Image for post
Image for post
The Utmost Team

Every company today is an evolving network of work and talent that goes far beyond their own employees — they have an extended workforce of contractors, vendors, staffing firms, freelancers and more. People are a company’s greatest asset, and increasingly so in the era of the knowledge economy. But with legacy software, companies can’t track, communicate with, or pay 20–40% of the people they work with in an increasingly complex and flexible set of relationships, much less manage, measure and empower them. It’s painful, expensive and a manual struggle for companies, and a terrible experience for the workforce.

It was an esteemed, longtime HR executive at a large manufacturer that first explained this problem to me. …


Image for post
Image for post
Pierre Betouin and JB Aviat, Co-Founders of Sqreen

Every company is increasingly a software company, but every company — large and small — struggles to secure their software. The dominant industry narrative has been that the application security problem “can’t be solved with technology.” Sqreen, who today announces the industry’s first Application Security Management (“ASM”) platform, is breaking that narrative. Started by the founder and longtime leader of the offensive security “Red Team” at Apple, Sqreen is creating a game-changing new way for security, operations and application developers to succeed in building and running secure applications together, without code changes, reduced engineering velocity, or added operational burden. Sqreen enables security visibility and protection to be built into every app. …


Image for post
Image for post

Sarah Guo and Alana Anderson

The Security Ecosystem Is Evolving

Less than a decade ago, many organizations operated on the assumption that everything inside of the corporate network was secure. We now know that to be false. The boundaries of “our networks” have become hard to define and track, and even harder to control and defend. Mobile has become the norm. Every business increasingly relies on vulnerable and constantly morphing applications. Workloads are amidst a multi-decade move to hybrid cloud. The attack surface enterprises now face is distributed beyond the reach of traditional controls. In order to keep up with the sea change in their environment, defenders now seek new perimeters and visibility points. This drives a shift to more dynamic and distributed security approaches that make sense in the modern world.

Defenders must also constantly innovate in response to — or preferably, in anticipation of — changing attacks. The pace, volume, and sophistication of attacks that enterprises and governments face are inexorably expanding. Adversaries are motivated by activism, ever-growing profits, a more organized ecosystem, and nation-state objectives. In 2017 and 2018, we saw business fraud, ransomware and information operations rear their heads at new scale. From personal information on executives that can be used to execute a social engineering campaign to tailored zero-days, attacker tools fare cheaply and are readily available in a burgeoning cybercrime economy. …


Image for post
Image for post
The Demisto Team

Modern Security is Operations

Breach after breach, we hear about organizations failing in their defense against the bad guys. If you hunt down the cause — in the vast majority of those cases, the attacker didn’t compromise the company by designing an exotic new piece of malware. The root of the attack usually exploits human error by defender organizations, finding the one misstep out of the thousands of actions and successful containments by overworked security teams.

Security people know this. CISOs are focused on people issues — hiring, retention and upskilling — and operational issues — efficiency, quality and visibility. Their resource-constrained security teams are forced to manage a large and growing set of security products across heterogeneous and fast-evolving environments. Security teams need a strategy and tools to improve the way they operate, just to keep up.

Today, Demisto — the leading security operations platform — announced their partnership with Greylock as well as the general availability of their 4.0 offering, which extends their product leadership and expands their scope of use cases. I am excited to lead Demisto’s $43M Series C financing and to join Accel and ClearSky on the board.

Demisto is a very different kind of security company, with a very big idea. The founders — Slavik Markovich, Rishi Bhargava, Dan Sarel and Guy Rinat, are proven technical innovators and industry veterans from Check Point, McAfee, and prior startups. They didn’t want to build yet another point solution — they realized what security really needs is a way to be consistently successful despite all the complexity.

In partnership with their customers and community, they took a clean-sheet approach. What they came up with in response to this challenge was an entirely new category of product, which combines three key pillars: a rich integration platform, a powerful yet usable workflow and automation engine, and a collaborative workbench — a cousin of Slack and a super-powered command line. Security people love to use Demisto every day to get their work done. Unlike other existing and new security products that need to be managed, Demisto reduces burden, while making security organizations faster, measurably more effective, and more confident.

The company is off to a fast start, with strong demand from channel partners and customers. They have the largest community of security users in the industry, and a growing base of advocates — from the individual users of their free Community Edition to an increasing number of Fortune 500 customers. Just a few years after the company’s founding, customers and industry analysts are recognizing the importance of this new category “Security Automation, Orchestration and Response,” as well as Demisto’s leadership.

I had tracked the company’s differentiated story and outsize market presence momentum since their launch. Over a series of long meetings at Demisto’s offices in Cupertino (and then dinners at the security industry event Black Hat), I was struck by the team’s customer orientation, depth of industry knowledge, commitment to constant innovation, and long-term ambition to build a durable company and have an impact on the industry.

Greylock is no stranger to the security markets, having invested in several category-defining companies in security, including Imperva, Okta, OpenDNS, Palo Alto Networks and Skyhigh. Demisto also joins a distinguished list of other enterprise companies at Greylock including AppDynamics, Cloudera, Docker, Pure Storage, Red Hat, Rubrik, ServiceNow, SuccessFactors and Workday. We look forward to partnering with Slavik, the entire Demisto team, Accel and ClearSky to help continue to define a new product category, and build a franchise company in security. …


Image for post
Image for post

Navigating the Quest for Successful Innovation

Greylock devotes significant operational resources to our CXO Program, which invites C-level leaders at large enterprises to discuss tech trends with our investing team, and brokers meetings with relevant companies in our portfolio. This program was developed in response to a wave of inbound interest from large organizations who wanted to harness emerging technology, and buy from more innovative vendors. Through this program, we’ve had the privilege to meet with hundreds of C-suite executives and customers across industries.

