The power of Check Point mafia, the impact of Foundstone, Juniper Networks & Cisco on the industry, and the origins of cyber ecosystems
A brief look at how a few security companies got to define the present state of the industry
Welcome to Venture in Security! Before we begin, do me a favor and make sure you hit the “Subscribe” button. Subscriptions let me know that you care and keep me motivated to write more. Thanks folks!
Thanks for supporting Venture in Security!
In the previous article, I looked at questions about what constitutes a successful cybersecurity company, what failure in the security industry looks like, and where the next wave of innovation is going to come from. While I did my best to articulate some of the perspectives and learnings that crystallized over the years, there is one thing I wasn’t able to cover: that’s the importance of networks and connections; that’s what this piece is going to be about.
The importance of networks & PayPal mafia
As people, we rely on those around us for nearly everything, and nowhere is this reliance as apparent as it is in business, especially in the business of technology. When we look at Silicon Valley, we think of an ecosystem - a network of founders, angels, VC firms, advisors, technology executives at large firms, potential and future founders, community leaders, and so on. Although many of these are organizations, behind every institution there is an individual, and in most cases - several people working to make things happen. The so-called ecosystem is, therefore, nothing more than a strong, interconnected network of people who work together, provide resources to one another, broker introductions, form partnerships and alliances, and execute on the idea that collaboration is not a zero-sum game, and the pie is going to be bigger for everyone. In that lies the power of the ecosystem.
One of the most prominent examples of what this can look like is the PayPal mafia, a network of former PayPal founders, executives, and associates that has been widely discussed and covered in mainstream media. PayPal, a company founded by Peter Thiel, Elon Musk, and Max Levchin has given rise to a large number of ecosystem-defining companies, and turned many people into millionaires, and billionaires. This article by Charlie Parrish published in The Telegraph back in 2014 provides a great overview of where different members of the PayPal mafia ended up, and Fleximize connected all the dots in a format that’s easy to explore and track by gathering data from the New York Times, Fortune magazine, Business Insider, and Crunchbase. I highly recommend the Fleximize site for anyone interested in understanding the extent to which the PayPal mafia has shaped what we know today as the tech scene.
Before we move forward with the rest of the discussion, it’s worth emphasizing that in this context, the word “mafia” doesn’t represent a criminal or nefarious group of people, rather a highly interconnected network of players who support, invest in, closely collaborate, and highly amplify the impact of one another.
The power of networks in the cybersecurity industry
When looking at the chart explaining the connections between different players of the PayPal mafia, one starts to wonder: is this a one-of-a-kind network or could other geographies, industries, and areas of the society be summarized in the similar fashion?
The answer, as you may have guessed, is the latter, and cybersecurity is a perfect example of how networks can shape the direction, and define the chances of success of different ventures and ideas. Although it may be tempting to think that winning companies and products come from the outsiders who bring new perspectives and challenge the status quo, the current state of the cybersecurity industry shows that so far, it hasn’t always been the case.
In the following few paragraphs, I will attempt to start drawing a map showing the connection between different players of the global cybersecurity ecosystems. I am confident that in due time, someone proficient in large data analysis and visualization will end up putting together a higher-fidelity interactive chart such as that of Fleximize; for now, a rough, flat approximation will do.
Check Point: the company that started it all
Check Point was founded back in 1993 in Israel by three co-founders: Gil Shwed, Shlomo Kramer, and Marius Nacht. Check Point’s first product offering, FireWall-1, provided stateful inspection. Although there are several companies that lay the claim for being recognized as creators of the first firewall, what matters is that by 1996, Check Point owned over 40% of the commercial firewall market globally (over 4,000 units shipped in 1995). Following the firewall offering, the company released VPN-1, one of the world's first VPN products.
Check Point Software went public in June of 1996 on NASDAQ at $14 per share raising then incredibly impressive $67 million. The fact that an Israeli cybersecurity company has seen sweeping success and brought great returns to its investors in only three years has signaled to other VCs that there is an opportunity. That, combined with the fact that many Check Point leaders with strong networks and the ability to recognize the next generation of cybersecurity innovation received capital they could now use to invest, kickstarted a perpetual growth loop.
