Security Startups

, , ,

Atomicorp - Mach37 Alumnae Interview with Michael Shinn

, , ,

atomicorp-michael-shinn-army

Michael Shinn, Atomicorp CEO

What opportunity did you recognize that led to the founding of Atomicorp?

Michael Shinn: The security industry was being challenged by the widespread migration to the cloud and cloud-based technologies. To me, it seemed like a classic second mover opportunity caused by a fairly disruptive change to the market. A lot of the existing cybersecurity solutions either couldn’t be used in these cloud environments -- appliances for example -- or they didn’t provide the right value to the customer. The products weren’t designed for that world. They were being bolted on and the customers weren’t happy. We saw this as an opportunity to apply some unique technology and solve the cybersecurity problems in a cloud-friendly way.

What specific value does addressing that problem provide for your customers?

securitylarge-282x300Shinn: The value that customers have shared with us is a dramatic reduction in operating cost. We have been told 80% and the number has been shared with us repeatedly. That 80% is based on the fact that there are fewer security incidents they must address after installing Atomicorp. That seems like the obvious place to look for benefits for a security solution. The non-obvious benefit is the reduced dev ops costs because they don’t have to patch their systems so frequently. That has enabled dev ops to do their work without having to go through a lot of security gates.

Why aren’t current solutions addressing this problem effectively?

Shinn: For the traditional players what seems to be happening is this move to the cloud doesn’t work with their current business models. That is a substantial problem. When I talk with my peers at these companies, they are frustrated that their attempts to build cloud-based solutions have not gone well within their organizations in terms of culture, sales model, accounting and product. Cloud platforms are extremely heterogeneous. Solutions are sold by the hour. It’s not a traditional IT environment where you control the network and all of the components. The attack surface is completely different and more dynamic in a cloud environment than an on-prem environment. The problems are different. The solutions need to be different. atomicorp-logoIt’s a more challenging environment for traditional cybersecurity companies to build products and more challenging to operate their business because they need to reinvent how they operate. Something as simple as how do you account for revenue in this new model when you are accustomed to selling enterprise licenses is an issue.For the customers, the problem is exasperated by the fact that a lot of the security products are built for security experts which doesn’t help their dev ops teams. That is not what they are looking for. They need products that are easy for non-experts to use.

What makes your approach different and better from existing approaches?

Shinn: Atomicorp products are built for cloud environments from the ground up and they are designed to be easy to use.

What about your team’s background puts you in a unique position to succeed?

Shinn: Scott and I founded Plesk in 1999 which invented a lot of the technologies that cloud providers rely on today. So we have an intimate knowledge of the technologies that make cloud possible. After we sold that company, we put a lot of thought into what we were going to do next. The idea for this company came from what we learned building those products and serving those customers. The Atomicorp product was built from experience and designed specifically for cloud providers.

You just announced a $1 million seed round. What do you plan to do with the proceeds?

Shinn: Customer acquisition and product enhancements. Priority one through five is introducing more customers to Atomicorp. We have a proven product and a lot of customers, but we are looking to introduce Atomicorp to more.

What are some of the milestones you have passed since graduating from Mach37?

Shinn:

  • We have now earned more than we have spent
  • We crossed the 1,000 customer mark.
  • We have made some key executive hires such as VP of Sales.

 

You already had a product and customers when you entered the Mach37 program. What made Mach37 a good choice for you even though you already had some business momentum and customer traction?

michael-shinn-seatedShinn: The robustness of the educational program was tremendous. That education would cost a lot of money. It is unlikely that a startup could afford it. The Mach37 program is like a compressed MBA and it is tailored to you needs. It is not abstract learning. It is deliverable based. You need to develop your messaging. You have to put together a budget, recruit people and build a real business. Doing that while you are in the program is priceless. I’m not sure there is an MBA on earth that does that.Secondarily, I would point out the relationships. Mach37 has done a wonderful job introducing us to good hires, advisors, investors, and service providers. It’s a very good network. Finally, it’s a very supportive environment. Building a business is hard work. They are good coaches.Learn more about Atomicorp here.

Related Posts

, , ,

Guest Blog by Michael Wellman: Virgil Security’s $4 Million Series A Round Is About More Than Just Fundraising

, , ,

Michael Wellman and Dmitry Dain, founders of Virgil Security

Last month, DCInno’s Eric Hal Schwartz, in his DC's Cybersecurity Startup Scene Is Hot. Can It Get Hotter? article gave Virgil Security (and MACH37) the following shout out:

If venture investors are on fire for cybersecurity opportunities, a group of D.C.-based accelerators are cropping up to supply the fuel. MACH37 graduates around half a dozen startups from its program twice a year, with notable successes like Virgil Security, which partnered with Twilio, one of the fastest-growing cloud computing companies around, in April.

