Having spent most of my career at early stage startups architecting emerging security products, I’ve seen first hand the realities of vendors building for early adopters. From firewalls to VPNs, HIPs to EDR, these products invariably start out with an ever expanding series of controls, essentially building a tool that attempts to address as many customer feature requests as possible while searching for product-market fit. Sadly, being a vendor who is trying to understand a customer’s operational issues is very different from being the person who is “living” that experience.
Recently, as a CISO for a SaaS based legal tech firm, I was suddenly exposed to a very different world view; that of the customer….
Similar to many CISOs, my main concerns were “simple”; ensuring business continuity and preventing a data breach. Meeting regulatory compliance controls and following best practices checked the proverbial box, but I still didn’t sleep well at night….How well is my security working? Am I missing something? Have I saved enough long term data needed to investigate a potential security incident?
Far too many attacks are not prevented. There is a reason why threat hunting is a common security function. With so much security data being generated, I was left with more questions than answers. To put it mildly, I had an unavoidable data problem.
Dealing with limited resources and an overwhelming amount of noisy data, leveraging a SIEM for internal use and engaging an MDR/MSSP to provide continuous monitoring helps. Unfortunately, implementing these solutions can be difficult and present their own ongoing operational challenges and costs. Migrating from one such solution to another is not uncommon and resource intensive.
Building a unified security data strategy was a struggle.
My experience was not unique. Increasingly, companies are looking for a way to collect their security data into a standalone commercially supported security fabric. Being able to send the right type of data to the right destinations, enrich it along the way, eliminate the noise, and remove vendor lock is a powerful step in gaining understanding and control of your security data.
Existing products in this emerging market tend to be tools more suitable for a more sophisticated “early adopter” organization. These enterprise companies have more resources for professional services and full time security engineers who can manage a complex product on an ongoing basis, but…. what about the rest of us…. the vast majority of companies that are the “have-nots”?
As a CISO my question was… Why can’t this be made simpler? I didn’t want an overly flexible (i.e. complex) tool that could be applied to a wide variety of problems, I wanted a solution that addresses my most pressing problems as quickly and easily as possible.
That is why we started Realm, to provide a simple to use, cost effective, purpose built Security Fabric. Our mission is to provide centralized visibility, control over all of your security data, and turn-key solutions that target specific customer use cases. Every customer has some desired destination in mind for their data security journey, Our goal is to make it as easy as possible to get there.
Welcome to Realm.Security!