theCUBE + NYSE Wired: Zero Trust Cyber Series | Danny Brickman, Oasis Security

Clips
More from theCUBE + NYSE Wired: Zero Trust Cyber Series

Danny Brickman

CEO

Oasis Security

play_circle_outline Discussion on vulnerability in Microsoft MFA identified by Oasis

play_circle_outline Importance of non-human identities in security and the need for control

play_circle_outline Context reconstruction, lifecycle management, and discovery of identities

play_circle_outline Strategic Expansion: Hiring Engineers and Software Developers in Tel Aviv, New York, and US Locations

Info
Transcript

Danny Brickman, Oasis Security

Danny Brickman

CEO Oasis Security

In this interview, John Furrier interviews Danny Brickman, co-founder and CEO of Oasis, a cybersecurity company. Danny discusses how Oasis focuses on addressing vulnerabilities in the identity space, specifically non-human identities like service accounts and tokens. He explains the importance of understanding the context of identities, the need for automation in managing these accounts, and the value of discovering and controlling these identities quickly. Danny also shares a customer example where Oasis identified a security risk and helped the organization... Read more

explore Keep Exploring

What vulnerability was uncovered on Microsoft related to AuthQuake, MFA, and Microsoft MFA? add

What is the challenge presented by the increasing number of non-human identities in the identity landscape? add

What are the three main elements that Oasis focuses on in terms of security tools? add

What locations are this company currently looking to hire engineers in? add

bolt Powered by CUBE AI

Danny Brickman, Oasis Security

search

>> Hello, welcome back to theCUBE, coverage here in NYSE Studio. This is theCUBE East, this is our Wall Street studio inside the NYSE. I'm John Furrier, host of theCUBE. We've got our Palo Alto, Silicon Valley connecting Silicon Valley and Wall Street technology and money together. Great network, The Wired Network, the NYSE Wired Network. Brian putting together. It's a great, open community and we've had a great cyber week. It's our third day of coverage. Danny Brickman's here, co-founder and CEO of Oasis. Danny, great to see you. We saw each other on the show floor the other night when you guys were having your cyber start party, part of the community you guys have over there. Great community, by the way. Love all the guests, super smart, entrepreneurial, having fun, taking names-

Danny Brickman

>> Amazing energy....

>> kicking ass, as we say. Great stuff. You guys came out of stealth recently, got some funding. About how much fun did you guys raise?

Danny Brickman

>> 75 in total.

>> 75 in total. Yeah. Instant market success. Even today as we speak, you guys uncovered a vulnerability on Microsoft that was published on hackernews.com. I just was reading it. The Oasis vulnerability, identified by the Oasis-

Danny Brickman

>> Yes.

>> I put in the Oasis because there's a famous bar in Menlo Park. But Oasis is the company name. Talk about the vulnerability AuthQuake, MFA, Microsoft MFA. Take us through the news real quick. This is super, super newsy.

Danny Brickman

>> So obviously the team is focusing all the time on finding how hackers can bypass a lot of factors, or MFAs, that we have, or other stuff in the identity space. And the team in Israel, the researchers in Israel found out a way to brute force, actually, the MFA process of Microsoft, which we disclosed and closed together in October. But it was a major opportunity for almost 50% success within 70 minutes of bypassing MFA.

>> That's a huge percentage and timetable.

Danny Brickman

>> Yes. Yes.

>> I mean, how do you respond to that? That's hard.

Danny Brickman

>> Look, security is an evolving, it's always evolving space. The more we progress with technology and innovation, the more like, yes, we're finding and we need to all the time be aware of that and close that and make sure that we're eyes open on that.

>> Yeah. Just talk about the company, the origination, how you guys started, where it all came from, and the journey. Because identity is where the action is. And if I'm a hacker, I go for the identity.

Danny Brickman

>> Of course.

>> I want to get in, I go, I'll do whatever it takes. Social engineering, whatever it takes. MFA, there's a lot of capabilities. It's the hardest thing to protect against, and it's the number one target-

Danny Brickman

>> Exactly....

