Splunk, Okta, Cylance, Palo Alto, CrowdStrike, and Zscaler mafias in cybersecurity
This article is a continuation of the series about the cybersecurity mafia networks
Some companies play an outsized role in shaping the industry: not just because of what they accomplish, but also because of the kind of startups their alumni create. In this piece, I dive into Splunk, Okta, Cylance, Palo Alto, CrowdStrike, and Zscaler mafias in cybersecurity.
This article is a continuation of the series about the cybersecurity mafia networks. If you haven’t read the previous two articles, you can do that here:
Welcome to Venture in Security! Before we begin, do me a favor and make sure you hit the “Subscribe” button. Subscriptions let me know that you care and keep me motivated to write more. Thanks folks!
This issue was brought to you by… Tines.
Work faster and reduce barriers to automation with AI in Tines.
Everyone is talking about AI right now, but the value of AI depends on your ability to trust it.
AI in Tines is designed with security and privacy in mind - you decide when and how your workflows interact with AI.
Here’s what security leaders and practitioners are saying about AI in Tines:
“Automatic mode is a gamechanger for new users, it makes the learning curve for advanced use cases very short.” - Amulya Namburi, SOAR Team Lead at Experian
"It's unlocking new use cases for us.” - Allen Cox, Senior Director of Security and IT, MyFitnessPal
“In terms of what you can build with it, the limit is your imagination.” - Kyle McGaley, Senior Security Engineer, Udemy
Mafias in cybersecurity: a quick recap
If you haven’t read the previous two articles, here is a quick intro (feel free to skip it if you are familiar with the other pieces in the series).
A disproportionately large percentage of what is known today as the Silicon Valley tech ecosystem can be traced back to one startup - PayPal. From companies such as OpenAI, Tesla, Uber, Facebook, Palantir, and YouTube, to VC firms such as 500 Startups, Khosla, and Founders Fund, a disproportionate number of Silicon Valley’s movers and shakers can be traced to that one company.
Source: Fleximize
“This isn’t about conspiracy theories or stories about world domination: in business, as in all other areas of life, everything is about people, and when large numbers of smart people work together, they gain immense power. Cybersecurity is a textbook example of how this plays out in real life, and the origins of security as an industry are the perfect place to illustrate this reality. It was Check Point, an Israeli cybersecurity company, that established the foundation of what is known today as a global cybersecurity market. Check Point alumni went on to start tens of industry-defining players, including Palo Alto, SentinelOne, and Orca Security.
Founders of CrowdStrike, Mandiant, and Cylance were all previously a part of Foundstone. Yet, that is just a small piece of the puzzle. Mark Curphey (Foundstone) founded SourceClear (acquired by Veracode), and then he started OpenRaven with Dave Cole (also Foundstone). After this, Mark started Crash Override with John Viega (McAfee). Anthony Bettini worked at Foundstone and started Appthority (acquired by Symantec); he then started FlawCheck which was acquired by Tenable; following that, Anthony started VulnCheck. Corey White (Foundstone) founded Cyvatar.ai. Michael Price (Foundstone) started Vulnr, which was acquired by ZeroFOX. James Foster (Foundstone) started ZeroFOX, which IPO'd. Aaron Higbee (Foundstone) & Rohyt Belani (Foundstone) founded Intrepidus Group (acquired by NCC Group). Aaron Higbee & Rohyt Belani then founded PhishMe (which was acquired by Private Equity and renamed Cofense).
Generally many of the Foundstone alumni mentioned above, also worked at McAfee, so it can also be given a lot of credit. Dmitri Alperovitch who started CrowdStrike with George Kurtz was also from McAfee. John Viega who started Crash Override with Mark Curphey was from McAfee. Oded Horovitz from McAfee started PrivateCore, which was acquired by Facebook. Fengmin Gong from McAfee was a co-founder of FireEye, Palo Alto Networks, and Cyphort.
Cisco and Juniper Networks, to name some, also gave rise to a large number of cybersecurity companies, including Netskope & Illumio.” - source: Follow the people: @stake, NetScreen, IBM, Israel Defense Forces and the US Armed Forces mafia networks in cybersecurity
Splunk mafia in security: defining the future of security data
Splunk was founded by Michael Baum, Rob Das, and Erik Swan back in 2003, over two decades ago. By 2007, the company had raised US$40 million, and only two years later, in 2009, it became profitable. Nine years after its founding, in 2012, Splunk went public, trading under the NASDAQ symbol SPLK.