Last week, Virgil Security closed a $4 million Series A investment. I’ve long contended that funding news isn’t really news, but what makes it interesting this time is that we’re a MACH37 company – the first MACH37 company to close a Series A round. And that is news! Let me explain why…Our lead investor was KEC Ventures out of NYC. Oher institutional investors included Charge Ventures in NYC, Bloomberg Beta out of San Francisco, Sparkland Capital from both Silicon Valley and China, plus NextGen Venture Partners which, while originally DC-based, now has a national footprint. Notable individual investors included Ray Rothrock and Matt Grimm. Ray Rothrock is practically the godfather of West Coast cybersecurity investing; he led the Series A and Series B investments in PGP Corporation back in the day, and, more recently, led the Series A investments in CloudFlare. Matt Grimm was, until recently, a partner at the San Francisco-based Mithril Capital Management. Our ability to draw national and international funding to a Northern Virginia startup further validates Virginia’s investment-driven model for economic development. The combined vision of former CIT leader Pete Jobse, Delegate Tag Greason, and the Northern Virginia Technology Council (NVTC), plus the sustained support offered by Governor Terry McAuliffe, the Virginia’s Secretary of Technology Karen Jackson, and the Center for Innovative Technology (CIT) brought MACH37 into existence. Without the opportunity that MACH37 provided us to distill our underlying business case, Virgil Security would potentially simply not exist today. Because of all of their efforts, the $50,000 that MACH37 invested in Virgil in the fall of 2014 just drew 80 times that in private investment – with most of it coming from outside the DC area but with much of it to be spent in the DC area! Our ability to draw this investment into the greater DC area also helps demonstrate that Virginia’s recent focus on cybersecurity is aligned with the future we need to create. And we’re trying hard to do our part. Our mission at Virgil Security is to #SecureTheFuture. For Virgil, that means ensuring that the future is cryptographically secure, but, for all of us, that means ensuring that the future is economically secure. To help further both goals, Virgil Security is working with the University of Virginia’s College at Wise to create a curriculum which will better enable Virginia graduates to find and fill the tens of thousands of unfilled cybersecurity jobs in Virginia, the hundreds of thousands in the United States, and the million plus around the world. So, while funding news isn’t normally news, I think this particular bit of funding news represents something bigger. And in our view, it’s a story worth sharing.- Michael W. Wellman

, , , ,

Virgil Security Raises a $4 Million Series A

, , , ,

virgil-co-founders-with-rick-gordon

Virgil Security Co-founders Michael Wellman (left) and Dmitri Dain (right) Ring the Mach37 Bell to Celebrate Reaching Escape Velocity; Rick Gordon Joins In the Celebration

On October 7th, Virgil Security closed a $4 million Series A investment, led by KEC Ventures. KEC is a venture firm founded by Jeff Citron, who also founded Island ECN, Datek Online and Vonage.  For those of you who are close to Mach37, you know I have been promising for many months that we have several companies ready for Series A investment. Virgil was one of them.As I thought about using this blog to crow about our investment strategy (we actually hunted for a company that offers easy-to-implement encryption infrastructure) or in some way hype-up just how smart we are at Mach37, a conversation I had last week caused me to think better of it. Virgil’s CEO Michael Wellman offered the key insight. As I was verbally high-fiving Michael, he took a characteristically humble look at the company's journey so far and remarked:

“You know Rick, it used to be that if you worked hard, had talent, OR got lucky, you could make it to the NFL (National Football League).  These days, to make it you need to work hard, have talent AND get lucky to even have a chance.”

And, so it is with technology start-ups.  The hidden truth is that entrepreneurs can have talent, make every right decision, and work their butts off, but if serendipity does not smile the company will fail.In the case of Virgil, I can point to a handful of inflection points that relied heavily on just being in the right place at the right time.  I can say the same for Invincea and Lookingglass, two companies I was intimately involved with during their early struggles that have since achieved similar inflection points.  However, the truth is that all of these companies still have additional milestones to achieve before any of us can declare victory.So, instead of trying to convince you that the Mach37 team is smarter than we really are, I’ll just say that we feel really fortunate to have had the opportunity to invest early in Virgil. It is a company that has the world class talent and drive required to be successful AND was able to create the necessary luck along the way to close its Series A.

Related Posts

, , ,

Mach37 Spring Class 2016 Interview: Hilltop Security

, , ,

2016-06-14 - M37 Demo Day - 08 - HTSI - DSC_3364

Tom Gilmore, Hill Top Security CEO

What opportunity did you recognize that led to the founding of Hill Top Security?