>> for hackers. You agree, obviously, because that's what you do. So thank you for that. Please, get better, because I want to be protected all the time. Take us through the origination, why you guys were founded. What was the motivation, and how did it all play out?

Danny Brickman

>> So both myself and my co-founder and many of the founding members of Oasis came from the IDF, which is not a surprise for Israeli company. But all of us being on the hacking side, obviously working for the right nations. But in our focus through the years shifted towards focusing on identities, as you were mentioning, right? It's easier at the end of the day, right? And the scale is so big. And when we understood the problems so significant in our organizations today, we decided to take a look at what's going on, what has changed in the industry through the years. And obviously as we all know, identity people, it's probably one of the hardest jobs in security today. And it's getting harder and harder the more we're progressing with transformation like cloud or AI. And when we started looking at the identity landscape that was for many years focused on the human side, right, we realized that actually behind the scenes there is a small little creature that is exploding right now, which we call it non-human identities, but it's the service accounts, the token, the keys, all of those components, all of those authentication methods that allow machines to actually access to data, access to applications. And we're talking today about a scale of 20 to 40 times more non-human than human, which creates a challenge that we don't know how to control, how to manage. And this is where we decided to open up a company and actually address and build this security stack for those non-human identities.

>> You saw early the opportunity around the machines doing work on behalf of humans, which is what gen AI is basically doing.

Danny Brickman

>> Exactly.

>> So okay, take us through today where you guys came out of stealth, take us through that. Launched this year.

Danny Brickman

>> Yes. Cool.

>> What were some of the things you knocked down right away? We'll talk about some of the momentum.

Danny Brickman

>> So first of all, our focus originally was to understand what are the big enterprise's challenges with non-human identities when it comes to innovation that everyone is driving? Today, we're working with the biggest enterprises in the United States and many of them are focusing a lot on AI, as we all know of that, right? But those AI agents are actually replicating the human actions, right? But doing it at scale, which creates more and more non-human identities, which today in this traction in the market, everyone understands that this is the biggest gap that we have in the identity that is not controlled. And with that, obviously, we went to establish this product on an significant investment by Sequoia, Excel, and Cyberstarts.

>> Not too shabby. Some nice names there, tier ones all the way around. Very nice.

Danny Brickman

>> I was, oh my god. My partner's part of Sequoia will be pissed at me. I'm quoting him here. He said, "When human identities was a big issue, Okta got an investment from Sequoia, right?" Today the biggest challenge in the identity space is the non-human actually, and this is where the backing came from.

>> All right, give us some of the use case scope, the scale. You mentioned some sizes earlier. What's going on inside the large enterprises, inside the large hyperscales, inside the large critical infrastructure providers who are all worried about this because they're the big targets? What are some of the non-human machine-to-machine use cases that you guys are seeing now, and what do you see around the corner?

Danny Brickman

>> First of all, the scale itself is proliferating because of what we said, AI and cloud transformation and more workloads coming into play and third parties that are being integrated into the system. But there's an always question that we're asking. If you have your own password, would you share it with your buddy just regularly on Slack or something like that?

>> No.

Danny Brickman

>> Of course, no,

>> .

Danny Brickman

>> But as a developer, just to share it with my buddy to help me debug some system, share a token or a secret? It's something that is done more regularly. And this just creates a bigger challenge for organizations to control and understand how it looks like. Just taking an example, Microsoft AI breach a year ago, right? Hacker only entered to GitHub Repo, a public GitHub repo, took a token, and accessed directly to the database. 38 terabytes were read, no protection in the middle. Developers just share this token behind themselves on GitHub Repo.

>> That's collaborative. For them, that's collaboration.

Danny Brickman

>> Yes.

>> Not necessarily .

Danny Brickman

>> Exactly. And when we're looking at that, we don't want to slow down the business. We don't want to slow down and say like, Hey dear developers, don't create access. Don't create access to databases. This is the day-to-day job. We want to progress, we want to create more value to our customers.

>> So what's the secret sauce? Okay, so got that. Obviously great to get that new environment. Certainly we'll see more and more machines with agents coming. I'm like, come on, it's going to be even more prolific in that dynamic. What's the secret sauce that you guys have to help people not lose the momentum on the innovation? We don't want to lose the developer productivity. I mean AI's going to help us, right?

