Transcript
00:00:01
[Music] welcome to cyber in the clouds a community podcast designed for cyber leaders and professionals I’m Chloe your host I’m thrilled to have you all join us so let’s explore what’s happening at The Cutting Edge of security today with our expert guest iik Alvis Hi iik how are you I’m good thanks uh thanks for having me llo amazing no thank you for jumping on do you want to introduce yourself and just tell the listeners who you are and where you come from sure uh I’m is alvas I’m uh
00:00:42
currently the CEO of uh intro security uh inro is a non-human identity life cycle management and secret security platform um I’ve been in the Cyber industry for almost 20 years now started um in the in the IDF at the Israeli Defense Force at one of the intelligence units over there um actually was on the offensive side of cyber uh but moving into the public market I transitioned into uh cyber security the defensive side of cyber um so prior to entro security I was responsible for the internal security
00:01:19
under one of Microsoft’s clouds uh prior to that I was a ciso for an Healthcare organization uh Chief Information Security Officer over there um and C based in Boston just outside of Boston nice amazing well thank you for the intro today is all about discussing the rising threat of non-human identities in the cloud so we’ll get straight into it um you mentioned that you know you’ve you’ve been in security for a long time now um what truly sets entros Security Solutions apart from competitive and I
00:02:00
just wanted to take a quote from Adam the CTO and co-founder to entro as well that every human identity you’ll have about 45 nonhuman identities created right that’s that’s cor correct maybe let’s frame for a second what are non-human identities uh so essentially non-human identities are programmatic access keys that applications are using um to access and authenticate resources they need um so basically programmatic credentials like service accounts API keys and and so forth uh so if you’re
00:02:38
application needs to use a database they need some sort of a credential to authenticate against it uh and those are the role of non human identities um so Adam was correct to to a point uh and I’m going to I’m going to explain so Gartner are saying uh there are 45 non human identities for every human identity every human employee you have within the organization um we’re seeing at our customer base we’re seeing 92 uh for every yeah that’s that’s that’s insane that’s insane so for every human
00:03:14
employee you will have 92 nonhuman identities we just published a report with a lot of cool statistics um so yeah it means that um there are a lot of those non-human identities a lot of those um credentials floating around in your organization and the sheer size of them trying to protect them trying to even get an inventory to understand how many I have and where uh that’s a huge huge challenge for security teams yeah amazing and I know that it’s been named sort of the top two like attack vectors as well um so you
00:03:52
know it’s it’s very prevalent in today’s market um but you’ve got some fantastic feedback from customers and C from solar winds safe breach elastic all on your website for people to see but um you know what what sort of feedback have you had personally from some of these customers what challenges have they faced and what what have you been able to solve for these customers in the market right right uh I think the main challenge with nonhuman identities is they are being created permissioned are
00:04:28
used by teams that are not respons responsible to secure them so they are being created um permissioned and use mainly by developers um and devops uh that you know those teams would like to run fast um and build stuff and the main problem with that is those non-human identities are being scattered all over the place so the developer can store them you know within a config file which is basically exposed uh you can store them within vaults can even send them through teams or select channels to his
00:05:03
body um and the main problem we’re seeing in the industry is that security teams not really know how many nonhuman identities they have where or what they’re able to do why they are they were created um and and so forth uh so that’s uh that’s the main challenge we’re seeing and and I think for like everything about security or or even about any compan is like you have two two access one of them is I want to run fast I want to maybe the speed one uh the other one will be the security one
00:05:42
so if every time you know you are creating an Unum identity uh the developer will need to you know review a bunch of things and talk with security and and so forth maybe you’re going to be secure to a point but you’re gonna be very slow uh the other the other uh side of it is maybe you can allow everything like developers can do everything they want you’re going to be very fast but you’re going to be less secure or probably not secure at all as and as you mentioned that’s for the past
00:06:13
four years in a row by both Verizon and IBM the leading reports those are nonim identities attacks are the second most frequent attack vector by the way the number one number one most costly attack um so I assume you know choosing the first one the um and not being secure that’s uh that’s probably not the best option um and entro entro helps organization uh security teams basically to reclaim control over those non-human identities by managing um and automating and securing their life cycle and we’re
00:06:47
doing that out of band so we can help organization to also be secure but also run really fast um and that’s the main feedback we’re hearing that we’re helping organization to with speed uh with cost um and with of course security so that’s that’s great that’s amazing you’ve grown so much over the past few years um so far you know I was I was hearing you on another podcast um a few months ago doubl in the the R&D team um You’re Now set in Boston as well and I hope you’ve
00:07:26
settled in well now so how how is everything now the you’ve um you know you’ve really grown the business over the last few months really yeah I’ll start I’ll start with Boston uh you know moving from Sunny Tel Aviv Sunny Israel to to Boston I can’t even can’t even bear the thought of another winter over here but but uh but but I really like the place I really like Boston uh so thanks for asking um in terms of the business yes we’re growing um so I personally experi exped three
00:08:01
