Join Sean Martin and Marco Ciappelli as they chat with Dror Liwer, Co-Founder of Coro, about the latest trends in SMB cybersecurity and preparations for Black Hat 2024. Discover the true meaning of a cybersecurity platform and gain insights on how Coro simplifies and enhances security for small to mid-sized businesses.
Join the On Location Podcast co-hosts, Sean Martin and Marco Ciappelli, as they kick off an engaging conversation with Dror Liwer, Co-Founder of Coro, discussing SMB cybersecurity and preparations for Black Hat 2024.
Dror emphasizes Coro’s excitement about participating in Black Hat for the second year, where they will be showcasing their offerings at booth 4734. He contrasts Black Hat with other conferences, noting its unique focus on cybersecurity practitioners and those who carry the weight of their organizations' security.
Throughout the discussion, Dror tackles the buzzwords and trends in the cybersecurity industry. This year, the buzzword is "platform," and Dror provides insight into what truly constitutes a cybersecurity platform. He distinguishes between various types of platforms, such as those built from multiple vendors, internally developed ones like Cisco and Palo Alto, and Coro's own from-the-ground-up modular platform. He also discusses the advantages of a unified and seamless approach to cybersecurity.
The conversation covers the practical benefits of Coro’s platform for service providers and end customers. Dror mentions how Coro simplifies cybersecurity by allowing easy onboarding and flexible licensing. He highlights Coro’s data governance capabilities and modular design, which enable users to scale their security needs up or down efficiently.
Dror also teases his upcoming talk at Black Hat, titled “Platformization, Consolidation, and Other Buzzwords Debunked,” promising a comprehensive framework to help organizations evaluate and select the right cybersecurity platforms for their needs.
The episode closes with Sean and Marco expressing their enthusiasm for continuing the conversation at Black Hat and encouraging listeners to connect with Coro’s energetic team. They also invite the audience to stay tuned for more updates and insights from the event.
Learn more about CORO: https://itspm.ag/coronet-30de
Note: This story contains promotional content. Learn more.
Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]
On LinkedIn | https://www.linkedin.com/in/drorliwer/
Resources
Learn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coro
View all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegas
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
From Zero Trust to AI and now Platformization and Consolidation: Debunking Cybersecurity Buzzwords | A Brand Story Conversation From Black Hat USA 2024 | A Coro Story with Dror Liwer | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: [00:00:00] Marco.
Marco Ciappelli: Sean.
Sean Martin: Vroom vroom.
Marco Ciappelli: There you go. It was your turn.
Sean Martin: It was my turn to start the engine.
Marco Ciappelli: I don't know why we started doing this, but at this point we can't go back. Every time we start to talk about what's going on a blackout, we're going to do vroom vroom, and we better explain that so people don't think we're crazy.
It's because it's chats on the road. That's how I was born to have the pre event conversations and we were literally recording podcast in the car together driving from Los Angeles to Las Vegas. That's why we do Vroom Vroom. Now we're going to fly because it's way too hot to do that and there's not much to see on the way anyway.
But anyway,
Sean Martin: you can only see X, X, Y, Z, Z road so many times.
Marco Ciappelli: I know. I know. And so many stones and desert area. And for some people that do it the first time, it's definitely going to be a lot of fun. But once they've done it a few times, it's okay to fly. But once you get there [00:01:00] at Black Cat, then there is a lot of people to see.
There is a lot of Company there. And of course, there is Las Vegas too, but that's not why we're going there. And, uh, I am glad to see someone that, uh, we were joking. We, we literally see at every conference. So, George, it's so good to see you
Dror Liwer: good to see you guys. As always,
Sean Martin: always a pleasure, my friend. And I, I really, I, I see the, uh, I see the image on LinkedIn primarily where I spend a lot of time.
Of us talking in, in your booth and the, the color of that and you, you just look amazing. I'm, I'm excited to, uh, have that experience again in Las Vegas. And, uh, this chat is to kind of catch up and hear about what's going on ahead of Vegas. So folks know what to, uh, what to expect when they, they come to your booth and meet you there.
Learn more about Coro and all the good stuff you're doing for small medium enterprise.
Dror Liwer: [00:02:00] Yes. So of course, we're very excited to be at black hat. Uh, this is our second year, uh, at black hat. And, uh, we're going to be there in full force with our channel team, with our direct team, um, and, uh, we have a big, uh, booth and we'd love to see everybody.
