Aviva Zacks of Safety Detective sat down with Tanuj Gulati, co-founder and CTO of Securonix, and found out how his company’s Next-Gen SIEM platform collects, detects, and responds to threats.
Safety Detective: What was your journey in cybersecurity and what inspired you to create Securonix?
Tanuj Gulati: I’ve been very lucky to be in the cybersecurity space for the last 20 years. Prior to Securonix, I had the privilege of working with some really great companies like Oracle and Sun Microsystems, and I also founded another company in the identity and access management space with my current co-founder Sachin Nayyar.
Over the years, I have worked on several security technologies, including technologies that dealt with Linux security, web application firewalls, policy orchestration, database security, and two-factor authentication. We pioneered the identity and access governance space as it exists today.
My foray into cybersecurity was actually quite by accident. I worked as a software developer during the dot com years. During that period, there were several companies that were popping up, and I had the ambition to start my own venture as well. To that end, I decided to learn more about business, pursued my MBA, but unfortunately, by the time I completed my MBA, the dot com market had burst. After graduating, I met up with Sachin through a mutual friend. He pitched the idea to me about a startup that was focused on using machine learning to figure out what access people needed to do the job. We founded Vaau together, which worked on figuring out, through machine learning, what privileges people need and how to control those privileges for those individuals.
Cybersecurity is a very exciting space to be in. When I think about it, there are two aspects of it that are exciting. The first one is the mission itself, which is noble. It’s about protecting organizations and nations against rogue nations or cybercriminals.
The second thing that’s really exciting about cybersecurity is the continuous change, whether it’s the type of attacks that are happening, the landscape that keeps changing, or the tooling that keeps changing. The ever-growing aspect of the cybersecurity space has been a phenomenal thing for us.
SD: What would you say is your company’s flagship product?
TG: Our flagship product is the Securonix Next-Gen SIEM platform. Back in 2009, we founded Securonix as a UEBA provider and pioneered the category with the notion of using machine learning and big data analytics to identify the unknown threats that organizations face. In 2017, we entered the SIEM space and now deliver a full-featured SIEM platform with integrated SIEM, UEBA, SOAR, Security Data Lake, NTA, and vertical-specific applications.
SD: What verticals use your products and solutions?
TG: There’s a wide array of companies across multiple industry verticals and geographies that use our products and deploy solutions. I’d say the top one would be the financials and insurance industry, closely followed by healthcare, like big pharmaceutical companies, and then government agencies. We have others including high tech manufacturing, retail, and airlines as well that use our product.
SD: What would you feel is the worst cyberthreat today?
TG: The largest cyberthreat for organizations is their own employees. If you think about the threats that organizations face, whether it’s through organized cybercriminals or other nation-states, the exploitation always tends to be the employees that have access to the organization’s systems and applications. So the cyberthreat that companies need to focus on is their own employees’ vulnerability to phishing attacks, where people receive emails with familiar-looking subjects that they end up clicking on that deploys malware, which works itself into the organization’s assets. Protecting employees from these types of attacks is extremely difficult.
SD: Where do you feel cybersecurity is headed in light of the COVID-19 pandemic?
TG: With COVID-19, there have been some interesting challenges that companies are faced with as such a large amount of workforces are now in remote environments, which the organizations have not been prepared for. A lot of companies didn’t have the right firewalls or VPNs in place to protect the laptops that people were using from home. What we’ve noticed is that with so many employees working from home, the employees’ networks are now directly connected to the organizations’ networks. This has led to a large exposure for organizations. Companies are now trying to keep up with these threats and figure out how they can protect their own applications and systems from all the employees that have started to work from home.