different Brides uh with non human identities and that’s basically why I started inro uh we were the firstc to Market with that problem area with with our platform um so being forced you know gave us uh the forc Mover advantage and and we are running fast we have a great platform that uh we have dozens of customers uh you named some of them uh big Enterprises so yes we we are scaling um it’s uh it’s never never easy to scale um or maybe changes are never easy but uh but the it’s it’s also great it’s also great
00:08:46
seeing um you know our platform gaining so much struction and what I felt as a c so the problems that I had um now I’m able to solve them to other organizations that’s really great and you know coming from the seeso perspective as well that’s that’s all sales people want to know what’s going on in the cesos minds what can we help solve the challenges of so we’re always saying that we’re practitioners selling to practitioners we’re building what we wanted amazing and what do you feel are the like key
00:09:21
traits and characteristics that you found from the founding team that you’ve built over the last few years is there anything specific that you can pinpoint that you’ve you’ve looked out for in individuals who are joining entro um yeah for sure I think um you know iring as um as a CEO so there are stuff that I’m used to it like I was always on the cyber security and generic side so you know hiring developers and and the& the department that work was maybe more easy uh for me to do um iring Marketing sales
00:10:06
and so forth so I I was never a part of that world uh that was maybe more uh more challenging I think the main okay I’ll some people I for experience like hey that guy or girl did it before um I think you should for lack of knowledge um so if you don’t know how to sell your product um and you don’t have the the processes then bring you know bring that knowledge in house uh if you don’t know how to Market your product then bring that knowledge um in house um so try to hire for the knowledge you
00:10:52
need and not the experience um I know it’s a it’s a statement and we should probably break it down but but that’s that’s the main goal it’s really hard when trying to you know get the right people involved in in your business um which is your baby really isn’t it you you founded the business and everything so it’s um it’s hard to get the right people in but also giving people the opportunity as well is is also great so no I think that could be another podcast episode in itself on
00:11:28
who to hire in cyber startups definitely um but you know congratulations to you guys on reaching sort of series a this year um you know spearheaded by some fantastic VCS like d Technologies and previous seed investors like hyper wise and stage one as well um just wondered what some of the key challenges um you’ve faced sort of getting to series a have have been and I’m pretty sure that there’s plenty but if you could think about a few key takeaways to get into that point is there anything that you can
00:12:11
share um sure so I think when you’re raising U money for the seed round like when you’re you know out of the gate what you want to prove is um hey there’s a problem problem over here um I think I have a solution for it like I I try to valid date my solution with as many people as I can with practitioners and and and so forth so that’s what you need to very high level that’s what you need to prove uh during the a round you kind of you know need to to have evidence for it um so we started with hey there’s a
00:12:46
problem in the market I think there’s a problem I think I have the right solution um during the a round or before the you you actually need uh to prove it to have U justifications for it um and the main way to do it is getting customers um and not only getting customers but having your customers you know using your product in the same way um solving the same problem solving it by the same features and same pillars and and so forth and we were lucky enough to you know build the right platform um
00:13:25
have all types of different verticals and and customers um Fortune 100 and so forth that are using our platform in the same way as a small startup do uh solving the same problem uh automating and securing the life cycle of non-human identities and then basically like placing an air tag over them claiming control over them um and that was the main the main challenge um and that’s what you should do if you’re going into an a round amazing no that’s really good advice and there’ll be
00:14:00
plenty of people that that that can use it in in today’s landscape I mean the investment that’s going into Tech and particularly cyber um you know is is huge so definitely good ADV Reason by the way for a good reason yes of course um and in terms of the future growth and entros Ro map um you know you’ve had some really notable Awards this year like the VSA best emerging Tech top Innovation just to name a couple you’ve had many more um you’re now like we mentioned based in Boston where the
00:14:38
goto Market team is based what is the the road map for for entro going forward going into 2025 yeah so we’re going to double so we already doubled our side but we’re going to redouble our side we’re going to double it again um so basically we’re going to continue what we’re doing uh be the global uh leader in the non-human identity uh vertical and secret security vertical uh continue to innovate in that space um and acquire uh hopefully more significant customers um and we’re doubling our side
00:15:17
to our size to support all of that um so yes until in 2025 um that’s that’s what we’re going to do continue to do what we’re currently doing uh innovate improve our platform and keep leading that vertical amazing really good to hear and more on a personal note I ask everyone this at the end of these podcasts what does IC do to actually unwind from from The Daily Grind of being a CEO and co-founder of a a startup cyber vendor right that’s a that’s a great question um you know I I I like running
00:15:57
um I I like do doing a lot of different stuff but uh like I feel comfortable when basically I’m I’m finishing my walk which is never the case so I assume walking um and you know running lovely and is everyone familywise settled in now the dog okay in the states and everything enjoying his time everybody everybody settled over here and um and yeah the dog the dog is great um yeah you know relocating with the dog is uh is not easy um at least the flight is not easy but other than that everything has been
00:16:41
perfect a amazing stuff well thank you so much for your time today I think that’s all we have time for but it’s great that you’ve joined us stay tuned for more com in later this month on Cyber in the clouds and see you very soon thanks zck thanks for having me chloee thank you [Music]