Alberto Yépez on the Changing Security Landscape
Barmak Meftah, AlienVault CEO, interviews Alberto Yepez, AlienVault Chairman of the Board, on the changing security landscape.
Interviewer: Well, I’m here with Alberto Yépez, our Chairman of the Board of Directors of AlienVault. Alberto, you’ve been in the security industry for a long time, you’ve been in the security industry as an operator, as a CEO of great, successful companies, and now as an investor for the past 3 or 4 years in venture capital. How have you seen the landscape for security shift over the last 8-10 years?
Alberto Yépez: Innovation in security doesn’t happen in the lab, innovation in security happens every time there’s a platform shift, and we have 4 platform shifts going on right now, and we call it the perfect storm - we have virtualization, we have cloud, we have mobility, we have social networks and practitioners are trying to protect information today, and now they have to deal with all of these new vectors. The biggest issues in security right now is the need for qualified professionals. It’s getting way too complex, and most of the products are not integrated. We’re here at the RSA show, we have about 500 vendors. Can you imagine being a practitioner trying to protect your enterprise or your information and having to integrate all of these tools? So anyone that can provide an integrated approach and make it simple for people to consume, it’s in a great position. So that’s how the landscape is changing in the security industry.
Interviewer: That’s great Alberto. That’s a good segue into maybe if you can articulate your investment thesis in AlienVault. You were one of the early investors in AlienVault. In fact you were the guy that called me up when I was at HP and recruited the team from HP to come help scale the company. What was Trident’s investment thesis around AlienVault that got you excited?
Alberto Yépez: It was that integrated approach, because we looked at other models in the industry like Unified Threat Management - people aggregated a number of tools that were open source too and really focused on time to value, so that UTM market was a market that needed to be replicated but more in the disability side, in the compliance side, in the whole analytics side. So when we found the open source team in Spain, the OSSIM team, we really liked what they were doing and we didn’t think it was a SIEM. It was primarily an approach to be able to pre-integrate a lot of different tools to be able to give to the industry. So the investment thesis was “If we can replicate what the UTM market could do and the Unified Security Management, we will have a great winner.” But the key was “How do you simplify the product? How do you make it into a commercial way that people can consume it very rapidly, and really focus on time to value?” So they did a number of transformations thanks to you guys and the rest of the team. They came together not only to steal a page out of Fortinet, but also trying to use the SolarWinds model to be able to bring the velocity model, and therefore all the way end-to-end from the product all the way to when the consumer downloads this and installs it and sees value within an hour. That’s what is amazing, and that was hence the original thesis on AlienVault
Interviewer: And Alberto, one last question - you talked about the value of the open source community as a foundation to what we do. As you know, we’ve launched Open Threat Exchange about 18 months ago, we’re pretty excited about this idea of crowdsourcing threat intelligence and threat intelligence sharing. What are your views around a collaboration between commercial industry, federal government, small to medium-sized businesses to come together and share threat data in this open and collaborative area?
Alberto Yépez: Oh, we need to get together, because the bad guys are collaborating, they are sharing a lot of information. We, not only in the business side, but in government, we’re trying to solve the problem without collaboration, we won’t be able to really defend our perimeter or defend our information. One of the things that made it really exciting about AlienVault was not only that open source community, but building upon that open source community to get that Open Threat Exchange. You know, you guys were… one of the things that made us really excited was you got named the Technology Pioneer Award from the World Economic Forum, and one of the reasons why you got the award is that fact that you had that ability to get that sharing in the open. The World Economic Forum advocates the fact that people need to collaborate. The US government is asking for information exchange. There’s no one that is arguing now. The interesting thing about your approach with the Open Threat Exchange, number one it’s open, it gives you information from 107 different countries, 11,000 practitioners. So I think you’re finally getting the tools to really try to deal with the adversaries. So I think it’s just the beginning, you’re going to see a lot more take up, and I think you will be an enabler or a number of Open Threat Exchanges that may be open or they may be closed according to the industry. So I think this is a key differentiator, and the fact that we can use crowdsourcing as a way to be able to share information and try to become more able and equipped to be able to defend our perimeter is great.