This week’s guest is Itzik Alvas, CEO & Co-Founder of Entro Security. After serving five years in the elite Cybersecurity unit of the IDF, Itzik moved into industry, starting as a developer and quickly progressing through the ranks to CISO for a major healthcare organization and later Head of Security and SRE at Microsoft. Itzik then decided to found Entro Security with co-founder Adam Cheriki.
In this episode, we find out what Itzik and his team have been up to over the last 24 months and how they are addressing the secrets management problem, which has a TAM of over $16b+.
Watch the video
00:00:00
[Music] welcome to cyberbit the podcast I’m your host Joseph Cooper co-founder of aspiron search this week’s guest we have Itzik Alvas CEO and co-founder at entro security after serving 5 years in the elite cyber security unit of the IDF it moved into the industry starting as a developer and quickly progressing through the ranks to ceso he then founded entro security with co-founder Adam cherii in this episode we find out what iik and his team have been up to over the last 24 months and how they’re
00:00:37
addressing the secrets management problem which is a tam of over 16 billion how are you mate I’m good thanks uh thanks Joseph for uh for inviting me I’ve been looking forward to this one I uh did a bit of a crash course in Secrets management before this but I’m hoping you’re going to be able to educate me and the audience um how’s the move gone to to Boston how how you en trying it over there yeah so actually I love Boston Boston is a is a nice uh quiet place been living around um
00:01:10
Cambridge area so it’s a it’s a really nice place um yeah um my I go to market team over here so we have a company in Boston um so I’m I’m loving the area and then the offices as well so yeah yeah class love that it’s always great with a new experience particularly in other country um so yeah I it I’m really Keen to with with all my guests I like to find out a little bit about where it all started for you and how you got into the industry so yeah Keen to hear your journey to date
00:01:42
really yeah so I’m M alvas I’m the CEO of FAL security um started at the Cyber industry about 18 years ago uh for my IDF um position so I was a part of the intelligence units was on the defensive side over there so we used to break into different systems and we used to leverage Secrets all of the time we haven’t you know spoke about what what are secrets but we will get there um so you know after the Army I worked on several several different positions um was a a devops for a while was a
00:02:22
developer for a while but but mostly um stayed within the cyber security area or vertical uh been a manager for for a long time prior to entro security uh I was in charge of the internal security and operations and devops under Microsoft Defender for for aure one of Microsoft clouds and there prior to that I was the ceso the Chief Information Security Officer of um an Healthcare organization the largest one in in Europe and Israel as well um so yeah you know when when I was ciso when I was responsible for the
00:03:05
security or security of Microsoft Defender we will breach using using secrets so Secrets has been around my uh my technical life for for a long a long time wow 18 years you basically uh so I was going to say like where did the inspiration come from but it seems like you’ve been working on this or have been uh what 18 years I I I know sers for a long time yeah 18 years yeah yeah 18 you don’t look old enough mate that me yeah yeah great so when did you actually found inro so when when did
00:03:46
that happen and how did that all come about because I know you look you founded with Adam right yeah so andto um ento is a secret security uh cyber uh cyber security startup um and we are the fourth and and Curr only holistic secret security product or platform for Security leaders and we started ental security so actually with Adam we started ENT security about two years ago um we went to our first funding round about an year ago um and yeah you know so that’s that’s the that’s the timeline currently we’re
00:04:26
we’re about 20 employees um the R&B that development is um is based in Israel um and then the marketing and the sales are based out of the out of Boston area yeah nice in terms of actual Secrets management what what exactly is that for the audience can you explain yeah so maybe let’s frame let’s frame a secret for a second um so secrets are essentially programmatic access Keys um so they are the keys that applications are using in order to attend iate and connect to infrastructure such as databases or to
00:05:05
account or other applications um so every you know every application that is being developed within any organization uh needs to use other services right such as databases or S accounts and in order to connect that to them and and to authenticate against those um they need keys and those keys are secrets uh and the main problem we’re seeing in the market today is that uh those secrets are being created and handled by the things that are not responsible to secure them so they are being created and handled by
00:05:38
the different R&D teams by developers by devops by SES and and Etc and they are scattering them around uh so they can commit them into code they can store them uh within within vaults which is a database for Secrets but then you have a lot of those within any organization um they are sending them select messages or teams they are storing them within Confluence Wikipedia or J tickets and so forth so the main problem we’re seeing in the market is that security teams or the organization have no idea how many
00:06:13
secets they have and where and where are yeah nice I um I was reading up and it said that Secrets management is one of the top three uh attack factors is is that correct yeah so according to IBM and Verizon uh the leading reports uh for the past four years in a row Secrets targeted attacks are among the top three attack vectors out there and then number one the four our most costly or devastating attack to an organization and and and it makes sense right when you think about it if those secets can are keys and those keys can
00:06:52
access your database with your customers uh data um and they are scattered around and no know how many keys they have and where are they so yeah you know it makes sense those are one of the top three vectors in terms of frequency and the number one most costly and distructive attor organization yeah wow so I was looking as well and it said that the the the total addressable market for for this specific area is over 16 billion and you’re the only guys as as it stands you’re the only guys with this
