Turning Hurdles into Success: Ganesh's Tale of Persistence and Innovation

1 00:00:00
Speaker 1: I was going.

00:00:01
Ganesh, it's really good to finally have you on the podcast.

00:00:04
I feel like we've been trying to get this thing going for

00:00:08
quite a while now and I'm just really excited to finally have

00:00:12
you on.

00:00:13
Speaker 2: I appreciate the opportunity to be here.

00:00:15
Better late than never, so glad to get started.

00:00:20
Speaker 1: Yeah, I guess that's one way of looking at it.

00:00:22
You know it's.

00:00:23
It's just, it's interesting how your schedule can can play out,

00:00:29
you know, when it's a.

00:00:30
It's been a crazy year for me, that's for sure.

00:00:34
Speaker 2: I can only imagine.

00:00:35
Probably with the schedules that you run, it's probably

00:00:37
powerful the course, but yes, when it comes to reality it's a

00:00:40
different thing.

00:00:41
Speaker 1: Yeah, right.

00:00:42
So so, ganesh, you know I started everyone off was kind of

00:00:46
telling their background, right , talking about how they got an

00:00:51
IT.

00:00:52
What was it about IT that really piqued their interest,

00:00:55
that wanted them, that made them want to, you know, get into

00:01:00
this field, right, because this field isn't really for everyone.

00:01:03
But you know, I've done over 150 of these episodes and I

00:01:07
haven't heard the same background twice, right, like

00:01:09
I've talked to former opera singers, I've talked to, you

00:01:13
know, former physicists and somehow these people always find

00:01:18
their way into IT.

00:01:19
So what's your story?

00:01:21
Speaker 2: Yeah, I don't know whether I'm going to be as

00:01:23
exciting as others, but let me do my best.

00:01:26
So I started with a couple of different things, but one way to

00:01:33
give you a little bit of my background, if I were to

00:01:35
summarize it in the shortest possible way, I'm an engineer by

00:01:40
training, as in.

00:01:42
That's what I went to school for.

00:01:44
A technologist by vocation that's what I did for the first

00:01:48
majority of my career and arguably an entrepreneur by

00:01:53
choice.

00:01:53
What that really means is when I come to an edge, I jump first

00:01:59
and pray real hard that I can find sure, but I've been

00:02:02
incredibly fortunate to be in the company of the right people

00:02:06
at the right time, right.

00:02:07
So that's what has sort of led to the success in terms of

00:02:12
venturing and being an entrepreneur.

00:02:13
I'm happy to give you more background on what's been built

00:02:18
up to where upticks is today, but on myself, that's how I

00:02:23
characterize yes.

00:02:23
Speaker 1: Yeah, it's a really interesting.

00:02:29
I feel like it's an interesting question to start off with to

00:02:33
kind of get the feel for how the guests got started and whatnot.

00:02:41
Speaker 2: I can give you a lot more color on that, just to

00:02:45
elaborate.

00:02:46
So, in terms of interest in IT, of course it is due to the

00:02:53
training as an engineer and the curiosity then took me to be a

00:02:58
software engineer and technologist through majority of

00:03:01
my career.

00:03:01
But in terms of the venture itself has applied to core

00:03:08
cybersecurity.

00:03:09
Me and the core funding team here at upticks we come from a

00:03:14
background of having scale, and by scale I mean enterprise scale

00:03:21
, as in building things for large operators like AT&T and

00:03:25
Comcasts of the world.

00:03:26
We built primarily technologies which enabled these large

00:03:31
operators to make revenue through the tooling that we

00:03:35
provided as entrepreneurs from the past.

00:03:39
However, the revelation, at least, which piqued the interest

00:03:42
to get into cybersecurity at large, was a peripheral

00:03:47
understanding that with the knowledge that we possess, which

00:03:50
we were using only for constructive purposes, if

00:03:53
someone had a different, maybe malicious or a different intent,

00:03:58
but with the same knowledge that we did, they could

00:04:01
definitely cause a lot of harm and as you see what's happening

00:04:05
around us.

00:04:06
So that's what prompted us to start thinking can we make a

00:04:10
difference, to be on the defenders with the knowledge

00:04:13
that we possess, having a good understanding that those who

00:04:16
have a similar skill, but with the offensive mindset or the

00:04:20
malicious mindset, could do other things, and this happened

00:04:24
when we were at the prior venture that we did and we were

00:04:27
acquired by Akamai, and some of what we saw in terms of debug

00:04:32
and diagnostics then led us to the belief that maybe the

00:04:35
visibility that we encountered in the past, maybe that can be

00:04:40
made available for cyber, and that's how the venture was

00:04:44
formally conceived around eight years ago.

00:04:46
We took money and operationalized the venture by

00:04:49
capitalizing it in the summer of 2016 and seven years on, here

00:04:55
we are.

00:04:58
Speaker 1: So that's really interesting.

00:04:59
You always hear about these big tech companies and the scale

00:05:10
that they're operating on, and I read an article maybe it wasn't

00:05:17
an article, it was just a random post that talked about

00:05:21
how Google can't really purchase products to manage their

00:05:28
environment.

00:05:29
But I have to actually create it, because the scale is so

00:05:32
significant that very, very few other products on the market

00:05:38
would even come close to being able to manage the scale.

00:05:40
And then, when you factor in the features and functionality

00:05:44
that they may want, they don't want to rely on a third party

00:05:47
vendor for that.

00:05:49
Can we talk a little bit about what it's like to design for

00:05:52
that scale?

00:05:52
Because there's not that many people in big tech, right,

00:05:57
there's several thousand engineers and whatnot, right,

00:06:00
but not everyone comes from that background.