It's a booth, uh, 4734. Uh, so, um, yeah, and, uh, we're very much looking forward to it. Uh, I think, uh, Black Hat is one of these places where you really get to meet, uh, the doers, the hard workers of cyber security. Unlike some of the other conferences that are a lot more executive and marketing oriented. I think that, uh, at Black Hat, it's a lot more, uh, the people that are caring.
The weight on their shoulders. And we love meeting these people because that's who we cater to.
Sean Martin: Yeah. The, the practitioners are in full force and the architects and the, uh, all the doers and the researchers [00:03:00] all come together at this event, which is really cool.
Dror Liwer: And a lot of service providers, MSPs, MSSPs, especially a lot of those that cater to the more middle market.
Small businesses, which is our bread and butter. Uh, so yeah, it's, it's, uh, it's a good fit for us to be there. Uh, really good conversations, uh, last year. Um, and I think that, uh, this year is going to be. No different. I'm also looking very much forward to my talk. I'm, uh, giving a talk on the 7th at, uh, 3. 45 p.
m. And the title of the talk is, uh, a little bit tongue in cheek. It's, uh, Platformization, uh, Consolidation, and other buzzwords debunked.
Marco Ciappelli: That's really cool.
Dror Liwer: Everybody's talking about platform now.
Marco Ciappelli: Well, all right. So why don't we just do that? Uh, first of all, I'm excited to see your booth in their entirety because we, I guess we, we saw in [00:04:00] London when we met you there.
Great team. We met the old team at Cora with fantastic people. And we, we had a chat right inside the booth. And you told me that was a smaller version. I was like looking up and I'm like, okay, I can't wait to see the big one. But apart from that, I'm excited. Uh, yeah, give us a tease on, uh, what this buzzwords that you're going to debunk are and uh, what is this talk?
Dror Liwer: Yeah, so Uh every year there is a new Buzzword that sort of conquers. So, uh, three years ago, it was, uh, zero trust. Everybody was doing zero trust. Uh, two years ago, it was all about, uh, simplicity. Everybody was simple. Uh, last year, this year and last year, it was all about AI, AI, this AI, that gen AI, everything AI.
And now the big buzzword is platform. Everybody's a platform. CrowdStrike is a platform. Palo Alto is a platform. Everybody's a platform. Uh, so in my [00:05:00] talk, I'm actually going to, uh, help the people that are going to, uh, hear me out in, first of all, understanding what is and isn't a platform and how should they look at, I'm actually giving people a worksheet, That they can use just take a picture of and use with with some formulas on how should they assess?
What is the right platform for them? What is a platform at all? Because some vendors out there talk about a platform, but they're far from being a platform. They're a combination of Uh, multiple products, uh, that are sold under one invoice. That's what I call an invoice platform, uh, as opposed to a real cybersecurity platform.
Uh, and there are many, many names you can, uh, you can think of, I'm sure, but, uh, my favorite, uh, uh, for example, when, uh, Kurtz talks about CrowdStrike being a platform, but their email is actually Proofpoint, I rest my case. You know, so, [00:06:00] uh, so to me, you know, I'd like to, uh, sort of create a framework in people's minds of what is and isn't a platform.
I'm going to describe the three types of platforms that are out there. Um, and which also ties directly into consolidation. And also, I'm going to talk about how do you, uh, evaluate which kind of platform is right for you. Uh, and within that, how do you evaluate the platforms that are out there, as far as they're fit for your specific needs.
Um, so, uh, there's a nice, uh, we've done a lot of work internally at Coro in trying to understand how people should think about these things, and I codified it in a way that anybody can now take it and operationalize it in their own business, in their own company.
Marco Ciappelli: So let me, let me see if I got it right.
My, uh, my vision is, uh, Frankenstein, right? You put pieces together and, you know, we know what happened. I mean, Shelley, tell us what [00:07:00] happened. Uh, the, what you're saying here is that it should be a platform by design, kind of like security, meaning you, you, you build it from the ground in a modular way as you guys do.
And that's why when you say you just, Invoice as a platform means that you're just taking a piece, you're Frankenstein that, I'm doing a verb with Frankenstein here, and That's not going to be what you want.
Dror Liwer: Yeah, or maybe it is. Maybe all you need is an invoice platform because that's something that takes away a lot of your procurement headaches.
