founder and COO Ravi Sankuratri spent prior years as a Senior Principal Engineer at Yahoo, and the broader founding bench draws from Google, Yahoo, and Cisco [Crunchbase, retrieved 2026] [SecurityWeek, Sep 2022]. The product is positioned as agentless, data-centric, and AI-native, layering an RLHF attack-detection engine, a GAN-based breach-detection engine, and a transformer-based classification engine on top of customers' existing cloud data stores [Theom, retrieved 2025]. The Series A coincides with the launch of the Data Operations Center concept, an attempt to reframe data (rather than infrastructure) as the security perimeter for the AI era [Theom, May 2025]. Over the next 12 to 18 months, the watch items are commercial traction inside Databricks and Snowflake ecosystems, the cadence of enterprise customer disclosures, and whether Theom can convert strategic investor relationships into distribution.
Data Accuracy: GREEN -- Confirmed by Theom company materials, SecurityWeek, Crunchbase, and PitchBook.
Taxonomy Snapshot
| Axis | Value |
|---|---|
| Stage | Series A |
| Business Model | SaaS |
| Industry / Vertical | Cybersecurity, Data Security |
| Technology Type | AI / Machine Learning |
| Geography | North America (San Jose, CA) |
| Growth Profile | Venture Scale |
| Founding Team | Repeat Founder (prior Cisco / Tetration exit) |
| Funding | ~$36M disclosed across Seed and Series A |
Company Overview
PUBLIC
Theom was incorporated in December 2020 in San Jose, California, by Navindra Yadav and Ravi Sankuratri, with a founding team drawn from Google, Yahoo, and Cisco [Theom, retrieved 2025] [PitchBook, retrieved 2026]. Yadav's prior company, Tetration Analytics, was an internal Cisco venture that he led from January 2014 to November 2020 and that became one of the early entrants in zero-trust cloud workload security [ContactOut, retrieved 2026] [Cisco Blogs, retrieved 2026]. Earlier in his career, Yadav was a founding engineer at Insieme, also acquired by Cisco, where he worked on the ACI switch fabric for data centers [Theom, retrieved 2025]. That lineage shaped Theom's premise: that the next perimeter to defend in enterprise IT is the data layer itself, not the network or the workload.
The company spent its first roughly two years in stealth before announcing a $16 million seed round in September 2022, with reporting from SecurityWeek and The SaaS News framing the company as a cloud data security entrant focused on SaaS data stores and cloud warehouses [SecurityWeek, Sep 2022] [The SaaS News, Sep 2022]. On May 12, 2025, Theom announced a $20 million Series A led by Wing Ventures, with Databricks Ventures, Snowflake Ventures, and SentinelOne's S Ventures joining alongside existing investors, and used the announcement to formally launch what it calls the Data Operations Center [Theom, May 2025] [SaaStake, retrieved 2025]. Total disclosed funding to date sits at approximately $36 million.
Key milestones in chronological order: company formed (December 2020); seed round and stealth exit ($16M, September 2022); Series A and product launch as a Data Operations Center ($20M, May 2025); deepened partnership posture with Databricks publicly acknowledged in 2025 coverage [AI-Tech Park, retrieved 2026].
Data Accuracy: GREEN -- Confirmed by SecurityWeek, Theom, Crunchbase, and PitchBook.
Product and Technology
MIXED
Theom markets itself as an agentless, data-centric security and governance platform that sits across cloud data stores and AI applications, analyzing what the company describes as "AI, data, user identity, data usage, intent, and platform vulnerabilities" [PUBLIC] [Theom, retrieved 2025]. The platform's published feature set includes AI-driven data access governance, an RLHF (reinforcement learning from human feedback) attack-detection engine, a GAN-based breach-detection engine, an agentless discovery engine, a transformer / NLP-based classification engine, a generative-AI remediation engine, multi-cloud compliance, and contextual data security observability [PUBLIC] [Theom, retrieved 2025]. The agentless posture is a deliberate architectural choice: Theom states that it "runs with no agents, uses the native capabilities of every store, and delivers the outcomes within the store so that no data leaves the customer's control" [PUBLIC] [Theom, retrieved 2025].
The positioning around an "AI Operations Center" frames the product less as a point tool and more as a control plane spanning data discovery, classification, access governance, breach detection, and remediation. In its Series A announcement, the company argued that "data, not infrastructure" should be treated as the new security perimeter for AI-era workloads, a thesis that aligns with the strategic participation of Databricks Ventures and Snowflake Ventures in the round [PUBLIC] [Theom, May 2025]. Customer logos, deployment counts, and independent benchmarks are not publicly disclosed, so the technical claims rest primarily on Theom's own materials at this stage.
