Axis Security, Qualys, VMware, NFTs, & Linksys/Fortinet – ESW #221

I don't want to say too much, because we'll be reviewing the products in this space in a few months, but the entire value prop is a bit hard to swallow here. Can you glean some useful information from observing a company from the outside? Absolutely. Can that information be used to make a conclusion about the risk of doing business with that company? That's the $290m question, I guess. SecurityScorecard takes a swift kick at Solarwinds while they're down, but I wonder what a more comprehensive look at scores when companies were breached looks like. How many of Solarwinds' own third-party vendors have a score as low as Solarwinds' or lower? What I really worry about is these scorecard companies creating a compliance-like distraction away from a focus on improving security. Put another way, does an "A" from Security Scorecard really mean better security than someone with a B or a C?

Helping orgs comply with SOC2 and ISO27k is about as far from sexy as you can get. That said, there's no mention of blockchain, NFTs, AI/ML, ZeroTrust or next-gen. Secureframe is aiming to make a hugely painful process easier and that's never a bad formula for a solid business model.

Some more money in the SASE pot. The Zero Trust dollars continue to flow!

I LOVE the idea of a "non-funding announcement" to go after that signal that's typically reserved for those that make funding announcements. Funding announcements are no-brainer announcements that are a key part of how we follow a company's progress, even though we know from experience that it isn't necessarily a sign of success. In fact, as the amounts get bigger and closer to Series D and beyond, if there aren't clear signs of an exit, it tends to turn into less and less of a positive signal. Especially 24 months+ after the last raise. But what are the positive signals for bootstrapped companies? How do we know what they're doing? If they're growing? I hope more bootstrappers take a page from Thinkst's strategy here and create their own milestones to publicly celebrate. It's not only important for employees and morale, but to signal to the outside world that things are going well. It creates customer confidence and naturally, should come around full circle to help sales and growth!

A microsegmentation play aiming to strengthen Fortinet's Zero Trust muscles. Deal value wasn't shared. They've raised $34m to date, but haven't raised in a good long while (over 3 years). I suspect they've been struggling to both raise another round and gain some sales traction. Combined with the fact that Fortinet isn't sharing the deal value, my guess is gonna be that the VCs didn't get a 20x return on this one. Looking at comps, Palo Alto (who typically do generous deals) paid $150m on $34.5m raised (4.4x) for Aporeto, Zscaler paid $31m on $18m raised for Edgewise (1.7x), and FireEye paid $13.5m for Cloudvisory. It's really making me wonder how Illumio is doing (Series E, raised $332.5m to date). It's interesting tech for sure, but clearly a hard sell in the current market.

No secret S-1 here, you can go check it out now!

The FCC outlines its rules to incentivize US organizations to stop using ZTE and Huawei gear through their "Secure and Trusted Communications Networks Reimbursement Program". Apparently they want to update the vendor list that qualifies for this, but ZTE and Huawei are the two mentioned in this filing.

The general idea here (if I'm understanding it correctly) is that websites will be able to advertise to groups of individuals with similar preferences. The individuals within these groups will (in theory) have anonymity. I've spoken to a few folks about it though and it seems there are a lot more details here that aren't clear cut - some "you'll have to trust us on this bit" stuff.

Looks like Big Tech is set to have Yet Another Chat with Congress tomorrow. This time, it's over "Surveillance Advertising", which is excellent branding if you want to shame Big Tech over their practices. Unless you're also an organization that regularly oversteps when it comes to surveillance... Hmmm, awkward. The open letter to Congress and Big Tech mostly focuses on the tangible harm social media has caused by taking a traditionally hands-off approach to some pretty vile content. Content that can be precisely targeted using social media's ad machines. https://uploads-ssl.webflow.com/6037bac32729e03c425791a6/605789d32e8de8a73441e1a7_Coalition%20Letter.pdf

Cybercrime follows the money. The super-quick rise in NFT value means they're probably already looking for ways to profit off it.

Another interesting open-source tool, courtesy of Netflix. It appears to be a front-end for managing AWS IAM roles and permissions, but not just for admins. Looks like this aims to be user-facing as well, for self-service use cases.

"The new Threat Detection, Investigation & Response (TDIR) use case packages provide a powerful, prescriptive solution to help security operations centers (SOCs) improve workflows from collection to detection, investigation and response using an outcome-based approach. Generally available in Q2 2021, the TDIR packages address the complete lifecycle of security operations (SecOps) workflows with end-to-end content that includes prescribed data sources, detection models, watchlists, investigation checklists and response playbooks to assist analysts with repeatedly delivering successful outcomes."

Please give our regards to Philippe, his family and everyone at Qualys.

This is really interesting: "As part of the alliance, Fortinet has made a strategic investment of $75M in Linksys, which provides leading and next-generation router connectivity solutions to consumers and businesses worldwide. In addition, Fortinet will appoint a representative to the Linksys Board of Directors."

Is scaling storage really the big problem with SIEM and XDR? "Stellar Cyber, the innovator of Open XDR, the only intelligent, next-gen security operations platform, announced today that its open and highly flexible approach to the long-term storage of large volumes of security data eases concerns about storage complexity and costs seen in legacy SIEMs or some proprietary XDR solutions used by security operations centers."

So many words: "Mesh7 has developed a contextual API behavior security solution based on Envoy that better protects modern cloud-native applications. Mesh7 technology helps customers improve application resiliency and reliability and reduce blind spots through the integration of deep Layer 7 insights with cloud, host, and reputation data. The Mesh7 solution empowers development, security, and operations leaders to address observability, security, and compliance for cloud-native, API-based, and other distributed applications." What does it all mean?

Does it have to my multi-cloud? "Today’s data doesn’t live in any one cloud or enterprise platform,” Leigh said. “To unlock the full potential of business data, the enterprise has to develop software that is multicloud. Today we have several customers orchestrating their multicloud software development practices through Copado. The New Context acquisition allows Copado to double down on that capability by adding their multicloud DevSecOps experience in products and services."

"There are five parts to the Sonatype announcement. This includes the Muse acquisition, three product updates and support for the Nexus community. "

"If you ever watched a show like 24, then you know that a terrorist attack done by way of hacking into a public utility’s systems is one of the scariest threats to public safety. Imagine someone getting control over a power plant, or many power plants, and shutting down a whole region’s power supply. Now imagine it happening to an entire country or continent."

"This powerful, yet easy-to-use, platform makes product delivery teams more efficient and eliminates the complexity experienced by developers when applications are deployed on top of a self-managed Kubernetes cluster. The CTO.ai platform was created to address the estimated $300 billion* lost in developer productivity every year, much of which comes from complex modern cloud tooling."

"With StackPulse, teams can apply DevOps and Site Reliability Engineering principles to the on-call process of identifying, responding to, and resolving service incidents and outages. Unlike traditional IT tools used for this purpose, StackPulse lets teams do away with complex paging rules or documented runbooks of steps to execute - and instead express operational processes as executable code"