I’m finally on my way back from another fun and exhausting RSA week (here’s last year’s RSA wrap up). I always ❤️ and dread RSA as it’s awesome to get together with so many friends to celebrate cybersecurity, but it’s also an absolute grind. With over a dozen boldstart security portfolio cos from newer category creators like Protect AI (securing AI end-to-end) to more established cos like Snyk, BigID, and Security Scorecard, here is some of what I saw, heard, and felt.
If you’re in security, and you weren’t at RSA, you need to change that now. This is where the magic happens; behind the scenes at all of the side events like customer 1 on 1s, meetings with VARs/partners, dinners, music events, banker get togethers, etc. Yes, the cybersecurity industry is super crowded, but it’s also very small if you keep coming back over and over again.
I ❤️ nothing more than experiencing the real time learnings from founders as they grind it out with his/her team over a few days jumping from meeting to meeting, CISO to CISO. Not every meeting is great. Founders will get punched in the gut multiple times a day. But they will have to quickly regroup and get ready for the next several meetings adapting on the fly. IMO, there is no better place to test and refine your messaging and see how one measures up against competition. Seeing the genuine excitement on founders’ faces when they nail that meeting with that 🐳 is pure joy. This is how great cybersecurity cos are built from Inception as the product doesn’t sell itself.
🔌The energy was palpable. The mood was upbeat. Many commented on how resilient the cybersecurity industry is when it comes to IT spending, and most folks seemed quite positive about the rest of year outlook.
🇮🇱 Israelis were here in full force! Despite flights from United and other airlines being cancelled last minute, many still made it out and were everywhere!
AI, AI, and more AI - whether incumbents are baking AI into existing products as security copilots or protecting the AI and ML folks are building, this was one of the recurring themes. CISOs were talking about LLM firewalls and protecting AI models, but also commented that it’s still early innings. Finally, it was acknowledged by many that hackers have the advantage now, and we will need AI to stop hackers using AI at scale as they become even more sophisticated in their attacks. This cat and mouse game is going to be one to watch the next several years. As long as Keanu Reeves says AI security is important, than we are all set 🤣.
AISPM is here! Yes we do have another security posture management category with CSPM (cloud), DSPM (data), SSPM (SaaS), and now AISPM. For readers of What’s 🔥 you already know about this as I was writing about AISPM a couple of months ago and portfolio co Protect AI was one of the first to coin this. And this week, it was great to see Palo Alto Networks and Microsoft announce their very own AISPM products at the show.
Here’s Microsoft’s commentary:
Wherever your organization is in your AI transformation, you will need comprehensive security controls to secure govern your AI applications and data throughout their lifecycle—development, deployment, and runtime.
With the new capabilities announced today, Microsoft becomes the first security provider to deliver end-to-end AI security posture management, threat protection, data security, and governance for AI.
More on AISPM from What’s 🔥 #382
“Platformization” from Palo Alto Networks and others is a meh for many CISOs. No one is going to buy all of their security products from one vendor like Microsoft, Palo Alto Networks, or Crowdstrike, but there are way too many tools out there, and CISOs do want micro platforms versus having to stitch together and integrate many products in say, dev security with a Snyk, for example.
🤯 Wiz raised $1B at a $12B valuation and that raised a lot of eyebrows and comments like “holy shit, that’s amazing” to “how the hell do they grow into that price.” Whatever happens, the stated goal of that $1B raise is to acquire companies, and as readers of What’s 🔥 know, I’ve been talking about consolidation for quite some time - and it’s rapidly coming. More on this from What’s 🔥 #360.
There are still way too many startups with features and point products and it can be 🤯 thinking through all of these. In fact, many an investor lamented about how there were so many security cos in the $5-10M ARR range but hard to see how they get any bigger unless they start eating at some other budget within cybersecurity.
Security innovation continues to happen! Reality Defender, a deepfake detection startup won the RSA Innovation Sandbox, the competition which has helped launch many an iconic cybersecurity company. This article from Kyle Alspach at CRN covers many of the other finalists from the RSA Innovation Sandbox event.
