Ink8r (in·​cu·​ba·​tor) Podcast

In this episode of the Incubator podcast, co-hosts Satbir Sran and Darren Boyd sit down with Bruno Kurtic, the CEO and co-founder of Bedrock Security, to discuss his journey in enterprise software. Bruno shares his experience building Sumo Logic, a cloud-native log analytics platform that went public, and how those lessons drive innovations at Bedrock Security. Bruno explains that the core of Bedrock Security’s approach is a "metadata link," which builds a comprehensive data inventory from creation to consumption. This helps organizations discover, classify, and manage data effectively—the foundational step before any security can be implemented. He discusses how Bedrock’s platform leverages generative AI for accurate, scalable, and real-time data analysis, setting it apart from traditional solutions. The conversation touches on the intersection of data security and AI, advising CXOs and security leaders to focus on data discovery first to create a strong foundation. Bruno emphasizes that when organizations understand their data, they unlock opportunities for smarter security, better compliance, and even cost savings. Bedrock’s focus on data classification, access control, and proactive security measures positions it as a critical tool in managing enterprise data security. The episode concludes with Bruno highlighting new use cases in AI and evolving customer needs. This discussion is essential for understanding the future of data-centric security and how to approach it strategically within any organization. 

2/15/25 • 31:56

In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran welcome Ofer Klein, the co-founder and CEO of Reco.ai, to delve into the evolving landscape of SaaS Security Posture Management (SSPM). Ofer shares his diverse background—from flying helicopters in the Israeli Air Force to launching multiple startups—and explains how his experience, along with the expertise of his co-founders (who bring unique skills from their time in the Israeli FBI), laid the foundation for Reco.ai’s innovative approach to SaaS security.This podcast episode centers on the explosive growth of SaaS applications in the enterprise environment, a trend that accelerated during the COVID-19 pandemic and continues with the rise of AI-driven tools. Ofer explains how organizations are now managing hundreds of SaaS apps, many of which are shadow applications that can expose significant risks. Reco.ai’s platform tackles this challenge by creating an AI-driven graph that maps every interaction between people, applications, and data in real-time. This comprehensive view enables organizations to discover unknown apps, assess risk through detailed configuration and compliance checks, and execute detection and response strategies—all within one unified solution.Real-world examples shared during the podcast highlight how the platform has helped companies streamline operations, reduce manual workload by up to 80%, and foster collaboration between security and business teams. Ofer emphasizes the importance of context-based decision-making, which allows organizations to prioritize risks, align with regulatory requirements, and ensure that operational changes do not hinder business productivity.Looking ahead, Ofer discusses emerging trends in SaaS security, including the increasing complexity of generative AI and the critical need for consolidated, end-to-end security solutions. His advice for organizations is clear: in a landscape where SaaS usage and potential vulnerabilities are growing exponentially, the time to invest in comprehensive SaaS security is now. This conversation not only demystifies the challenges of managing SaaS environments but also offers actionable insights for enterprises striving to secure their digital ecosystems without compromising innovation.We hope you enjoy the episode as much as we enjoyed hosting Ofer!

2/13/25 • 31:11

In this episode of the Incubator Podcast, co-hosts Darren Boyd and Satbir Sran welcome Ethan Rasa, an AI Sales Specialist at Ahead, to explore the evolving landscape of artificial intelligence and how enterprises can harness its potential.Key Highlights:Introducing Ahead:Discover how Ahead—a Chicago-based, multi-billion-dollar company with a nationwide footprint—is driving innovation with a robust portfolio that spans AI strategy, engineering, data science, security, and more. With 3,000 employees (including 2,500 engineers) and a strong presence among Fortune 2000 clients, Ahead is at the forefront of integrating cutting-edge solutions into complex enterprise environments.Enterprise AI Strategy:The discussion dives into the importance of a comprehensive data strategy, including data collection, engineering, and governance. Ethan emphasizes that the foundation of successful AI initiatives lies in how companies manage and operationalize their data—whether on-premise, in the cloud, or via hybrid solutions.Security, Governance, and Ethical AI:With AI’s rapid adoption come new challenges in data security and ethical considerations. The podcast highlights the necessity of integrating security teams early in the AI development process to safeguard sensitive information and comply with evolving regulatory standards. Ethan also touches on practical approaches to responsible AI deployment, such as private AI models and rigorous data governance frameworks.Industry Applications and Value Creation:From healthcare and financial services to manufacturing and aerospace, the conversation explores how tailored AI strategies can unlock significant business value. Whether it’s reducing product lifecycle times, enhancing predictive analytics, or revolutionizing patient care, Ahead’s multi-practice approach is designed to help organizations at every stage of their AI journey.Connect with Ahead:For companies ready to explore innovative AI solutions, Ahead offers comprehensive support—from initial strategy sessions and pilot projects to full-scale deployments. Reach out to your local Ahead contact to start transforming your data into a competitive advantage.