The go-to-market and partnership picture is more visible than the customer roster. Coverage in AI-Tech Park notes that "Databricks is excited to deepen its partnership with Theom" [PUBLIC] [AI-Tech Park, retrieved 2026], and the participation of Snowflake Ventures alongside Databricks Ventures suggests Theom is positioning to ride along the data-platform ecosystems rather than compete with them. Tech-stack specifics beyond what the company publishes are not independently verifiable from public sources.
Data Accuracy: YELLOW -- Product features confirmed by Theom primary materials and Series A press; absence of third-party technical benchmarks limits corroboration.
Market Research and Opportunity
PUBLIC
The data security posture management (DSPM) and AI-data-governance category has moved from a niche analyst rubric to a board-level concern in the span of roughly three years, driven by the convergence of cloud data warehouses, generative AI adoption, and tighter disclosure regulation. Theom is targeting that convergence directly.
Third-party market sizing specific to Theom's segment is not present in the verified source set for this report, so quantified TAM / SAM / SOM figures are not publicly available at the level of rigor this brief requires. The qualitative demand signals, however, are concrete. The U.S. Securities and Exchange Commission's cybersecurity disclosure rules, which require registrants to report material cybersecurity incidents within four business days, have pushed enterprises to invest in earlier breach detection at the data layer, a trend Theom itself flagged in its blog on the SEC rules [Theom, retrieved 2025]. The proliferation of cloud data warehouses and lakes (Snowflake, Databricks, BigQuery, Redshift) has expanded the surface area where sensitive data lives outside traditional perimeter controls, and the rise of retrieval-augmented generation and enterprise LLM applications has created a new class of data-exposure risk where proprietary corpora become inputs to model behavior.
Adjacent and substitute markets matter for how Theom will be bought. The closest neighbors are DSPM tools (Cyera, Sentra, Dig Security, the latter acquired by Palo Alto Networks), data loss prevention platforms (Forcepoint, Symantec / Broadcom), data security platforms tied to backup vendors (Rubrik's data security posture extensions), and emerging AI-data-governance entrants (Flow Security, acquired by CrowdStrike). Customers can also reach for native controls inside Snowflake and Databricks, which is precisely why Theom's strategic alignment with both of those ventures arms is commercially meaningful.
Regulatory and macro forces tilt in the category's favor. SEC disclosure rules, the EU AI Act, sector-specific data-residency rules, and the continued cadence of high-profile breaches at data-warehouse customers (most visibly the 2024 incidents linked to Snowflake customer environments) all push CISOs toward dedicated data-layer tooling rather than relying on infrastructure-centric controls.
| Sizing claim | Value | Source |
|---|---|---|
| Theom total disclosed funding | ~$36M | [Crunchbase, retrieved 2026] |
| Series A round size (May 2025) | $20M | [Theom, May 2025] |
| Seed round size (Sep 2022) | $16M | [SecurityWeek, Sep 2022] |
Analyst takeaway: the absence of a cited third-party TAM in the verified set means investors should triangulate from comparable DSPM venture rounds and from Snowflake / Databricks platform spend rather than from a single market-research figure. The strategic-investor signal from both major data-platform venture arms is, in itself, a useful proxy for category importance.
Data Accuracy: YELLOW -- Funding figures confirmed by multiple sources; market-sizing figures rely on inference from adjacent categories rather than a named third-party report.
Competitive Landscape
MIXED
Theom competes in a crowded data-security field where the differentiation lines run along agent vs. agentless architecture, depth of AI-data governance, and proximity to the major cloud data platforms.