00:06:02
And so, for even someone like myself, the largest company that

00:06:07
I've worked for is about 650 employees.

00:06:10
It's a global company, and even when we start talking about

00:06:17
Amazon scale, I can't even fathom it.

00:06:21
I can't even picture it, right.

00:06:23
So what is that like?

00:06:24
Trying to solve that problem?

00:06:29
Speaker 2: Yeah, that is a great question and where, if I were

00:06:33
to share my own experience, to tie it back anecdotally, what I

00:06:38
can reflect upon is the fact that scale produces a different

00:06:43
kind of challenge than what you might encounter otherwise, and,

00:06:49
in the context of what the learnings were, they were not

00:06:52
necessarily tied to cybersecurity, but they were

00:06:56
tied to visibility and observability.

00:06:59
For a different reason it was predominantly for debug and

00:07:04
diagnostics.

00:07:06
When you're operating a very large distributed systems, no

00:07:10
matter what the application is, you need to have intense amount

00:07:15
of visibility such that you can quickly diagnose in case things

00:07:19
are trending in the long direction.

00:07:21
And all of that is tied these days into site reliability and

00:07:25
other engineering.

00:07:26
But the premise of why you might deduce that something is

00:07:31
not working is based on what's otherwise called as a paradigm

00:07:36
of observability.

00:07:37
So what scale teaches you is that you can't do things in a

00:07:42
onesie-toesie way, but you need to look at a distributed system

00:07:46
as a corpus of large system which is constantly streaming

00:07:51
some sort of a telemetry to you, and you need the ability to

00:07:55
apply analytics based on that streaming data and quickly

00:07:59
figure out where exactly are the signals which are noteworthy,

00:08:03
because clearly you can't pay attention to everything.

00:08:06
That means you need means to extract what's worth paying

00:08:10
attention to.

00:08:11
So these were some of the deep learnings which heavily

00:08:13
influenced us to say, can this paradigm be applied in the realm

00:08:18
of cybersecurity?

00:08:19
Because, due to the proliferation of cloud at large

00:08:22
scale, can you start deducing what's wrong in the systems by

00:08:26
observing their behavior, by doing so from outside in, by

00:08:30
collecting telemetry from them and applying streaming

00:08:33
techniques.

00:08:33
So that was in some ways a lesson that we had the good

00:08:39
fortune of learning in a different edges and domain, but

00:08:43
the luxury of applying it to cybersecurity in this current

00:08:46
venture.

00:08:47
Hope that made sense.

00:08:48
I'll pause here, happy to zoom in and double click, but hope

00:08:51
I've shared an anecdote which is relevant to what you were

00:08:54
asking for.

00:08:56
Speaker 1: Yeah, I think that makes sense.

00:08:57
I wonder.

00:09:00
So I think that this poses a unique challenge.

00:09:05
So when you're starting a company, when you're creating a

00:09:09
product, you want to it's human nature, you want to take in

00:09:15
every single customer that you possibly can to get them your

00:09:19
product to not only benefits them, it benefits you.

00:09:22
When you're when we're talking about creating a product that

00:09:27
has to scale like that and you're early on, you know, in

00:09:31
your development process and the lifetime of that company, do

00:09:36
you think that it is also important for you to choose the

00:09:40
right customers as like, as a side note from the customer

00:09:44
choosing you?

00:09:46
The reason why I asked that is because I actually used to work

00:09:49
for a company.

00:09:50
It was very small, you know, they had been around for I don't

00:09:54
know, maybe 15 years, something like that, but they were still.

00:09:56
I mean, it felt like it was a start-up and we had certain

00:10:01
customers that had been around for forever that were just so

00:10:05
resilient to any issue our product would encounter right in

00:10:11
their environment, no matter how sensitive their environment

00:10:13
was or whatnot.

00:10:14
It was like they were used to it.

00:10:16
They knew that we would get it resolved and they knew that they

00:10:20
had a reporter in a certain way and like they just understood,

00:10:24
right, like this is a part of the game.

00:10:26
And then we had other customers that were extraordinarily

00:10:29
difficult to deal with if they encountered a brand new you know

00:10:33
bug or an issue with a brand new version.

00:10:35
And so I can only imagine, right, because there's only so

00:10:40
much that you can design for without without having a problem

00:10:44
in front of you, right?

00:10:45
So I think it poses a unique situation where you have to have

00:10:53
a customer that's understanding like hey, you know, we're

00:10:56
starting out, we think we're doing something special here.

00:10:59
If you can hang in there through a couple iterations of

00:11:03
these bugs and whatnot, like we'll get there.

00:11:05
Is that something that you've experienced?

00:11:07
Is that something that you learned?

00:11:10
Or am I completely out there and off base?

00:11:14
Speaker 2: Now, I think that's the I don't want to say.

00:11:16
In some ways it's the very nature of progressing through

00:11:21
the journey of a startup, because when you start off you

00:11:25
can do two things you can figure out if there is a little wedge

00:11:29
or tooling, go really deep, or you can arguably take the

00:11:33
approach that we did we built a general purpose platform but in

00:11:37
both cases, in the initial phases of the venture, where

00:11:43
you're iterating for that initial product market fit, you

00:11:48
clearly go through the phase where there's a combination of

00:11:51
ideation that you bring to the table which gets a customer

00:11:55
excited, so much so that they are willing to partner with you

00:11:59
and arguably go through that phase of trial by fire in

00:12:04
production, because they see in you the promise, that a pain

00:12:09
that they felt they've not been sufficiently able to solve it

00:12:12
any other way, which is why they are willing to invest in you

00:12:17
and your venture and arguably go through that process.