Danny Brickman

>> Yes.

>> So it shouldn't hurt us. What do you guys do to keep that acceleration going while giving the protection?

Danny Brickman

>> So three main elements. First of all, as every security tool, we first of all need to understand what is in front of us and to discover it. So Oasis is focusing on finding all the different types of identities that we're not able to discover today in a very fast manner. I'm speaking about minutes. Right? The second thing, which is very important in that space, is just reconstructing the context. A lot of those identities, we don't know who owns them, what is it used for? Therefore, we're in a paralysis mode of should we disable this account? Should we rotate that? Everyone is afraid to break anything in right? So reconstructing the context, understanding these elements of usage, ownership, permissions given are critical paths towards the third piece, which is the lifecycle management. And something that Oasis understood pretty quickly that we don't want to enforce any specific tools on developers. We want to help them. We want them to bring their own infrastructure and us helping them to actually manage the lifecycle of those accounts.

>> This whole lifecycle management, you brought that up, that's become quite the conversation here on theCUBE, where you look at standard product development. There's versions, you got a new version, you sunset the old one, or backwards compatibility. Gen AI was starting to see that become an issue. Certainly API, you just had an API provider on earlier. They treat APIs like products now, they have to because it's large scale. I mean that's the internet and it's critical foundational stuff. Same with security. Where are we in the productization of what's getting hardened in that discipline and what's now emerging? Because you're starting to see gen AI get to the version where there's also challenges of is it backwards compatibility? So you need to have kind of that bold factor. What's your reaction to that idea of versioning or productization of security? Because this is where you can maybe streamline a little bit or harden things. What's your thoughts?

Danny Brickman

>> I think we need to streamline. Because as I said before, we don't want to slow down. We want to move fast. And this is where we need all the time to understand the context as we were mentioning of how is it impacting the business? Is it still in use? Should we sunset it or not? Right? All of those questions should be answered, but we need to help it to happen.

>> Got it. Talk about the momentum, give us some customer examples. You don't need to name names, sometimes you don't want to reveal the names with security conversations. But take us through the use cases. Where are you guys winning? What's the value proposition? What's the business model? How do I consume the technology? Take us through some of the basics.

Danny Brickman

>> Just as an example from a Fortune 500 company that is actually doing the right processes of lifecycle management, right? As we connected and started working with the team, we realized that the team is working extremely hard on rotation, decommission of accounts, and they're not keeping up with the pace. We figure out that we're speaking about a growth of between 30 to 50% a year. And this creates challenges of, first of all, we're not covering everything, but also we're leaving a lot of significant gaps in our infrastructure. Which, for them, it was so critical to have the automation and streamlining the lifecycle of those accounts in an automatic fashion that can be controlling the scale of the problem.

>> Who are you guys selling to? If I'm a customer, okay, I have nightmares about these scenarios. Who's the target persona you guys talk to for Oasis to say, "Hey, you'll get our value instantly." What's that buyer look like?

Danny Brickman

>> I think we started our show about speaking about the identity people, right?

>> Yes.

Danny Brickman

>> They became, right now the most critical part of security to them, right? Because the transition that we saw towards hackers leveraging identities at scale creates a huge challenge for them. Right? And a lot of identity people are now becoming the cool guys, if you will. Right? And I'm happy it's happening because it's such a critical piece of our infrastructure, so we need to control it. And therefore, in many cases, identity people is like, I understand the scope of the problem. And they're saying, oh my God, till now I couldn't do anything. Now I understand. I see. I connect.

>> Yeah. We had a guest on earlier here on theCUBE and we were off camera. I wish we had the cameras rolling. We were talking about security. He's like, remember the Olympics when they were having the shooting competition and you had the one person, there's a meme going around with one person with the scope and the apparatus and all the things, and it had all the logos around it? And then the sharp with the hand of the pistol, the Turkish guy with the pistol just hits bullseye, and the meme went around. It went viral in the security area, because the whole point was you can get loaded up with all these vendors. But the one guy comes in, the hacker, and just shoots it straight and one weapon, handgun, simple. This is kind of the world you're in because identity is that one rifle shot. One shot you're in. Once you get someone's password, you're in. It's lateral movement, no problem. Tokens, no problem, I'll take those too. I'll access systems, I mean, I don't need all this, I just need to stop that.