Why are large enterprises so interested in startup tech? It’s a matter of survival. Every company is undergoing a digital transformation. Farsighted executives see the pace of change in business accelerating. These executives know that the companies who more rapidly adopt advancing technology will run their companies better, faster, cheaper, smarter. Technology is a weapon used to defend against competitive threats, and achieve and preserve market dominance.

Similarly, for an enterprise technology startup to survive and thrive, they must understand how to effectively work with large companies. Within large enterprises are most of the employees, data, workflows, industry and institutional knowledge, assets, customer relationships, intellectual property, and budgets in the world.

Still, we have found even enterprise-focused startups and self-selected “early adopter” customers often struggle to work together. Very few technology leaders are saying, “I don’t want to innovate.” And few startups are saying, “I don’t want to help the biggest companies.” But the obstacles to innovation are real, and failure to overcome them leads to an inexorable slide into irrelevance for big companies, and a rapid death for early enterprise startups.

In an effort to crystallize some patterns of collaboration — both the missteps and successes — we conducted dozens of in-depth interviews with C-suite technology leaders from Fortune 500 companies, our CXO Program, and startup founders and CEOs from the Greylock network. We drew a map to guide the way through of some common challenges that startups and their customers have to navigate together.

Here, I’ll go through the presentation from our enterprise company summit that covered some key findings. …


Image for post
Image for post
Greylock’s Sarah Guo with Cleo Founders Shannon Spanhake and Dr. Chitra Akileswaran

Becoming a parent is both one of the steepest learning curves and wobbliest balancing acts that most of us encounter. In the past few decades, parents have been left to face that challenge with heavier career responsibilities and less support structure. Dual-income (and single-working parent) households are on the rise, mothers are the fastest growing part of the workforce, and the US remains the only developed nation without paid family leave. To make matters even more difficult, the traditional “village” of experienced community and extended family that once helped to raise a child is increasingly out of reach, as people migrate to the best work opportunities. They’re alone on an island in the storm.

Expecting and new parents hunt for support online — Google, forums — but the answers are impersonal, hard to trust, and can only do so much. A lucky and resourceful few seek professional help — from pediatricians, OB-GYNs, nurses, lactation consultants, doulas, sleep coaches, career coaches and childcare professionals — but most people cannot find, vet, afford, and use these resources when they need them. Our phones are now a remote for the real world, delivering rides, food, and rich information from many fields at the last second. …


Image for post
Image for post

Five Steps to Diligence Your B2B Startup Idea

It’s a classic question; one that plagues every serious B2B startup at inception and for months — and sometimes years — thereafter…

Is this a business? Do my customers think this is a good idea?

How do you, as an enterprise tech founder, get visibility into whether or not customers are interested in your product before you build it? There are ways to effectively do this kind of market research with B2B customers — like an enterprise CIO, a CISO, a people ops, sales or marketing leader — especially larger enterprises.

This is not a primer on broad product management. Rather, it’s a specific process to get to a yes/no answer for “is this a good idea?” and “How should I scope version 1.0, version 1.5, version 2.0?” for early-stage, B2B products that are sold (vs. organically adopted, freemium or OSS tools). …


Tech startups need capital and community to grow, and although women are founding more and more startups, a significant part of the issue for female founders is the uneven playing field in fundraising and technology networks. I’m excited to be a part of Female Founder Office Hours, taking action to help change this for the better.

Growth-stage female founders: We’re excited to meet you and do our best to help you build businesses that put dents in the universe. We know women can build enduring and meaningful technology companies — and we are eager to back them.

We hope you can join us on April 12th, 2018.


Image for post
Image for post

Founders will often ask me, “Do you want to go through our deck?”

It’s not about the slide deck. We have made the decision to invest in entrepreneurs without slides, whose ambition, passion, depth of understanding of a opportunity and compelling vision come through crystal-clear in conversation.

But…that’s a high bar for communication. Most of the time, putting a business plan on paper helps you structure a conversation and spread knowledge without having the same conversation repeatedly. Most importantly, it clarifies your own thinking as a leader, and is a great way to get your team on the same page — with a singular vision for your company and a shared plan for execution. …


Image for post
Image for post
Your new robot overlords come in discount packs of six

Part 3 in a series on the Conversational Economy

“Hey Siri, predict the future of audio interfaces.” If she were smarter, she’d respond that 2017 will be the tipping point — the year we fell headfirst into our always-on, audio-enabled, ambient computing future.

Ambient computing — in the broadest sense — is the promise of computing that is not limited to the 200 times a day you open your phone. It is the promise of ongoing, multi-modal, computing-enhanced interaction with the real world. Increasingly-intelligent listening devices in your home or your ears are a step toward that. Voice is the gateway to ambient computing, and the voice space is incredibly exciting right now. CES feels like the right time to capture a snapshot of the landscape. …

About

Sarah Guo

Partner @greylockVC: @awakesecurity, @obsidiansec, @coda_hq, @hi_cleo, @demistoinc, more. works w/ crazies who believe the future has just started ☁📱🤖

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store