00:12:21
And I'd say that we were fortunate that while we had our

00:12:26
own here of challenges, our customers saw sufficient value

00:12:30
to persist with us.

00:12:32
And of course, it took a few years to get them to like really

00:12:37
large and I'm talking about 150 plus server environments

00:12:42
where we've been fortunate to get operationalized, but it

00:12:45
didn't happen overnight.

00:12:46
We had to prove and we had to persist and we had to do

00:12:50
everything that you just outlined, because, at the end of

00:12:53
the day, it's not that, while we had a vision and the product

00:12:55
work for most part, making sure that it fits in an enterprise

00:13:00
environment where there's a lot of diversity and that diversity

00:13:03
introduces pain and challenges is what one had to encounter and

00:13:06
overcome, and we were fortunate to do so.

00:13:12
Speaker 1: Yeah, it's a.

00:13:13
You know it's an interesting way to live a life.

00:13:18
Right is running a startup and all the different stresses that

00:13:23
come with that.

00:13:23
You know it's an interesting way even to start your career.

00:13:28
You know, like for me, right, I started out as a startup and

00:13:33
being able to, or having to, wear several different hats, you

00:13:39
know, all on the same phone call, right and taking a problem

00:13:44
and owning it all the way from start to finish, not being able

00:13:47
to escalate it.

00:13:48
It's like, you know, no, I am the escalation point, like they

00:13:52
call the right number, unfortunately, and I'm the

00:13:55
person that has to take this thing from.

00:13:57
You know, 8am until 4pm.

00:13:59
You know it's always interesting to hear about

00:14:05
everyone's journey in the startup phase because it's

00:14:09
different but similar in a lot of interesting ways.

00:14:14
Speaker 2: Yes, you know, I have a very simple philosophy around

00:14:17
this, and others might disagree .

00:14:19
The bottom line, I think, is there is no shortcuts when you

00:14:24
jump on your journey to get to a successful point.

00:14:27
And if you were to imagine X and Y axis and Y is like you

00:14:31
know how much time it takes to be successful on the other axis,

00:14:37
then you realize that there are no shortcuts.

00:14:39
It's guaranteed to take time to be successful, at least

00:14:44
statistically.

00:14:44
I think that's accurate.

00:14:46
The only other thing which is really important is that the

00:14:50
journey to go to the top is going to be jagged.

00:14:53
It's never a smooth line, right , and that's your point.

00:14:56
It always takes time and it's always bumpy, but if you're able

00:15:00
to endure the ride in the company of the right team, I

00:15:03
think it makes the biggest difference.

00:15:08
Speaker 1: Yeah, you bring up a really good point.

00:15:11
You know that there are no overnight successes in this

00:15:16
world, that's for sure.

00:15:18
And I think that that kind of that hit me when I watched this

00:15:22
interview from Kevin Hart I think Oprah might have been

00:15:26
interviewing him or something and they said oh, you know,

00:15:29
you're an overnight success.

00:15:30
Like how does it feel?

00:15:31
And he goes overnight.

00:15:33
That was 12 years of hard work, of people booing me off the

00:15:38
stage, of people, you know, not knowing my name, me not being

00:15:42
able to, like, feed myself for several days, Like that.

00:15:47
That was a long time.

00:15:49
That was 12 years of being not giving up and that really

00:15:54
resonates with me, right, because in the current society

00:15:58
and how everything is, you see, it's like you see it all right

00:16:02
in front of you immediately, right?

00:16:04
So now you, you're matching up your life with this other

00:16:08
person's life and they were probably in it for 10, 12, 15

00:16:12
years, right, and you're saying, well, I'll never get there.

00:16:15
That's not for me.

00:16:17
But in all actuality, is that person that spent the 15 years

00:16:21
doing that to master it.

00:16:22
They just didn't give up.

00:16:24
You know that that's the only thing.

00:16:26
Like, they had their disappointments, they had their

00:16:28
failures.

00:16:28
They just didn't give up.

00:16:30
They kept going, and I think that that is that's a key skill

00:16:35
in life overall, right, but it's a key skill that you must have

00:16:41
to really be successful in anything that you choose to.

00:16:44
Would you agree with that?

00:16:46
Speaker 2: Yes, absolutely, and I can give you some anecdotes

00:16:50
based on my own experience, because, in our seven years of

00:16:55
existence, to build the first core part and do the validation,

00:16:59
it was roughly an overnight success of five and a half years

00:17:05
in the making.

00:17:06
Because in the business of cybersecurity, we are today a

00:17:11
provider of two things.

00:17:13
If you have your technology, from the laptop to the cloud, if

00:17:19
the cliché is software is eating the world, the question

00:17:22
is where is it produced, how is it operationalized and why does

00:17:26
it end up being a crown jewel of an organization?

00:17:29
At the venture that we are, we specialized in securing that arc

00:17:35
of productivity.

00:17:35
We arguably made a case five years ago to come up with this

00:17:41
approach of using a paradigm of observability which probably was

00:17:46
not well understood or well received.

00:17:48
Of course, we had to build the platform at scale to validate

00:17:52
that.

00:17:53
Now, of course, we have a really nice word which our marketing

00:17:56
team has put together, which is called a shifting up.

00:17:59
But what really entailed was looking at all these things

00:18:03
which are a part of going through that cycle of building

00:18:07
your crown jewels.

00:18:08
How do you observe the laptop, the SaaS services, the cloud

00:18:13
infrastructure and then draw conclusion is something going

00:18:17
wrong.

00:18:17
How can we use the same data to establish trust and all of that

00:18:20
.