2/3/25 • 28:11

In this exciting episode of The Incubator Podcast, co-hosts Satbir Sran and Darren Boyd sit down with Reza Shafii, Senior Vice President of Product at Kong Inc., to discuss the ever-evolving landscape of API management, service mesh technologies, and the future of developer platforms. A key focus of the conversation is the convergence of API management and platform engineering, and how this integration is changing the way enterprises approach infrastructure, developer productivity, and system reliability. Reza explains how Kong is building innovative tools such as Kong Mesh and Insomnia to simplify the API development process, enhance security, and deliver exceptional performance for high-demand use cases. He also touches on the challenges and opportunities of adopting service mesh technology and how Kong’s approach differs from other platforms, focusing on making deployment easier and less intrusive for operators.Another exciting topic is the rise of AI-driven APIs, where Reza emphasizes how the rapid advancement of AI technologies, such as large language models (LLMs), is being enabled by APIs. He highlights how Kong is positioning itself to support developers working with AI and machine learning models, introducing features like Kong AI Gateway to streamline the integration and management of AI-based APIs.Looking ahead, Reza gives a glimpse into Kong’s future direction.  With its Kong Connect platform, the company is building a robust ecosystem that enables customers to access API gateways, observability tools, API portals, and more — all through an incremental, self-service approach. Kong’s focus remains on providing flexible solutions that meet the diverse needs of its users, from individual developers to large enterprises.Don’t miss this in-depth conversation about the future of APIs, platform engineering, service mesh, and Kong’s role in shaping the API-driven future of enterprise technology.

10/7/24 • 33:41

In this insightful episode of the Incubator podcast, hosts Satbir Sran and Darren Boyd are joined by Craig Martin, VP at Ahead and leader of the Digital Solutions Group. In this episode, Craig, a devout Grateful Dead fan, shares the transformative strategies his team uses to help organizations unlock the full potential of technology through modernization. Just as Jerry Garcia's 'space container' crafted a unique, boundary-pushing soundscape in music, Craig's team is redefining the norms in IT, challenging conventional approaches to deliver innovative solutions.With a rich background in engineering and a knack for pioneering solutions, Craig discusses the shift towards microservices architecture and cloud transformation, emphasizing the necessity of a holistic strategy that marries engineering prowess with keen business acumen. The discussion pivots to hybrid cloud environments, where Craig outlines the concept of a unified control plane that allows businesses the flexibility to run workloads more efficiently across various platforms, thereby optimizing operational performance without bogging down engineering teams with infrastructure concerns.Have a listen to understand how hybrid cloud can be the "space container" of tech, offering the freedom to innovate without limits, much like Jerry Garcia's vision of boundless creativity.

9/3/24 • 18:48

Join us in this exciting episode of the Incubator podcast as co-hosts Darren Boyd and Satbir Sran sit down with Ricky Arora, the co-founder and COO of Observo.ai. Dive into the cutting-edge world of AI-powered observability pipelines and discover how Observo.ai is transforming the landscape of data observability and security.Key Differentiators: Learn about the unique features of Observo.ai, including its ML-driven insights, efficient data processing, and seamless integration with existing tools like Splunk, Datadog, and Elastic.Customer Success: Hear stories on how Observo.ai helps enterprises optimize their telemetry data, resulting in significant cost savings and improved operational efficiency.Future Roadmap: Get a sneak peek into the future developments at Observo.ai, including advancements in anomaly detection, sentiment analysis, and development of GenAI capabilities.Industry Impact: Understand the broader impact of Observo.ai on the cybersecurity ecosystem, highlighted by its recognition at the GISEC conference as one of the most innovative startups (out of over 130 participants).This episode is packed with insights for anyone interested in the future of observability and data security. Don't miss out on this enlightening conversation with one of the leading minds in the industry.Stay tuned for more exciting episodes of the Incubator podcast, where we bring you the latest innovations and thought leaders from the tech world.

