Israel Duanis, the CEO and co-founder of Linx Security, discusses the complexities of identity in the cybersecurity industry. Identity is becoming the new perimeter due to the shift to the cloud, SaaS applications, and zero trust. The company aims to provide a platform that combines security, governance, and productivity for its customers. With a team of experienced professionals and a cloud-native approach, Linx Security is positioned to address these challenges. The company raised $33 million and values important principles like caring and curiosity. Building a strong culture is essential for success in the industry. The discussion ends with well wishes for the company's future.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
theCUBE + NYSE Wired: Worldwide. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For theCUBE + NYSE Wired: Worldwide
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for theCUBE + NYSE Wired: Worldwide.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
theCUBE + NYSE Wired: Worldwide. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to theCUBE + NYSE Wired: Worldwide
Please sign in with LinkedIn to continue to theCUBE + NYSE Wired: Worldwide. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Israel Duanis, Linx Security
Israel Duanis, the CEO and co-founder of Linx Security, discusses the complexities of identity in the cybersecurity industry. Identity is becoming the new perimeter due to the shift to the cloud, SaaS applications, and zero trust. The company aims to provide a platform that combines security, governance, and productivity for its customers. With a team of experienced professionals and a cloud-native approach, Linx Security is positioned to address these challenges. The company raised $33 million and values important principles like caring and curiosity. Building a strong culture is essential for success in the industry. The discussion ends with well wishes for the company's future.
Israel Duanis, the CEO and co-founder of Linx Security, discusses the complexities of identity in the cybersecurity industry. Identity is becoming the new perimeter due to the shift to the cloud, SaaS applications, and zero trust. The company aims to provide a platform that combines security, governance, and productivity for its customers. With a team of experienced professionals and a cloud-native approach, Linx Security is positioned to address these challenges. The company raised $33 million and values important principles like caring and curiosity. Buildi...Read more
exploreKeep Exploring
What was the reason behind starting Linx Security?add
Why was Linx founded and what was the inspiration behind it?add
What is the philosophy and framework being discussed in the text?add
What are some key considerations when looking at the differences between traditional incumbents and newer cloud-based companies in the SaaS and cloud security industry?add
What are the reasons for the change in how Identity Governance and Administration (IGA) companies charged their customers in the past compared to now?add
>> Hi, there. Welcome back to New York City. We're high above the New York Stock Exchange. My name is Dave Vellante. And John Furrier is also here. This is our Media Week, the cyber plus AI innovators with NYSE Wired in theCUBE communities. Israel Duanis is here. He's the CEO and co-founder of Linx Security, an identity specialist. We're going to dig into one of the most challenging aspects of the security business. Israel, thanks for coming in.
Israel Duanis
>> Thank you so much for having me in this amazing place.
Dave Vellante
>> You bet. And welcome to the East Coast. My friend, you're now one of us. And bundle up.
Israel Duanis
>> Well, let me go through the minus degrees and then I'll be one of you guys. But just moved here four months ago and super excited to be here on the East Coast.
Dave Vellante
>> Yeah. Well, you guys come from a tough soul, so you'll be good. No problem. So great to have you. I've said a number of times, as have others, that the cyber business has an identity crisis. And then this is the... You chose to start a company that's going right after that problem. Why did you and your co-founders start Linx Security?
Israel Duanis
>> That's a great point and question. Niv and myself, we know each other for more than 25 years. So we met each other in the Army, a special program called Talpiot, some of the founders of Wiz and Sierra. And we got the privilege to work for our country on more of the offensive side. And identity was always the point in which most of the attacks were. We continued to our vendor side. I was a checkpoint security, managing IPS, access management cloud. Niv continued to Microsoft. Then he was to be product in Transmit Security. And always when we met, we spoke about so many things, but also about the fact that this is something that is not solved. And then I had my company in the automotive space, sold it, and then we started seeing more and more attacks coming from the identity space and the industry all of a sudden acknowledging it's not only a governance issue but also a security issue. So I called Niv. I said, "I think it's time." And he was in a great position in Transmit. He loved the company. But we thought the time is now to build a real platform that will help the industry to be more secure and governed. And that is how Linx was founded.