00:18:20
And that took us time and, with one specific asset, to secure

00:18:27
and build it.

00:18:28
It took that overnight success and it took that long and now we

00:18:34
are in a position to reap the benefits of this shift up

00:18:38
approach, and we see a lot of parallels.

00:18:41
Of course, when we were doing it, we were thinking who else

00:18:43
might have done something like this, and we saw the likes of

00:18:46
SAP and the likes of Salesforce and others do it, and we were

00:18:51
able to connect the dots that it took them a fair bit of time to

00:18:55
get to where they are, because this observability approach,

00:19:00
built on a platform, is not something which happens

00:19:03
overnight.

00:19:04
But, to your point, you have to be persistent and it takes that

00:19:08
much time to be successful.

00:19:12
Speaker 1: Yeah, it's an interesting journey.

00:19:15
So we talked about designing a product for scalability for

00:19:24
extremely large environments.

00:19:25
I would assume that that really significantly impacted how you

00:19:32
designed upticks, the upticks platform.

00:19:34
Right, because it's a cloud first solution to provide

00:19:39
visibility into the you know, your multi-cloud, your single

00:19:42
cloud environment.

00:19:44
What's the difference, in your mind at least?

00:19:48
What's the difference between a cloud first product and a

00:19:53
product that you know legacy on-prem, that was rehashed into

00:19:59
a cloud solution?

00:20:01
Me, from the engineer perspective, there's a gigantic

00:20:05
difference, right?

00:20:07
Those other legacy solutions.

00:20:08
They typically can't scale very well.

00:20:10
They're typically very configuration heavy.

00:20:13
You could spend months configuring those tools to do

00:20:18
very simple operations across all three of the clouds.

00:20:21
In that valuable time that you would have had, you would have

00:20:25
had a cloud first product that would step in and would have

00:20:30
done it in 30 minutes and you'd be up and running, right, yeah,

00:20:34
so from an engineering perspective, there's a huge

00:20:37
difference.

00:20:37
But from your perspective, from where you're sitting, right,

00:20:43
what's the difference that separates the two kind of rules

00:20:46
of thought?

00:20:49
Speaker 2: Yeah, so the there are two dimensions.

00:20:52
One, scale, of course, is the easy word to use, but the real

00:20:55
question is in the modern environment, why does scale

00:21:01
matter?

00:21:01
Scale, of course, is the part in terms of your ability to

00:21:05
cover a wide spectrum and go for large environments, but in

00:21:11
addition to scale, there is a big part is the diversity of the

00:21:15
environment and the rate of change in the environment too.

00:21:19
If I were to characterize the problem statement to then

00:21:23
highlight the reasons for why a cloud native approach makes a

00:21:29
difference, if you're to look at what a prototypical user who

00:21:35
might want to work with optics and what challenges they might

00:21:38
face, their work might look like something along these lines

00:21:41
right In the organization, their users might either be

00:21:46
interacting with SaaS services because they work off a laptop,

00:21:51
they have a Wi-Fi and they connect to Google, or they

00:21:54
connect to like GitHub or do something.

00:21:56
But the engineers they assert their identity with the identity

00:22:00
provider, like OCTA, they connect to something like GitHub

00:22:02
to like, do the source code, check in checkouts, they develop

00:22:06
the crown jewels, then they push it into some kind of build

00:22:10
pipeline and then they operationalize their tech by

00:22:12
storing the artifacts, the builds that they've generated

00:22:16
and pushing it into one of the clouds, and they might use

00:22:18
modern environment like Kubernetes to containerize and

00:22:21
package.

00:22:23
Now, of course, there is the scale part of all these, each

00:22:27
one being at large scale if you're a large organization, but

00:22:31
there is the diversity of various things that you need to

00:22:34
account for.

00:22:34
Then the other part to account for is the rate of change.

00:22:38
With the way the modern world is, to make sure that you are

00:22:42
able to instantly adapt and provide new features.

00:22:45
There is constant software which is being built and it's

00:22:50
being operationalized such that changes happen within a few days

00:22:54
in some cases or, worst case, weeks, as opposed to like months

00:22:57
of release cycle in the past, which is historical data center

00:23:01
centric, on-prem approaches, because it is a lot harder to

00:23:04
like, operationalize tech and a lot harder to debug and if they

00:23:08
were mistake, you can't really push things out.

00:23:12
Now the scale, the diversity, the rate of change introduces

00:23:18
various different problems when it comes to both security and

00:23:21
understanding.

00:23:22
If things go wrong and the way you have to tackle this becomes

00:23:26
a different problem statement, especially in the context of

00:23:29
cloud native applications and how you secure them.

00:23:32
And to secure that then you have to be as purpose built as

00:23:37
the applications itself, because it needs a new paradigm and

00:23:40
that's where we've been fortunate to build a platform to

00:23:44
make a difference.

00:23:45
I'll pause here I can dig in further on this because this is

00:23:49
a topic that I'm extremely passionate about but hopefully

00:23:51
that gives you some color and perspective on the problem

00:23:55
statement itself.

00:23:55
Thank you.

00:23:57
Speaker 1: Yeah, absolutely.

00:23:58
I feel like you know, I have seen it where in a few cases,

00:24:04
you even have to explain almost like what the cloud is to some

00:24:09
people, of how, you know, updates can happen daily, right,

00:24:14
and not impact you at all, and you not even notice that there's

00:24:17
an update.

00:24:18
It's like, well, do you use Gmail?

00:24:19
You know, and if you use Gmail, that thing is updated probably

00:24:23
every week and you've never noticed as a single update.

