Security Experts:

Security Startups: Interview With Seculert CEO and Co-founder Dudi Matot

Security Startups Feature on Seculert

Company: Seculert |  Who: Dudi Matot, CEO and Co-founder

SecurityWeek: How did you start out in the computer field and in particular, security?

Dudi: I joined Checkpoint in 1997 and I spent there the next 11 years. I saw the company grow from a relatively mid-size company to a large one. Being in the industry for so long allowed me to witness how the security market shifted in the past decade, to consider new approaches, and in general take on a different approach than that of Checkpoint by considering security aspects outside of the perimeter.

SecurityWeek: What brought you to found Seculert?

Dudi: First, it was ambition, consider it putting to practice the saying “Follow your Dreams”.

Photo of Dudi Matot, CEO and Co-founder of Seculert
 Dudi Matot, CEO and Co-founder of Seculert

Second, we saw an opportunity in the security market. Looking back, I believed that securing the perimeter on its own was no longer a valid realistic argument, and that we need to protect our data. This led me to start looking at data at rest solutions, and I moved from Checkpoint to SANDesk. At the end of 2009 Aviv Raff, Seculert’s CTO, approached me with a malware sample that that can easily bypass all the traditional security solutions - nobody was able detect this malware and all data was capable of flowing out.

I realized the technology and business opportunity and started the company.

SecurityWeek: What does Seculert do?

Dudi: Seculert plays in the advanced threat protection market. At Seculert, we built a Cloud platform which consists of 4 core modules:

Botnet interception. We look into botnets we are aware of in advance, infect ourselves purposefully to become part of the botnet, and then intercept malicious traffic from the infected device to the C&C servers.

Sandbox technology. We call it the elastic sandbox which also operates in the Cloud. It allows us to look at all the malware that morphs; we look at what it communicates and the payload.

Log analysis. This allows our customers to upload outbound HTTP/ HTTPS logs generated by firewalls and proxies. We then take our malware expertise - which we were able to automate and build that knowledge into the Sandbox, allowing the logs to be analyzed in an infinite Cloud environment.

API - Customers have invested millions of dollars in security solutions in the past decade so we provide them with an API to integrate our Cloud with their existing security processes.

At the end of the day, the customer receives a very detailed actionable report in a very timely fashion whereas the alternative is to rely on existing tools or bring in an expensive professional team once in a while. All this is possible since we’re Cloud-based and are capable of automating our expertise.

SecurityWeek: How did you get your idea off the ground?

Dudi: Aviv and I are actually relatives so it all started on a Friday evening, sitting on the balcony of my mother in law. Aviv then told me about the idea so we started looking into the market and in parallel, building a PoC. We teamed up with Alex, Seculert’s third co-founder who worked in the past at Finjan with Aviv. We then started talking to potential customers and hear their opinion to see if they’d be interested in such a solution. In mid-2010 we started looking for investors. At that time security wasn’t as sexy as it is today and neither was delivering to enterprise so raising money wasn’t easy. But we were able to receive initial funding from YL Ventures and that allowed us to officially register the company in mid-2010.

SecurityWeek: What are your markets?

Dudi: Fortune 5000 enterprises. We focus on all verticals such as finance, energy and healthcare, with a lesser focus on government and education.

SecurityWeek: At what stage is Seculert now?

Dudi: Our last funding round was completed last summer. We are currently backed by Norwest Venture Partners - the same VCs that backed FireEye, and Sequoia Capital.

We have 35 employees. 25 employees are based in Israel working on the R&D and the rest are mainly in Silicon Valley, focusing on the sales and marketing activities.

SecurityWeek: What's your business model?

Dudi: It’s all subscription-based per the company size, where company size is number of employees.

SecurityWeek: Who are your biggest competitors?

Dudi: Obviously this whole market of advanced threats. It’s a boiling market. There are tons of companies, from the traditional vendors up to small startups, that are trying to solve the issue, or part of the issue, with a different kind of offering.

Even though we complement with security analytics platforms such as Splunk and other traditional SIEM systems, we also compete to a certain extent on the budget.

Our key differentiator is the data we provide – it’s fast, accurate, and anything we provide is purely malicious by definition. We’re also the only ones using the Cloud and leveraging it to provide more value to our customers.

SecurityWeek: Where do you think the field is going on from here?

Dudi: Amazingly, in the past 18 months security has been moving very fast. Since 2010 we’re seeing that it is moving towards a data approach rather than a signature/ policy or a defense in depth strategy. This has already occurred in other IT arenas, but we’re seeing it now with security. It’s the ability to look at data over time, with the experts, to figure out what is occurring and integrating this ability with the tools that are already in place.

We’re also seeing how point products are moving to a platform product. For a startup, building a platform is a challenge, but that’s the way I believe security is heading.

Additionally, because security is growing so fast, the mindset is changing. According to a recent Cisco report there are 1M security professionals missing. As reliance on a human being is going to be more expensive, automation is going to become critical. Organizations will reach that stage where they will be able to rely less on those people that digest alerts and inform them what are the follow up steps in case of an actual breach.

SecurityWeek: Is Seculert hiring? If so, what do you look for when you hire?

Dudi: Yes, we’re hiring. In the US we’re looking mainly for sales professionals.

In Israel we’re looking for developers, malware analysts and malware researchers.

In general, I look for those people that want to win. We hire people who want to innovate, are interested in working at a small company and are willing to work as a team.

SecurityWeek: As an entrepreneur, any tips for others starting out?

Dudi: Quite a few. First, it’s challenging, but fun. The reason is that it allows you to follow your dreams and make it come true. Second, you have to be very agile and adaptive to change. Third, but definitely not least – learn how listen. Listen to your customers, partners and investors and learn from what they’re saying.

SecurityWeek: Other than yours, what is your favorite startup – whether it is in security or not?

Dudi: I can’t call it a startup anymore but I have to say it’s Wix. Wix provides a platform for people to develop their own website. They took all these websites and made them into a template so that any mom and pop store could easily move their business to the Internet. It’s become a win-win platform for all the community as they took something tedious and made it to be something that anyone can do.

I like them for a few reasons. First, they built something that impacted lots of people. Second, they build a platform that allows them to grow in the software business. Third, the culture of the company – from what I observe as an outsider, they exhibit something very nice. Fourth, the fact that they took the company to an IPO which is very unusual in Israel.

Read More Security Startup Interviews Here

view counter
Noa is a private consultant specializing in building thought leadership teams within tech companies. She is one of SecurityWeek’s first columnists with previous columns focusing on trends in the threat landscape. Her current interest lie on the business-side of security. Noa has worked for Imperva as a Sr. Security Strategist and before that, as a Sr. Security Researcher. She holds a Masters in Computer Science (specializing in information security) from Tel-Aviv University.