Reality Defender, the award-winning deepfake and AI-generated media detection platform, has been named the winner of the RSA Conference 2024 Innovation Sandbox contest. Held in San Francisco, RSA Conference is the world's leading cybersecurity conference and exposition, with this year's 19th annual Innovation Sandbox serving as the premier destination for innovative startups to showcase and debut cutting-edge solutions poised to revolutionize the cybersecurity landscape.
Reality Defender provides best-in-class detection against advanced threats posed by deepfakes and AI-generated content. The company's industry-leading solutions for enterprises, government, and institutional clients help protect against everything from advanced voice fraud in call centers to media verification in newsrooms. As demonstrated by Colman at RSA Conference, Reality Defender's real-time voice detection platform catches audio-based deepfakes as they happen, while audiovisual detection finds even the most advanced AI-generated faces in images and videos made using the latest generative AI models.
BTW, this is just from yesterday’s Guardian:
CEO of world’s biggest ad firm targeted by deepfake scam,
Exclusive: fraudsters impersonated WPP’s CEO using a fake WhatsApp account, a voice clone and YouTube footage used in a virtual meet
Lots of creativity on the marketing front from founders and investors…starting with the dope.security cybertruck - many a CISO was given a demo during the ride in the truck
We opted for a more private setting Sunday evening with our annual boldstart CISO and Founder event that we co-hosted with our friends at IVP. Thank you to our esteemed panelists; CISOs/security execs from Anthropic, JPM Chase, and Adobe.
Evolution Equity’s President’s Forum Dinner is always a must attend invite and a hot ticket in town. President Clinton did not disappoint!
Finally, Insight’s Wednesday night ScaleUp get together with founders, CISOs and investors powered by a performance from Third Eye Blind was a great way to celebrate the world of cybersecurity and wrap up my week.
In summary, it’s headlines like this from yesterday that remind me that what we do really matters.
”A cyberattack on the Ascension health system operating in 19 states across the U.S. forced some of its 140 hospitals to divert ambulances, caused patients to postpone medical tests and blocked online access to patient records.”
As always 🙏🏼 for reading and please share with your friends and colleagues.
#Must read 🧵 from Merci Grace former Head of Growth Slack and Partner at Lightspeed
Controversial Takeaways from Not Finding Product/Market Fit, a thread.
I’ll never do my own customer research again. People are too nice to your face. In the future I’ll only have proxies do my interviews for me and remain just doing founder sales myself...
🧵 here
#Lenny’s definitive list of startup pivots
The definitive list of startup pivots
Details behind 30+ pivots, including how they knew it was time to pivot, how long it took them to pivot, how they found their new idea, and more...
List here:
#👇🏼 remember this advice from Adam Grant
Insecure people always need to be heard. They aim to prove their knowledge and feel important. They seek status by getting attention.
Secure people are happy to listen. They want to improve their knowledge and make others feel important. They earn respect by giving attention.
#Current fundraising benchmarks from Peter Walker (Carta) - I suspect that over time we will continue to see the seed 75th percentile pre-money and cash raised 📈. What’s astounding is the 75th Percentile Seed round at $22.5M is about the same as the 25th% A round…
#🙏🏼 honored to be at the top for second year in a row - super grateful to the many founders who we’ve partnered with and learned from over the years! Click through to see all the great folks that like to right that early check
#Who needs a prompt engineer when AI can do it for you? (Ethan Mollick)
Prompt engineering is going away for most people, and here is the latest of many signs: Anthropic, like some of the other AI companies, have released a tool that automatically generates good prompts for you based on intent. It works pretty well!
Check it out here
#AI Agent market map from Insight Partners
In this comprehensive article, Managing Director Praveen Akkiraju, Sophie Beshar, and Hunter Korn analyze and explain the full automation landscape in the age of AI — early automation efforts, current platforms, and where automation is likely headed.