Check Point became the Israeli cyber and tech ecosystem incubator, similar to that Fairchild Semiconductor played in Silicon Valley. The impact, however, extended far beyond Israel: it will not be an exaggeration to suggest that the rise and success of Check Point has established the foundation of what is known today as a global cybersecurity market. Since then, Check Point alumni founded over 40 companies, including:
Shlomo Kramer, Check Point co-founder, became a serial entrepreneur. Following his success at Check Point, he started Imperva (acquired by Thoma Bravo) and then - Cato Networks (valued at $2.5 billion at the end of 2021).
Former principal engineer Nir Zuk served as a Chief Security Technologist at Juniper Networks (we will discuss Juniper later), and then became a founder and CTO of Palo Alto Networks (market cap of $55.65 billion).
Avi Shua, former Chief Technologist, Threat Prevention at Check Point is now a co-founder and CEO of Orca Security (valued at $1.8 billion at the end of 2021).
Ofer Israeli, former team lead focused on endpoint and cloud security at Check Point, went on to become a founder of Illusive Networks. Financial details of the transaction were not disclosed but the deal value was estimated at $100 million to $150 million.
Almog Cohen, former security expert at Check Point, became a CTO and co-founder of SentinelOne (market cap of $4.57 billion).
Gal Elbaz, formerly a security researcher at Check Point, is now a co-founder & CTO of Oligo Security.
Leonid Belkind, now co-founder & CTO at Torq, as well as Eldad Livni, Torq’s co-Founder & CINO are also both ex-Check Point.
Zohar Alon, former product leader at Check Point, started Dome9 Security which subsequently got acquired by Check Point.
The real impact of the Check Point mafia on the ecosystem goes well beyond the number of started companies and the fact that Israeli founders have seemingly cracked the formula for achieving unicorn valuations, fast. This is because a seemingly impossible to count number of companies received investments from angels associated with Check Point, and several VC firms have subsequently seen ex-Check Point leaders become their limited partners (investors). Many successful founders become associated with one of the leading Israeli VCs, the most prominent of which are YL Ventures and Cyberstarts. All this activity creates a flywheel effect: as more founders exit, they accumulate more capital and allocate a portion of it to support other emerging startups they are connected to through their networks, be it through Check Point, Unit 3800, YL Ventures, Cyberstarts, Team8, or any of the many other avenues for forging strong relationships. Examples are many; the above-mentioned Shlomo Kramer alone has made 58 personal investments according to Pitchbook. Check Point gave a rise to the ecosystem - a PayPal mafia-like web of connections, mutual help, and tight-knit community where everyone simultaneously compete’s and roots for one another’s success, knowing that the pie is big enough for everyone to have a cut.
Image: some of over 40 companies founded by the Check Point alumni
Foundstone, Juniper Networks and Cisco and their role in the US cybersecurity market
Check Point, its network and alumni have a tremendous impact on the cybersecurity ecosystem in the US; Palo Alto Networks, one of the largest security companies in the United States is a textbook example of that. However, it would be a mistake to not look at several other players that one way or another, helped to define the US cybersecurity market.
Foundstone: the birth of the new generation endpoint security
Foundstone was founded in 1999 by six co-founders including George Kurtz (CEO), Stuart McClure (CTO), Chris Prosise (VP of Consulting), Gary Bahadur (CIO), and William Chan (VP of Educational Services). The company focused on vulnerability management to help security teams reduce the probability and potential impact of data breaches, and provided professional services as a part of its offerings. Foundstone went to raise Series B and was acquired by McAfee in 2004 for $86 million in cash.
Following the acquisition, some of the founders and employees joined McAfee while others went on to pursue other opportunities. The Foundstone CEO George Kurtz, held various roles at McAfee including risk manager and senior vice president, and in 2009, Kurtz got promoted to the role of CTO and Senior Vice President (SVP). In 2011, Kurtz left McAfee and started a new company, CrowdStrike. CrowdStrike’s other co-founders were Gregg Marston, former Chief Financial Officer (CFO) of Foundstone, and Dmitri Alperovitch, former VP of Threat Research at McAfee. The company became a huge success and in 2023, CrowdStrike is one one the world’s leading security companies with a market cap of $28.88 billion.