00:24:27
I have you, you know, I was working at a place and I was

00:24:32
trying to get rid of the legacy ping identity solution because

00:24:36
it was on-prem, it just wasn't going to work for us in the

00:24:39
cloud, wanted to move to another SSO solution that was cloud

00:24:45
based, you know, and the principal engineer that was

00:24:51
going to, you know, own the technology was very confused as

00:24:55
to how they could update their product so often.

00:24:57
And I'm sitting here like how does this guy of all people, how

00:25:02
does he not understand how this works?

00:25:04
You know, and it's interesting that in 2023, we still have to,

00:25:10
you know, kind of describe that and go into that a bit.

00:25:13
Is that something that you have also seen or have?

00:25:16
You know?

00:25:17
99.9% of customers, you know, moved on and they're not dealing

00:25:23
with that legacy thought pattern anymore.

00:25:26
Speaker 2: I think they have moved on.

00:25:27
They're not dealing with the legacy thought pattern, but they

00:25:31
do have a lot of residual legacy in large environment

00:25:36
because their digital transformation journey is not

00:25:39
complete.

00:25:39
Well, I think people certainly have an appreciation, the

00:25:44
reality which sometimes grounds them as the diversity of their

00:25:48
resources.

00:25:49
You know as easy as it is to think that you might have the

00:25:53
latest version of Red Hat or the bounty in the cloud that you

00:25:57
can take advantage of, what they're left with is you know,

00:26:01
12 or 13 years ago there was Red Hat 5.

00:26:03
It was running on a dual core machine with 8 gig RAM.

00:26:07
It's running something which is machine critical, engine rating

00:26:10
, a lot of money, and they're aware that it needs to be moved.

00:26:14
But you know, business reasons prevent them from moving it

00:26:17
right.

00:26:17
So that one consideration.

00:26:19
I also want to make an observation, if I may, based on

00:26:22
your first comment about availability of Gmail and other

00:26:26
applications.

00:26:26
Most people probably take it for granted because the rate at

00:26:31
which, or the frequency with which, they access their

00:26:33
Facebook and Google these things probably are far more reliable

00:26:37
than the banks that they dealt with from a digital perspective.

00:26:40
Right, because it's downtime implications to these providers

00:26:44
are far more bigger than if a bank is down.

00:26:46
You might go to another ATM or you might wait, but if you're

00:26:49
not getting your email or your messages, you're not able to see

00:26:52
your Instagram or whatever else .

00:26:54
I think that there's going to be a bigger outage, right?

00:26:56
So outrage, rather so.

00:26:57
I feel that you know the reasons why are different, but

00:27:03
the reliability of these applications, thanks to cloud

00:27:07
and SaaS, is just incredible.

00:27:10
Speaker 1: Hmm, yeah, you put it a really, a really good way.

00:27:14
So, you know, can we talk a bit about upticks and how the

00:27:19
platform takes in the different signals from the cloud and then

00:27:24
provides intelligence around it.

00:27:26
What's the basis that it provides this intelligence?

00:27:29
And before you dive into this right, Because this could go on

00:27:34
forever I just wanted to mention I saw the product for the very

00:27:38
first time at RSA it might have been 2021 or 2022.

00:27:46
And it was a rough product, you know.

00:27:48
I'll be honest, it was rough.

00:27:50
You could see that it had, you know, good bones, good

00:27:53
infrastructure there, that something special was actually

00:27:56
coming.

00:27:56
And then this past year, when I went to Blackhead and Defcon,

00:28:02
you know, I got to see the product again.

00:28:04
It looked like a totally different product, right, it

00:28:06
looked amazing.

00:28:08
To be completely honest with you, it looked really great Very

00:28:11
intuitive product, great UI.

00:28:13
I understood what was going on, you know, right from the start.

00:28:17
I didn't need anyone to explain it to me, even though your team

00:28:20
did a fantastic job of walking me through it, and so you know,

00:28:25
I just wanted to point that out of how, just in, you know, a

00:28:27
year, 18 months, right, like your product, made a significant

00:28:32
leap in usability and, you know , in the value that it actually

00:28:38
provides to an environment.

00:28:39
And again, this episode isn't even sponsored by you guys.

00:28:42
I just enjoy the product.

00:28:45
Speaker 2: Thank you, and that's much appreciated.

00:28:47
And I'll tie it back to what I said earlier.

00:28:50
You caught us probably in the four years of the five and a

00:28:54
half years it took to actually get to where we want to be at

00:28:57
scale.

00:28:58
It's a great observation and a very candid one, which I

00:29:03
sincerely appreciate, because I think it's factually accurate To

00:29:09
dig in a little bit deeper to understand why that's the case.

00:29:14
We arguably chose a completely different approach to building a

00:29:19
product and what problem we want to solve, for Our thought

00:29:24
process was to provide security using the observability paradigm

00:29:29
.

00:29:29
Now, what that meant was you know, you know.

00:29:32
We of course, have a really nice way to outline it, we call

00:29:36
it as shift up security, but the basic tenets and principles

00:29:40
were that if there are a set of attack surfaces for which you

00:29:44
want to provide security coverage, at the end of the day

00:29:48
you provide security coverage to reduce risk for any

00:29:51
organization, and risk stems from either vulnerabilities and

00:29:56
misconfigurations or genuinely threats which are behavioral in

00:30:00
nature, because the misconfigurations or

00:30:03
vulnerabilities that you have have been exploited by someone

00:30:07
and they are posing a threat to the organization.

