Look, full disclosure, I've been working with Tenable for 20 since I think Ron Gula and Renaud started Tenable.
Alan Shimel: That'd be around 2001, maybe, I'm going to guess because that's when I had started my security company.
We get a lot of people that come up to us, conferences like this, KubeKon.
We might have DevOps people, security people, cloud native, but we also have people who are into digital transformation and at a higher level.
John Tonello: Ermetic, a Tel Aviv based company in the security space with some real great expertise, particularly in CNAPP. So you're looking at the cloud native application protection and all the acronyms that fall under CNAPP, but I think what Ermetic really nailed, not only from an understanding of the security challenges, but how people want to interact with that, which is in an easy interface that gives you a lot of power that focuses on identity.
Because we know that entitlements and identity are where bad people get into your systems.
Alan Shimel: John, I've been, as I mentioned, I've been in security many years, did a lot of federal government work and the federal government, when you go talk, especially DOD people, it's about the mission.
The people who are carrying out the mission have changed.
They're not necessarily security professionals who live, breathe, and die CBEs and GDPR compliance, or these kinds of things.
Alan Shimel: Security is everyone's responsibility, starting not even with the developers, starting before the developers.
I don't have to do sales or sell a certain amount of security product.
Alan Shimel: But from where I sit, I think the biggest thing we've seen is that people are they recognize that everybody needs security.
Everyone needs the security that they're comfortable with.
So in other words, the security professionals' tool doesn't suit me as the developer.
Doesn't mean I shouldn't be involved in security, doesn't mean I shouldn't have a tool that helps me with security, but not that tool.
Alan Shimel: And I think today's successful security companies recognize this and whether it's the same nugget under the covers just with different interfaces or it's truly separate things, but they work together, that's what we need.
John Tonello: And the inverse is true too that the security guy and team doesn't necessarily know the cloud.
Alan Shimel: Well, that's something that hasn't changed in security is we can't, generally, most organizations.
Most organizations cannot afford the security expertise across the whole spectrum that they would need, which is why, look, at my last company, we pivoted to become an MSSP because I recognize that just selling them product, half of it never got installed or got installed and never used because they didn't have it.
You'll see a lot on cloud security on tenable.com.
This Cyber News was published on securityboulevard.com. Publication date: Tue, 12 Dec 2023 01:13:05 +0000