Although Splunk products are not security-specific, the company has had a tremendous impact on the evolution of cybersecurity, both in terms of defining the profession of a SOC analyst and their expectations and in terms of preparing a generation of future founders.
It is not at all surprising that a large number of observability, data pipelines, and security information and event management (SIEM) challengers were founded by Splunk alumni. What is much less obvious is that the company’s impact goes far beyond security data space. Cybersecurity startup founders who previously worked at Splunk include:
Shashwat Sehgal, co-founder and CEO at P0 Security, a company that helps organizations govern cloud access for all identities - human and machine
Karthik Kannan, founder, and CEO at Anvilogic, a company that breaks the SIEM lock-in that drives detection gaps and high costs for enterprise SOCs
Clint Sharp, co-founder and CEO at Cribl, the Data Engine for IT and Security, which empowers organizations to transform their data strategy
Ledion Bitincka, co-founder and CTO at Cribl, the Data Engine for IT and Security, which empowers organizations to transform their data strategy
Dritan Bitincka, co-founder at Cribl, the Data Engine for IT and Security, which empowers organizations to transform their data strategy
Oliver Friedrichs, co-founder and CEO at Pangea, a company that delivers a single platform of API-based security services that are easily accessible and simple for any developer to build a secure app experience
Sourabh Satish, co-founder and CTO at Pangea, a company that delivers a single platform of API-based security services that are easily accessible and simple for any developer to build a secure app experience
Snehal Antani, co-founder and CEO at Horizon3.ai, a company that empowers organizations to continuously find, fix, and verify your exploitable attack surface
Terry McCorkle, founder and CEO at PhishCloud, an IT Security Services company
Charles Feng, co-founder and CTO at Lucidum, asset discovery company that eliminates blind spots across cloud, security, and IT operations
Micah Wylde, co-founder and CEO at Arroyo, a company building the future of stream processing
Fred Wilmot, co-founder and CEO at Detecteam, a SaaS-delivered cloud strength platform automating the detection lifecycle and improving detection performance
Maxim Lukichev, co-founder and CTO of Telmai, an AI-based data quality and observability platform natively designed for open architecture
Ross Lazerowitz, co-founder and CEO at Mirage Security, a company that protects organizations through AI Vishing simulations, training, and mobile-based mitigation
Pervez Choudhry, founder and CEO at Bornio, a company that offers a pure-cloud solution for data privacy
Prakash Sanker, co-founder at P0, a company building the future of API security
Subho Majumdar, co-founder at Vijil, an AI software startup on a mission to help developers build and operate intelligent agents that people can trust
Okta mafia in security: defining the future of the identity space
Okta, a leader in identity and access management, was founded in 2009 and went public just eight years later in 2017, reaching a valuation of over $6 billion. Today, Okta’s market cap is $16.15 billion.
Unsurprisingly, a good number of founders in identity and access management previously worked at Okta. The list of Okta alumni who went on to launch cybersecurity startups includes:
Alex Bovee, co-founder and CEO at ConductorOne, an identity security platform for the modern workforce
Paul Querna, co-founder and CTO at ConductorOne, an identity security platform for the modern workforce
Pratyus Patnaik, co-founder and CEO of Natoma, a platform to secure and manage all non-human identities
Paresh Bhaya, co-founder of Natoma, a platform to secure and manage all non-human identities
Zachary Hart, co-founder of Natoma, a platform to secure and manage all non-human identities
Will Potter, co-founder of Natoma, a platform to secure and manage all non-human identities
Arun Shrestha, co-founder and CEO at BeyondID, a modern systems integrator and managed identity services provider
Charles Fortune, co-founder and COO at BeyondID, a modern systems integrator and managed identity services provider
Arvil Nagpal, co-founder and CEO at Abbey Labs, an access governance platform
Zachary Miller, co-founder and President at Worklyn Partners, a holding company that invests in cybersecurity and IT services businesses
Kevin Sapp, co-founder and CTO at Aembit, workload identity and access management company
Andrew Fife, co-founder at Keystrike, a company focused on securing remote connections
Cylance mafia in cybersecurity: following one of the first AI-powered security companies
Cylance, a company founded by Stuart McClure and Ryan Permeh in 2012 to prevent viruses and malware, is definitely on the list of the most notable security players. The company is known for being one of the first to make use of artificial intelligence, and as we will see, to prepare a generation of security entrepreneurs with a deep background in AI. Cylance was acquired by BlackBerry Limited for $1.4 billion.