00:30:09
And to understand what this risk reduction means across a

00:30:16
set of asset categories, we chose arguably harder route to

00:30:21
market then, which is to say that we will build an

00:30:26
abstraction using a series of sensors and connectors which

00:30:30
will provide us with in-depth telemetry, and we will apply

00:30:35
analytics on that telemetry while it is in flight as well as

00:30:39
on a historical basis, so that we can build the necessary

00:30:42
security controls towards reducing the risk.

00:30:45
Now, to realize that vision, of course, we had to build these

00:30:51
sensors and connectors using a structured manner which

00:30:54
transmitted the telemetry, for example, for XDR and endpoint.

00:30:58
We do so from runtime environments, from the cloud.

00:31:01
We do both agent and agentless, but we connect to it such that

00:31:05
it sends the data to us.

00:31:06
So the question is how do we scale, ingest the data, apply

00:31:10
analytics to extract signals so that those signals then, in turn

00:31:14
, can be used both for establishing trust, as in

00:31:17
compliance, and auditing, and all that as well as doing threat

00:31:20
detection.

00:31:20
And you probably caught us at a point where the infrastructure

00:31:25
was built to ingest the data in a scalable manner, but we

00:31:31
perhaps were lacking the ease and the simplicity that's

00:31:35
required by most organizations, who are bootstrapped in terms of

00:31:40
their time to draw conclusions and with the ability to build

00:31:46
that platform in a scalable manner.

00:31:47
What's been happening in the last couple years is our ability

00:31:52
to extract insights on top of the platform, and those insights

00:31:56
are the ones which translate directly into the CNAP, cwpp all

00:32:01
the analysts have really nice acronym soup for that and we

00:32:04
provide coverage because that translates into security

00:32:07
controls, and thank you for sharing this.

00:32:11
Where you probably next encountered us is that we then

00:32:16
were able to actually show the promise of that telemetry by

00:32:18
generating actionable insights, and I appreciate you sharing

00:32:23
that.

00:32:24
It was self evident for you when you saw it yourself right.

00:32:26
So that's a tribute to our product team and our marketing

00:32:29
team that they're in a position to make that happen.

00:32:31
But hopefully that gives you an anecdotal journey tying back to

00:32:35
your two points of observation and where we were along in our

00:32:39
journey.

00:32:40
I'll pause you for a second, if I can zoom in on anything else.

00:32:42
Yeah, absolutely.

00:32:47
Speaker 1: You bring up a really good point right is presenting

00:32:50
actionable information and actionable intelligence to the

00:32:57
engineer, to the end user, to actually resolve issues within

00:32:59
the environment, and that's actually a huge area of the

00:33:07
cloud and cloud security solutions that matters a lot

00:33:12
more, I would say, regardless of the environment size.

00:33:14
About a year, year and a half ago, I was POC'ing a CSPM

00:33:18
solution and the deciding factor for me was ease of use, right?

00:33:23
How quickly can I get this thing stood up?

00:33:25
How quickly is it going to give me information that I can

00:33:29
actually act on?

00:33:30
And how can I take that information and take that

00:33:34
information and take that information and actually act on?

00:33:36
And how can I take that information and maybe even

00:33:40
resolve it straight from this console, right?

00:33:43
Rather than going into AWS or Azure and then GCP to resolve

00:33:47
these three critical items, can I do it all straight from this

00:33:51
platform or whatnot?

00:33:51
Right?

00:33:52
And that was absolutely a criteria that I had to keep in

00:33:56
mind, because our team at that time was a team of two,

00:34:00
including myself.

00:34:01
We didn't have the time to really sift through 1 alerts

00:34:08
a day and choose the five that were the ones that I needed to

00:34:12
pay attention to and design a plan around how to resolve them.

00:34:16
It's like, no, I kind of need this solution to do 99% of that,

00:34:21
and then I do the 1% and verify that that's what I actually

00:34:24
want to do in the environment.

00:34:28
I point that out because it's like that shift in mentality

00:34:32
almost, and even at a larger organization that I'm at right

00:34:36
now, that still matters a significant amount because I'm

00:34:40
doing other things.

00:34:41
I have 30 other things going on that I can't spend my entire

00:34:47
day in this one console.

00:34:48
I have an hour, two hours maybe , to get this information, make

00:34:54
adjustments in the environment, vocalize it out, make changes in

00:34:58
the processes and then move on.

00:34:59
It's just a fast pace evolving area, I feel.

00:35:05
Is that what you've noticed as well?

00:35:08
Speaker 2: Yes, very much so, To your point about CSPM and its

00:35:14
implications and threat detection on the other side.

00:35:18
Virtually in all cases and this, of course, took us time,

00:35:21
because when you do a platform-centric approach, it

00:35:24
takes time to build everything, but in both scenarios you want

00:35:29
to quickly surface something which is insightful, and perhaps

00:35:33
this is what you're alluding to Context is the king, because if

00:35:36
there is something noteworthy which is to be investigated, the

00:35:40
context reduces the necessary time and it reduces dwell time

00:35:45
and it makes a big difference because then you know that there

00:35:48
is something noteworthy that you're going to act upon, based

00:35:51
on the efficacy and the quality of the context which is provided

00:35:55
to you.

00:35:57
Our observation has been along those lines in terms of which

00:36:00
has been the lead up to our product improvements, whether it

00:36:03
is for CSPM and the context around agent less, where you can

00:36:09
provide a lot of visibility, which is static in nature, to

00:36:13
the agent-based approach, where you can actually do behavioral

00:36:16
detection.

00:36:17
How do you provide that in a rich way, not just your own way,

00:36:22
but you align it with something like MITRE, which allows an

00:36:26
organization who's read something and they have some

00:36:29
approach to understand.

00:36:30
This is how threat actors might behave and when you use that

00:36:34
paradigm to lay things out, it's a lot more easier for us to

00:36:37
digest.