Dave Vellante
>> Why is identity so difficult? And can you lay out the landscape? We know, I mean, Microsoft is ubiquitous and they've got their approach. You've got some other players like Okta who are specialists and some others in that space. So there's some obviously big companies, some very well-funded companies, some public companies, all participating in this, but it just seems to be like an unsolved mystery. Why is that? And lay out the landscape for us. Help us understand that.
Israel Duanis
>> It's a great question. And what even stretches that more than that is think about how easy the question is about identity. Who should have access to what? And how do you control it? "I'm now a bank. I have 250,000 employees. And I don't want John to go and access my Snowflake." Easy, right? But when you go under the hood and you see what exactly that means, and think about all the things we've been seeing in the recent years. I remember 2010, identity is the new perimeter. We grew on that in the past 15 years, but I think now it's really coming to become true for a number of reasons. First of all, moving to the cloud, cloud, SaaS applications. Every applications or cloud asset will have a different permission set. So try to go deeper into AWS or Snowflake or Salesforce or GitHub, you will see it's very difficult and there's a proliferation of permission sets. That is one. Secondly, the way we work. Work from home, contractors, third-party employees, all of a sudden the perimeter as we knew it just dissolved. So identity is becoming now the new perimeter. On top of that, zero trust. We're now moving to a place and we cannot trust anyone unless we can make sure they can access our assets. So a lot of moving parts just came together now and I think we're lucky to be in a place in which we can really solve what I think to be today the biggest problem that we have in the industry. Now why is it complex? Because identity is a special creature. Think about endpoint. Think about cloud. Not a lot of places within the industry interact with your day-to-day as an employee. So our goal is not only to be very secure, to make sure you're as a company are governed, but in the same time make sure that your employees are not affected. We want to enhance productivity in the same time of doing security. So I think identity is some sort of a unique creature, and I love it. So I'm happy to be in this .
Dave Vellante
>> You love hard problems. So there's a lot to unpack here. So there's a lack of standards. I go into AWS, it's got great security, but it's different than Google. It's different from Microsoft. It's different from my on-prem. So there's a lot of diversity that I have to deal with. And then identity is the new perimeter. That's an interesting narrative. And it's true. It's really become true. Do you think that organizations, I don't know, out of habit, out of technical debt, have over-invested in the perimeter, hardening the perimeter, with maybe somewhat diminishing returns whereas they weren't maybe proactive enough in really trying to get ahead of identity? Or is that an unfair... It's not a criticism. It's just unfair observation? Or is that actually what's part of what's going on?
Israel Duanis
>> Look, we are working with a lot of practitioners in this industry and I think we're lucky enough to see that a lot of head of IMs, CISOs, CIOs are great in what they're doing and they need to battle today's battles and also think what's going to be in the year to come. Now if I'm in 2015 or 2016, there were a lot of attacks coming through your gateway and you had to put efforts in your firewall. You're dealing with your moving to the cloud and data. And in our industry it seems like you have a tech shift every 10 or 15 years and then old problems become all of a sudden new ones. When I sat here and told you, "Who should have access to what? And how do you control it?" you said, "Israel, come on. I mean, what is this? 1985?" And I think now we've seen all these shifts and the attacks combined and the governance just going in that. So I think the time is now. So I don't think as an industry we're lacking. I just think that now is a time to take action for all of us in the industry just to be very prepared.
Dave Vellante
>> I think that's fair. It's not like the CISOs were asleep at the wheel at all. They all of a sudden... They got the cloud shoved on them. That became a new first line of defense. "Oh, is shared security response or shared responsibility model? Oh, what does that mean? And what does that mean from my multi-cloud or my SaaS?" And so that opened holes in the perimeter, which they had to close. So it's not like they over-rotated on the perimeter or had to deal with technical data. They had no choice. And they don't have unlimited budgets. And that actually made identity harder. Why does zero trust make... What's the complexity with zero trust? Is it operationalizing it? Is there something else there? Why is it make identity even harder?