And you can create a better, you can negotiate better with the vendor because you. Uh, by a lot of things from one vendor. So maybe it is what you need. I'm not, I'm not advocating against it. I'm saying that that's one type of platform, which is more around, uh, vendor consolidation rather than technology, which is what we offer, which is a [00:08:00] platform that was built from the ground up.
As a platform that is modular, in which all the modules talk to each other seamlessly, where you have one dashboard, one pane of glass that you need to work with, where you have one endpoint agent that you need to deploy, just one. Uh, that, uh, that, uh, that self manages and you don't need to do any maintenance on, uh, and, and that all of these modules talk to each other because it's an actual platform, you know, some of these invoice platforms, these tools don't talk to each other and rely on humans.
To do the triage in many ways and our approach to security is very different. Our approach is, uh, you know, why not have these tools talk to each other? And make smart decisions and take the human, uh, out of the mundane work and let the people focus on the big [00:09:00] picture and not on chasing events and trying to understand triangulation between what your email security is saying and what your access security is saying and what your cloud security is saying.
Sean Martin: And I don't want, uh, I don't want to steal any thunder from the session. So don't, don't give anything away here that, uh, you want people to come in and enjoy live on, uh, on hand in person. But you mentioned platform archetypes. I don't know. What can you share about that? Cause that, that seems really cool.
Mark and I like. Like to look at things from an archetypical perspective as well. So what, what's that all about? Um, can you tease us a bit on it?
Dror Liwer: So, so I look at them from, uh, a consolidation of vendors, um, in which, um, the platform is actually made up of multiple vendors that are sold by one organization.
Uh, to me, CrowdStrike is a great example of that, where, uh, some of the tools that they offer are actually [00:10:00] third party. Uh, that are not really integrated, but still you're buying from a vendor. Uh, you have one chokehold, uh, that you need, uh, to have, you have one invoice, you can negotiate better. So that's one type.
The second type is more of a Cisco Palo Alto situation where it's all their product, whether by acquisition or development, but it's, they're standing behind that product. And there's pluses and minuses to that as well. And then the third is, uh, what we are, which is a platform that was grown. From the ground up, no acquisition, no, uh, uh, really fully integrated.
And then there is something that is, uh, a little different, which is more of a service platform where you're buying, uh, a stack from a service vendor that has done that is basically masking all of the complexity and taking it upon themselves. Very costly, [00:11:00] because you know, somebody has to pay for all that, uh, but as a as a company who needs a platform, this also could be an option.
So I'm trying to be as unbiased as I can be, uh, in my talk in presenting the pluses and minuses of each one of those archetypes and then helping the audience understand how to decide which one of those is the right fit for their organization. I'm by no means. Uh, I'm saying that we are the right fit for everybody.
Uh, so, so I'm, I'm, I'm presenting this as here's, here's what you need to think about when you're looking at these four archetypes. And then within the four archetypes, I've created this, uh, uh, call it worksheet, spreadsheet, whatever you want, in which each area that you need to look at, you give it a weight and you give it a score.
And then at the end, when you're comparing platforms, Within a space that you're interested in, whether it's an [00:12:00] invoice or, uh, a vendor or, uh, and then within those, you can see which one is the best fit for your needs based on what is important to you as an organization or as a team that is, uh, managing security on behalf of the organization.
So it's, it's really smart. It's, it's, uh, uh, I'm saying so myself because I'm very unbiased, of course, but, but I've invested a lot of work with my team in building this, uh, uh, sort of like, um, decision architecture that would be, I think, very helpful for an organization to look at how to consolidate, um, in a way that is the right fit for the organization.
For them.
Marco Ciappelli: Yeah. No, I love
Sean Martin: the real quickly, Mark. I just want to make this comment because so an unbiased you those those view of those different types to your [00:13:00] point, there are certain things work for different organizations, but for you, and can you correct me if I'm wrong here, but as your vision to platform by design, achieve certain objectives with the solution that you build for specific audience that has those requirements, does that help you really you.
Focus in and make, I'll say better decisions, at least more informed decisions on how and where to invest to stay true to that particular audience.
Dror Liwer: So we look at, uh, every decision we make as a company, not just from a product development side, but also from a go to market side, we look at it through the lens of our audience and our.
Our end audience is the mid market and small businesses, but our real audience is the service providers who are serving them. So the MSPs, the MSSPs, that are helping these organizations. [00:14:00] So we look at this from both perspectives, and every decision we make as a company is, uh, is looking at, uh, at the decision through the lens of how is this going to make these people's lives easier and how are we going to make their businesses more secure, um, and, and our decisions.