00:36:37
Yes, a long-winded way of telling you that I'm 100%

00:36:41
aligned with what you said, irrespective of the size of the

00:36:44
team, as to how quickly one has to surface the context and

00:36:47
provide ease of use.

00:36:50
Speaker 1: Yes, it's really valuable when you present the

00:36:54
information in a way that relates to a framework or a

00:36:59
standard, like MITRE that you mentioned, because sometimes

00:37:04
with these changes that you need to make within the environment,

00:37:06
you need the proof, you need the actual evidence saying, hey,

00:37:11
this is the actual control that we are failing.

00:37:15
This is why this is how we resolve it From the engineering

00:37:19
perspective.

00:37:20
It makes me look really great, at least to my management team,

00:37:24
when I can go to another, let's say, infrastructure guy or a

00:37:27
network guy or a developer and say, hey, this is exactly what

00:37:30
we need to do, why we need to do it and everything like that.

00:37:34
Historically, that would take a couple of days to put that

00:37:38
information together because I have to pull all this

00:37:40
information from so many different resources and check it

00:37:44
and triple check it.

00:37:45
But you know, if you have a solution that's doing that for

00:37:49
you and you can just take it and literally send it off to

00:37:52
someone, that saves me a whole lot of headache.

00:37:56
And I always appreciate it when products you know take in to

00:38:00
account the end user and what that end user has to go through

00:38:04
on a day to day basis, and you know it's like, how do, I make

00:38:09
their day easier.

00:38:10
You know, that's always, at least from my perspective that's

00:38:13
always appreciated, it's always noticed and it provides a lot

00:38:18
more value than you know any other solutions out there, in my

00:38:22
opinion.

00:38:23
Speaker 2: Now you bring up a great point.

00:38:24
I mean, if I were to just give three simple examples to your

00:38:30
observation, what we've seen where we've had great resonances

00:38:35
one, you know, simply in the context of the visualization of

00:38:39
the CSPM and all that if there's ever a conversation between the

00:38:43
security team and the development team, you can use

00:38:46
something like a security graph or attack path to have a

00:38:49
conversation.

00:38:49
Look, this is what a visual thing about where the

00:38:54
misconfigurations which could lead to a whole exist, and it's

00:38:57
an easy conversation between the security operations and the

00:39:00
developers of the DevOps team so that they can fix it.

00:39:03
Second, if you are any good site organization, you're in the

00:39:07
context of a compliance and audit, the auditory activities

00:39:10
simply to establish value to the auditor, to say, okay, here's

00:39:14
the audit tail which tells you that this control is not there.

00:39:16
And now it's there.

00:39:17
And all of that data makes a big difference.

00:39:20
And third, of course, is genuinely on the cyber side.

00:39:23
Now, whether it's detection and response or post factor or

00:39:26
speculative hunt, if you have the depth of telemetry and the

00:39:30
data, not only can you surface a few things which are aligned,

00:39:34
but that's the part where, if things are trending in the wrong

00:39:37
direction because, god forbid, something has really gone wrong

00:39:39
in your organization.

00:39:40
At least you can dwell, reduce the dwell time by knowing and

00:39:44
scoping what was the lead up.

00:39:45
And where we've been fortunate is that the intersection of

00:39:50
these three use cases for a bunch of different asset

00:39:53
categories, which, of course, gartner likes to characterize as

00:39:57
XDR and CNAP.

00:39:58
These are words, but both in terms of workloads and endpoints

00:40:02
, we've been able to make a big difference.

00:40:04
It certainly took time, but we are at that point where these

00:40:09
three examples to just to back up what you said we've been very

00:40:14
fortunate to really easily address where the ease of use to

00:40:18
make this happen.

00:40:23
Speaker 1: With it being a cloud solution and natively, I guess.

00:40:30
The cloud providers are very fast moving and they're always

00:40:34
revolutionizing and adding new services and just everything you

00:40:39
can imagine they're adding behind the scenes.

00:40:42
How does the company in your position stay up to speed with

00:40:48
all the different changes that are coming?

00:40:49
I think last year AWS added something like 27 new services.

00:40:55
I couldn't believe it because I feel like maybe I'm legacy

00:40:59
cloud where I'm still stuck within Kubernetes and EC2 and S3

00:41:05
buckets.

00:41:06
How does someone in your position say okay, we're going

00:41:10
to consume these new services, we're going to figure out the

00:41:13
security posture items around them and then we'll be able to

00:41:16
provide insights?

00:41:17
It sounds like that's a whole other company to be quite honest

00:41:22
.

00:41:23
It's not just a team, that's a company.

00:41:27
Speaker 2: That's a great question, by the way.

00:41:28
Here is where investment upfront, when it comes to

00:41:34
prudent architectural and technology choices even if that

00:41:38
meant that we had to do extra development to accommodate this

00:41:42
has made a difference for us.

00:41:43
To put that into perspective, here is how we see these things

00:41:48
at a fundamental level.

00:41:49
If you take an operating system , whether it is Linux, windows

00:41:55
or Mac, you can characterize it in three dimensions.

00:41:59
One is to say what is the configuration of this machine

00:42:03
telling you?

00:42:03
Because that tells you about the inventory compliance things

00:42:07
which are very prescriptive in nature.

00:42:09
Second, every operating system has a conduit to tap into the

00:42:13
behavioral changes the system is going through, as by a proxy of

00:42:17
system calls.

00:42:18
By observing that you can draw conclusion what is the impact of

00:42:22
the behavioral changes after you know what the inventory is?