Israel Duanis
>> Because... I mean, it's more of a concept. I mean, am I supposed to trust you at the get-go? And I mean, again, it's an easy concept, but when you try and say, "How am I even able to say I don't trust you? And then what will be the trigger that will push me to trust you?" So that puts a lot of gathering, a lot of data points from the organization and putting context on top of that, and only then making sure we can grant access to whoever needs. And think about... We've been hearing a lot about democratization of assets within the company. What does it mean? It means you need to go and start just breaking walls within your organization to push productivity. So as you break more and more walls, you will see that what is left is just making sure that you should have access only to what you're supposed to have, not less and not more. And that is why I think that our industry is moving. We had the cloud disruption. We had the data disruption with VSPM. Now is the time after these are unpacked to go on to the next step for identity.
Dave Vellante
>> So you got to know your employee. You got to know your customer. You have to know your device. And the device diversity is incredible. And you said something earlier. You basically... Identity should be an enabler, not a blocker, but by its very nature, it could be a blocker. How do you deal with that dissonance, making it both an enabler... Well, how do you make it an enabler and not handcuffing the employees or the devices or the workflow?
Israel Duanis
>> That's a very good point, and when we sat and thought what the product would look like. So it's easy to say just go and secure the identities, but at the end of the day, we're providing value for so many focal points within the company. There'll be the CISO, head of IM, developers, sometimes the business owners. So we need to show much more than only governance and security. And to your point, think about the productivity you get from automation of workflows and identity. So we had one of our customers at the beginning, they were in the mortgage industry and they had a very high turnover. And they said, "Look. Linx, you are dealing with our joiners, movers, leavers. We have a ton of leavers and we just are giving 20% of our time making sure you don't have a person that left the company and has a local account, that he can still access my Salesforce after he left." So we said, "Wait. 20% of your time? We can work on that and make it automated." One day later, they got a script that was able now to free their team to deal with other areas. That is one example. Think about governance. Most of us or all of the listed companies sitting here in the Stock Exchange, we need to go through audits. We need to go through SOX compliance, for example. That means that every now, every quarter or every however your frequency will be, you to go and review all of your access. These are things that can be automated. So even it's not only about freeing the team. It's about giving them much more confidence they won't go through any errors due to manual work. And when we free that and we make sure governance is there in a snap of a finger, they can now go after the bigger stuff. So your point is amazing because we should not only focus on security and governance, but also do the productivity part. And that is the trio we're pushing with our platform.
Dave Vellante
>> So your philosophy and your framework as to how you're thinking about this is to me very cogent. My question is why you? Why now? What's different from all the other well-funded companies that are out there? Do you have some novel secret technical sauce and... Explain.
Israel Duanis
>> The why now is fundamental in having this company. I think a few things happened. As mentioned before, our industry goes into cycles and then you need to think to yourself, you're going to solve an existing question. Why is now the time? So first of all, we've been seeing an acknowledgement of our industry that identity is not only a governance play, it's a governance and security play. And see the incumbents. You had so many identity governance administration companies just coming on the active reviews or governance. And then you had a shift in the market. You had the ITDR companies going security only. And that also did not work. So now in the industry, in the markets, these identity's not only governance or security, but the combination. That is a perfect change of mindset. Now we are a team of... 80% of us are 8200 graduates. Another percentage just overlap will be in Microsoft, Checkpoint, CrowdStrike, these companies. So we bring both the conservative and also the security professionals. And we can provide an offering which combines governance and security. That is one. Second, when you look at the incumbents, companies that were founded 2005 or a decade after, at the beginning of our discussion, we spoke about the pace of SaaS and cloud. You could just not map the pace if you've built your platform on-prem. Cloud IGA is something different, and that is what we're doing. And it goes so deep into the way we work. Think about the... We're working our platform on a graph database, which is fundamental in how you can create insights or connected nodes versus things have been built 20 years ago. So we have a market shift in the mindset of what identity is. You have tech stacks that changed. And you have moving to the cloud and SaaS, which just requires a different approach when it comes to cloud IGA. I'll give you another example on why that changed. Think about how the 2005 or 2000 and more IGA companies charged their customers. They'll bring their third-party. They will come to you as a company and they will tell, "You know what? Let's take six months. We'll start integrating our platform with our connectors and we will have the knowledge." We say, "No. Identity needs to be a different thing. We want you to have the power as our partner, as a customer." So first of all, we don't have professional services. You get that as a SaaS. You see value and deployment within one day. So it's also a why now of market maturity, of looking for a different approach. And I think this needs to be more fair. We need to create value, bring the information and knowledge to our customers and not hold it back within our company.
