Secure Ventures with Kyle McNulty

This episode was recorded live at the Dreamit Cyber Founders Summit during RSA. Huge thanks to the Dreamit team for including me during their inaugural event!David Cass is the CISO at GSR, which is a cryptocurrency market maker. For the finance uninitiated, that basically means they buy and sell cryptocurrencies in large volumes to then buy and sell to other parties. As a result, David's role entails a lot more than the average CISO. As he will mention, it is his job to secure GSR's corporate IT like any CISO, but he also has to sign off that the cryptocurrencies they are trading are secure enough to hold a financial position without undue risk to the company. David therefore has one of the most advanced perspectives on the cybersecurity controls for cryptocurrencies. In the conversation we discussed his views on the productization of web3 security, cryptocurrency regulation, and the successes behind his CISO community CISOs connect.GSRDreamit

Rehan is CEO and founder of Securiti AI, which is providing a data command center to help organizations secure and enable their data for AI use cases. Rehan as an incredible track record which we discuss in more detail on the episode. He sold his first company for $180 million, and his second company for $280 million. Securiti AI has already raised $180 million to date from top tier investors, and they are geared up for an even bigger number. I was incredibly impressed with his track record identifying landmark technology trends and then building differentiated businesses with tailwinds from those trends. In the episode we walk through how each of these experiences built on one another, the rationale for each business, and how Securiti AI is positioned at the intersection of three of the most pivotal technology growth areas: data, AI, and cybersecurity.

Raj is CEO and co-founder of Blueflag, which helps ensure developers only have the access permissions needed for their roles, reducing risk of excess exposure. Raj started his career as an engineer and then in marketing at Adobe and VMware before taking on a COO role at Cloudknox, which they later sold to Microsoft. Raj took his lessons from working with identity at Cloudknox and applied them to designing Blueflag while paying attention to the nuanced differences for the development lifecycle. In the episode we discuss his core tenets of successful marketing in cybersecurity, the promise and challenges of cloud infrastructure entitlements management, the value of his time as an entrepreneur in residence, and how he has constantly reevaluated strategy at Blueflag informed by his previous experience.Website

Luke is Chief Product Officer and co-founder at Semgrep. Semgrep performs static application security testing, a form of code analysis, and has grown to become one of the mainstay application security tools on the market over the last eight years. Luke started Semgrep after three years at Palantir as a software engineer and product manager, and this episode really helped drive home the supportive community amongst former Palantir employees. In the discussion we cover his early entrepreneurial efforts such as modifying Xboxes, the 17 different product variations they tried before the current form of Semgrep, and how he thinks about the innovator's dilemma as a growth-stage company in a vertical being disrupted by AI.Website

Rick Howard, former Chief Security Officer at Palo Alto Networks, shares his extensive insights on cybersecurity. He discusses the shift from corporate to startup perspectives and the essential themes for entrepreneurs and investors. Howard critiques traditional risk assessment methods and advocates for a dual approach in managing cybersecurity risks. He also highlights the transformative role of artificial intelligence and emphasizes the importance of curated cybersecurity literature, including key reads like 'The Phoenix Project,' for professionals in the field.

This episode is a recording of a live interview held on stage at Blu Ventures' Cyber Venture Forum in February. A huge shoutout and thank you to the Blu Ventures team for putting together an awesome event. Bricklayer is building an AI-based agent to assist with security operations workflows. Before Bricklayer, Adam founded ThreatConnect which he led for over a decade. In the conversation we discuss his learnings from his experience at ThreatConnect, acquiring vs. building a new capability, and how he thinks about competition in the AI SOC space.Website: bricklayer.aiSponsor: VulnCheck

Amir is co-founder and CEO at Vorlon Security, which provides visibility and monitoring for SaaS app connections within an enterprise. For example, Vorlon can detect what other applications are connected to your Salesforce instance along with what data is flowing between each relationship. This helps security teams detect data exfiltration, data leakage, improper configuration, and more. Before Vorlon, Amir worked his way from a software developer into progressively more customer-facing roles, most recently as a Director at Palo Alto Networks. We kick off the episode talking about his early motivation to become a founder and how he led a decade of his career in pursuit of preparing himself for that role. Now, the team is continuing to focus on product and growth after raising $15 million last year from Accel and Shield Capital.WebsiteSponsor: VulnCheck

Josh Kamdjou is CEO and Founder of Sublime Security. Josh started Sublime after realizing just how easy it was for him to break into companies with phishing emails. He wanted to build a solution that better addressed the tailored environment of each organization such as historical data. Now the company has raised over $80 million from leading VCs such as IVP, Index Ventures, and Decibel. Before Sublime, Josh worked as a DoD hacker for 9 years.In the episode we discuss his emphasis on leveraging the attacker perspective, the fundamental difficulties of email security, his conviction in product-led growth, and more.Website: https://sublime.security/Sponsor: VulnCheck

Jon is co-founder and CEO of Halcyon, which is building an endpoint solution fully focused on anti-ransomware. Halcyon recently raised at a $1B valuation in 2024. Jon started his career in cybersecurity consulting for a decade before joining Cylance in 2014 as Chief Research Officer. After his stint at Cylance, in 2017 Jon founded Boldend, which was building offensive cyber capabilities to be used by the US intelligence community for information gathering and electronic warfare. Boldend was acquired by Sixgen three years after Jon stepped down as CEO to start Halcyon given the critical impact of ransomware on US companies.

Tushar was the CEO of Attivo Networks for a decade before selling to SentinelOne for $600 million dollars in 2022. Attivo Networks built deception technology which would trick attackers into attacking fake infrastructure. A common form of deception is a honeypot, which is an intentionally vulnerable server so defenders can gather information about attackers such as their IP address or attack techniques. Attivo provided comprehensive deception solutions and served five of the Fortune 10. In the episode we talk about Tushar's learnings from a decade at Cisco, the unique origin story of Attivo and its founders, and the sale process to SentinelOne.