7/30/24 • 35:54

In this episode of the Incubator Podcast, co-hosts Satbir Sran and Darren Boyd welcome Brian Deitch, Chief Technology Evangelist at Zscaler. With an impressive 30% of Forbes Global 2000 companies as clients, Zscaler is making significant strides in connecting people to resources and enhancing cybersecurity measures.Brian shares his journey from joining Zscaler seven years ago to becoming a key figure in their technology evangelism. The discussion delves into Zscaler's evolution, focusing on their Zero Trust Exchange strategy, data protection, DLP, and innovative approaches to data classification. Brian highlights the importance of user experience and the impact of AI and ML in simplifying data protection.The conversation also explores the integration of new technologies, such as GenAI and the acquisition of Avalor for unified vulnerability management. Brian emphasizes Zscaler's commitment to operational simplicity and effective partnerships, making complex cybersecurity challenges more manageable for organizations.Join us as we unpack Zscaler's journey, innovations, and vision for the future of cybersecurity. This episode is packed with insights on how Zscaler is transforming the way companies approach data protection and security.

7/17/24 • 35:21

In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran welcome Mel Reyes, a distinguished figure in the tech industry known for his roles as a global CIO and CISO, founder of Digital Guardians, and an active community contributor.  Mel shares his extensive experience in IT and security, discussing the evolving challenges in cyber threats, compliance, and the importance of leadership in security operations.  He emphasizes the significant impact of management support on cultural change within organizations and highlights the necessity of building trust and collaboration among teams. Mel also dives into the importance of addressing employee burnout and the critical role of establishing a robust security mindset across all levels of a company. Throughout the conversation, Mel advocates for a people-focused approach, underscoring that effective security and technological advancement rely heavily on nurturing and empowering personnel.Tune in and enjoy insights from a cybersecurity leader!

5/7/24 • 39:55

In this episode of the Incubator Podcast, hosts Darren Boyd and Satbir Sran delve into the transformative world of hybrid cloud with guest Steve Bisnett, Global Field CTO for PowerFlex at Dell Technologies. Steve shares insights into his extensive background in the tech industry, especially his experiences transitioning from customer-focused roles to influencing product innovation at Dell.The episode centers around PowerFlex, a pioneering software-defined storage solution. This technology, initially acquired and evolved over time by Dell, addresses the burgeoning needs of modern data centers characterized by high scalability and the flexibility to adapt to various workloads and configurations.Steve explains the evolution of PowerFlex, highlighting its role in revolutionizing Dell's approach to storage solutions by integrating aspects of traditional three-tier architectures and hyper-converged infrastructures. This integration allows for separate scaling of storage and compute resources, crucial for handling the diverse needs of enterprise environments.The discussion also covers the challenges organizations face, such as infrastructure complexity, cost management, and lifecycle management. PowerFlex addresses these through consolidation and a high degree of automation, which significantly simplifies operations and reduces the need for extensive human intervention.Moreover, Steve elaborates on the strategic applications of PowerFlex in enterprise settings, particularly its capability to support a variety of workloads and operational models, whether on-premise or in the cloud. This flexibility is essential for enterprises looking to optimize performance and cost, especially those transitioning between cloud and on-premise environments.The podcast provides a comprehensive view of how PowerFlex fits into the broader Dell ecosystem, capable of meeting specialized needs such as high-performance computing or extensive data storage through seamless integration with other Dell products.This episode underscores the importance of adaptive technologies like PowerFlex in managing and transforming large-scale IT environments, reflecting Dell's commitment to innovation and customer-centric solutions in the evolving landscape of enterprise technology.

4/14/24 • 34:05

In this podcast episode, we delve into the neoclassical economic view of cloud computing with Sarbjeet Johal, analyst, evangelist, and founder. The discussion begins by exploring the relevance of cloud in modern digital transformation.  We then explore principles rooted in neoclassical economics, focusing on concepts such as consumption economics, utility maximization, institutional/transactional costs implications, and how these apply to the cloud computing market. Key points include an analysis of supply and demand dynamics in cloud services, cost-benefit considerations for businesses transitioning to the cloud, and the role of competition among major cloud providers in shaping prices and service quality.This episode is a must-listen for anyone interested in the intersection of economics and cloud computing, offering a view of cloud computing through the lens of neoclassical economics.