Dave Vellante
>> It's very interesting what you're saying. So if I think back, if you started a company in let's say 2008, 2009, you definitely weren't cloud native. You were on-prem. And then by the middle of last decade you had to rewrite everything. What you probably did is you took your stack and shoved it into the cloud and put a Kubernetes wrapper around it. Okay. That didn't... And then you had to rewrite to be cloud native. And then eventually maybe you get there, but that slowed you down. And somebody who started a company let's say in 2016 or 17, they started cloud native. You started cloud native. I would argue with the graph DB, you're AI native. So you got the best of both worlds there. Had you started a little bit... When did you founded the company?
Israel Duanis
>> Beginning of 2023.
Dave Vellante
>> Yeah. So if you started pre-COVID, you would've had to rethink your stack. So you're lucky in that regard. But I want to ask you. So we were just talking about employees and customers and devices. Agents are going to blow this thing sky-high. It's going to be know your agent as well. What are your thoughts on that? There's a lot of agent washing right now, but there's going to be a lot of insecure agents deployed. How are you thinking about that and the team thinking about that?
Israel Duanis
>> It's a very good point. And I'm happy you mentioned luck because I did not mention luck. So the fourth reason for why I think time is now is because we're lucky. Like you said, if we were to start this five years ago, four years ago, three, we just might have missed the window. Agents is a very good topic that's the whole part of the non-human identities, the 10X on our regular employees. And we as a company need to provide our customers the platform, which means we'll cover all of your identities. It doesn't matter if they're human or non-human. And that also brings to the table new kind of discussions. When we go into a partner, a customer, and we say, "We'll go and manage your life cycle management of employees, joining, moving, leaving," they're saying, "Perfect. We know that." When I'm going to talk about life cycle management of non-human, what does that mean? So I think it's a fascinating part that we need to cover both as the industry moves and new governance will go there. And so many attacks are coming through that part. So that is for sure something that is taken care of today and will just continue to evolve as we see more and more threats in this market.
Dave Vellante
>> So 2023 , I think I remember reading on SiliconANGLE, you came out of stealth earlier this year. I think Maria Deutscher wrote about that. And then I also remember reading about another raise. How much money have you raised to date?
Israel Duanis
>> We've raised $33 million.
Dave Vellante
>> Yeah. Okay.
Israel Duanis
>> We feel fortunate to partner with the best VCs in the world, Index , RA, Cyberstarts did our seed. And we're lucky to have a family with the Wiz founders and Island founders. And we've just joined Adam Aarons, who used to be the CRO of Okta, to our board.
Dave Vellante
>> Oh, nice.
Israel Duanis
>> So when you're building a company to be a platform to your customers, you need to have the right group of people, so...
Dave Vellante
>> What was the fundraising climate like? I mean, I actually think it's a great time to start a company after... When the tech bubble burst in '22, valuations got reset. I actually love that timeframe to found a company because I think it's much easier to get aligned with objectives with investors. But what was the fundraising like? Anything you can share with the audience? Any inside baseball you can share with-
Israel Duanis
>> It's always fun, of course.
Dave Vellante
>> What that was like? Yeah. Okay. So you got to kiss a lot of frogs?
Israel Duanis
>> Exactly. I think we were fortunate because in our stage, you need to have the right team.
Dave Vellante
>> And you had done it before, so...
