Attack Surface Management , Security Operations , Video
Dean Sysman on How Axonius Does Asset Management Differently
Why Axonius Uses Existing Infrastructure and Controls Rather Than Deploying Agents Michael Novinson (MichaelNovinson) • December 7, 2022Asset management historically either looked at network traffic or attempted to put an agent on everything, which Axonius CEO Dean Sysman says left organizations drowning in data.
Sysman started the New York-based company in 2017 to focus solely on bringing data together from a customer's existing infrastructure and controls rather than deploying something new. Axonius' approach sets itself apart from newer rivals thanks to the comprehensiveness of the tool, its efficacy at correlating data and its ability to help clients understand their business context and challenges, he says (see: Axonius: A New Approach to Device Management).
"When we started, we were the only ones who took this approach," says Sysman, who in March spearheaded a $200 million Series E funding round and notched a $2.6 billion valuation. "We were a unique, innovative, new approach, and that's what's caused us to grow so fast because of the value that brings to customers."
In this video interview with Information Security Media Group, Sysman also discusses:
- How Axonius plans to use the Series E funding secured earlier this year;
- How the company has balanced growth and profitability amid the downturn;
- What sets Axonius' approach to asset management apart from the pack.
Before founding Axonius, Sysman co-founded Cymmetria, a VC-backed cyber deception company with Fortune 500 customers that was acquired by private equity. He is an alumnus with the rank of captain of an elite unit in the Israeli Intelligence Corps, where he served for five years, receiving commendations and awards. Sysman has been honored with a place on the Forbes Under 30 Israel list and was the winner of the EY Entrepreneur of the Year Award in New York. He is a graduate of the Etgar program and earned his bachelor's degree in computer science at age 19.
Michael Novinson: Hello, this is Michael Novinson with Information Security Media Group. I'm joined today by Dean Sysman. He is the co-founder and CEO at Axonius. We're going to be taking a look back at 2022, as well as the look ahead to what to expect in 2023. Good morning, Dean, how are you?
Dean Sysman: I'm great. Thank you for asking, Michael.
Novinson: Thank you for making the time here. I want to start off by talking about the $200 million Series E funding rounds you closed back in March, achieving a valuation of $2.6 billion. What has that investment allowed you to do in recent months?
Sysman: Great question. You know, from the time we started Axonius, since 2017, we've grown at one of the fastest pace, a cybersecurity company has grown, both in revenue and in number of customers, number of employees. And even we were ranked the number three fastest growing business in North America over the last three years by the Deloitte Fast 500. So for us, funding rounds, fortunately have never happened because we needed funding, they've always been preemptive, just because we were a great business. So actually, most of that funding, we have not really utilized yet, we have a very healthy balance sheet. But what we've done every year in our planning is to really think about what's the best and most efficient way to grow, and not grow at all costs, not try and chase after top line numbers, but really make sure that we're growing, hopefully as a business, and continuing to measure our efficiency. Because that's very important for us with our vision of becoming a long-term, large, high-growth business.
Novinson: Absolutely. And on that note, I know you'd mentioned being number three at the Deloitte Technology Fast 500. How have you historically approached responsible growth? And what steps have you taken to make sure that you're growing with profitability in mind and not just growing at all cost?
Sysman: I think first of all, there's a lot of metrics that help you measure if you're growing efficiently or not. Some of them you can look up online, like CAC Payback Period, or the magic number. And I think those help you to see how you're spending compared to your increase in revenue. But more than anything, it's the question of what is a good engine of growth that is scalable, that is repeatable, that also makes you very approachable to your customers, right? There are many types of growth, some of them cause your customers to be very happy with the way that you become their vendor, you become their technology partner, some of them less. And it's really important for us that relationship you build with a customer, because in many different kinds of problems, spaces and many different kinds of categories, the solution that the customers are looking for is very clear to them. And they're just picking from a number of competitors. For us, we're really creating this category, really creating a new thinking of how people address the problem of understanding their infrastructure and securing it. And it's very important for us that our customers are very vocal fans of what we do, and they're very vocal about the value they get. And another way that we measure our growth through is how much our customers promote us, we use a metric called Net Promoter Score (NPS). And historically - that shifts around by score over time with variants. But we've always been around 80 or higher than that. And we're ultra proud of the fact that that's how our customers value us.
Novinson: I'd like to talk a little bit about that asset management market landscape. I know you were referring to yourself as a category creator here. I was wondering when you do find yourself in a competitive bid scenario with prospect, who are you most frequently encountering first off? And then secondly, what do you feel distinguishes what you're doing at Axonius from some of the other solutions that customers are considering?
