We recently announced that I joined ShieldX Networks as CEO.
Like many job seekers, I relied on friends and trusted colleagues to inform my decision. Mike Fey first turned me onto ShieldX (he recently outlined his reasons for investing in ShieldX and it is a must read). Mike encouraged me to invest alongside him. Consequently, when the ShieldX team started to look for a CEO to partner with the founding team, a much more direct level of involvement began to surface. It did not take long for me to recognize that ShieldX is where I wanted to be, if the founders and board would have me. While there were several reasons this opportunity was so compelling, it came down to four main drivers.
The ShieldX Elastic Security Platform could well be THE enabling security offering with the ability to both enable the “migration to” and “security promises” of microsegmentation in the era of cloud computing. The move to the cloud is fundamentally changing how IT and networking are done, how applications are developed, where security risks need to be mitigated and how security needs to be inherently and elastically applied. To date, many enterprises have begun their data center transition to the cloud, but during this transition, hackers and malicious insiders have uncovered and exploited blind spots—particularly along the emerging East-West data center. We, as an industry, have spent a few decades focused on securing North-South network traffic boundaries; but as networks became flatter, larger and more dynamic, a growing attack surface within arose that led to an ever growing number of security breaches due to attacks spreading on the East-West axis.
What if we could offer improved network security by using elastic security software, which offers visibility, policy generation for microsegmentation and a rich set of dynamic security controls to enable fully automated security in this new world? What if we could simplify achieving and reporting on compliance in the cloud? For CISOs, the current set of market options means buying multiple point products, some of which are being shoehorned into solving a problem they were never designed to solve.
Further, what if we could offer security without increasing customer overhead? ShieldX does this with technology that was designed from the ground up to serve in this elastic environment where it once was impossible to define your network security posture. As Mike Fey stated in his blog, “East west security is more important than north south.” ShieldX can—and will—protect all data center workloads in the future. As anyone interested in deploying a Zero Trust effort will understand—ShieldX is in the thick of an important market.
Today, the majority of approaches to microsegmentation require agents. Not ShieldX. Instead, ShieldX pioneered an application layer security approach that brings visibility to traffic patterns enterprises haven’t seen before the arrival of multi cloud. And it is not just visibility. ShieldX’s approach also brings application layer threat prevention. Remember what IPS brought to on-prem network perimeters? ShieldX does this in your cloud. Being agentless allows for robust functionality like virtual patching, for example virtually patching cloud workloads which combats the new trend in ransomware, where the new target is unpatched workloads/VMs in your data center and cloud. And then there’s automation. One of ShieldX’s customers used to have a firewall analyst update policies taking up four hours (!) daily. Our automated policy enforcement dynamically assigns policies based on predefined criteria aligned to your business process, enabling this valuable resource to be redeployed into more strategic activities.
I knew Ratinder and Manuel professionally and by reputation from McAfee. Both are innovators and famous within the industry for good reason. When stars aligned and Ratinder and the ShieldX board were looking for a CEO partner, it was hard to not get excited. The team that built ShieldX is hard to duplicate. Few innovators could build a platform that promises to upend security as enterprises move to the cloud. Also, if one looks at the other people associated with the company, be it investors, board members or advisors, they would have to say this is truly a “hall of fame” caliber line up.
Today, if you want security in the cloud you have to choose between virtual firewalls, agent-based technology or go with cloud-native capabilities. Virtual firewalls suffer two fundamental problems—they don’t scale elastically in the cloud and they create way too much administrative overhead in an ever-changing cloud environment. If you require more TLS decryption in an environment for inspection, for instance, you need to buy more licenses of the firewall to achieve the required TLS decryption; even if you don’t need other features included in that license. Worse, because of the extra traffic incurred by virtual firewalls, you’ll end up paying excessive CPU overhead costs and you’ll have to hire additional network security staff to administrate ACLs in your ever-changing cloud environment. Cloud native providers supply basic security capabilities, but they are hardly best of breed, they too require way too much overhead to constantly re-configure, they only support their own platform, and lack the advanced application layer security capabilities security teams require. And many new entrants in this space require agents. The drawbacks of agents are pretty well known but you can always ask one self-answering question: Is it OK in a production environment to deploy agents to workloads without extensive QA and compatibility testing? Perhaps the biggest deficiency of all the above approaches is their lack of automation. By contrast, ShieldX installs quickly and brings fast time to value. More importantly, our software is architected to provide elastic scalability and makes policy and control management dramatically simpler. At the end of the day, ShieldX lowers your operational costs to enable microsegmentation and lateral movement protection. Bottom line: ShieldX brings an unfair advantage to the market.
I encourage you to try ShieldX. Three of our customers not only influenced my decision to join, but also echoed my sentiments in these detailed reviews including this compelling testimonial from Alaska Air:
We switched to ShieldX because traditional firewalls are more expensive, and they require you to take all of your traffic outside of your virtual environment to inspect it and then return it back to the virtual environment. ShieldX also enables us to migrate to cloud environments faster.