Welcome toĀ The Cybersecurity Pulse! I'm Darwin Salazar, Product Manager at Monad and a former Detection Engineer. Each week, I distill the latest in cybersecurity innovation into digestible, bite-sized updates. If youāre serious about staying at the forefront of the latest in security products and industry news make sure to hit the āSubscribeā button below to get my insights delivered straight to your inbox every week š© š
GM! š
While BlackHat 2024 officially kicks off today, yesterday was a jam-packed day with 1-day summits for CISOs, AI, Analysts, and Innovators & Investors (I&I).
I had the opportunity to spend time at the I&I summit (thanks, Coleen!) and was impressed by the programming, presenters, attendees, and the startup pitch competition.
While itās 440am here and I still havenāt had my dbl shot espresso, Iāll attempt to put together my key takeaways and quick hits from the summit before going off and throwing iron around with some friends at the Lair š
Before moving on though, why the f*ck is there not a spot serving coffee 24/7 in the Mandalay Bay towers!?!?!?!??
Anyway.. I&I quick hits.
Quick Hits
George Kurtz & Resilience š”ļø
Even after all the Crowdstrike-caused outages, threats, $10 gift cards, and lawsuits, George Kurtz still pulled through on his Blackhat commitments and faced the music with his head high and chest out. This is not something most people would do today, but its exemplary leadership and how Crowdstrike has handled it will be under the microscope for years to come. Kudos to Mr. Kurtz for taking this straight on.
The star-studded panel covered how to get your startup acquired + how to approach IPO. Industry staples like Barmak Meftah, Chenxi Wang, and Andrew Peterson also shared many gems for builders and investors.
Building Trust w/ CISOs š«±š½āš«²š»
This is the one I had been looking forward to the most and it did not disappoint! Fredrick Lee aka āFleeā, CISO at Reddit, John Flynn aka āFourā VP of Security at Google Deepmind, and Christina Cacioppo, Founder & CEO at Vanta had tremendous amounts of gems for founders, investors, and GTM teams.
Disclaimer: While Iāll share detailed notes from talks and panels, statements canāt be officially attributed to anyone given that I donāt record who said what. This is on purpose.
Anyhow, below are my raw notes from the panel:
Get deep into problems and platformize them; too many tools in security stack
Software supply chain is a massive burning pain point for enterprises today
Open source + 3rd party
Security startups should prioritize transparency and not BS about where they are in their security journey
Security startups should understand that bringing them on as a vendor is expanding their attack surface
"We want to be a partner; not a vendor"
Help build and extend their security team
Building something WITH you; not for YOU
They appreciate founders who are passionate about the problem and not just the money
Establish and chase your north star; don't just hunt down customer requests
Saying "Yes" too much is a real problem from a product perspective
"Internalize the problem you are solving; take it personally"
Security is rarely a technical problem; it is more of a workflow/biz ops/people problem
Identifying & Attracting the Right Investorsš°
This was the panel after lunch but it still delivered. How could it not? Look at the panelists. Anyhow, my notes arenāt as detailed for this one but here you go:
āBootstrapping is not as hard as ppl make it seem. Put your head down and build for as long as you financially can without outside helpā
Counter: There aren't a lot of bootstrappers that do FedRAMP or other expensive problems to solve.
Security categories are becoming meaningless. Marketing BS. Thanks, Gartner!!!!
Majority of companies coming out are 1 feature companies.
Overlapping telemetry and functionality across tools.
Risk reduction + prioritization > Visibility
THE INDUSTRY DOES NOT NEED MORE VISIBILITY
On doing discovery: Ask buyers where their biggest problems are; don't tell them what you're building and if that would work for them.. Don't even tell them what you're building. Just listen to whatās plaguing them the most at the moment.
There were many other amazing, star-studded panels throughout the day but I didnāt capture any notes for those. Suffice it to say the summit was a hit. Now onto the Startup Spotlight!
Startup Competition š
While Knostic brings the hardware home, the other 3 startups, which I wrote about here, delivered amazing pitches and are solving truly hard problems. Kudos to the other finalists and congratulations to Sounil and Gadi for the big W!
Knostic
Leadership: Sounil Yu, Co-Founder & CTO; Gadi Evron, Co-Founder & CEO
Problem Space: GenAI Security
Solution: Need-to-know based access control for LLMs to prevent oversharing of sensitive information. Their product analyzes existing permissions and roles to derive need-to-know levels across organizations, guiding employees and customers to the information they need while preventing access to unnecessary details.
One key area of focus for them seems to be Microsoft Copilots which are a privacy mess in and of themselves.
Founded in: 2023
HQ: Tel Aviv, IL
Total raised: $3.3M USD pre-seed
Website: Knostic.ai
Bye For Now!
Iāll be back next week with TCP #56 encapsulating all key product and feature releases for the week. Until then, if you see me in LV, say hello! And if youāre not here, thank the heavens and keep it cool.
Hasta la proxima! āļø
Excellent TL;DRs for those of us stuck at home!