Sysman: It's a great question. So I think when we started, and we realized this problem existed, it was as simple as asking, you know, CISOs and CIOs, do you even know how many devices do you have? And either people would say, "I don't know." Or they would give, you know, a very wide range, that means the same thing. And if you don't know why you have, you obviously can secure it. But that question is so small as a part of the need to understand and view everything in your infrastructure, especially today when we have people working from anywhere. We have multiple form factors, operating systems, types of assets. Right now, we have devices and we have identities, we have applications and we have learn abilities, and we have all these things that are a core part of understanding. What we have in an infrastructure and making sure it's secure and operational. So the legacy approaches to this problem, the reason why it hasn't been solved is that all the prior solutions have been either based on looking at the network traffic or trying to install an agent on everything. And we know those solutions, give you some data, but they don't solve the problem, right? It's like opening a box of a puzzle. And having all these pieces be mixed together. And each control that our organization has, each control that creates data, whether it's an agent, whether it's a network system, whether it's an identity system, whether it's a cloud platform, whether it's a, you know, CI/CD solution, that's one piece of the puzzle, and the real answer to what you have in your environment, in your infrastructure, the real answer to gain that full security visibility is to take all those different pieces, and put them together in the right way. And that's exactly what Axonius does. And that's how it's radically different. We have over 500 adapters that we come into your infrastructure, we don't deploy anything new, we just take all the existing data from your existing infrastructure, your existing controls, and we know how to put that data together. And when we started, we were the only ones who took this approach. We were a unique, innovative new approach. And that's what's caused us to grow so fast because of the value that brings to customers. And today, you know, Gartner's coined this category name for themselves as CASM, you know, cybersecurity asset and attack surface management. We call ourselves cybersecurity asset management when we started about five and a half years ago, and we chose that term because nobody else had chosen it. And we knew that's how our customers, and our market thinks about it. And it's become such a big category so quickly, then many new companies are now trying to follow in our footsteps. And we're very proud of the fact that the market is waking up to how important and how fundamental this is.
Novinson: So, what do you think distinguishes you from some of the newer competitors who have sprouted up in recent years?
Sysman: So I think the biggest thing that a customer or organization that wants to solve this problem needs to think about is three very important things. And obviously, that's where we differentiate because we do that the best. And we will continuously do whatever we can to be the best in that - both in terms of scale, and in speed and in value. The first is how comprehensive is the solution? How many adapters, how many data sources, how much of your environment, whether it's somebody working from home from a personal device, or an enterprise server or container, the cloud or an IoT device - how comprehensive is that solution? And the way to measure that is how many data sources, how many adapters can you connect to, and how comprehensive those adapters are? And I know by far, we're the ones who are most comprehensive. Because that's what our customers tell us. And obviously, we are the biggest and started doing this the first. So that's a meaningful gap that we have today. The second part is how good can you correlate all that data together. If you're just collecting information and you don't know how to put those pieces of the puzzle together the right way, you're essentially just a database of data, which is what a lot of customers experience, when they try to solve this problem with a CMDB. And a CMDB is, by its name, a database that you need to funnel information into. The value that gives you that visibility is knowing how to correlate that data together. And the more a correlation engine, the more networks it's seen, the more devices it's seen, the more environments it's seen, the better it is. Obviously, it's the snowball effect, though. The better you are, the more customers you get, because you're better, then you even get better faster. And that gives a very strong first mover advantage that we have correlation. And then the third, and this, to me, is the most important is the customer experience. Are you really helping them solve their problem? Or you're really guiding them to understand what they're looking for and understand their business context, understand their challenges. Are you able to get them to be very happy vocal fans of the value you brought to them? Because otherwise you just don't have a reason to exist, you don't have a justification to exist. And I think those three are the ones that any vendor or any solution this space needs to focus on. And obviously that's how we focused on our culture in our DNA from the beginning. Let's go into the crystal ball here and look ahead to 2023. Off the top, I wanted to get a sense of the biggest market opportunity that you're hoping to tackle in the year ahead. Yeah, so I think this problem, the most acute surface level of it was devices, right? That's where we started from. People had no idea what devices they had. And if you look at almost all the regulatory or compliance frameworks, the number one, you know, part of it, like the CIS one, and it's true for SOC 2 for many other compliance frameworks is you need to know what hardware you have, right? What are the devices that are connecting to you. But as soon as we started doing that for our customers, for our users, they started saying, "Hey, you're already connected to all my data sources, all my controls. What about looking at identity?" My identity is fragmented across many different silos. And then we added that as well. And then they start asking us, "Hey, can you do this for my vulnerabilities?" And this year, we launched a vulnerability model that helps you see your vulnerabilities from every source, and even enrich it using the asset context. And using the CISA non-vulnerability list, even knowing how likely it is to get exploited. But then the biggest thing we realized was - this is true for every part of the infrastructure, every entity there is relevant as an asset for security and IT teams. And we even launched a whole new product that does a huge jump of value from our existing asset view, which is around SaaS applications. And today, we have a SaaS management product that is part of that one platform that even lets you see all the SaaS applications you have, and what risks are there, what kind of configuration problems, what kind of security issues, what kind of operational problems even like spend and usage and rogue IT and shadow IT. So, it's really important for us to continue to become that system of record for everything infrastructure, and be able in one place to give answers around everything. And I think that's where that this category and this mean, for the customers will go.
