Tanium and Okta: Two Remarkable Cyber Security Companies to Join in 2016

The world is evolving every second, and unfortunately, Cybercrime is making its evolution even faster.

Almost everyday you hear about a new Data breach, a new cyber attack, a new Cyber threat, a new malware type, and more. In the early days of this year, we have seen already a massive DDoS attack against BBC and Donald Trump campaign site, and we saw another DDoS attack against ProtonMail.

Like I explained in one of my recent posts, these attacks are very dangerous for one particular thing: They claimed that the attacks has been launched from Amazon Web Services, and if you have the opportunity to watch the last talk of Adrian Cockroft at Structure Conf (the Technology Fellow at Battery Ventures and former Netflix System Architect), when he said that everyone still is underestimating Amazon cloud business (a $7 Billion powerhouse); and it’s present in almost every region around the world.

So, if this is true, New World Hackers, the hacking gang behind the BBC attack, potentially could launch a powerful DDoS attack from anywhere in the world to any company around the globe, and this is a serious threat to catch up this year.

But DDoS attacks are not the only form of Cybercrime. Many leaders of well known companies and organizations in the Security field have made their predictions for 2016, and some of them are very scary. For example:

  • “Mobile malware is expected to grow exponentially, given the lax user behavior and the availability of third-party app stores in China”, Trend Micro
  • “The Need for Improved Security on IoT Devices Will Become More Pressing”, Symantec
  • “ESG research indicates that 41% of enterprise organizations are already using mobile devices for multi-factor authentication, while 44% are using or would consider using social login/consumer-based credentials for authentication”, Jon Oltsik (ESG)
  • “Private organizations will increase their visibility into the Dark Web to become more proactive about cyberthreats than ever before”, Bob Stasio (IBM)
  • “Get ready for a BoT — Botnet of Things, Imperva
  • “Multi-factor authentication (MFA) will become more ubiquitous. It will be leveraged in the identity management platform to secure all applications rather than being restricted to individual apps.”, David Meyer (OneLogin)

That’s why many experts said that Cyber Security field will grow up to 170 Billion in 2020.

Then, there are some organizations in this challeging and fast-changing field which have created an enormous opportunity to obtain a big chunk of this 170 Billion pie. I talked the last December about 5 of these companies, but I didn’t include two companies because I knew they needed its own piece, and here I’m talking about Tanium and Okta.

As always, when I talk about a particular company, I see its finances, Glassdoor’s ranking and comments, market timing/opportunity, vision/mission, suitable positions I think it’s more relevant and it could make a huge impact in the business, and based in the position, I will let you some bonus points with ideas how to make your application highly precise. So, keep reading and take a short travel to the galaxy of these two organizations.

Tanium: The Cyber Security Magicians

Steven Sinofsky from Andreessen Horowitz, is one of the most respected Venture Capital partners in Silicon Valley, and when he saw Tatium’s software running, he didn’t believe what he was seeing. In an amazing writing piece from Steve in the blog of the firm, you can read his own words:

“When Orion first came to Andreessen Horowitz to meet us and introduce Tanium we had no idea what a surprise we were in for. Collectively we are many old hands at systems management and security. Many folks at a16z share the experience of having built Opsware — and my own experience at Microsoft — make for an informed, and perhaps tough, audience.
Orion popped open his laptop and navigated to Tanium’s web-based “console”. At the top of the screen, we saw a single edit control like you’d see for a search engine. He started typing in natural language questions such as “show computers where CPU > 75%” and “show computers with a process named WINWORD.EXE”.
Within seconds — just like using search — a list of computers scrolled by as though it were an existing spreadsheet or report. At this point we reached the only reasonable conclusion: Orion was showing us a simulation of the product they hoped to build. After all, we were all quite familiar with the state of the art (represented by the likes of BigFix) for this type of telemetry and we knew that what we were seeing was just not possible.
But the demonstration was not a simulation or edited screen capture. In fact, Tanium was running on a full-scale deployment of thousands of endpoints. This wasn’t even a demo scenario, but a live, production deployment … the magic of Tanium. As we learned more about Tanium and how it easily scales to 500,000 endpoints (not theoretically, but in practice) and the breadth of capabilities, we were more than intrigued. We were determined to invest in David, Orion, and team.”

It’s not easy to impress the incredible team at A16Z, but when David (CEO) and Orion Hindawi (CTO) showed to them the platform and its capabilities, Ben, Marc and everyone in the room were shocked for the fast operations and clean UI this “thing” were doing; and this is one of the reasons why you can work hard to be part of this spaceship.

Tanium Endpoint Platform

But, you must wondering to yourself: What is the core business of Tanium? Putting this in simple terms: You can know in real-time the security profile of every device you have connected to your network: laptops, network switchs, workstations, healthcare monitors, even smoke detectors, and to act depending of the security threat.

