Spoke to a smart founder (successful exit under his belt) pondering his next infosec startup.
Amongst all the advice he’s gotten till now, nobody focused on “make sure the product actually works”.
I’d like to say it’s cause that’s table-stakes but I’d be lying.
Infosec ignores this too much.
Amongst all the advice he’s gotten till now, nobody focused on “make sure the product actually works”.
I’d like to say it’s cause that’s table-stakes but I’d be lying.
Infosec ignores this too much.
Comments
EDR: detects a non-zero number of attacks, doesn't detect an unspecified number of other attacks
IAM: provides users access to resources, and also provides it to an unspecified number of other users (possibly malicious)
:)
We talk internally about making and keeping certain promises..
We choose our architecture and our features around those..
I’d bet there’s a book that could be written about the chasm between technically works vs achieves a meaningful outcome.
1) build a good product
2) sell it at a profit
3) sell it to more people
Actually having a good product you believe in is often forgotten for the glitz of a Silicon Valley startup.