I am excited to announce my joining of Armorblox as Chief Technology Officer after spending several good years at JASK (now Sumo Logic) where I had a great time building the industry’s first cloud-native SIEM. I both appreciate and miss my former colleagues at JASK and Sumo Logic, but am fortunate to be joining another great team working on such an important customer problem.
Joining a startup is never a decision to take lightly. Especially true for one in the security space. And likewise, being a security customer in the enterprise is a daunting task. It was important for me to pick a problem to solve which leveraged both my background from the enterprise, but also my knowledge and experience of building a security product. But as I listened to my friends in the CISO community list off their top 5 security problems they needed to address, and as I paid attention to market trends, that helped me narrow it down. Primarily what I liked about joining Armorblox are three perspectives I find important in solving a customer problem:
- Who I want to help
- What I think the security world needs
- What I look for in a technology
The Overwhelmed Security Analyst
I’ve spent a large portion of my career understanding, researching, and building for the security trenches. In that time one thing about the job still remains true: it’s a tough gig. Besides security being a high-stakes job where everything needs to go right but just one thing can go wrong, security teams face challenges around the clock. A barrage of alerts and false positives? Disjointed tools and low-fidelity data? Manual, repetitive, and mind-numbing work while responding to alerts? Yes to all of them and more.
While building out the industry’s first cloud security team at Netflix, my peers and I managed to meet these troubles head-on by instituting the right level of automation, innovation, and aligning to our business needs which helped take the ‘repetitive’ work out of human hands. While we had great success, we were not a security company, so I knew this couldn’t be solved unless the security industry took the lead. And therefore, my passion to help the security community, which started many years ago with FIDO, kept going with my time at JASK will now continue with a great team at Armorblox.
In my conversations with Armorblox customers, I loved how the product has secured their business and more importantly, alleviated pressure on the security team. A barrage of alerts has been replaced with high-fidelity detection of ‘needle in the haystack’ email attacks. Disjointed tools have given way to a single platform that works across email, messaging, and file-sharing applications. And manual, repetitive work is being replaced by automation to give back needed time and resources.
Email and Trust
When I was building backend systems as principal architect at Yahoo, which was one of the largest email and messaging service providers at the time, I saw firsthand the ubiquity and importance these services played in our lives. And while email attacks back then took the rudimentary form of foreign princes offering rewards, email threats today are laser-guided, socially engineered smart bombs whose aims are often on target. Around 96% of all attacks already start with an email, and that’s before we entered a remote-first world where the inbox is ever-present.
Armorblox is a security company that takes a materially different approach to protect communications with language-powered cloud office security. Since attacks have grown more targeted, the payloads have grown “softer”, often residing in the content and language of the email. Many of my friends and colleagues know my disdain for trying to apply ML & AI to everything, and my desire for applying it to a problem it can actually solve. And natural language understanding (NLU) engines applied to email and messaging platforms are a good fit for extracting signals and vital context for these attacks, no matter how socially engineered. And there has been no better time to bring the advances in research in Natural Language Understanding as a new signal to enterprise security. GPT-3 from OpenAI, RoBERTa from Facebook, and other open-source pre-trained models have shown amazing performance on GLUE benchmark scores. It has been exciting to see how Armorblox has taken these advances and applied them to the world of enterprise communications across email, messaging, and file-sharing platforms.
Looking at it from a different lens, I believe Armorblox is helping solve a broader trust issue that has entered society. Our office is our screen at the moment, and now more than ever, we need to believe people are who their email says they are. Employees have enough on their plate without having to second-guess every email from known vendors, fellow workers, and dear friends.
Technology and Tomorrow
Having joined as CTO, I can’t go without mentioning a few words about what I look for while building technologies (and joining companies). Technical solutions have their place, but they need to take into account the security team and the employees they protect - what I would call using technology to solve for the ‘human problems’ of security. I look for technologies that are confident in what they do well, providing users with the right insights instead of a data deluge. I also look for technologies that are humble enough to learn and get better everyday - learn from end-users, from data, and from the world around us. To consider the human operator and how we can better help them. In the words of a friend and former colleague, it’s a journey with customers “to find right instead of always trying to be right”.
Armorblox walks this challenging tightrope with a sophisticated simplicity customers appreciate. Looking deeper you see that Armorblox is humble enough to have custom ML models for each customer, increasing the relevance of threat detection with every passing day. It needs to be humble enough to learn from every manual action the security analyst takes, dynamically spinning up policies to protect against similar threats in the future. And as an enterprise-grade product with a consumer-grade UI, Armorblox confidently distills mountains of data-crunching into clear and easily digestible insights for the security team. The product also needs to be confident enough to have preconfigured detection policies instead of asking users to create everything from scratch.
I know it sounds strange imparting human characteristics to technology, but technologies are (to a point) reflections of the people that built them. And for the email and messaging platforms, those are the important challenges customers need us to solve.
I couldn’t be more excited to join this driven team of people and build a future where enterprise communications can be secured against loss of money, confidential data, or sensitive data - irrespective of the channel of communication.