Snir Havdala, Zafran Security

Clips
More from theCUBE + NYSE Wired: Zero Trust Cyber Series

Snir Havdala

Co-Founder & CPO

Zafran Security

play_circle_outline Motivation from hospital breach to founding company

play_circle_outline Differentiated approach in threat exposure management

play_circle_outline Leveraging AI for scale and value in security solutions

play_circle_outline Hiring, growth, and expansion plans for the company

Info
Transcript

Snir Havdala, Zafran Security

Snir Havdala

Co-Founder & CPO Zafran Security

John Furrier and Dave Vellante interview Snir Havdala, co-founder and chief product officer of Zafran, a company focusing on risk mitigation. Snir discusses the motivation behind Zafran, stemming from a hospital breach due to a known vulnerability. The company aims to change how organizations handle vulnerabilities, emphasizing the pressure companies are under in cybersecurity. Zafran offers a Threat Exposure Management platform leveraging AI to provide more value to customers. They are growing and looking to expand their offerings.

explore Keep Exploring

What incident led to the founding of the company by the individuals mentioned in the text? add

What specifically is the product or service being sold by the organization mentioned in the text? add

What advantages can organizations gain from leveraging AI in their integrations and knowledge base building processes? add

What impact has unit 8,200 had on your style and approach to running a startup? add

bolt Powered by CUBE AI

Snir Havdala, Zafran Security

>> Hello, welcome back to theCUBE everyone. We are here at the NYSE. I'm John Furrier, host of theCUBE with Dave Vellante, here for the next three days, wall-to-wall coverage on Wall Street and connecting our Palo Alto, Silicon Valley to Wall Street. This is theCUBE in the NYSE Wired community. Our next guest is Snir Havdala, co-founder and chief product officer of Zafran. They do a really interesting focus company on risk mitigation. We're going to dig it all in. Snir's got an impressive background from IDF, unit 8,200, the elite group. Great to see you. Thanks for coming on theCUBE.

Snir Havdala

>> Great to see you. Thank you for hosting me.

>> Nice background here. The crowd's starting to form. Definitely the bell will ring during this interview, so we're going to capture it.

Snir Havdala

>> We'll be ready for that.

>> We'll be ready for it. My favorite moment of the day, opening bell and closing bell. Always fun to have an interview going on with the closing bell. You've got a great background. You've got an impressive experience in intelligence at IDF, unity 200 mentioned, but also understand the cyber security landscape you've seen close up some of the action around what the bad guys are doing. There's no second place in cyber security, I would say. And you can't lose. You don't want to lose. You lose. It sucks. A lot of bad things happen. You go out of business, people are impacted. Just a lot of bad things go on. So obviously everyone knows that. So this is an interesting time. Let's get into the company. What was the motivation? What was the origination story? Take us through, how did you get from being a senior officer in the intelligence IDF group to here?

Snir Havdala

>> So actually our company story starts in a very unique incident where there was a hospital in Israel that was breached from exploitation of a known vulnerability. Imagine hospital will not be able to receive its patients. And that was because of bad guys were able to exploit one day a known vulnerability in the hospital infrastructure. And it's frustrating to see that because you see how organizations struggle with millions really of vulnerabilities that they have to find and patch and remediate and sometimes the attackers just need one to find an open door. And me and my co-founders, Sanaz and Ben were actually seeing that from the side and started and said, "Hey, we must do something about that and change the perspective of how organization deal with these issues." And here we are today, cyber security.

>> And so I like how you said they only have to get one. It puts so much emphasis on the pressure companies are under. Hospitals, again, critical care. You got critical infrastructure, national security and private companies. There is no army protecting he companies. They have to build their own militia with cyber security. They have to defend everything. They can't lose one, they got to win everything. The bad guys can lose a hundred times and win once. So that's how lopsided the game is. This is what we're striving towards. Just change the equation. Symmetry is just, I mean it's lopsided. This is a huge problem. What's your vision of how we get closer to balancing the scales here? They're tipped in one direction. How do we balance the scales?

