Let's Talk AlienVault: Behind the Software with CTO Roger Thornton
Companies across the board desire a security solution that is both dependable and durable, and yet often online protection falls behind other, more essential software needs. With an innovative open-source security platform as well as an enterprise edition, AlienVault is addressing how businesses can affordably attain comprehensive security visibility and more efficiently react to security threats. We spoke with CTO Roger Thornton about the company’s motto of focusing on underserved businesses, and how AlienVault’s innovative solutions are revolutionizing the security software industry.
A recurring theme for your company is that you build your security solution for “underserved companies.” How did AlienVault initially come up with this mentality, and how have you remained true to it??
LAUNCHED: 2007 in Spain
LOCATION: San Mateo, CA
CUSTOMERS: Telefonica, Marquette University, Metro Madrid, Xanterra Parks and Resorts, The City of Los Angeles
The company that existed before myself and a number of colleagues – the old company from Spain that became AlienVault — was working with these super-elite, high-end customers, but they themselves didn’t have a big budget to buy all the best and super high-end commercial products for their MSSP (Managed Security Service Provider). So they were always having to try to get by with less.
One of the strategies that they used – and it’s a good one – is they used open-source tools. They built their own framework for tying all these different types of security tools together and made it open source. And because of that open source legacy, tens of thousands of people all around the world have downloaded and used that technology. But it really represented the truest sense of the underserved security markets.
There are two aspects of AlienVault that we’re just steadfast on. The first thing that we’re totally focused on is serving the mid-market, companies who care about security but don’t have the team or budget to buy the best-in-class. And the other part that follows is that we believe strongly in a crowdsourcing model of security that allows all of our end-users to share information with each other. So together they have way more threat information, way more insight, way more knowledge than any one big company.
How you would describe your ideal customer? How significant of a role do your customers’ opinions and feedback play when you’re developing new features and upgrades?
Generally, our customer base will have a team of 10 or fewer people responsible for security. Of course there are exceptions, but that’s our sweet spot. But don’t forget, we’re also committed to our open-source product and community. We have roughly 10,000 active users of our open-source product that we’re in contact with to some degree or another. On the commercial side, we’ll add about 500 new customers today.
We’ve got a program in place where we have a small group of custom solution partners who build custom solutions for our large customers. That brings up the main thrust of the product management group to take in the feedback of the masses. We get a lot of feedback, opinions, advice, ideas from our open-source community. We also pull together clients working with our custom solution partners, bringing them in-house every so often and asking what they see. We want to be able to say hey, here’s a company that takes our product and customizes it – knock yourself out. But then we also want to focus on that typical user – the one of thousands. It’s key to our success that all this works.
How does AlienVault’s Unified Security Management platform address the security needs of companies differently than your competitors?
Let me extend that to the product and the company. Part of what makes the company unique is its background story. It was this little company in Madrid, Spain that did really great work and ended up building a technology that could compete with IBM and HP. I fell in love with that story, and I think a lot of people do. It’s a great against-the-odds success story.
From a product point of view – we have five different categories of tools in a single application. We did a survey of our customer base in Q1, and the overwhelming driver for why people selected ours over other solutions was value. It’s not that our prices are so much lower, per se. But we put these five different categories of tools into a single appliance, and you only buy one product. So even though our prices are just a little bit below the high-end manufacturers, we’ve got about a 5-to-1 compression on price because you’re buying one product.
That’s the piece that we’re just absolutely ironclad to make work because we know it’ll work and we think it’s good for our business. To take that giant footprint of customers we have relative to an enterprise company and open up our Open Threat Exchange network so they can collaborate and work together — we can make that happen. Once we do that – if we do a good job and there’s good information and people have good exchange, it’ll be very hard to compete with us. And then the last piece – that idea of bringing people together through crowdsource security – that makes the company special and unique.
What challenges has AlienVault faced in developing and executing a product strong enough to compete with the “big dogs” of security software?
One of our challenges is that the company who built our foundation, the old AlienVault, they did a great job building everything, but their go-to market was building a custom solution for the big customers. And that’s fine. But now we see that our product is really appealing to the mid-market, and our business plan only works with tens of thousands of customers – maybe even 100,000. We’ve got to move our attention away from what that one really big customer wants as far as a custom solution and instead focus on what the average customer needs. A product like ours, we’re building it for the masses, not the real high-end, elite customer.
In what ways has the company adapted to stay relevant in the security software industry?
I think in terms of innovation keeping us relevant, it’s just in our nature to innovate as a Silicon Valley company with the right venture backers. We know that if you don’t innovate, you die. So there’s kind of a DNA within our company that exists to that end. Underneath that, we have a mission that transcends making money. And I don’t mean to say that in a disparaging way. What spurs us and motivates us on a daily basis is who we’re doing it for and how we’re doing it. And everything beyond that is just a lot of details, such as coming up with new ways to analyze network packets and collaborating with other vendors.
You’ve worked with a considerable number of companies during your career and even founded your own security company, Fortify Software, in 2002. What attracted you to AlienVault? How has having the experience of founding your own company impacted your time at AlienVault?
When I took a look at AlienVault, I saw what a great job the company had done at reaching a much bigger group of people because of its background. The way I described it to a friend who kind of thought I was crazy to go and join this little start-up — I told them, it’s one thing to help companies that are already secure be a little bit more secure, but it feels really great to help companies that don’t have the funding and don’t have the teams. You can help a lot more people get from a state of having not much visibility into what’s going on to having the same type of system that they would have at a Bank of America by leveraging the open source and, in the case of AlienVault, keeping the prices really low.
When you found a company, it’s the only time in your life that you choose who you work with. There’s a certain type of character and spirit you look for. One of my co-founders used the phrase SWAN. A SWAN is someone who’s smart (the S), works hard (the W), is ambitious (the A), but is still a nice person (the N). When I looked at coming to this company, the first thing I did was look at the people. I think without having that experience as a founder and that conviction, I maybe wouldn’t have been so sure. If you’re going to do something difficult, make sure the market’s there. And make sure the people that you’re going to do it with are ones that you would hire if you were the founder.
Are there any developing trends that you’ve noticed in the industry or any new features that users should be on the lookout for?
I’d say incident response technology and on-the-fly malware analysis are very interesting and cool. At the very high end of the enterprise, there is a bit of a move towards relying more heavily on products like Solera or NetWitness – these really deep incident response products. And the mindset there is, you know what? I’m gonna get breached. So they’re really focusing more on what to do afterwards. The belief there is, if I can capture literally every packet that’s gone through the important parts of the network, then I’ll be in a better position to respond.
So we look at trends like that. The way we see it is our appliance has got this big data store in it so we can store all the information. But the other part of the appliance is a thing called a sensor, and the sensor is where we put all our open-source tools. One of the things that we look at is we see that sensor as the be-all, end-all. We see it as a framework that next year, the year after, 10 years from now, we’re updating it with whatever the next kind of cool, interesting technology is. We farm the industry for whatever the latest techniques are and bring them down to our customer. We’ll either find great open-source packages that we can include into the sensors or partner with third parties to bring them to our customer base. That’s one of our little innovation strategies that I think will serve us well.
Learn more about AlienVault and their security solutions at www.alienvault.com.