| Company | Positioning | Stage / Funding | Notable Differentiator | Source |
|---|---|---|---|---|
| Theom | AI-native Data Operations Center, agentless across cloud data stores | Series A, ~$36M total | Agentless architecture, RLHF and GAN detection engines, Databricks + Snowflake Ventures backing | [Theom, May 2025] [Crunchbase, retrieved 2026] |
| Cyera | Data security posture management for cloud and SaaS data | Late-stage, multi-round growth funding | Category-defining DSPM brand recognition and large enterprise logo base | [Crunchbase, retrieved 2026] |
| Forcepoint | Enterprise data loss prevention and data security suite | Private, established incumbent | Installed base in regulated industries and government | [Crunchbase, retrieved 2026] |
| Flow Security | Runtime data security; acquired by CrowdStrike | Acquired | Endpoint security distribution via CrowdStrike post-acquisition | [Crunchbase, retrieved 2026] |
| Rubrik | Data security tied to backup and recovery | Public (NYSE: RBRK) | Distribution through backup install base; data security posture extensions | [Crunchbase, retrieved 2026] |
The segment splits roughly into three camps. Pure-play DSPM challengers like Cyera have raised aggressively and built brand equity at the analyst level; established DLP and broader security incumbents like Forcepoint hold the regulated-industry installed base; and platform-adjacent players like Rubrik and the post-acquisition Flow Security ride distribution from much larger franchises (backup, endpoint). Theom sits closest to the first group architecturally but distinguishes itself with the agentless, in-store execution model and an explicit AI-data-governance framing rather than a narrower DSPM scan-and-classify pitch.
Theom's most defensible edge today is the combination of (a) a founding team with an enterprise-security pedigree credible enough to win pilot conversations with Fortune 500 CISOs, given Yadav's Tetration / Cisco history [Cisco Blogs, retrieved 2026], and (b) the strategic capital from both Snowflake Ventures and Databricks Ventures, which is unusual for a single Series A and creates at minimum a warm-introduction channel into both ecosystems [Theom, May 2025]. That edge is partially perishable: strategic investments do not guarantee product co-sell motions, and Snowflake and Databricks both ship native governance features that compete for the same buyer wallet.
Where Theom is most exposed is on commercial scale relative to Cyera, which has raised meaningfully more capital and built a larger go-to-market machine, and on distribution relative to CrowdStrike-owned Flow Security, which can be sold by one of the largest endpoint security forces in the industry. Theom does not own an endpoint channel and has not publicly disclosed an MSSP or major-reseller relationship.
A plausible 18-month scenario: the winner if the Databricks and Snowflake co-sell motions become real, and Theom can convert a handful of named Fortune 500 logos in regulated verticals (financial services, healthcare, pharma) into reference customers, is Theom itself, which would then be positioned for a meaningful Series B at a category-leader multiple. The loser if Cyera continues to consolidate analyst mindshare and the cloud data platforms ship deeper native governance is the broader pure-play DSPM cohort, in which case Theom's path narrows toward strategic acquisition by one of its existing ventures-arm investors.
Data Accuracy: YELLOW -- Competitor identities confirmed; relative funding and stage descriptions partially inferred from public coverage rather than stated by Theom.
Opportunity
PUBLIC
If Theom executes, the prize is becoming the default control plane for enterprise data and AI governance inside the two dominant cloud data platforms.
The headline opportunity. The single largest plausible outcome for Theom is to become the cross-platform data security and governance layer that sits natively alongside Snowflake and Databricks deployments, in the same way that identity providers became the default layer alongside SaaS adoption. The evidence that this is reachable rather than aspirational rests on three points: the strategic participation of both Databricks Ventures and Snowflake Ventures in the same Series A round [Theom, May 2025], a founding CEO with a prior Cisco-acquired security platform (Tetration) that proved he can build infrastructure software at enterprise scale [Cisco Blogs, retrieved 2026] [ContactOut, retrieved 2026], and a regulatory backdrop (SEC disclosure rules, EU AI Act) that is forcing CISOs to budget specifically for data-layer controls [Theom, retrieved 2025]. Those three together convert what would otherwise be a crowded DSPM pitch into a credible platform play.
Growth scenarios.
| Scenario | What happens | Catalyst | Why it's plausible |
|---|---|---|---|
| Ecosystem default | Theom becomes a recommended data security partner inside the Snowflake and Databricks marketplaces, winning the bulk of new AI-data-governance deployments in those ecosystems | Formal co-sell or marketplace-tier agreement following the Series A | Both Snowflake Ventures and Databricks Ventures invested in the same round, and Databricks has publicly signaled intent to deepen the partnership [Theom, May 2025] [AI-Tech Park, retrieved 2026] |
| Regulated-vertical wedge | Theom lands a beachhead in financial services and healthcare on the back of SEC and HIPAA disclosure pressure, then expands account footprint horizontally | A reference Fortune 500 customer disclosure plus an SEC enforcement action that elevates data-layer monitoring as table stakes | Theom has explicitly published on the SEC cybersecurity rules and built features around early breach detection [Theom, retrieved 2025] |
| Strategic acquisition target | One of Theom's existing strategic investors (Databricks, Snowflake, SentinelOne) acquires the company to bring data security in-house | A category-tipping M&A move by a competitor (analogous to CrowdStrike / Flow Security) that forces a defensive response | The investor cap table is unusually concentrated among potential acquirers, and the precedent for acquiring DSPM startups is recent and well-priced [Crunchbase, retrieved 2026] |
What compounding looks like. The flywheel for a data security platform is governed less by classical network effects and more by data-graph density and integration depth. Each new data store Theom connects to (Snowflake, Databricks, BigQuery, Redshift, S3, Postgres, SaaS apps) increases the completeness of the access and lineage graph it can show a CISO, which makes the platform stickier per account and shortens the next sales cycle in the same vertical. The agentless architecture compounds that flywheel because deployments are lighter and faster, which is the exact friction point that has historically slowed DLP and DSPM rollouts [Theom, retrieved 2025]. Strategic investor partnerships compound distribution: every additional Databricks or Snowflake seller who learns the Theom pitch is a marginal-cost-zero channel.