2/4/24 • 21:43

In this podcast episode, we delve into data masking, data privacy, test data management, test environment management, the role of synthetic data, and the value of establishing a data fabric.  Quite a bit of ground to cover!K2View is a leader in data fabric and Customer 360, creating a comprehensive view of the customer journey which aids businesses in understanding customer behavior, preferences, and needs, leading to better service and personalized experiences.This of course naturally leads to the topic of data privacy. Hod Rotem emphasizes the increasing importance of safeguarding consumer data by sharing strategies and best practices for maintaining data privacy through concepts such as synthetic data and data subsetting via the domain of test data management.  This ultimately leads to more agile, accurate, and cost-effective testing processes overall.Have a listen and enjoy real-world examples and perspectives regarding future trends in data management and privacy.

2/1/24 • 38:33

In this episode of our podcast, we sit down with Jeevan Singh, a distinguished leader in the field of Application Security (AppSec), to delve into the intricate world of securing software applications. The discussion highlights the perils and challenges faced by organizations in today’s digital landscape, emphasizing the growing sophistication of cyber threats and the vital importance of robust AppSec programs.Jeevan articulates how he approaches implementing AppSec programs through a crawl, walk, run progression, which helps to address cultural gaps that may exist between security teams and developers. He stresses the need for a paradigm shift from viewing security as a mere checkpoint, to integrating AppSec as a fundamental aspect of the development process. Jeevan shares insightful anecdotes and experiences to illustrate how this shift can lead to more secure and efficient development workflows.Jeevan is active in the community, being Co-Chapter lead for OWASP Vancouver, as well as teaching threat hunting/modeling techniques to his local community.  https://www.owasp.org/index.php/VancouverEver insightful, Jeevan offers advice to organizations just starting their AppSec journey and provides insights into the future trends in application security. This podcast is a must for anyone looking to make meaningful progress in their AppSec journey.  We are confident our listeners will come away with a comprehensive understanding of the challenges and solutions in Application Security, enriched by Jeevan Singh’s expertise and practical insights.

1/4/24 • 43:29

Join Satbir and Darren as they interview Nemi George, a seasoned Chief Information Security Officer (CISO) of Pacific Dental Services, as they cover a complex tapestry of modern cybersecurity concerns.The discussion covers diverse topics including the evolving threat landscape, the rise of sophisticated cyber attacks, evolving insider threats, risk management, supply chain complexity, and the value of preventive action. As the conversation unfolds, Nemi highlights the importance of a robust security culture within an organization, articulating that while technology is a critical line of defense, the human element remains the most unpredictable.  Initiatives to enhance security awareness, continual education programs, and behavioral analytics to detect insider threats are discussed as key strategies.A portion of the conversation is dedicated to the impact of regulatory compliance with Nemi discussing the challenges in navigating complex international laws such as the GDPR, CCPA, and industry/state-specific regulations.  Amidst the discussion, Nemi emphasizes the importance of privacy by design and the role of the CISO in ensuring that compliance enhances, rather than hinders, business operations.As the conversation nears its conclusion, Nemi speaks candidly about the future, including the advent of artificial intelligence as a technology that both enhances security measures while also inevitability being used by adversaries as well.  This important podcast ultimately touches on the intersection of business acumen, technical expertise, and strategic thinking required for modern CISOs to thrive and protect their organizations in an age where cybersecurity is a key pillar of business continuity.We hope you enjoy!

11/5/23 • 31:22

Enterprises are not confined to the boundaries of a single cloud environment.  But as many adopters have discovered, navigating multi-cloud isn't without its challenges from a networking perspective.  The once-promised flexibility and scalability of the multi-cloud model are often overshadowed by daunting complexities, diminished visibility, and fragmented control mechanisms.  The disparate networking and security paradigms of each CSP have all but eroded the notion of a seamless integration experience, ushering in the need for an overlay capability.Aviatrix's answer is both innovative and intuitive. The company sought to reimagine the entire multi-cloud networking paradigm. By developing a platform that provided a unified control plane, Aviatrix ensured that businesses could have a singular, centralized view of their entire network topology, irrespective of the cloud provider. This was complemented by advanced networking and security features that addressed the individual quirks and requirements of each cloud environment, ensuring seamless operation across the board.Join  Satbir and Darren as they speak with Chris McHenry, Head of Product Management, about what makes Aviatrix unique in the space of multi-cloud networking.