Danny Brickman

>> Exactly.

>> Fail once, you don't need all this heavy lifting. That brings up the whole vendor sprawl and it can be distracting. What's your reaction to one, the meme's pretty cool, but I'll send it to you and I'll share it on social. But this just kind of encapsulates the social, I mean the security challenges because it takes one shot.

Danny Brickman

>> I think few years ago we were discussing about the topic of assuming reach, right?

>> Yeah.

Danny Brickman

>> We need to, at the end of the day, it's a sadistic game. Zero trust, and everything comes to play because we understand that we cannot prevent it. It will happen, but we need to have at least the best control we can have in order to protect that, right? Even the best border in the world, we will find a gap. But if we have the processes to control that we can mitigate the breach in that case.

>> Talk about a customer that you've worked with, you can share an example where they came in, used your product, maybe they weren't, I won't say skeptical, but startups are always earn their way, where they went, "Wow, man. This is phenomenal. Saved our butts." Give an example of that and what happened, why you guys were successful. What was the key to success?

Danny Brickman

>> It's interesting, it's probably one of our first ones, but when we connected to their system, they knew they have challenges with non-human identities, but we found out that a specific identity was shared with a third party with admin permissions over their cloud infrastructure. Right? And not only this, we also told them that you're not working with a third party anymore. There's an obligation from this side. So basically right now your perimeter is exposed to a third party that they're not obligated to you to control or save it, which means that you're completely exposed right now with admin permissions. And they were shocked that they didn't know that because they have a lot of non-human . They could not contextualize them and understand what is the risk.

>> So they didn't know it was there.

Danny Brickman

>> They didn't know that.

>> And the relationship changes, that's the context. And that permission could have been set or identified. And then what's the remediation? What happens next? Do you guys get involved in that? Does the customer have to do that?

Danny Brickman

>> So first of all, we're getting involved in that. In that case, it's very simple. It was just disable the account, right? But in many cases, when we are seeing over-permissive accounts, or accounts are being used out of , we're helping organization and first of all, clean up, rotate, and actually set up the right IP limitations, right permissions, setting up the owner, putting rotation processes in place, automatically vaulting those accounts and using existing infrastructural tools.

>> A lot of your peers in your community all have come from the IDF, some different units, and have that military background as consistent. We've seen that. What has that done for your journey? How has that helped you as a founder as you get into the commercial side of things? And startups are hard. You know that, so it's not easy. But you have to go out, get a beachhead, secure some customers, put a growth plan together, get stakeholder funders, investors, put a team together. How has your background helped you? I mean, it's just kind of like a military operation, I guess. Get a team and put them together and go to work and take us through that.

Danny Brickman

>> So it's interesting to look at that, because the enemy is always evolving, as we know. In the case of security, the enemy is the hackers, right? And I think the most important thing that we got from the IDF, that innovation is not a matter of just do it. It's a matter of survival. If you don't innovate, you start losing. Right? And therefore these innovation, I would say, modes that everyone is bringing to the table, just thinking how should we think differently? How can we solve unsolvable problems? This is what drives, I would say, the most innovation .

>> As they say, never go out in the open field without cover fire. In security, you have to have share, and you have to have collaboration. So if you're a big company, you should be working with people that know what they're talking about and expertise. What's next for you guys? What are you guys looking to do? What's the growth strategy as you guys start to get escape velocity and get momentum, as they say, lift? What's the growth strategy?

Danny Brickman

>> So first of all, as we're developing the product right now and evolving the innovation over there, we're planning to be expanding more and more through the big enterprise for the Fortune 500 and Global 2000 to help organizations to actually control the non-human identity problem and challenge. And we're keeping our eyes all the time open because the problem that we had last year, AI changed the whole game. I'm just even joking sometimes and tell we're in a Gen Z era of infrastructure.