Credit for tracking down the successes of the Cylance mafia goes to Christopher Ries, Co-Founder of SphereOne who summarized it incredibly well in his LinkedIn post. Christopher observed that “A lot of really talented people came together at Cylance Inc. to build the first AI-driven approach to detect malware on Windows and Mac operating systems. Many of these folks have continued on to start companies and/or venture funds. Where are they at today?
Stuart McClure - CEO of Wethos AI, Qwiet, and NumberOne AI
Ryan Permeh - Operating Partner of SYN Ventures
Glenn Chisholm - Co-founder of Obsidian Security
Matt W. - Co-founder of Obsidian Security
Christopher Ries - Co-founder of SphereOne
Jon Miller - Co-founder of Halcyon
Ryan Smith - Co-founder of Halcyon
Tanner Burns - Co-founder of HiddenLayer
James Ballard - Co-founder of HiddenLayer
Chris Sestito - Co-founder of HiddenLayer
Rahul Kashyap - Co-founder of Awake Security
Gary Golomb - Co-founder of Awake Security
Thomas Pace - Co-founder of NetRise
Michael Scott - Co-founder of NetRise
Corey White - Co-founder of Cyvatar
Eric Cornelius - Co-founder of Ghost Security
Rob Bathurst - Co-founder of Reveald
Chris Coulter - Co-founder of Auguria
Keith Palumbo - Co-founder of Auguria
Alex Matrosov - Co-founder of Binarly
Claudiu Teodorescu - Co-founder of Binarly
Greg Fitzgerald - Co-founder of Sevco Security
Colt Blackmore - Co-founder of Reach Security
Terry McCorkle - Founder of PhishCloud
Joel Bauman - Co-founder of Synqly
John Brock - Co-founder of Lamplight AI
Matthew Maisel - Co-founder of Lamplight AI
Fun fact: Cylance alumni have raised over $400M collectively to tackle a number of different problems.” - Source: Christopher Ries, Co-Founder of SphereOne on LinkedIn
Palo Alto Networks mafia: building the future of the cybersecurity industry
Nir Zuk, who later became one of the co-founders of Palo Alto, built an impressive career in security, serving first as a principal engineer at Check Point, and then as a Chief Security Technologist at Juniper Networks. Both companies gave rise to their own mafia networks, some of the most powerful in the industry.
Palo Alto Networks, similar to Abnormal Security, was incubated at Greylock. The company was founded in 2005 and seven years later, in 2012, it raised $260 million with its initial public offering. After Nikesh Arora replaced Nir Zuk as the company CEO, Palo Alto turned into the most active security vendor in terms of mergers and acquisitions.
Palo Alto Networks alumni who started cybersecurity companies include:
Garrett Hamilton, co-founder and CEO at Reach Security, a startup helping organizations to measure, manage, and improve their enterprise security posture at scale
Colt Blackmore, co-founder and CTO at Reach Security, a startup helping organizations to measure, manage, and improve their enterprise security posture at scale
Vinay Mamidi, founder and CEO at Whiteswan Security, an identity and access security startup
Parth Shah, co-founder & Head of Product at Dassana, a company that helps companies handle the vast amount of data from numerous IT security tools
Rajaram (Raj) Srinivasan, co-founder and CEO at Unbound Security, a startup working to secure Gen AI apps for the modern enterprise
Tim Kirk, founder and CEO at SureCity Networks, a company working to limit attackers’ abilities to move throughout networks and systems
Yahav Peri, co-founder and CTO/VP R&D at Cypago, a SaaS-based cyber GRC automation platform
Ravi Ithal, founder and CTO at Normalyze, a data-first cloud security solution; previously founder and Chief Architect at Netskope
Jamie Brummell, founder and CTO at Socura, a cyber security managed services business, focused on Managed SOC, MDR, DFIR, and SASE
Amichay Spivak, co-founder and CTO at Vorlon, a company that enables continuous near real-time detection and identification of third-party apps consuming data
Amir Khayat, co-founder and CEO at Vorlon, a company that enables continuous near real-time detection and identification of third-party apps consuming data
Vishaal Hariprasad, co-founder and CEO at Resilience, a company that integrates cybersecurity, cyber insurance, and cyber risk management
Pratyusha Vemuri, founder and CEO at raptorX.ai, an AI-based B2B anti-fraud solution
Aaron Shelmire, co-founder and Chief Threat Research Officer at Abstract Security, a platform, equipped with an AI-powered assistant, to better centralize the management of security analytics.