The size of the win. A credible public comparable is Rubrik, which trades as a public data-security company on the NYSE, and a credible private comparable is Cyera, which has been valued in the multiple billions across recent rounds (per public reporting in the broader DSPM category). Acquisitions in adjacent data security have priced in the high hundreds of millions to low billions (CrowdStrike's reported acquisition of Flow Security being one recent reference point in the category). If the ecosystem-default scenario plays out and Theom reaches even a fraction of Cyera's reported valuation range, the outcome would be a multi-billion-dollar enterprise software company (scenario, not a forecast). If the strategic-acquisition scenario plays out instead, a high-hundreds-of-millions outcome inside three to five years is consistent with the recent comparable transactions in the category (scenario, not a forecast).
Data Accuracy: YELLOW -- Scenarios grounded in confirmed funding, partnership, and team facts; valuation comparables drawn from publicly known category transactions rather than Theom-specific disclosures.
Sources
PUBLIC
[Theom, May 2025] AI Data Becomes Mission Critical: Theom Raises $20 Million Series A | https://www.theom.ai/post/ai-data-becomes-mission-critical-theom-raises-20-million-series-a-to-launch-the-first-data-operations-center
[Theom, retrieved 2025] Theom homepage and platform pages | https://www.theom.ai/
[Theom, retrieved 2025] Company page | https://www.theom.ai/company
[Theom, retrieved 2025] Seed funding and our vision to solve data security for the cloud | https://www.theom.ai/post/seed-funding-and-our-vision-to-solve-data-security-for-the-cloud
[Theom, retrieved 2025] New SEC Cybersecurity Rules Define Need for Early Detection of Data Breaches | https://www.theom.ai/post/new-sec-cybersecurity-rules-define-need-for-early-detection-of-data-breaches
[Theom, retrieved 2025] Contextual data security observability | https://www.theom.ai/platform/contextual-data-security-observability
[SecurityWeek, Sep 2022] Cloud Data Security Startup Theom Emerges From Stealth With $16 Million in Funding | https://www.securityweek.com/cloud-data-security-startup-theom-emerges-stealth-16-million-funding/
[The SaaS News, Sep 2022] Theom Raises $16.4 Million in Seed Round | https://www.thesaasnews.com/news/theom-raises-16-4-million-in-seed-round
[Crunchbase, retrieved 2026] Theom company profile and funding | https://www.crunchbase.com/organization/theom
[SaaStake, retrieved 2025] Theom funding: $20M Series A to enhance AI data security | https://saastake.com/theom-funding/
[PitchBook, retrieved 2026] Theom 2026 Company Profile: Valuation, Funding & Investors | https://pitchbook.com/profiles/company/470785-69
[LinkedIn, retrieved 2026] Theom company page | https://www.linkedin.com/company/theom-security
[The Org, retrieved 2026] Theom org chart and Ravi Sankuratri profile | https://theorg.com/org/theom
[Craft.co, retrieved 2026] Theom CEO and Key Executive Team | https://craft.co/theom/executives
[Cisco Blogs, retrieved 2026] Tetration Analytics and Navindra Yadav Cisco Fellow background | https://blogs.cisco.com/
[ContactOut, retrieved 2026] Navindra Yadav career history at Tetration / Cisco | https://contactout.com/
[AI-Tech Park, retrieved 2026] Databricks deepens partnership with Theom | https://ai-techpark.com/
Articles about Theom
- Theom Wants to Sit Between Every Snowflake Table and the Next Data Breach — The San Jose startup raised $20M from Wing, Databricks, and Snowflake to govern enterprise data without deploying a single agent.