Although CrowdStrike turned out to be a big success, it is just a part of the Foundstone’s legacy.
Stuart McClure, the Foundstone co-founder and CTO, following the acquisition joined McAfee as a Senior Vice President of Global Threats and Research. He left after a few years, but returned back in 2008 and after some time, Stuart got appointed as a Worldwide Chief Technical Officer (CTO) and General Manager. In 2012, he left for good to start Cylance, an endpoint cybersecurity company. Cylance was eventually acquired by BlackBerry for $1.4 billion making it the most expensive acquisition in BlackBerry’s history.
What makes stories of CrowdStrike and Cylance particularly fascinating is that both endpoint providers started roughly at the same time by people who worked hand-on-hand together at Foundstone - Stuart McClure and George Kurtz. And yet, even this isn’t the full story about Foundstone’s legacy.
The role of the director of Computer Forensics at Foundstone was played by none other but Kevin Mandia. Following the acquisition of Foundstone, Mandia started Mandiant Corporation which grew into a world’s leader in cyber defense, threat intelligence and incident response services employing over 2,300 employees as of December 2021. In 2022, Mandiant was acquired by Google for $5.4 billion and integrated it into its Google Cloud division.
The fact that the three giants of the cybersecurity market - CrowdStrike, Cylance, and Mandiant were started by people who used to sit in the same room and work together shows how critical it is to be a part of the network of ambitious, smart, and driven individuals. And, it marks Foundsone as one of the springboards for the security industry as we know it today.
Juniper Networks: a Bay Area networking startup factory
Juniper Networks, a networking company headquartered in Sunnyvale, California, was founded in 1996 by Pradeep Sindhu, a scientist working at Xerox’s Palo Alto Research Center. Juniper Networks focuses on developing networking solutions such as routers and switches, as well as network security offerings. Juniper Networks went public on NASDAQ in June 1999. On the first day of trading, the company stock value nearly doubled to a market capitalization of $4.9 billion. Within a year, the company's stock grew by 500%.
Former employees and leaders of Juniper Networks made a dent in the cybersecurity industry. The two of the most prominent companies founded by the Juniper alumni are Netskope and Palo Alto Networks.
Palo Alto Networks was founded in 2005 by Nir Zuk, who after serving as a principal engineer at Check Point, became a Chief Security Technologist at Juniper Networks. Nir, however, didn’t do it alone. His co-founders were Rajiv Batra (VP of Engineering at Juniper Networks), Yuming Mao (DE & Chief Architect at Juniper Networks), and Dave Stevens (the only one who hasn't worked at Juniper). It’s worth remembering that the company started as a next-generation firewall (NGFW), and only later, through a well-crafted series of steps directed on expansion and acquisition, became the behemoth it is today.
Netskope, a company valued at $7.5 billion in 2021, was founded by Sanjay Beri, Krishna Narayanaswamy, Ravi Ithal and Lebin Cheng. Sanjay, Netskope’s CEO, spent over 7 years at Juniper Networks in various roles, last one being the Vice President & General Manager at the Access/Security & Pulse Business Unit. Two of the three other Sanjay’s co-founders, Krishna and Ravi, both held various roles at Netskope.
Other ventures led by Juniper Networks alumni include:
PJ Kirner, CTO and co-founder of Illumio, business data center and cloud computing security company valued at $2.75 billion as of 2021, previously served as a Distinguished Engineer at Juniper Networks.
Apurva Mehta, former CTO and Chief Architect at Juniper Networks founded Versa Networks which raised $316 million and was valued at over $700 million as of 2022.
Arjun Sambamoorthy, DJ Sampath, and Chetan Anand, who all worked at different engineering positions at Juniper Networks, partnered with Anand Raghavan (the only co-founder who hasn’t) to build Armorblox to detect, alert and protect against identity-related attacks and data loss.
Karthik Krishnan, CEO & co-founder at Concentric AI, Data Security Posture management company, once served as a Director of Product Management at Juniper Networks.
Bhupesh Kothar and Rahul Aggarwal, co-founders of Augtera Networks, previously both worked at engineering positions at Juniper Networks.
All this makes it very clear that Juniper Networks became an incubator for a wide range of startups, primarily (but not exclusively) focused on network security.