HTSI

Tom Gilmore: We saw that most organizations were faced with a shortage of skilled security personnel and that any strategy built around creating more security analysts was not going to be effective. In addition, security personnel are overwhelmed with security alerts and spend too much time processing false-positive alerts. We also believed that the time to detect a breach which is on average 206 days is a direct result of these problems and that time could be dramatically decreased with automation and better tools.

What specific value does addressing that problem provide for your customers?

Gilmore: We provide customers with a security incident response platform that ingests data and performs complex event processing to save analysts time allowing them to move to detection and response activities faster.

Why aren’t current solutions addressing this problem effectively?

Gilmore: Most solutions on the market today are focused on prevention, or detection, or response. Our product is designed to do all three and also provides analysts with the ability to work in a single environment instead of having to login and operate every security tool independently.

What makes your approach different and better from existing approaches?

Gilmore: Solutions on the market now are very narrowly focused and fragmented creating more work and reducing efficiency. Our product is designed to enhance and improve the utility of our customer’s current resources. By interconnecting all the devices and systems that make up the security architecture, we are able to increase the value of the data being generated by enriching the data with such things as business impact analysis, business rules, and risk assessments.

What about your team’s background puts you in a unique position to succeed?

Gilmore: We have a team that has experience in national and military intelligence, cyber security, and industrial engineering. I personally have one start-up under my belt that made the Inc. 500 and exited. Neil Wright spent 7 years designing UPS’s global package handling system and Steve Baker has over 30 years of national security and intelligence experience working in such places as the White House National Security Council.

What one aspect of the Mach37 programs did you personally find most beneficial?

Gilmore: Learning the intricacies of being a successful product company. Having come from a government services background, making that transition can be very difficult and Mach37 helps you define what that will look like and develop a plan to get there.Learn more about Hill Top Security here.

, , ,

Mach37 Spring Class 2016 Interview: Unblinkr

, , ,

 

Demo

Mancy Sanghavi, Unblinkr Founder

 UnblinkrLogoTransparent 

What opportunity did you recognize that led to the founding of Unblinkr?

Mancy Sanghavi: 250 million cars will join the Internet of Things by 2020. Cars are running millions of lines of code and are just as susceptible to hacking as any computer network. Advanced driver assistance and connectivity features increase threat vectors on the connected vehicle. We identified an opportunity to make cars secure.

What specific value does addressing that opportunity/problem provide for your customers?

Sanghavi: Automotive Industry insiders acknowledge connected cars need to be secure from outside hackers. Through the publicity car hacking has received recently, consumers want to know their vehicles are safe. There are plenty of discussions on how to secure the connected car. Our product provides an answer to that question. By using our solution, car manufacturers can stay competitive and offer more advanced connectivity features for consumers.

Why aren’t current solutions addressing this opportunity/problem effectively?

Sanghavi: Cars today are infinitely more complex than the Model T designed by Henry Ford in 1908. Automotive companies have never had to think like technology companies in the past, and they are having to play catch up. Their design times have to be more responsive. We don’t have to play catch up because our team has been dedicated to this problem for over 5 years.

What makes your approach different and better from existing approaches?

Sanghavi: The connected vehicle space is new and there is no clear leader in aftermarket automotive cybersecurity. Cybersecurity is crucial in order for the market to adopt driverless cars. There are a few startups offering point solutions whereas we are taking a holistic approach. We believe in intelligent data by bringing context to increase awareness of the situation, thereby enabling us to make better decisions.

What about your (team’s) background puts you in a unique position to succeed?

Sanghavi: Our team has done research on the security and privacy concerns of these types of advanced technologies. We have bid on and received research grants to examine connectivity and have spent time in labs researching internal car networks. We conduct black box testing and pen testing on cars.

What one aspect of the Mach37 programs did you personally find most beneficial?

Sanghavi: The Mach37 program is incredibly beneficial and I highly recommend it. The 14-week program gives startups a unique chance to interact with experts and learn how to run a business from start to exit. Startups hone their message and learn the building blocks to take a litmus test of whether their idea can succeed in the marketplace. Mach37 helps you build your boat before they launch you into the waters.

Are there any adjacent industries transformed by your solution?

Sanghavi: Imagine summoning a driverless car via smartphone, revolutionizing taxi and parking industries. Targeted in-car advertising creates revenue opportunities for telecom and marketing industries. Insurance is getting ready for the day of driverless cars and when people aren’t paying car insurance anymore. Our solution helps track history and prove whether a car has been hacked. This is valuable information for insurers.  However, these disruptions come with challenges. The FBI is concerned that driverless cars are a terrorist target. Centralization means more vulnerability and creates user privacy concerns.

What are the key market/economic forces in your industry?