00:42:25
The third part is every operating system today tells you

00:42:29
about the ins and outs and flows.

00:42:32
If you say things can be broken into these three dimensions of

00:42:35
configuration, behavioral change , detection through your audit

00:42:39
trail and all of that, and Cisco activity trail and the flow law

00:42:44
and in and out cloud is exactly like that in some sense.

00:42:49
It does not matter whether it is the AWS, gcp or Azure, they

00:42:54
all have configuration information, they all have audit

00:42:57
trail and they all have flow logs.

00:42:58
Even if you take it to the next level of a SaaS service like

00:43:03
GitHub or Octa, their behavior is similar and to your point.

00:43:07
If they start adding more SaaS services as a part of the cloud

00:43:11
offering, that's just more of something which is in a similar

00:43:16
paradigm which can be broken down into the new service coming

00:43:19
in.

00:43:19
Does it have its configured state where I can tell you what

00:43:22
its security posture looks like?

00:43:24
Does it have a behavioral trail where I can tell you those

00:43:28
changes?

00:43:28
Are they going to result in something wrong?

00:43:30
In and out the flow logs related to that?

00:43:34
Does it tell you where things are being accessed which are

00:43:36
inadvertently and whether there is some kind of outlier activity

00:43:39
?

00:43:40
The abstraction that we've built around these three and a very

00:43:46
structured approach using ETL-free pipelines took us a bit

00:43:50
of a time to build this IP, as what has been the fundamental

00:43:54
difference in our ability to absorb the rate of change of

00:43:58
Cloud Service providers providing new things.

00:44:00
Clearly it took us a time, but we feel very well equipped to

00:44:04
handle that.

00:44:05
I know it was a bit long-winded but I'm happy to delve in

00:44:08
further, but you touched upon something which is key to our IP

00:44:13
and where we've been able to really take advantage of some of

00:44:18
the design choices that we made as an engineering organization.

00:44:23
Speaker 1: Yeah, absolutely, ganesh.

00:44:24
I feel like we almost need another episode together to dive

00:44:30
into this more.

00:44:31
But before I let you go, I want to get this one last question

00:44:37
in when do you see the upticks platform going in the next few

00:44:41
years?

00:44:42
As we're thinking of the Cloud and how the Cloud is expanding

00:44:49
and growing, revolutionizing how everyone does IT, where do you

00:44:53
see upticks going along with the Cloud providers as well?

00:44:58
Speaker 2: Great question For us it's to really secure that arc

00:45:03
of productivity.

00:45:05
But, as you can imagine, security practitioners secure

00:45:10
things because they follow either transformation or IT and

00:45:15
engineering choices made, which is to say that a CTO makes a

00:45:19
choice of how to operationalize something in the Cloud.

00:45:22
A CIO might make a choice of something in the Cloud or

00:45:26
services which people pick.

00:45:27
So where we are heading is as the result of this ongoing

00:45:33
digital transformation and more.

00:45:34
If the endpoint is a means to access a service, whether it is

00:45:39
for creativity and production of software, or it is because from

00:45:44
the endpoint people access SaaS services, much like how if they

00:45:47
build something and pushing something to the Cloud.

00:45:49
So that trifecta or quad-fecta I call it, of endpoint, cloud

00:45:57
and containers to second as a part of the thing, and SaaS

00:46:00
services is what we plan to secure the infrastructure that

00:46:04
we've built.

00:46:04
Along the lines of what I said, the ability to ingest

00:46:08
configuration change, trail activity from these services and

00:46:11
the flow logs is going to board really well for us.

00:46:13
That we feel is in line with the transformation which is

00:46:17
happening.

00:46:18
Our goal is to observe and secure this pipeline from the

00:46:22
laptop to the Cloud and the services which people interact

00:46:25
with from their laptops.

00:46:30
Speaker 1: Yeah, it's a really interesting place.

00:46:32
Me personally, I'm really excited to see how your solution

00:46:37
and other solutions like yours will be growing and changing.

00:46:42
From the podcasting perspective , I get to see it from almost

00:46:48
like an outsider's point of view , while still having that inside

00:46:52
knowledge, almost, so it's a fascinating area that's just

00:46:57
always growing.

00:46:58
So, ganesh, right before I let you go, can you let my audience

00:47:04
know where they could find you if they wanted to reach out to

00:47:07
you, where they could find upticks, if they wanted to learn

00:47:09
more about the platform, about your solution?

00:47:13
Speaker 2: Yes, thank you for this opportunity.

00:47:15
So, to your listeners, we are on the worldwide web as everyone

00:47:21
else's.

00:47:21
Uptickscom is where you'll be able to find a lot of

00:47:25
information about us.

00:47:26
Feel free to reach out to us on Twitter.

00:47:29
Our handle is at Upticks, same as the case on LinkedIn If you

00:47:33
search, you'll be able to find us, but we have a tremendous

00:47:38
resource library on our website, which is, I don't want to say,

00:47:42
independent of what we do, but it's a very rich learning thing

00:47:46
and hopefully, while you're there, you might be interested

00:47:48
in what we have to offer as a product company too, which is to

00:47:52
secure things from the laptop to the cloud, and we call it as

00:47:55
a unified XDR and CNAP platform.

00:47:59
Our approach is what we characterize as shifting up.

00:48:02
I'll pause here, and I appreciate the opportunity for

00:48:05
me to outline this.

00:48:06
Thank you, joe.

00:48:08
Speaker 1: Yeah, absolutely, and I really appreciate you coming

00:48:12
on and I hope everyone listening enjoyed this episode.

00:48:16
Speaker 2: Thank you for the opportunity.

00:48:17
I really enjoyed the conversation.