Or Priel, co-founder at CPO at Silk Security, a platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure, and application risk
Bar Katz, co-founder at CTO at Silk Security, a platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure, and application risk
Zion Zatlavi, co-founder and CBO at Blink Ops, a security workflow automation platform
Huagang Xie, co-founder at Ancilia, a Web3 security company
Yonghui Cheng, co-founder and CTO at Mammoth Cyber, a solution to secure remote access with the enterprise access browser
There are plenty of serial entrepreneurs such as Twistlock founders who exited to Palo Alto Networks and by doing so, ended up with the acquirer on their resume. I decided not to include them here because they were founders before joining Palo Alto.
Zscaler and CrowdStrike: companies that produced surprisingly few cybersecurity startup founders
Based on my analysis, CrowdStrike and Zscaler have produced surprisingly few cybersecurity startup founders despite being high-growth, and incredibly successful companies. Moreover, all companies started by alumni of these two security giants are still very early in their journeys.
CrowdStrike alumni have started the following security companies:
Damien Lewke, founder of a cybersecurity startup in stealth
Jori VanAntwerp, co-founder at EmberOT, a critical infrastructure startup, previously founder at SynSaber, a cybersecurity startup redefining industrial asset identification, network monitoring, and threat detection for critical infrastructure
Brian Concannon, founder and CEO of EchoTrail, a startup building a search tool for IT and security professionals to better understand how processes behave on Windows endpoints, thereby giving them the context they need to sift through alerts with efficiency and accuracy
Maxime Lamothe-Brassard, co-founder and CEO of LimaCharlie, a startup that gives security teams full control over how they manage their security infrastructure
Ruben Sarino, co-founder at RiskHorizon AI, a startup that develops a continuous threat exposure management solution
Ex-Zscaler cybersecurity founders include:
Diane (Dianhuan) Lin, co-founder of Culminate, a startup that augments SOC operations by automating the tier-1 triage
Kartik CDS, co-founder and CTO at WideField Security, a cybersecurity startup that helps enterprises protect their identity attack surface
Kristian Kamber, co-founder and CEO of SplxAI, a startup that provides cybersecurity services for AI applications and chatbots
Vaibhav Mehrotra, co-founder and CEO of Secuvy, self-learning AI to automate data security, privacy, and governance for global enterprise
John Peterson, co-founder and co-CEO of PRE Security, a predictive analytics cybersecurity startup
Closing thoughts: shaping the next generation of cybersecurity founders
I have previously argued that software engineers with experience building security products are well-positioned to launch cybersecurity startups. This can be extended to say that people with experience building, growing, and taking to market successful cybersecurity products and companies, are most likely to become winning founders themselves. Or, to put it simply, if you want to identify the next generation of winning founders, you should be tracking those who have spent time at fast-growing security companies before or are doing it now.
Companies such as Wiz, Rubric, Vanta, Drata, Obsidian, Material, and Abnormal, to name some, are likely to produce high-quality founders. One observation I’ve made is that in security, the next generation of innovative solutions is most likely to be conceived and built by people who built the previous generation of solutions. It doesn’t always work that way because it can be easier to innovate and keep an open mind if one is unencumbered with past experiences and biases, but it helps.
Another thing that becomes apparent when we look at the list of companies started by alumni of Splunk, Okta, Cylance, Palo Alto, CrowdStrike, and Zscaler, is that not every large company is equally good at forging the next generation of founders. There have to be reasons why Cylance produced much more successful and growing security startups than, say, CrowdStrike or Zscaler despite the fact that Cylance and CrowdStrike started around the same time, while Zscaler was founded several years ahead of both these companies.
Great article, love the graphics to visualize it!
As always, great content! I've witnessed this happen. It's so cool to visualize it like this. Thanks!