10/8/23 • 47:14

Traditional cybersecurity approaches, often retrospective in nature, race to detect and respond to threats only after they've manifested. This reactive paradigm, although necessary, leaves a window of vulnerability—a time-lapse during which systems are exposed, data is compromised, and infrastructures are at risk.Deep Instinct represents a seismic shift in the way we approach cybersecurity.  What makes Deep Instinct stand out in the vast sea of cybersecurity firms lies in their use of deep learning.  Inspired by the structure of the human brain, deep learning enables computers to learn from vast datasets and make independent decisions when distinguishing benign from malicious activity. This exhaustive training equips the system to recognize and thwart even the most novel threats, those that conventional systems might overlook.While many companies leverage machine learning for post-breach detection, Deep Instinct's platform is designed for zero-time prevention. Its deep learning models, once trained, can instantaneously analyze data, making split-second decisions to halt threats in their tracks. This preemptive approach narrows the vulnerability window, fortifying systems against both known and unknown cyber adversaries.Join  Satbir and Darren as they speak with Carl Froggett, CIO & CISO, about what makes Deep Instinct unique in how they approach cyber-defense.

10/8/23 • 31:41

Data security is heavily dependent on context, and as organizations contemplate Test Data Management (TDM) they must consider not only de-identification strategies but re-identification probabilities as well.  Data privacy regulations are becoming more stringent, with some regulations having an ‘extraterritorial scoping clause’ that stipulates that organizations must comply with regulations regardless of where the data resides, if collecting data on their constituents (e.g., GDPR and PIPL).  Further, even if all direct identifiers are stripped out of a data set, the data will still be considered personal data if it is possible to link any data subjects to information in the data set relating to them (as per Recital 26 GDPR).  In other words, according to GDPR, a person does not have to be named to be identifiable. If there is other information enabling an individual to be simply connected to data about them, they may still be considered ‘identified’.An organization, using proper techniques combined with re-identification risk management procedures, remains among the strongest and most important tools in protecting privacy.   Tonic is one such vendor that applies advanced concepts to de-identify aggregate datasets.  They specialize in synthetic data, which by definition is differentially private, though they can also selectively de-identify identifiers and quasi-identifiers in complex schemas (e.g., structured and semi-structured data).  Join  Satbir and Darren as they speak with Adam Kamor, Tonic Co-Founder and Head of Engineering, about what makes Tonic unique in the space of data de-identification.

9/18/23 • 30:55

Spyderbat continuously records ALL runtime context in an environment (from Kernel to Cloud) while providing causal linkage (recording both good & bad events alike). Alerts can then be traced along the resultant causal chain that's created. Normal behaviors can then be safely ignored, allowing practitioners to focus on more toxic combinations ONLY (i.e., Alerts-to-Traces). Practitioners can then group behaviors for another order of magnitude reduction in alerts. To do this, Spyderbat has developed the following algorithms:Guardian - Records context to determine and visualize aggregate event significance in the environment. Guardian is the backbone that surfaces risk while addressing drift by comparing running applications against prior versions Flashback - Replays the sequence of activities within/across containers at the earliest warning signs of troubleScout - Maps to Mitre Attack Matrix and Kubernetes Threat Matrix and identifies attacks based on suspicious behaviors. Interceptor - Acts as automatic guardrails to protect known-good processes, extracts attackers, and rolls back misconfigurations. Collectively this delivers on the value chain from causality through enforcement.

8/4/23 • 42:53

Sounil Yu is an author, cybersecurity visionary/strategist, advisor, security scientist, and leader.  In his capacity of Chief Security Scientist at BoA he was in part responsible for developing and optimizing their cybersecurity portfolio.  With an ever-expanding set of entrants in cybersecurity, he recognized the need to develop a framework that would provide a consistent mechanism to describe and organize solutions.  Over the last several years this framework, the Cyber Defense Matrix, has evolved into a very robust matrix that can apply to an expanding set of use cases.  At The Incubator Podcast, we are using the matrix to not only map out vendors in the cybersecurity domain, but to also anticipate vendor movement between adjacent capabilities to assist clients with deliberate rationalization and optimization exercises.  Our customers tire of the 'expense in depth' that accompanies market narratives in the domain of cybersecurity and we aim to provide purposeful and defensible portfolio strategies.