Sanghavi: Over 35,000 people in the US die in road crashes each year. Driverless technology is the hope that the number will become zero. But we are replacing human error with a machine. If that machine becomes hacked, that is dangerous for the families riding in the car. One day anti-hacking software installed on a car will be mandatory, the way seatbelts and airbags are mandatory safety elements today. An industry driver is that revenues from connectivity are expected to increase sixfold from approximately $30 billion in 2014 to approximately $170 billion in 2020. Possible legislative mandates like SPY Car Act may fuel demand for Unblinkr product. An Executive Order mandates all government vehicles to address threat vectors by 2017. The EU eCall law will drive demand for the product overseas. Learn more about Unblinkr here.

, , ,

Mach37 Spring '16 Class Interview: PCPursuit

, , ,

2016-04-20 - DC CSCS Mt Up - 06 - DSC_0282

Robert Walker

CEO and founder

PCPursuit 

What opportunity did you recognize that led to the founding of PCPursuit?

Robert Walker: There are a couple of things going on in information security that are really important. Too many information security products only tell you there is a problem after your data has already been stolen. I have seen a few things in my career that are technologies that can prevent problems from happening in the first place, but they are not easy to use and are typically expensive. We recognized that we could make physical systems and digital systems more secure if they could just talk to each other. It’s really never been done before and that’s what we are changing by providing a proactive security solution that is inexpensive and easy to deploy.  

What makes your approach different and better from existing approaches?

Walker: Simplicity. You don’t have to roll this out to every asset in your enterprise. You can deploy one tiny piece of software on your Active Directory domain controller and it can protect your entire enterprise. This uses the exact same framework that Microsoft uses themselves. Most solutions don’t do it this way because it’s extremely hard to do.One specific thing our technology doesn’t do is require you to deploy agents to each PC in your enterprise. We have a server that sits between your physical control systems and your Windows Active Directory domain controllers. That PCPursuit software asks if a user badges in and if so, when and where. We report that back and based on what the enterprise administrator wants, we can log it, we can send an email to their manager or restrict access.  

What specific value does addressing that opportunity/problem provide for your customers?

Walker: PCPursuit enables enterprises to get considerably better security out of the assets they already own. We make the stuff they have better and we do it very inexpensively. It’s a massive improvement for a very low cost.  

Why aren’t current solutions addressing this problem effectively?

Walker: Because they are not thinking outside their own boxes. Physical security solutions only think about the physical side. Digital security only considers their own boxes. We took it up a level to look at both pieces.  However, there is another dimension to consider. The technology is really hard to build. The concept is simple, but the execution isn’t easy.  

What about your (team’s) background puts you in a unique position to succeed?

Walker: Both my co-founder and I worked at Microsoft. I was there as a full-time employee for 13 years. My co-founder has worked at Microsoft for many years as a consultant. So we both have very deep exposure to Microsoft technology and we know how to implement it in a way that very few people understand. It's not that no one else can do this. It's that few people understand as well as we do how Windows was designed. 

What makes this an exciting opportunity for you?

Walker: The thing that I think is most exciting about what we are doing is that we are one of those really rare solutions that can help make your enterprise tremendously more secure than it presently is and at a very low cost. By putting these two pieces of technology together, PCPursuit delivers two key benefits that address two intractable problems:

  • It discourages employees from tailgating into buildings. If you can’t get any work done because your login won’t authenticate, you won’t tailgate to get in. If we change the psychology in an office to "always badge in" instead of "avoid it," it changes behavior. Then not badging in becomes the anomaly.
  • We also make physical presence another factor for authentication. Passwords aren’t secure. Even if you have to change them every several weeks. People forget them. They write them down so they don’t forget them making them easier to steal. With PCPursuit, if you didn’t badge in, you can’t get access. If your password got phished, that hacker in Russia won’t be physically in your building and can’t get access from inside your enterprise network. If someone found your password, they can’t use it. And we can do it for one-tenth of the cost of other tools in the market. You don’t have to buy tokens or other tools, just install our software on a single server and connect it to Active Directory and your enterprise is immediately more secure.

PCPursuit represents the first example of a simple approach to pairing physical security with digital security. It will have the biggest impact on securing the enterprise since automatic Windows updates. This is the kind of stuff that actually works. Stuff that’s really simple. You just make a little tweak and people don’t have to change the way they work, but it still makes a big difference. It turns out that the technology is hard, but the implementation is simple and effective.  

What one aspect of the Mach37 programs did you personally find most beneficial?

Mach37 is really well-connected and is the only accelerator focused solely on information security. Their specialization in information security means everything they do is geared to this field and that is very valuable. In addition, they understand selling to the enterprise. There is a big emphasis in the program on selling and that is not a natural skill for engineers which is the background of most of the founders.