Yuval Baron, CEO of AlgoSec talks company culture and the acquisition of agentless CSPM Prevasio
December 2022 by Yelena Jangwa-Nedelec, Global Security Mag
Our acquisition of Prevasio is official as of today. Prevasio is a Cloud security company that we acquired to help us have a comprehensive cloud solution for organizations. Those organizations have lots of assets in the cloud, they have data centers in their local network and with this acquisition, we can enable the holistic security approach they need to have.
Global Security Mag: Can you first tell us a bit about AlgoSec?
Yuval Baron: Our vision is to secure application connectivity anywhere. All the cybersecurity industry, all thousands of companies exist for one purpose : to secure applications. They do it either by securing the code, the data or the connectivity and identity. So we are in the area of secured connectivity for business applications anywhere (in the cloud and on premise). We already have big customers who bought our vision and solution, including a prominent German Bank that bought our products a few weeks ago.
Nowadays there is a lot of desire to look at ROI. At Algosec we automate manual processes to save labor around application connectivity (to business vendors, data centers…) we can securely and holistically automatically implement it in minutes, instead of weeks. That enables us to increase the competitiveness, security and agility of our clients. Because many businesses rely on their applications in order to survive and grow. So if they introduce new applications faster, they become more successful in their business and we enable them in the aspect of connectivity for their applications. And if they need to meet compliance requirements, we can prepare them for a compliance audit in a click of a button.
Global Security Mag: About the acquisition of Prevasio, why now?
Yuval Baron: We scan to acquire companies all the time and once we find a company that fits our criteria, we take action. For Prevasio, we initially just tested the product for our own use, but when our Devops Team showed interest in the product, I became interested in buying the company.
When acquiring new companies or solutions, we look all over the world. One interesting fact about Prevasio is that they operate a technology that was developed by Stanford Research Institute, which was found by Stanford University, California. They have about 3000 people and many of them are researchers. They developed technologies like Siri, for example and also AI security technology that Prevasio is integrating and incorporating In their products. One of the thing that customers like about this product is that it is particularly easy to install and to deploy, because it’s agentless.
GSM: How long did the acquisition process take?
Yuval Baron: We found the company thanks to our marketing analyst, and then from the testing until the signing of the deal, it took around 7 months. Half of this time was legal work. After a few weeks of testing, we already knew we wanted to buy Prevasio.
GSM: Can you tell us more about your solutions ?
Yuval Baron: We also have a close cooperation with Cisco, and Cisco has ACI (Application Centric Infrastructure) but they need to manage all of the other vendors, so that’s what Algosec brings to the table.
Another interesting aspect is the disconnection that sometimes happens between application developers and security operators, who speak different languages. There are sometimes miscommunication between them and we are there to translate it. The application developers can write their application requirements in their own language and the security team will understand it. The security can decide to prove something if there is a risk, and if there are no risks, it can go to the configuration of the set up to make the connectivity work. So everything can automatically go up to implementation with what we call Zero Touch.
A new phenomena that we see today is Infrastructure as a code. The people who write the security controls are the DevOps, so the security operation team loses control. The DevOps write the connectivity they need on the code, they configure the security groups of the devices, but they are not always very familiar with the risks within the written code. We have a new product, that we launched a few weeks ago, which will allow the security teams to set the policy that will be enforced in the development environment, it is a sort of CI/CD capability. This product enables visibility without disruption for the workflow of DevOps.
At AlgoSec, we work with channel panels and we think in the long run, to create long lasting customer satisfaction. We believe that if we do the right thing, the financial success will come.
Financial success is a consequence, it is not a goal.
We care about excellence but for us corporate culture is also key and it can work only if you implement it from the beginning. Our customers are spread out all over the word, so it is important for me to create this good company culture, kind of like a family.
Debates are important and errors are to be used in a productive way. It’s okay to fail but we don’t want to do the same mistake twice. We don’t want to kill the messenger, we want to command them. We value honesty and want to encourage people to speak up, and for that you have to have a good reaction when faced with a mistake.Being able to delegate is also very important. Consult your employees when you have important decisions to make, don’t just chose something because you’re the boss. For us it is crucial to avoid ego driven decision making.