Luke is Chief Product Officer and co-founder at Semgrep. Semgrep performs static application security testing, a form of code analysis, and has grown to become one of the mainstay application security tools on the market over the last eight years. Luke started Semgrep after three years at Palantir as a software engineer and product manager, and this episode really helped drive home the supportive community amongst former Palantir employees. In the discussion we cover his early entrepreneurial efforts such as modifying Xboxes, the 17 different product variations they tried before the current form of Semgrep, and how he thinks about the innovator's dilemma as a growth-stage company in a vertical being disrupted by AI.

Website

Recorded live at Blu Ventures’ Cyber Venture Forum!

I got the chance to speak with Rick Howard, previously Chief Security Officer at Palo Alto Networks from 2013 to 2019. Rick has a wealth of cybersecurity industry experience, and he wrote a book called Cybersecurity First Principles and maintains the cybersecurity book hall of fame, called the Cybersecurity Canon. In this episode we discussed his perspective on the fundamental themes of cybersecurity with a lens to how entrepreneurs and investors can leverage these ideas.

Cybersecurity Canon Website

Cybersecurity First Principles on Amazon

Sponsored by VulnCheck!

This episode is a recording of a live interview held on stage at Blu Ventures' Cyber Venture Forum in February. A huge shoutout and thank you to the Blu Ventures team for putting together an awesome event.
Bricklayer is building an AI-based agent to assist with security operations workflows. Before Bricklayer, Adam founded ThreatConnect which he led for over a decade. In the conversation we discuss his learnings from his experience at ThreatConnect, acquiring vs. building a new capability, and how he thinks about competition in the AI SOC space.

Website: bricklayer.ai

Sponsor: VulnCheck

Amir is co-founder and CEO at Vorlon Security, which provides visibility and monitoring for SaaS app connections within an enterprise. For example, Vorlon can detect what other applications are connected to your Salesforce instance along with what data is flowing between each relationship. This helps security teams detect data exfiltration, data leakage, improper configuration, and more. Before Vorlon, Amir worked his way from a software developer into progressively more customer-facing roles, most recently as a Director at Palo Alto Networks. We kick off the episode talking about his early motivation to become a founder and how he led a decade of his career in pursuit of preparing himself for that role. Now, the team is continuing to focus on product and growth after raising $15 million last year from Accel and Shield Capital.

Website

Sponsor: VulnCheck

Josh Kamdjou is CEO and Founder of Sublime Security. Josh started Sublime after realizing just how easy it was for him to break into companies with phishing emails. He wanted to build a solution that better addressed the tailored environment of each organization such as historical data. Now the company has raised over $80 million from leading VCs such as IVP, Index Ventures, and Decibel. Before Sublime, Josh worked as a DoD hacker for 9 years.

In the episode we discuss his emphasis on leveraging the attacker perspective, the fundamental difficulties of email security, his conviction in product-led growth, and more.

Website: https://sublime.security/

Sponsor: VulnCheck

Jon is co-founder and CEO of Halcyon, which is building an endpoint solution fully focused on anti-ransomware. Halcyon recently raised at a $1B valuation in 2024. Jon started his career in cybersecurity consulting for a decade before joining Cylance in 2014 as Chief Research Officer. After his stint at Cylance, in 2017 Jon founded Boldend, which was building offensive cyber capabilities to be used by the US intelligence community for information gathering and electronic warfare. Boldend was acquired by Sixgen three years after Jon stepped down as CEO to start Halcyon given the critical impact of ransomware on US companies.

Tushar was the CEO of Attivo Networks for a decade before selling to SentinelOne for $600 million dollars in 2022. Attivo Networks built deception technology which would trick attackers into attacking fake infrastructure. A common form of deception is a honeypot, which is an intentionally vulnerable server so defenders can gather information about attackers such as their IP address or attack techniques. Attivo provided comprehensive deception solutions and served five of the Fortune 10. In the episode we talk about Tushar's learnings from a decade at Cisco, the unique origin story of Attivo and its founders, and the sale process to SentinelOne.

Pete is CEO and co-founder of Realm Security, which is building a security data fabric to help companies manage their disparate log sources for monitoring tools. For companies spending millions of dollars every year on contracts with Splunk, Realm is the light at the end of the tunnel that can help them move to a cheaper SIEM tool.

Pete started his career at Rapid7 after dropping out of college, and he worked his way through a variety of cybersecurity sales leadership roles since, including companies acquired by CarbonBlack and Cisco.

In the episode we talk about his emphasis on moving roles for new learning opportunities, his obsession with customer problems rather than potential solutions, and how Realm's message is unique in a cyber ecosystem where vendors are always asking for CISOs to grow their budget.

Website

Sponsor: VulnCheck

In the spirit of the end of the year, I decided to put together some highlights from a handful of episodes over the course of 2024. This episode will feature a select few snippets from five different episodes over the course of the year including Chris from RADICL and LogRhythm, Gil from Orca, Chris from Veracode, Andy from BreachRx, and Kabir from Leen. There will be a mix of stories of unique crossroads, general entrepreneurial advice, and cybersecurity-specific challenges.

Thank you to all the listeners this year!

Sponsor: Vulncheck

Odysseas is co-founder and CEO of Phylax, a web3 security company building a security layer for blockchain-based protocols. Before Phylax, Odysseas worked at Nomad, a crypto exchange which suffered a $190M breach in August 2022. In the episode, we talk about his unique background as a developer relations manager, the approach law enforcement takes to recover funds in the wake of a crypto breach, the different attack surfaces for the web3 ecosystem, and more. If you are not a blockchain expert, do not worry, me neither. There are still plenty of interesting high level conversation points throughout!