>> Yeah, and they just came out of COVID. We graduated college out of COVID. I mean, there's new things they haven't seen.

Danny Brickman

>> All the time. Every day like a developer is using something new. We need to be aware of that and help your organization secure this .

>> I was talking to somebody the other day about the Gen Z generation in COVID, and my daughter graduated college. She was in the class that actually graduated in the COVID generation, which they would live the whole four years. And the discussion was, it's an opportunity because they have a fresh lens. Now there's some things that are unknown, but that's a good thing, a fresh perspective coming in. Now you get the Gen Z infrastructure, you're referring to, hey, it's changing. It has different requirements, different perspectives, opinions, postures. I love the opinionated infrastructure conversation. Opinionated is a term used all the time. I want to have an opinionated technology stack, meaning I'm dealing with a lot of different services. I'm standing them up, I'm tearing them down. Machines are talking to machines. This is a new era.

Danny Brickman

>> It is, and it is a new era. And I think I'm personally very excited about it because, well, it's just like if we're taking the Gen Z example, again, we cannot limit the Gen Z generation of doing something or not doing something. We can scope it, we can direct, we can help, right? And I think the more we're letting people try innovate things, the faster we'll grow, the more value all of us will get.

>> If you think about the Gen Z, it's interesting metaphor. I love how you brought that up because it is a transitional generation. Unlike, I'm an X Generation, and the Millennials, they're stuck in the middle. Sorry, if Millennials are out there. Boomers, they're already out the door. But you've got the Gen Z, they're transitional. If you look at it in business and all their verticals, you're seeing younger leadership. Why? Because companies want a Gen Z leader to align the business, and/or in this case infrastructure with the new capabilities and expectations that are happening. And first of all in security, the expectation is don't get hacked. No breaches, kill the bad guys, metaphorically speaking or whatever. What is the impact on that, on the business model? What have you seen that can give hope that the transition's going well or is it a personnel challenge? How is this transition working in your mind as this, I'd call the Gen Z transition up in technology and workforce?

Danny Brickman

>> It's instead of if security is always just afraid to work against, right? And many of the security leaders that I'm speaking with are saying they want to work with, right? The best analogy that I heard was when you're driving a car without a seatbelt, right, you wouldn't be driving fast. You'll drive like 10 miles per hour, 20 miles. But the moment you're putting the seatbelt on, you can drive fast, right? And this is what security looks to be. The seatbelt to help them to be part of this journey. Not being like the Boomer that says no.

>> Boomers didn't wear seatbelts, they would cut the seatbelt off. And then my generation had to learn how to adapt to the seatbelts.

Danny Brickman

>> Yes.

>> So we lived on both sides. We lived the weirdest, I think generation, the Xers. But great conversation. I love what you guys are doing. Give a plug for what you guys are working on now, hiring. What are you looking for? And customers and prospects that are watching, what can they expect from you?

Danny Brickman

>> So first of all, we're working right now on expanding the platform to be a holistic approach from the governance, the detection response, and to gain a full visibility around that. So obviously everyone is welcome to join security, right? LinkedIn or website, et cetera. And we're looking right now to expand on all the fronts, obviously R&D products, and go to markets as we're approaching towards 25, which will be a very significant year for us, especially when the regulations are actually changing.

>> And you're hiring engineers, obviously software developers and engineers for sure.

Danny Brickman

>> Exactly.

>> And locations. Tel Aviv?

Danny Brickman

>> Tel Aviv, New York, and all across the United States.

>> Yeah, no problem, virtual?

Danny Brickman

>> No problem.

>> All right, great to have you on theCUBE. Thanks for coming on.

Danny Brickman

>> Thank you very much.

>> Okay, Danny, appreciate it. Check out Oasis, again, in the news today as they uncovered a vulnerability with MFA. Again, identity is the top target. Again, we need more, so much security. Security keeps changing. And again, the Gen Z generation of infrastructure's upon us. Love that. I'll be using that. Appreciate that. I'm John Furrier with theCUBE here at the NYSE. Thanks for watching.