00:07:27
solistica form that are approaching it right yeah so um you you have your vaults we talked a bit about vaults earlier um so vaults are again a secret secret storage a place in which you can store your secrets uh it’s um a product for development doesn’t offer any management or visibility over those Secrets um and the main problem with Once is that again you have a lot of do um so if you’re leveraging kubernetes now you’re probably using kubernetes Secrets which is the the default Vault
00:08:00
offering of kubernetes if you’re using GitHub you’re using GitHub Secrets which is another Vault and then aw secret manager another VA so you have a lot of vs and also you know we talked about the secret SPO problem about organization or security teams have no idea how many Secrets they have and where are they but even if they find the secret um so if you ever seen a secret it’s it’s a long string so you don’t have any information about it so even if you find one you don’t know who created
00:08:29
it why what it can access is the secret enabled or disabled what permission it got um so the context is very very important uh because if we have two Expos secrets and one of them is disabled and no one can use it who cares but if the other one have permission over our more sensitive database and been exp publicly then we should probably do something with it right um so yeah you know Vols doesn’t offer any um any context over the secrets or any management and then the the other to link so we’re not alone in this block so
00:09:07
we have the The Vault bucket and then we have the secret scanner bucket and secret scanners are essentially reex patterns uh scanners so they can find credit cards if you would like them to and they can find uh Social Security numbers and they can find Secrets but again without the context they will find thousand possible Secret at code repository and then who’s the owner who should I approach how many are actual secrets that can access my environment and how many are false positive you have
00:09:38
no actions about that and yeah we’re the only one who doing it holistically searching everywhere for secrets are able to enrich them so once we will give you a secret inventory and understand how many secrets you have and where are they and provide the secret inventory we will classify and enrich it secret uh and we are able to visual uze um the the lineage map of it secret which application is using what secret to access what cloud service and other vital data around it when it was created
00:10:09
by whom when it was L replaced or rotated for compliance what permissions are associated with it who’s the owner and so forth so everything you need to know around the secret and then we also continuously monitoring those secrets for any abnormal behavior Al if your secrets are being accessed from Russia and you don’t have business over there we will you know um and and you know that’s what happened to last right so I saw you also as a gal vendor what what what category is this coming
00:10:39
under yeah so govern vendor is under identity security um so secret security uh it’s it’s basically cross vertical but machine machine identity it’s probably the the the main category that is going to fall under um and and and also you know when you think about it it also makes sense right you have your human security human users that are able to access your emails and storage uh drives and so forth you know SharePoint or whatnot um and then you have your machine identities that can
00:11:18
access your databases and storage accounts and and everything else um and we are you know protecting uh human users pretty well right we are Ming that um we have temporary passwords we have fingerprints we have everything and those can access their personal emails uh and we don’t have a lot of security around machine identity um so yeah you know uh Secrets they are cross vertical but but their main main category is is machine identies it’s really exciting space like I know you’ve been going what two years
00:11:55
now but you do have some customers under your belt and I seen that you on your website about some of the companies that you are working with in terms of current clients how are they benefiting right now if you got any sort of case study that you can talk about or yeah yeah sure sure so um okay so I will give you I will give you this case that actually was our first PC ever uh they are customers now but our first proof of concept proof for Value um and actually like two days after we onboarded someone
00:12:28
must downloaded are their entire secrets from From the Vault right and how can something like that even happen right that someone is downloading all of your secret all of your programmatic access keid um the short answer is no one monitoring that um and then you know they had the devops guy who was fired and for some reason he basically downloaded their entire stickets and they had to rotate all of them and basically replace them so that was like two days into so for PV ever um and and and we’re seeing we’re seeing a
00:13:04
lot of stuff we’re seeing uh secret that are exposed within dark web we’re seeing secrets of customers that are exposed publicly and can access your most sensitive uh resources um best employees uh that’s also something we’re seeing we’re seeing a lot that you know developers that left the organization they created secets they created tokens we are pretty good at offboarding human employees but we’re not that created deleting their secrets so they can still leverage those they can still use their
00:13:35
secrets use those tokens uh to connect to their former um environment so your you know your organization after they left the the organization uh so we’re seeing a lot of those of course um over permissive secrets so when developer devop creating secret they would give it uh admin or higher permission than needed so you right side that yeah we have a lot I have a lot of yeah yeah nice nice what’s the uh what’s the future hold for intro security is it yeah so secrets are um you know one vertical um in the the
00:14:15
identity the machine identity space um so basically growing into the the entire space protecting machines and protecting organizations against as you mentioned correctly one of the top three Tech vors out there uh and the number one most costly Tech to an organization uh and and hopefully reduce that and bring those Tex into lower numbers awesome it’s SI I wish you all the best of success brother with intro and make it all the best of success yeah Joseph thanks for thanks for having me good man thank you.