I decided to join Securonix in January, 2016. Like any career change, I made this one with as much care and diligence as possible. This isn’t my first security startup rodeo; I’ve been helping to build security companies for almost 20 years and I have been lucky enough to be part of some really great success stories. Many of these companies have had successful IPOs and or acquisitions including:
- Riptech (acquired by Symantec)
- ArcSight (IPO then acquired by HP)
- Imperva (IPO)
- McAfee (acquired by Intel)
- Solera Networks (acquired by Blue Coat)
I’m overjoyed and blessed to have been part of so many great organizations and to have worked with such incredible people in the pursuit of creating solutions that truly help organizations better mitigate risk. Along the way, I’ve made some lifelong friends, which is why, when I joined Securonix, I brought with me a team of some of the best in brightest in the industry. Some of them have been with me since the beginning of this startup journey some 20 years ago, such as:
- Jeff Seely
- Jonathan Curtis
- Joseph Pizzo
- Kevin Lemmon
- Rob Eslinger
Collectively, the team has over 100 years of combined experience working in cutting edge security startups. And there is no other group that I would rather do it with all over again.
So why did I (we) join Securonix?
When looking for a great company, it’s no secret that there are three basic criteria that must be evaluated: the seasoned nature of the management team, the market readiness for the solution and, of course, the solution’s quality. Building a security start-up is hard work even when these criteria are met, but without them, it can be downright heartbreaking. Securonix checks all the boxes for management team, market readiness, solution quality, and then some.
Honestly, we all also wanted to work in a hot space with a hot company. We wanted someplace with heart and culture. We wanted to help solve real customer problems. We wanted to innovate. We wanted to be excited about the space, the company and the extensibility of what we could do. We wanted to wake up early and go to sleep late because we couldn’t stop thinking about the technology. We wanted to be part of a team that shared a similar focus. Security analytics is that hot space and Securonix is that hot company.
Management Team
I’ve known many of the members of the Securonix executive team for several years. Some, like Business Development VP Darren Gaeta and Product Management VP Ken Mermoud, for over a decade from our time together at ArcSight. When I first met the CEO Sachin Nayyar, CTO Tanuj Guiati, COO Chris Bell and CMO Sharon Vardi, Securonix was only about 50 people. Today, that number is about 200 and growing. Securonix has bootstrapped and grown organically while maintaining profitability since 2012. This by itself is a testament to an executive team that knows how to do it right. This team is made up of individuals that have all had past successes in the industry and it’s clear that honesty, transparency and commitment are tenants to which they all subscribe.
The core focus of the executive team is customer success – and it shows. Leadership has put in place processes, checks and incentives to ensure that engineering, support, sales, marketing and the like are all focused on ensuring that customers get world class products and services, period.
Securonix started in 2008 and began shipping GA products in 2011. They’ve been through the battles all successful security startups fight to reach maturity and market dominance. The battles of spending 48 hours straight in a datacenter getting things working just right, pulling everyone in the company together to help resolve a customer issue at 2am, building that one special feature for that critical customer, and personal sacrifice for the betterment of the team. There are no shortcuts. These battles must be fought and if they are won more often than lost, after the dust settles, a battle-hardened company with wiser leaders remains. This hardworking philosophy has lead to remarkable growth and wide-scale market acceptance for Securonix. Management team – check.
Market Readiness
Securonix has a list of global customers across financial services, healthcare, retail, critical infrastructure, pharmaceutical, and government that reads like a who’s who of the Fortune 500. It has a dream-team line-up of some of the most strategic partners in the business like: HP, Cloudera, PwC, Dell, E&Y, Booz Allen and many more. Revenue is strong, growth has been 100-200 percent year over year, and enterprises and government organizations have budgeted need for security analytics platforms like Securonix. The overall market is growing substantially domestically and internationally and Securonix continues to overachieve with innovative solutions to meet the market’s needs. This one is easy. Market readiness – check.
Solution Quality
When my team and I got a chance to see Securonix in action for the first time, we were blown away. We all huddled around an in-person demo at a local Panera restaurant trying to edge each other out for a better view. Now remember, all of us have worked with enterprise solutions before so we have a certain level of expectation in terms of features, functions and benefits. But Securonix is a security analytics platform that not only lives up to the hype, but far surpasses it, even surpassing the marketing literature.
The deeper we got into the platform the more we realized how massively scalable it was. No wonder so many large organizations have standardized on Securonix for their security analytics platform. We reviewed the ~200 disparate data sources and were pleased to see how easy it is to add another source. Many of us come from SIEM backgrounds and we know that, regardless of the number of sources you can support, the customer will always want another. So speed to new source support is critical. Securonix makes it easy.
I recall looking at the behavioral algorithms that successfully connected the dots between users, their multiple devices, applications and even physical security while doing peer comparisons and wrapping everything up with a bow via pre-packaged threat model content that I later found out was created by a customer. This type of crowd sourced content is the way of the future. This type of automated correlation that is truly signature-less is the stuff we dreamed of when we were at ArcSight. Here it is in real life – easy, effective and operational.
The data science alone, featuring multiple patented algorithms that are all purpose-built by security industry experts, just screams operational effectiveness. Security solutions designed by security practitioners for security practitioners – always a great approach.
Then we got into use cases. Any security analytics platform needs behavior analytics, the ability to evaluate peers and essentially get to the “who,” normalize it, and find the outliers. But that’s where a lot of the other solutions we looked at simply stopped. Most were myopically focused on User Behavior Analytics (UBA) for insider threat mitigation. UBA is an important capability and insider threat an important use case, but to us, that wasn’t even table stakes for a true security analytics platform.
Securonix has cutting edge User and Entity Behavior Analytics (UEBA) and is one of the best at addressing insider threats. But it is equally effective at using machine-based deterministic models, content-specific anomaly detection, predictive analytics with static, content and behavior variables, threat modeling and threat chaining all across insider threats, external attacks, cloud application abuse, fraud, trade surveillance and anti-money laundering. And while that sounds like a lot of extensibility, and it is, it is really only the tip of the iceberg for what the Securonix Security Analytics platform is capable of. Solution quality – check.
Final Decision
Given all these factors, my team and I still conducted a great deal of diligence. We talked with customers, industry analysts, the media, security luminaries and even competitors. We independently decided that Securonix is one of the hottest security companies around and a place where we could all continue to truly help customers mitigate risk demonstrably. The next step was simple. We collectively signed up with Securonix and haven’t looked back.