Snir Havdala

>> So first, you're absolutely right. And by the way, this is just getting worse, because we're seeing many more, many more vulnerabilities, many more findings during the year, the years that come. And we see how the amount and the pace of attackers is even getting faster. Today it takes only a few days to exploit the vulnerability. A few years ago took almost a few weeks and this is because attackers are using AI, they're transferring exploits from one to each other. And that is something that defenders have to change again as well. And this is why our approach, we said we got to change the approach somehow, right? First you're going to consolidate. You must see everything in a single place because today you have fragmentation of tools. Like 15 years ago you had one vulnerability scatter. Today large organizations have like seven or eight with different parts of their infrastructure. So first bring everything into the same place so they can speak the same language and then be able to score them in a correct manner and understand what's really exploitable by understanding the context around these vulnerabilities. And I think Zafran having a very unique perspective of how to look at the context of vulnerabilities with task for what's interfacing and what's not, which is very critical for understanding what's and what's not. We see what's in runtime in a very, very unique way. And our secret sauce is looking at the compensated controls. We're the first company that actually looks for the organization defenses and we're able to see-

>> Like what?

Snir Havdala

>> Like firewalls, like WAPs.

>> The tools and platforms that they have.

Snir Havdala

>> Tools that they have, EDRs and all what you have placed and built and put to defend your organization. We take all that and give you a consolidated view. This is why we call ourselves third exposure management and basically find the open doors, find the one finding that is able to-

>> So you call risk exposure management.

Snir Havdala

>> Threat exposure management.

Snir Havdala

>> Yes. Correct.

>> Yip. You're vulnerable.

Snir Havdala

>> Yep.

>> That's the market you're going after. Is that a category or do you guys just create that category?

Snir Havdala

>> So I think it's quite interesting. I think what we're seeing in the market today is consolidation of different technologies into threat exposure management platforms. I think there's a lot of technologies that are into that category. I think there's vulnerability assessment, vulnerability, prioritization, ask management, external tech surface. But at the end of the day they want you to answer one simple question, am I exposed? What are my open doors and what can I do to mitigate them fast? So I think this is something we definitely look at and want to lead-

>> I got to say, not that I want to be too critical of the industry, but a lot of these preventative insight engines, they don't really provide a lot of insights in the sense of comprehensive insights. And a lot of them pre-machine learning and state-of-the-art machine learning and gen AI don't have actual next steps. I think one of the things that I see is, "Oh hey, you got a lot of problems."

Snir Havdala

>> Yep.

>> Like a consultant would come in, hey, and then time is critical.

Snir Havdala

>> It is.

>> So this is the key. So how do you see that resolving? Are you guys addressing that action, getting time to action?

Snir Havdala

>> I think obviously there is the metrics that have to do with type to remediate, stuff like that. But Zephyr and approach actually brings another tool into the organization toolbox, which we call mitigation. Basically imagine it takes some time to patch 8,000 assets that are vulnerable to some vulnerability. But hey, maybe if you could just do one change to one of your compensated controls and buy you time until you do the bed. I think this is, if we go back to the hospital story, if there's one config in a right place of a compensated control, I think things would have-

>> Explain compensated control because this is important. You're hitting the control points. Explain what that means and what specifically it is in an organization.

Snir Havdala

>> So there's a lot of types of compensated controls as we said before. It could be some firewall rule, it could be IPS, IDS rule, it could be configuration in your EDR, it could be some monitoring. Monitoring rule you put into your SIM. Could be some IOC monitoring you want to do. And I mean the umbrella is so wide. There's a lot of ways. I always say there's like 80 shades of mitigation. There's a lot of ways you can reduce risk with your existing security staff.

>> And how do you identify these points?

Snir Havdala

>> So I think this is our true secret sauce, right? The ability to correlate vulnerability and risk with your compensated control with a specific tool and a specific configuration that has to do with that risk. So we can actually take a configuration in Palo Alto and a vulnerability from Tenable and see the correlation between these two. And we connect the configuration, but we also connect the organization. We connect different parts within the organization because you see the vulnerability management team speaks to the control owners with the engineering team and it really creates-

>> You make the left-hand top of the right hand, right? That's what you do.

Snir Havdala

>> And when the right hand does an action that helps the left hand, then the organization see that and measures that and it affects SLAs, it affects-

>> It's a win. It's a win. Put a win on the board. All right, let's get into the business model. What do you guys do? So you're selling a tool platform. What specifically is the product, service and value proposition and who buys it?