8/3/23 • 36:27

Oligo Security provides OSS library-level analysis and creates a profile of behavior on runtime.  By evaluating what the OSS packages need from the operating system, they can detect malicious activity for each and every component in runtime.  Through continuous monitoring, they can alert on deviations from baseline behavior and even block those deviations if desired.  They apply a least privilege approach when assessing OSS libraries which reduces alerts by upwards of 85%.  Given approximately 80% of deployed code contains OSS, Oligo's least-privilege approach is a true differentiator.   Join  Satbir and Darren as they speak with Gal Elbaz, Co-Founder and CTO of Oligo Security, about their views on how to practically manage OSS vulnerabilities.

7/18/23 • 37:26

Primarily known as a pioneer in Confidential Computing, Fortanix has created a unified data security platform that delivers a suite of services, including multi-cloud key management, tokenization/encryption, Transparent Data Encryption (TDE), and specializes in secure enclaves.  With 30+ granted and pending patents, and a host of awards such as Gartner Cool Vendor and RSA Innovation Sandbox - Fortanix has achieved absolute encryption supremacy for the enterprise.  In this episode, we speak with Faiyaz Shahpurwala, Chief Product and Strategy Officer, as we explore a broad set of use cases to secure enterprise data, wherever it is. Please listen and contact Satbir and Darren to explore this and other observability-related domains.

7/17/23 • 32:52

Apiiro has built its Code Risk Platform to address risks inherent in material changes to application logic/code ... long before those change ship to prod.  Given the imbalance in the ratio of developer to security practitioner, Apiiro's solution is crucial if we are to deliver sustainable security programs that meet the demands of new product introduction.  They are the winner of RSA's Innovation Sandbox and are recognized by Gartner as a Cool Vendor in DevSecOps.   Apiiro establishes an ongoing understanding of the ins and outs of applications and software supply chains, and how the attack surface changes over time.  Their Risk Graph represents all code modules, dependencies, user stories, APIs, data models, development environments, container images, pipelines, technologies, frameworks, contributors, and other application components.  Taking signal logic such as developer behaviors and various security inputs, they can trigger engagement models to allow developers and security practitioners to co-create software changes.  This is a must-have for every security program!Please listen and contact Satbir and Darren to explore this and other cybersecurity and risk-related domains.

5/17/23 • 31:39

As it turns out, managing Open Source Software (OSS) dependencies is extremely difficult.  Not all vulnerabilities are in runtime and/or reachable, not all exploits focus on high/critical CVSS, there is a time delay with patches when they are made available, and Semantic Versioning (SerVer) can make prioritization challenging when thinking through backward compatibility, upgrade paths, version pinning in supply chain, etc.Though estimates vary based on source, some 80% of deployed code is now OSS with 95% of vulnerabilities taking place in transitive dependencies.  What’s more, when looking at the Census II report () approximately 50% of all packages tracked did NOT have a release in 2022.  This is an intractable problem and a reason why Endor Labs started development back in 2021.  As they so eloquently state, “Software ages like milk, not like wine”.  In this podcast episode, Satbir and Darren explore the Software Composition Analysis (SCA) domain with Varun Badhwar, CEO/Founder of Endor Labs, regarding how to focus teams on the most relevant vulnerabilities associated with their OSS code and how many AppSec programs are starting to focus efforts in this area.

5/2/23 • 27:20

Data platforms are evolving, allowing data clouds to connect with consumers and producers of data that may be external or internal to your organization.  Sharing with upstream/downstream partners in this data economy presents significant challenges to protecting data.  Join us as we discuss this economy and the security implications, with Navindra Yadav, CEO & Co-Founder of Theom.

4/24/23 • 26:49

Nobody understands observability at scale quite like Chronosphere co-founders Martin Mao (CEO) and Rob Skillington (CTO).  While at Uber they created, and open-sourced, the M3 metrics engine, which was capable of handling billions of data points that describe the most complex environments.  Then, in 2019, they founded Chronosphere which is now valued at over a billion dollars.Chronosphere focuses on capabilities that help Product Teams work more efficiently to manage their applications.  The company’s trace metrics help developers and SREs create a single metric that represents all or part of their business logic call flow, such that visibility and alerting can focus on the things that matter.  They also provide the ability to set data quotas on teams so Product Teams can better manage their costs against centrally managed quotas.  Chronosphere is committed to open source, having donated PromLens (a query builder for Prometheus) to Prometheus, as well as providing complete support to OpenTelemetry (a Cloud Native Computing Foundation (CNCF) project set to soon overtake Kubernetes in terms of contributions.  For any company that desires to support open standards with its observability strategy, Chronosphere is a must-have platform!Please listen and contact Satbir and Darren to explore this and other observability-related domains.