Here are their predictions:
🤖 Everyone will have an AI assistant
🤖 Human-in-the-loop is the operative framework for deploying generative AI solutions
🤖 Automation is a hard problem and is often underestimated
🤖 Deployment of Automation with AI will take a “Crawl, Walk, Run” approach
🤖 Code generation has emerged as a foundational element
Read more about our analysis of the space, understand use cases for enterprises and builders, and see the full market map:
#as anticipated, OpenAI launching a search product and from what I hear a Github Copilot competitor is next up after that
OpenAI is developing a feature for ChatGPT that can search the web and cite sources in its results, according to a person familiar with the matter, potentially competing head on with Alphabet Inc.’s Google and AI search startup Perplexity.
The feature would allow users to ask ChatGPT a question and receive answers that use details from the web with citations to sources such as Wikipedia entries and blog posts, according to the person, who asked to remain anonymous discussing private information. One version of the product also uses images alongside written responses to questions, when they’re relevant. If a user asked ChatGPT how to change a doorknob, for instance, the results might include a diagram to illustrate the task, the person said.
#💯 speed = magical experiences, this is what Superhuman was all about from Inception. Read Tobi Lutke, CEO of Shopify, post below:
Sunday rant.
For software engineering, my sense is that the phrase “premature optimization is the root of all evil” has massively backfired. Its from a book on data structures and mainly tried to dissuade people from prematurely write things in assembler. But the point was to free you up to think harder about the data structures to use, not leave things comically inefficient. This context is always skipped when it’s uttered.
Not all fast software is world-class, but all world-class software is fast. Performance is _the_ killer feature.
If you are in engineering, here is a fantastic anecdote. I refer to this account often. It’s a bit subtile, but the implications are massive-
It’s an account of how SQLite became 50% faster, not by doing one specific thing but hundreds of small ones...
More here:
#Chip Huyen summarizing key takeways “LinkedIn's report on what worked and what didn't when deploying LLM applications” - some 💎 in here
4. Initial success with LLMs can be misleading
It took them 1 month to achieve 80% of the experience they wanted, and additional 4 months to surpass 95%. The initial success made them underestimate how challenging it is to improve the product, especially dealing with hallucinations. They found it discouraging how difficult it was to achieve each subsequent 1% gain.
🧵 here:
#That’s an Inception round - $200M for ex-Deepmind folks building multi-agent models (Bloomberg)
Holistic AI, a new startup in Paris working to leapfrog other generative AI models, has closed the first tranche of a $200 million initial financing round, according to people familiar with the deal.
Investors agreed to put in $80 million in equity and $120 million in convertible debt, chiefly for buying computing power, said the people who asked not to be identified because the details aren’t yet public. They said the founding round values the company at $370 million.
The startup, formed by a group of scientists who recently left DeepMind, Google’s artificial intelligence lab, has audacious aims. It’s working to develop “multi-agent” models, a process where a number of AI systems interact with one another. The deal for the months-old startup marks continued intense interest in companies pushing forward in AI, with investors willing to take a bet on founding teams based on their employment history as much as their proposed product.
#RIP Investment Legend and Philanthropist Jim Simons, founder of Renaissance Technologies
RIP investment legend Jim Simons
Also the original AI/ML 🐐
Lots of aspirational goals about building the $100M revenue, 10 employee AI company but what about $23.3M annual profit per employee 🤯
"In recent years, Renaissance has been scoring over $ 7 billion annually in trading gains. That’s more than the annual revenues of brand-name corporations including Under Armour, Levi Strauss, Hasbro, and Hyatt Hotels. Here’s the absurd thing—while those other companies have tens of thousands of employees, there are just three hundred or so at Renaissance."
― from "The Man Who Solved the Market: How Jim Simons Launched the Quant Revolution"
🧵 here along with link to book:
# Jim Simons’ five principles
Jim Simons's five principles (RIP):
“Be guided by beauty. Just as a great theorem can be very beautiful, a company that’s really working very well, very efficiently, that can be beautiful.
Surround yourself with the smartest and best people you possibly can. Let them do their thing. Don’t sit on top of them. If they’re smarter than you, all the better.
Do something original. Don’t run with the pack. If everyone is trying to solve the same problem ... don’t do that.
Don’t give up easily. Stick with it. Stick with it not forever, but really give it a chance to get where you’re going.
The final principle is hope for good luck.
That’s the most important principle"
More from Neckar Value
