We Launched Demisto!
Published: May 25, 2016
We are 4 friends. We left our cushy jobs at one of the world’s largest companies a few months ago and started Demisto because we love the excitement of creating new cutting edge products. We enjoy seeing a small idea become a great thing. Today we are launching the company and our first commercial product. While busy bringing Demisto to light and amid the craziness of polishing the website, putting finishing touches on the product’s first release, speaking with analysts and journalists, we spent a few moments looking back on the very busy months in which we prepared for this day.
Here are some of our favorite moments so far:
1st Aha moment: Zooming in on Security Operations and Incident Response
We are security products experts. We’ve been doing this for many years. We know lots of products and technologies. We made some of them… We asked ourselves — in this sea of cyber security products what’s missing? “Remember the breach at XXXX?” Slavik said. “Absolute chaos.” “Still going on” said Dan. “Still chaotic” added Rishi. “So many things are broken when responding to a breach” Guy said. “AHA!”
2nd moment: “I really feel bad about it but I mostly use a paper notebook when I respond to a breach”
We wanted to validate that enterprises really need the product we had in mind so we started calling security analysts and asking them about what they do daily. After 3 such calls we saw a clear pattern emerging. We are talking with people who are extremely knowledgeable and have ultra sophisticated technical skills. And yet most of the time they are doing menial and manual jobs. Of the dozens of analysts we interviewed most were apologetic about their answers and nobody answered the question “do you have the tools you need?” in the affirmative. When we presented our plans for a product that allows sec ops to automate most of what they do, automate playbooks, collaborate and manage incidents in a single place, the answer we usually received was “when the product is ready please let me have it.”
3rd moment: “Analysts are talking”
We were only a few weeks old and an analyst we met by chance told us that he has heard good things about us. This was really awesome! And the reason for this was that we try to give as much as we can to our community. Since collaboration is key to us — we believe that we can only defend ourselves if we unite our forces and become stronger than our adversaries (criminals and others who are attacking us daily at home and at work) — we took quite a few steps to get the analyst community talking with each other. We did several meetups in the Bay Area. We have almost 200 analysts in our meetup group (http://www.meetup.com/SF-Bay-Area-DFIR/). (More than 120 attendees so far have attended very interesting lectures from analysts at Slack, Google, Yelp, Mandiant and others). We created the DFIR Community Slack team (over 350 analyst strong) where analysts from all over the globe are sharing information. We also received lots of great feedback from analysts who have seen the playbooks that we’ve shared on our website. The “awesome-incident-response” tool list that we are curating on github is another contribution we’ve made and we’re proud of. And of course our first product — DBot — the first security bot for Slack is already used by more than 600 teams around the globe.
4th moment: other product companies are actually helping us!
We’ve been doing this kind of work for a long time. We ran startups, we were execs in large companies. Working with other vendors was always a challenge — in some cases it felt like an all-out war. At Demisto our success relies on being able to orchestrate lots of other products. Sometimes it is a thorny issue as some of the vendors we work have a feature or two that may overlap with something that we’re doing. So we did have a few odd moments but by and large other vendors have been absolutely awesome. A few surprised us by going out of their way to help us, not only sending their products to our lab and answering our (at times nagging) questions, but also volunteering their experience and contributing quotes and opinions to our launch. It really feels like our industry has matured a lot in the last few years.
5th moment — we’re a real company!
Only a few months ago it was the 4 of us with a dream, a week later it was us, a dream and a powerpoint. A couple of weeks later we had a prototype and we released dbot for Slack. And within a blink of an eye we were surrounded by an engineering team like we’ve never seen before, we have technology partners and other partners that are contributing knowledge and content to us, we have awesome investors who are working diligently to make us successful, we have a large community of analysts who give us lots of helpful feedback. This happened really fast and we are looking forward to the next stages that will make Demisto an even more awesome company to work with.
We are launching the company today with anticipation for many more awesome moments.