4/3/23 • 38:30

When considering an Insider Risk Management (IRM) program a confluence of events complicates effective execution, including a general increase in financial hardship due to the current economic climate, an increasingly remote corporate workforce, steady growth in the gig economy, privacy concerns regarding individual liberties, and negative perceptions of organizations developing a 'surveilling’ presence.  Insider threat is inherently a human challenge that must look beyond the traditional focus on cyber-only components - to also include human, organizational, and physical approaches & sensors.  DTEX Systems operates in this space, providing significant thought leadership and even forming a Public-Private Partnership (PPP) with MITRE as they jointly develop an Insider Risk Management Framework (coming soon).   Through their patented privacy-compliant metadata collection, they can surface abhorrent and abnormal behavioral patterns as ‘indicators of intent’ to mitigate malicious, complacent, or unintentional acts that negatively affect the triad of confidentiality, integrity, and availability for an organization, its data, personnel, and/or facilities.  In this episode, we speak with Brian Stoner, Vice President of Worldwide Channels and Alliances, to uncover DTEX’s approach to balancing the needs of the individual while empowering organizations to act on contextual intelligence to stop insider threats.

3/27/23 • 34:31

The annual Cybersecurity Workforce Study conducted by (ISC)² modeled the existing talent shortage as 3.4 million professionals in 2022, up 26% from their 2021 study.   The purchasing of a multitude of security products to offset skill gaps can fall short as operators struggle to adapt processes and extract value from toolchains that may or may not be flexible in handling an evolving threat landscape.  Many available security automation products require an operator to construct, deconstruct, and reconstruct a set of playbooks that include a number of static decision blocks, which are clearly not optimized for ad-hoc or potentially ex-ante scenarios.   In this episode we have a conversation with Salim Scafuto, Global VP of Customer Success and Sales Engineering, of StrikeReady, about their platform and how its logic layers (attack harvesting, knowledge harvesting, action invocation, analysis & context) combined with their machine learning capabilities (e.g., deep neural networks, convolutional deep neural networks, deep belief networks,   recurrent neural networks) can allow an operator to reason with their environment to thwart attacks.  The platform allows operators to engage in knowledge-seeking questions that invoke a security-centric conversation with their reasoning engine (e.g., such as asking, “what is ransomware?”, or, “who is APTXXX?”), a contextual awareness question  to obtain a degree of business insight (e.g., such as asking “am I currently at risk for ransomware?”), or even an automation-based command for incident response and proactive operation (e.g., such as issuing the command, “check this email for phishing”, or, “assess my risk against mummyspider”).With a host of integrations and a TAXII client to ingest a set of threat feeds, the platform is enabling a broad range of responses that mimic a security professional, offsetting much of the day-to-day load and allowing practitioners to focus more on the exceptions.  Please listen and contact Satbir and Darren to explore this and other cybersecurity-related domains.

3/26/23 • 40:50

Disrupting traditional security testing approaches is where Synack specializes. They have long recognized that to thwart attacks in modern adversarial campaigns requires a maximal combined talent of human and AI-powered intelligence.  Through the gamification and use of crowdsourced expertise across verifiable exercises, Synack leverages its Synack Red Team (SRT), a global network of ethical hackers, to identify and address vulnerabilities across an ever-evolving attack surface.  This crowdsourced team of highly skilled and heavily vetted ethical hackers represents one of Synack's key differentiators.  Traditional security assessments and audits provide point-in-time insights into an enterprise's security posture which does little to illuminate an organization's cyber defense capabilities, processes, or controls.  Synack instead opts to use an incentive-driven model that allows their security practitioners to employ any Tactics, Techniques, and Procedures (TTPs) they deem appropriate, encouraging behavior that more readily models exploitation hunting as an adversary would.  Sessions are recorded and exploits are verified via other members, providing a capture into how the vulnerabilities are found, along with how long it took, what the relative effort was to identify, and what remediation steps are recommended.  Re-test is part of the service for closed-loop verification.  Join us in this episode as we speak with Tim Lawrence, Solution Architect as we go into greater depth into how Synack can provide resilience to any organization.  In a market where security practitioners are hard to come by, this is a firm to engage with.  Please reach out to us to discover how we develop closed-loop resilience patterns in a modern SSDLC!