You can apply a patch to the device, to uninstall certain software on it, or simply shutdown it. All this could be done in a single dashboard with a clean UI, so this changes dramatically IT Security management.

This short video explains very quickly this:

If you are a technical person like me, you must know this is not an easy task, and this require an awesome knowledge of network standards, network communications, the fastest code execution, etc; for that reason this company is doing something unique in the field.

But I will put you this in another way. Already, we are in the Internet of Things era. The past CES was the perfect thermometer to measure the growth of this field, but of course, Cybercriminals are interested on it too, and if you read the prediction from Imperva where Cybercriminals could take advantage of poorly secure IoT devices and use them like members of a massive botnet.

Now, imagine for a moment that Tanium could work with companies like Smart Things (now part of Samsung Electronics), Nest (Google), Xiaomi, Tesla Motors, and to help them to protect their products and incredible massive networks of connected devices. This could be translated to multi billion contracts in matter of years or maybe months, because right now they have big clients like Target, VISA, Amazon, Verizon, Kaiser Permanente, Best Buy.

So, the “Tanium Magic” could be expanded very quickly in the upcoming years, because the faster way to grow in the Enterprise world is by word of mouth, and if these big corporations which has thousands of devices can protect them with a single platform and act against cyber-threats almost in real-time; they will talk about it, and everyone will want the magic for themselves.

Tanium Trace

After 2 hours getting deeper in the architecture of Tanium Endpoint Platform, I realized that this is a brilliant piece of Engineering, but for me the most interesting product is the new module called Tanium Trace.

David Damato, which is the Tanium’s Chief Security Officer wrote this about Trace in the announcement post:

Tanium Trace (Trace) is our newest module, which takes the speed and scale of the Tanium platform even further. It enables the agility to conduct immediate and in-depth forensic investigations on a single endpoint, as well as perform accurate enterprise-wide searches based on captured artifacts across millions of endpoints in 15-seconds — what previously took days or weeks.
Organizations that continue to rely on outdated technologies that cannot achieve this level of speed and visibility, will find themselves well behind attackers and at a greater risk of becoming the latest headline. How is this possible? Trace continuously records endpoint activity, including system artifacts not retained by normal logging mechanisms like short-lived network connection details, hashes for executed processes, and the creation, deletion, or changes to files and registry keys.
Trace also performs reliable kernel-level monitoring, and can detect rootkits or other advanced counter-forensic techniques employed by attackers to hide their activity. With this information, security teams have direct access to a complete story of malicious activity, which would not exist under normal circumstances.

So, my bonus points could be focused in Tanium’s Trace. Keep reading.

Tanium’s profile

Its finances are very well, at least in terms of Venture Capital focused in growth and hiring: They have exactly $302.31 Million, for a valuation of $3.5 Billion. That’s why Fortune declared the company like the world’s hottest cybersecurity startup. And it seems that the company is profitable, based in an article from Brian Solomon at Forbes:

The company declines to disclose annual revenue but says bookings, or revenue to be recognized over multiple contract years, have grown from $2 million in 2012 to $24 million in 2013 to $74 million last year and a projected $200 million-plus this year.
Its clients now include half of the 100 largest U.S. companies by revenue, with five of the top ten banks and four of the top ten retailers. Profitable and growing without help, the Hindawis were initially uninterested in taking outside capital–until connections that Andreessen Horowitz provided for free netted Tanium $10 million in bookings in only three months.
So the Hindawis went exclusively with Andreessen, accepting $90 million last August at a valuation of $900 million and another $52 million in March at a $1.75 billion valuation. The combined $142 million is the largest bet Andreessen has made on a single company. David and Orion still own more than 60% of the firm and have yet to touch any of the capital they’ve raised.

Now, based in the reviews of the company at Glassdoor, it seems that Tanium is a very good place in all departments, except Sales, when things could be a little harder. The choice is yours. If I could give you an advice to apply for them is this one: Know Your Stuff & Do Your Homework. My research here is not enough for an application at Tanium, so again: Do Your Homework !!!

Bonus Points

For example: if you will apply for its Product Marketing open position, my Bonus points are:

  • Keep in mind that Tanium’s CMO is brilliant, so she can’t be surprised easily. Think deeper about how to market this kind of product. For example: Tanium loves Videos to promote its products, so Why don’t you make a video how would you promote Tanium’s Trace?
  • Marketing in general is shifting to be more personal, so think in ways to increase Customer Engagement scores for the company. Two good ways to accomplish this could be using Drift’s services for Relationship Marketing and Intercom’s Engage for Customer Engagement improvement.

