November 8, 2022
When I was a newly minted engineer fresh out of grad school and joined Cisco, I would often be awe-struck by our then-CEO John Chambers (now an investor in Balbix). He would describe going after large and growing markets where Cisco had the ambition to become #1 or #2 in the market. A decade, and many security products later, his clarity of thought and aspiration to lead in new markets has still stuck with me. If I were to describe why I joined Balbix, it would be for this reason – to be part of a company that will be #1 or #2 in a large growing market. Balbix is a leader in a market that has been called many names, most recently, the cybersecurity posture market. But why is Balbix in the cybersecurity posture market? Allow me to explain …
In its simplest definition, cybersecurity posture is an assessment of how secure your organization is. For a more detailed definition, see here.
From the end user perspective, you ascertain the posture of your organization by inventorying and baselining what you have in terms of assets, vulnerabilities and controls. This allows you to map your attack surface. It also helps you to understand the risk present in your assets.
Once your baseline posture is established, it must be continuously and automatically updated. Sure, real-time visibility is important, but the value of cybersecurity posture management is much more than that. Baselining your security posture allows you to drive a slew of use cases with meaningful outcomes, for example:
There are many other overlapping and tangential use cases tied to security posture, but Balbix focuses on these three that are top of mind for CISOs today.
As you might have derived from the use cases above, the market is crowded. And noisy. Today it’s fragmented but that is quickly changing. There are vendors – such as CMDB and asset management vendors, IoT/OT management vendors and traditional vulnerability management vendors – playing in one use case who want to expand to another. Some cloud security vendors also want to provide a holistic view of on-prem and cloud assets. Meanwhile, endpoint detection and response (EDR) and extended detection and response (XDR) vendors are leveraging their endpoint footprint to move up the food chain and provide analytics and vulnerability insights.
Then there are managed security service providers (MSSPs) that are consolidating different point products into broader offerings. And, not to be forgotten, global system integrators, who are driving CRQ programs by anchoring their services with some of the previously mentioned categories of security products.
Finally, there are vendors that I am calling posture-native: cybersecurity startups that are being built from the ground up using a data-driven approach. They are building modern tech stacks that look at both on-prem and cloud networks, that scale and that have automation at the center of what they do. No points for guessing which bucket Balbix is in!
Some of these players will go it alone, some will partner, some will be data sources or enabling technologies for others, and some may be a combination of these. Balbix, for example, creates a unified risk model by ingesting data from our customers’ existing IT and security systems (including those mentioned above) and then works directly with our customers or through service partners to help our customers manage and improve their cybersecurity posture.
Balbix has built its platform around an asset-centric risk model, where an asset can be a physical device or virtual asset observed on a network, an application running on an asset or a user observed on a network. Balbix can discover assets using API-based connectors into third-party sources or using its own native sensors. Balbix then uses advanced analytics to classify assets and populate over 400 asset attributes, correlate and infer vulnerabilities, and calculate risk for every asset.
This asset-first view provides Balbix users with a risk model that has both the breadth and depth they need for visibility, vulnerability management and cyber risk.
Balbix dashboards enable CISOs and their teams to quantify their cyber risk in monetary terms (dollars, yen, etc) to improve how they communicate cyber risk to their CEO, CFO and board of directors. With Balbix, CISOs can provide data-driven insights and quickly improve their cyber risk posture by focusing on their most critical vulnerabilities first. Balbix is the only platform that can address the CAASM, RBVM and CRQ use cases in one view.
At the core of Balbix’s vision is an ambition to use data to solve some of the hardest problems in security. Being data driven allows Balbix to be able to drill down to minute details with accuracy. Customers can slice and dice asset and vulnerability data for better informed patching and reporting. Balbix customers can also use this data to work at high velocity when critical issues emerge. For example, Balbix helps its customers identify 1000s of applications using log4j including 1000s of custom apps.
To me, it’s the breadth and depth of its risk model that will allow Balbix to win in the cybersecurity posture market, and why I’m excited to be part of the team.