Episode #25 - StrikeReady with Salim Scafuto
The annual Cybersecurity Workforce Study conducted by (ISC)² modeled the existing talent shortage as 3.4 million professionals in 2022, up 26% from their 2021 study. The purchasing of a multitude of security products to offset skill gaps can fall short as operators struggle to adapt processes and extract value from toolchains that may or may not be flexible in handling an evolving threat landscape.
Many available security automation products require an operator to construct, deconstruct, and reconstruct a set of playbooks that include a number of static decision blocks, which are clearly not optimized for ad-hoc or potentially ex-ante scenarios.
In this episode we have a conversation with Salim Scafuto, Global VP of Customer Success and Sales Engineering, of StrikeReady, about their platform and how its logic layers (attack harvesting, knowledge harvesting, action invocation, analysis & context) combined with their machine learning capabilities (e.g., deep neural networks, convolutional deep neural networks, deep belief networks, recurrent neural networks) can allow an operator to reason with their environment to thwart attacks.
The platform allows operators to engage in knowledge-seeking questions that invoke a security-centric conversation with their reasoning engine (e.g., such as asking, “what is ransomware?”, or, “who is APTXXX?”), a contextual awareness question to obtain a degree of business insight (e.g., such as asking “am I currently at risk for ransomware?”), or even an automation-based command for incident response and proactive operation (e.g., such as issuing the command, “check this email for phishing”, or, “assess my risk against mummyspider”).
With a host of integrations and a TAXII client to ingest a set of threat feeds, the platform is enabling a broad range of responses that mimic a security professional, offsetting much of the day-to-day load and allowing practitioners to focus more on the exceptions.
StrikeReady was founded in 2019 by founders Anurag Gurtu and Yasir Khalid in an effort to empower defenders to address the technology exhaustion that accompanies current disparate security investments, the lack of cohesion and collaboration between these investments, and the growing skills gap to operate them effectively - by providing a reasoning capability that sits atop of streamlined workflows and automation. This helps drive up the ROI in your current investments while delivering a platform that can automate the day-to-day needs of security practitioners.
StrikeReady is headquartered in Palo Alto, California, and has raised $3.6M in seed funding at the time of this podcast.