Image: some of the many companies founded by the Juniper Networks alumni
Cisco: the power in numbers
Cisco, a powerhouse that produces and sells networking and telecommunications hardware and software and employs over 80,000 people across the globe, deserves an honorary mention. Company alumni went on to start, fund, and advise a broad range of cybersecurity companies including the previously mentioned Netskope co-founded by Ravi Ithal who spent several years at Cisco. This makes intuitive sense: given the number of employees working at Cisco, it is inevitable that a large number of Cisco alumni will end up building something new. Tracxn, a firm offering among other things analytics, reports that “There are 1308 companies, including 16 unicorns, founded by alumni of Cisco. These companies have raised over USD 30.34B in funding from 2552 investors.”
A quick search on LinkedIn shows that there are quite a few early-stage cybersecurity startups being founded by people who accumulated several years of experience at Cisco. This list includes:
Abhishek Dubey, co-founder and CEO of Bolster
Matt Caulfield, founder and CEO of Oort
Etai Hochman, co-founder and CTO of Mirato
Himanshu Shukla, founder and CEO of LightBeam.ai
Sheausong Yang, co-founder and Chief Scientist at Ordr Inc.
Ravi Ithal, co-founder and CTO at Normalyze
Ketan Nilangekar, co-founder and CEO of ThreatWorx
Akhilesh Verma, co-founder of GarbleCloud
Abhishek Singh, co-founder and CEO of Araali Networks
Navindra Yadav, co-founder and CEO of Theom
Dhruv Jain, co-founder and Head of Products of Acante
Warlu Kothapalli, co-founder and CTO of AppSOC
Vinay Mamidi, founder and CEO of Whiteswan Security
Arijit Sarcar, founder and CEO at UBYON
It is worth mentioning that despite the large number of ex-Cisco founders, it doesn’t appear that the company was able to foster a tight-knit ecosystem when it comes to cybersecurity entrepreneurs.
Closing thoughts: internalizing the role of the cyber mafia in the ecosystem
When exploring the impact of the Check Point mafia, as well as the roles of Foundstone, Juniper Networks, and Cisco in the cybersecurity innovation, three things become clear.
First, experience is critical to success. Cybersecurity founders must have a deep context and expertise in their domain which can come from building a company or being involved in building the technology one later will end up innovating. Examples are plenty:
Okta was co-founded by an ex-Salesforce engineering leader (Todd McKinnon) and his counterpart from sales & business development at Salesforce (Frederic Kerrest).
Splunk co-founders Michael Baum, Rob Das and Erik Swan have a strong background as well. Michael Baum worked at Yahoo! and Walt Disney Internet Group before co-founding Collation and selling it to IBM; Erik Swan was a co-founder and VP of Engineering at several companies.
Jay Chaudhry, CEO, Chairman & Founder of Zscaler has started four companies and served at a leadership role at a few before ultimately building Zscaler which raised $192 million at the IPO in 2018 and now trades with the market cap of $12.98 billion.
I can keep going on and on, but the part that matters is this: there are no purely accidental “lucky” founders that end up with companies worth $1 billion.
Second, what matters even more than experience is having the right experience. Most successful founding teams have at least one person who has cut their teeth working at the enterprise, or previously started and ran companies. Statistically it is highly unlikely that a first-time founder can make it big.
Third, is that networks, knowing the right people, and having the right relationships are a defining factor to success. This, not by accident, is also highly correlated to past experiences: those who work at a large corporation, and even more so - those building their own companies tend to have a wider and deeper set of connections. The prime example of what can be made possible when passionate, driven, and smart people with long-term mindset come together is the Check Point mafia. I am sure that someday, we will get to read a great book about it.
This article was inspired by the conversation with Sid Trivedi of Foundation Capital at the RSAC 2023.
Loads of people came out of Foundstone. I ran the appsec team prior to McAfee and all the services team after. Nothing like the success of the other crew above but I started OWASP, SourceClear (sold to Veracode) and a few other things. We learned well from George and Stu and Chris. Aaron Higbee and Rohit started PhishMe. Nathan Sportsman Pretorian and loads of other companies. They were really good times ....