Snir Havdala

>> Right. So basically obviously we're SaaS platform. Our deployment is very simple. Integrating with existing security stack. We sell to organizations that have the problem of a lot of vulnerabilities. We address these specific organization with complex tech stack Stack. They really want to improve their day-to-day operations.

>> And when you get into customers, what are some of the things that they tell you when they implement? What are some of the use cases and what's the reaction?

Snir Havdala

>> First I think that once they see the context that Zephyr gives, they understand no tool had given them this before. The ability to identify those one, two, three assets that... Oh.

>> Here we go. There we go. Open and closing bell here. Then you have a sucker. You can see behind us. We've got the closing bell. The winner today is Zafran. Ha, ha. Hello Snir. You've got the lucky spot today. There it is. There it is. Market's closed today. All right, closing down theCUBE too. This is our last interview of the day. Welcome all. Great to have you on. How about cyber security? Closing the market here with Zafran. Great segment, great to have you on. We'll continue. Just real quick to close out, what are some of the cool things you're working on right now? And if folks watching want to know more about what you guys are doing, milestones, your growth strategy, looking to hire, give a plug, coolest thing you're working on right now and put a plug in for the company.

Snir Havdala

>> So I think as we go and build our integrations and build our knowledge base, we're actually leveraging AI to be able to actually make what we do. But in scale. And I think AI came in a great place where we can actually, not just attackers that use the AI to actually execute the exploit, but us be able to leverage AI to connect with within the risk and your security tools in scale. And I think that gives us great advantage to organizations. Put a plug in

>> The company, just put a plug in for the value. The people you're hiring milestones you're at give a taste momentum.

Snir Havdala

>> So we are 80 people, Israel and us, and continue hiring and growing and we want to expand, expand our sales, spend our offering, give more value to our customers

>> And bringing that intelligence background. Final question for you. For me personally, I'm interested, how has the unit 8,200 affected your style, your approach to this startup? I mean obviously you've seen what's out there in the real world, what's coming for us in the enterprise and security teams? How has that shaped you and your journey?

Snir Havdala

>> I think it just makes you... First you get to know a lot of talent, great talent. You have access to amazing people that have done amazing things. So you can actually, and really to build a company, one of the hardest things is to get the best talent out there. And I think this is something very, very helpful. And second, to be able to see how these things happen and then you come with a cyber experience that actually lets you build cybersecurity products with this perspective. So I think this -

>> And you get a lot of a players too in your team.

Snir Havdala

>> Yes.

>> You've seen the famous Steve Jobs meme that's now gone around the internet. Eight players don't need to be managed, eight players want to work with eight players. That's well documented. What's your take on that? Eight players don't want to be managed. All your A players are watching. Leave me alone.

Snir Havdala

>> No, that's why I could be here and have great interviews, but I totally agree with that. I think once you let amazing team, great goal and you say, Hey, let's go there and go run, they'll make the shortest way. So I definitely agree with

>> That. Give him the North Star, give him the vision. So you believe in Steve Jobs, he's right on this one.

Snir Havdala

>> Yep. Definitely.

>> Yeah, I do too. Tell him where to go. They'll figure it out.

Snir Havdala

>> Give the vision, give the path, give the resources, and I think sky's the limit,

>> Right. Thanks for coming on theCUBE. Okay, theCUBE is closing it down with the market today. Closing now in the stock market here in New York. This is our super studio. It's part of our new open network where we're partnering in opening up theCUBE. We're going to have two major access points in Silicon Valley and here in Wall Street, creating a subnet here in New York. Hopefully we'll be in Tel Aviv for another supernode. We call these supernodes, trying to open source the network, join us, join our mission. If you like what you see, want to join, check out siliconANGLE.com, theCUBE.net, theCUBE research, of course, the NYSE Wired community. A fast emerging kind of an elite group of contributors. Thank you very much for coming on.

Snir Havdala

>> Thank you.

>> Appreciate you.

Snir Havdala

>> Appreciate it.

>> Okay. I'm John Furrier with Dave Vellante here in New York this week for Media Week. It's Cyber Week as AI innovators are all in town as well. Thanks for watching.