Novinson: You highlighted the number of new modules or capabilities that you've introduced in recent years. What's the fastest growing part of the Axonius business? Which of these modules or features are you seeing the most growth rounded? Why?
Sysman: If we look at it from a business sense, we sell as a platform, so we don't differentiate that much in looking at the difference in growth. But I will tell you, they're all growing together. Because if you think about many of the use cases that organizations need, let's take the example of an employee, a rogue employee, right? Let's say some employee disappeared, and we're concerned about what they're going to do with their information, what they're going to do with their access. And you think about that person, there are so many different elements that have relationships to each other that we need to be able to be on top of. So obviously, there's their device, let's say their work laptop that they took. And we now need to understand, is that locked down? Is that still being used? Was that encrypted? But then you need to understand this person's identity. Is their identity still being used to access the corporate email or the corporate resources? And then there's another question of, did they have any access to any SaaS applications that they were using? Is there any data there that we need to be on top of, that we need to be concerned about. So all those things have relationships to each other. And they work really importantly together as much as they work standalone. And that's why it's so important to cover all of them together in one platform.
Novinson: Looking ahead to 2023, what do you feel will be the toughest challenge for customers as it pertains to asset management?
Sysman: I think especially in security, and it's true for everything around IT and infrastructure is in an environment where we're in a deflationary environment. The stock markets are not going up, it's likely we're in a recession, the inflation is very high, and organizations are going to be very cost-centric. And yet, at the same time, they would want to continue to grow. And they want to continue to utilize technology as a competitive advantage. Every company wants to be a software company these days, every company has an app, every company wants to acquire customers in a digital way. So in order to do that, they have to be secure, they have to be on top of their infrastructure. And I think one of the biggest things that the market is going to really become much better at, and I think it's very important for both the vendor and the customer side to get much better at, is the return on investment. If they want to look at a solution, they want to look at a tool. There's all the prior ways of selling security of the fear, uncertainty and doubt and saying, "If you don't buy this, something bad will happen." But I think the right and healthy approach to the market is to say what's the return on investment? When we're buying this, can I show this justification to my senior leadership, to my board that might not be digital or security informed? Can I show them why this is a very solid, very obvious, good business decision? And I think every customer and every vendor needs to get to the point of saying, "Is this an obvious return on investment that my business wants to take on?"
Novinson: Finally, I wanted to get a sense of your top priority for 2023. What is it?
Sysman: I think it's very similar to what we've done before, which is consistently and relentlessly be thinking about what value do we drive for our customers? Are our customers really seeing the return on investment that they initially thought? Are they seeing their return on investment that they thought that we had talked to them about that they would achieve? Are they still seeing immense value? Are they still keeping us as one of their most favorite vendors? Are they still recommending us or talking to us when they move to new roles? I think that's the essence of everything. How much value are people perceiving and receiving from your solution? Obviously, the other aspect of it is to be as good of an employer as we can during these times that are challenging in the market. Where many companies are doing layoffs, many companies are changing their goals, are changing their future vision, and we want to be as agnostic and as consistent and comprehensive as we can in our mission and our vision. And we try and be unique as an employer. And that mentality and mission statement that we have of growth of us being the place where if you want to grow your career, if you want to grow yourself as a person, we want to give you the most opportunity, we want to give you the most tools to be able to do that. And I think it's evident in many ways in our organization where we have people who started here as the first employee of a department and now leaves that department with hundreds of employees under them.
Novinson: Absolutely. It'll be interesting to watch the space and what you're doing at Axonius, going forward. Dean, thank you so much here for the time.
Sysman: Thank you very much, Michael. It was a pleasure.
Novinson: Same here. We've been speaking with Dean Sysman. He is the co-founder and CEO at Axonius for Information Security Media Group. This is Michael Novinson. Have a nice day.