Okta: The Foundation for Secure Connections between People and Technology

When you see a company which bought an entire Theater to invite to their customers to watch a movie, you feel that this particular company is unique. I was skeptical about Okta, but when I began to research about the company, its core market, and their commitment to their customers, I immediately felt they needed a post for them like an awesome Cyber Security organization. And it seems that I did’t make a mistake to select them.

Okta’s mission is bold and challenging, but at the same time, if you embrace these ideas like part of your DNA, you will enjoy your journey there, which I hope it will be for a long time.

You can read from their own words, specially the words from Ryan Carlson (VP of Marketing) where they changed the mission, vision, a new logo and a new look and feel for the whole site:

You’ll notice that it’s not an overhaul — instead, we tightened our story down to its essence, with consistent language and a matching visual design. The update is a reflection of six years of a culture built to last, to make a deep impact on our industry, and one that our team can be proud of.
Our Mission Okta’s mission is to improve the connections between people and tools to make companies more productive and secure.
Our Vision Our vision is to be the platform that enables any company to use any technology. And ultimately,
What is Okta? Okta is the foundation for secure connections between people and technology. Okta. Connect Everything.

Okta’s profile

Until this date, Okta has raised $229,25M to the date from big Venture Capital firms leading several series like Andreessen Horowitz, Sequoia Capital, Greylock Ventures; bringing even more expertise from the Enterprise Software world to their board like Ben Horowitz, Aneel Bhushri, Pat Grady, Michelle Wilson and Mike Kourey.

Okta has opted for a very hard and crowded market: Identity Management, but they have unveiled a very focused group of products, mainly created by customer requests; which has allowed to the company to become in a leading identity solution.

My favorite product is : Adaptive Multi-Factor Authentication. Adaptive MFA is unique because it can adapt its behaviour based in context, backed by data collected from more than 2,500 Enterprise customers. You can read more about it, in the post from Eric Berg (Chief Product Officer) about it:

Over time, we will evolve our Adaptive MFA product to benefit from the massive amount of signal data we capture across our thousands of enterprise customers to better protect each and every organization. When we detect suspicious access patterns in one or several organizations across Okta’s multi-tenant cloud, we can act on that data to better protect all Okta organizations. With Okta Adaptive MFA, there’s truly safety in numbers.

This is another very good example how Big Data Analytics is changing the Security market, and if you read the report released for the company called: “Businesses @ Work”, you saw this sentence which quickly made a summary the fast adoption of Multi-Factor Authentication solutions:

2014 was a banner year for data breaches, in fact there was a 46 percent increase in data breaches year over year. Data protection has long been an afterthought for businesses, but now that the leakage of sensitive information can affect the bottom line, businesses are making investments in additional security factors.
That’s why we have seen multi-factor authentication adoption increase in Okta’s dataset by 40 percent in 2015. Coincidence that data breaches and MFA are growing at a similar rate? We think not. This includes both Okta’s MFA products as well as other vendor products. As breaches continue to happen and enterprises look to meet compliance requirements, we expect the adoption of multi-factor authentication to continue.

So, when you see a company, which is actually a Customer-Driven organization, you will realize quickly why you must be part of the crew. The last year was amazing for Okta’s team with a lot of achievements and milestones, but for me one of the most important is that they were declared like the sole leader in the Identity and Access Management as A Service Management (IDaaS) Magic Quadrant released by Gartner; so the future is bright for the company.

Do you want more reasons to be part of them? Read its reviews at Glassdoor: 82% recommend the company to a friend, 91% approve of CEO, so it seems that Todd and team is doing a great work with the environment, vibe and culture inside Okta.

Bonus Points

For the bonus points, I will focus in this particular position: Director Product Marketing, Mobility and Devices, which is very interesting. So, if you read the description of the position, you will see that Internet Of Things and Mobility, particularly the Okta’s Mobility Management platform; so Why not to create a Go-to-Market strategy to present the solution to prospective customers in the Internet of Things field? If you need some names, start here:

Industrial IoT | A Data-Driven Guy

Other thing that you could do is to work in a deal with General Electric to protect the platform of Industrial Internet. This is huge, but the challenge could be done if you put your mind and efforts on it. To start looking for names, you can read its reports. I will let you some of them here:

  • Russ Dietz, Chief Security Officer & GM, Industrial Internet Cyber Security at GE Digital
  • Nikhil Chauhan, Director Product Marketing, Predix — Machine to Cloud at GE Digital. Don’t forget to see his talk in the past Minds + Machines 2015 event:

Conclusions

Like always I say:

DO YOUR HOMEWORK AND APPLY FOR ONE OF THESE AWESOME COMPANIES. YOU CAN THANK ME LATER !!!

Marcos Ortiz Valmaseda

Marcos Ortiz Valmaseda

Editor at The Panda Way, where I help companies to earn more income through #investing. Cloud Data Engineer in the morning at Grupo Intercorp
Lima, Peru