3/8/23 • 29:51

At its core, BlueVoyant offers MDR and managed SIEM services for Splunk and Microsoft Sentinel, though they also provide EDR services, 24/7 security monitoring, alert investigations & incident response, forensics & litigation support, attacker simulation & penetration testing, supply chain defense, dark web investigations, compliance services, vulnerability assessments and remediation, and professional services.  In this episode, we are joined by Matthew Gonter, Global Technical Solutions Architect - Splunk | Cribl where we talk about the myriad of security problems BlueVoyant sees in the industry and how they enable customers to outsource key security functions while addressing the cybersecurity skills gap to improve overall security preparedness and security outcomes.  Matt joins BlueVoyant by way of their recent acquisition of Concanon, a Splunk and Cribl professional services company, in October 2021 where Matt introduced enterprise solutions and proprietary technology to manage Sentinel and Splunk at scale while directly tackling log shipping challenges.Serving as an expert in SOC services, SIEM implementation/migration, and Observability Pipeline optimization, Matt shares many insights into the security industry and we look forward to having him back on the show!

2/19/23 • 25:52

Cribl provides a real-time data stream management platform for MELT data that enables organizations to gain insights and take action on data in place (right at the source), data at rest (already stored in a data lake), and eventually data in motion (transitioning an observability pipeline).  Back in May 2022 Clint and the C021 team signaled that they would be turning search on its head, and in Nov '22 they did just that.  We can now say goodbye to the swivel-chair searching which has become a rate limiter to value realization and start to unlock our observability and security data.  In this episode, Satbir and Darren speak with Ed Bailey, Cribl's Sr. Staff Technical Evangelist, about the power of Cribl's vision for the future.  Though we cover a range of topics there is a heavy focus on Cribl Search and all that it promises.  Search is built on an enhanced version of Kusto which provides practitioners a familiar interface to start with.  This allows organizations to get a head start by performing actions such as compiling Sigma rules into Kusto for IOC/threat hunting.  This design decision goes a long way to challenge the current modus vivendi that exists between operational and security data.Further, Cribl Search is a cloud-native construct, scaling elastically as queries are processed which dramatically reduces the infrastructure cost burden of search.  Dispatching queries to where the data is promises to drive the convergence between observability and security operations and we are excited to continue partnering with Cribl.  This is an essential platform for organizations looking to gain insights and take action on their MELT and security data.  Long live the goat!

1/30/23 • 30:56

We at Ink8r have long been advocates for calibrating protection against threat modeling exercises to properly align protection for assets.  When it comes to securing production resources in the cloud this often means extending beyond Cloud Security Posture Management (CSPM) and including Data Security Posture Management (DSPM), among other capabilities, to properly address threats.   With Theom we find not only a complete data security solution but also a platform that has truly thought through what the enterprise practically requires.  Join us as we speak with Navindra Yadav, serial entrepreneur & inventor, and Co-Founder & CEO of Theom as we explore their platform and how they are truly the enterprise's Data Bodyguard!Theom leverages NLP classifiers to discover/classify your data in the cloud across analytical stores, object stores, and relational databases (all at a granular level) and even monitors how that data is accessed (in-flight observations).  With this approach, Theom can determine potential financial exposure by combining metadata of the entities accessing/actioning the data along and determining the sensitivity of that data.  Historically, determining Annualized Loss Expectancy has been challenging.  Organizations typically must determine an Annual Rate of Occurrence (ARO) and multiply it by the Single-Loss Expectancy (SLE) for each time a risk arises.  With Theom this becomes infinitely easier and allows for a quantitative view of risk for your critical assets.  WOW!And that is just the beginning.  Theom will also determine anomalous behavior regarding entity activity to help curtail overprovisioned access and help thwart more complicated 'slow leak' attacks.  Activity can include actions on data, as well as how the data is being accessed.  By looking at API access and comparing against Swagger specs for the API, Theom can expose discrepancies between spec and actual API configuration/exposure.  Another WOW!A final note on Theom has to do with platform design and the team's foresight regarding architecture.  By leveraging Distributed Ledger Technology (DLT) Theom has placed a priority on security from several perspectives.   They immediately deliver Proof of Action for every transaction including proof that Theom doesn't manipulate any customer data (i.e., all analytics happens in the customer environment, without data movement of any kind); all data analytics incur minimal costs to the customer (e.g., we are talking under $20/day, which is incredible); and an entire world opens up for futures around concepts such as Proof of State (e.g., imagine an auditor or cyberinsurance company validating state directly - without interacting with Theom at all).

11/6/22 • 36:09