Israel Duanis
>> And I did it before, but it's always different. Have the right team. Have the right market. And have the right partners around you. And funding will happen. And when sometimes candidates come and we talk and what will be the future of the company, and I think 10% of the interview's, "Well, will you IPO?" And I think for us as a company, we can only control what we're doing now and that is to provide maximum value to our customers, to make sure we have the strongest tech, and by the way, to make sure the foundations are for a company to be very big. I'll give you an example. After a week that Niv and myself met, we decided to go and write down our values. Why? Because we thought, "This is not going to be a company for one year. It's going to be a decade. And if we don't found our foundations now, it'll be difficult once it becomes hard." And it will become hard every now and then, that is a roller coaster, to get the right decision. So we're focused on getting the right decisions now. Funding will happen. It's important to have money in order to go and scale your company to be the platform play for authorization, but on the day-to-day, we're focusing just on making our customers happy.
Dave Vellante
>> I love the culture discussion. Sometimes people poo-poo culture, but it's vital. We had Andy Jassy on last week at re:Invent and the master of leadership principles. Talk about taking them seriously. How would you describe... Well, let me ask you a question. So you wrote down your values. How many did you write down? Was it 10? Five?
Israel Duanis
>> There were nine.
Dave Vellante
>> Nine of them?
Israel Duanis
>> Yeah.
Dave Vellante
>> Nine of them? How did you come up with them? You collaborate with your co-founders? What was the process you used to come up with those value-based principles?
Israel Duanis
>> We sat in the room and we said, "We're now taking from morning until the evening and we're going to go out of this room after we have our values." We didn't say we need to have nine. And that was a list of more than nine. We start with 20. And our test was to see and to take edge cases and to see when you're in the edge case, will you choose according to this value? And if it's agnostic to your edge cases, it's not a value because a value needs to be one that you will go to and make sure you can get a decision according to that when it's tough. A value needs to be a one that you will measure your employees on, but you'll also be measured by your employees and by your customers. When our ninth value is we care, when I say we care, that means that if there was a war back home, and there was a year ago, I drove to all of my employees bases just to meet them. And not because the value it's written. Just because that is who we are as people. And building a company is tough and people take a risk when they join a company. They can go into so many other places. And building a family. I mean, we're born into a family, but we're trying to create a family. So if you don't have these right values, that's tough. And we also... I'm still in all the interviews of our employees in the company and then you say, "How do you interview about a value?"
So I'll give you an example. Being curious is important for us to be innovative. So one of our questions, okay, hint to whoever I'll be interviewing into our company who might change it is, "Let me know of one thing you've taught yourself out of work, not work-related, in the past three months." A, it's a nice discussion, but then you can also see what is the person doing outside of work. Now we all work very hard, but you're trying to see that ways to find the culture fit. And I wish we can just... Also, we'll become hundreds of employees. We'll keep this amazing culture. That is super important for me as a CEO and to Niv and myself as founders.
Dave Vellante
>> Super important. And it's a hard exercise to go through because these aren't ephemeral. They have to stand the test of time. You have to really believe it. So I'm always intrigued by that discussion, Israel. Thanks so much for coming in to our studio here at the NYSE.
Israel Duanis
>> Thank you so much for having me. Amazing.
Dave Vellante
>> I look forward to having you back in the next several years. And who knows? Maybe someday. It seems like there's definitely coming out of Startup Nation a... They're much more receptive to IPO as opposed to quicker exits. We're seeing that now with guys like Wiz maybe turning down all that money from Google. I loved that. That was just so ballsy.
Israel Duanis
>> That was.
Dave Vellante
>> We have Peter McKay coming on later on from Snyk and we know him well. And so congratulations on getting another company off the ground. And look forward to tracking your future.
Israel Duanis
>> Thank you so much for having me.
Dave Vellante
>> Right. You bet. All right. Keep it right there. This is Dave Vellante for John Furrier. Media Week for cyber and AI innovators with NYSE Wired community and theCUBE. We'll be right back right after this short break.
Dave Vellante