As far as product, as far as features, uh, are always looking at it from that lens. So, uh, I always say if, if you, uh, look at a feature. Checklist, then, um, you know, our thinking is we actually removed features because our thinking was, we need to make it simpler and easier for my audience to be able to manage it because they don't have the time or the dedicated staff to deal with a bunch of, uh, knobs and, [00:15:00] and bells and whistles.
They need security. They need security. They can trust. They need security that looks at things on their behalf and removes workload, not adds workload. Whether they're the end customer or the service provider who's serving them. Because if you're a service provider, if you're an MSP, and you want to provide your mid market or small businesses, uh, with really strong cyber security, today it's not economically possible.
Because there is no way for you to offer them that in a way that you make a reasonable profit and they can afford, right? And we've taken that away. We've taken that away out of the equation because we've built it in a way that you don't need to build a huge team, which is the highest cost from an MSP's perspective.
Uh, you don't need to Build a huge team to manage us. The system practically self manages on the one hand side and the system itself is very [00:16:00] reasonably priced. So you can offer it to your customers in a way that they can afford it. Provide them the full security, uh, workspace, security, um, gamut of Endpoint and network and cloud and email and user and data governance all in one platform using one engine, using one endpoint agent, using one, uh, pane of glass.
So from your perspective as a service provider, it's so much easier and so much more economical and so much more profitable to offer that kind of environment to that small business, to that mid market customer in any vertical. Thank you.
Marco Ciappelli: Yeah, I think that's a plus because then as a service provider, you can offer your service on top of that.
So it's not, it's very, it's very flexible. Not only well, if you say easy and it's also need to be flexible so it can adopt. And I know it's a modular [00:17:00] system. But this is what I want to go back a little bit is into what is right for you. And. Often what is right for you today may not be right for you tomorrow.
So that may be a moment where you say, Hmm, you know what? I didn't even know I could go this direction, but I feel like I'm stuck with, with the stock that I have. I know Sean, you loves the stock. So I'm going to use it
twice.
And how I would like to know, maybe our audience right now would like to know how easy it is to start.
To jump on board with with Coro.
Dror Liwer: Yeah. Yeah. Um, so a couple of comments about that. Uh, first of all, you're absolutely right. Uh, many times, uh, once you're fully invested in a very expensive, uh, complex security platform, it's very hard to extract yourself from it. So with us, first of all, [00:18:00] Onboarding onto our platform, I'm not exaggerating, is minutes, not hours, not months, not days, minutes.
Uh, our customer success team can onboard a customer during a 20 minute call. And take them from no security to full workspace security of endpoint, user, cloud, email, network, everything in about 20 minutes with all of the configuration, all of the configuration done in those 20 minutes. That's one thing, but more importantly, the way the platform was designed was that you can add and remove modules on demand.
No, you don't need to be a tech tech genius to do that. You just turn them on, turn them off. They work so you can scale up if your needs change. But you can also scale down if your needs change, both from a user perspective, user user based perspective or from [00:19:00] a functionality perspective. And once you turn something on, it just works.
There is no integration work, There is no, uh, configuration work. None of that. You just turn it on and it just works. I'll give you two examples that are very key. One of the key things that we're hearing more and more from our customers and our partners is all about data governance, because the government is now becoming a lot more aggressive in putting regulations around cyber security and data governance that historically have only been Apply to the very large enterprises, and now they apply to anybody.
So an example of that is the safeguard rules that the FTC pulled, put out, uh, uh, last year. Uh, so with us, you basically say, I want data governance. You turn on the module, you say what kind of data governance you want, and it, it applies to your email, to your cloud storage, [00:20:00] uh, to your, uh, to your, uh, endpoint device, to everything.
You don't need to start dealing with. You just tell us what you want to govern, where you want it governed, and that's it. It just happens. Magic. Um, very, very different than other platforms that require you to do an enormous amount of configuration work. Definition of, uh, uh, dictionaries, uh, uh, writing scripts and all, none of that.
You just tell me what kind of data you need governed. And you trust us that we've done all the work behind the scene on your behalf as far as identifying it, complying with different rules in different geographies, complying with different rules in different verticals. You don't need to worry about any of that.
You just click a button and you can go from no data governance to data governance in minutes. That's an example. Another example I'll give you is user base. Let's say you spoke about, you know, changes in needs. Thanks. Take a retailer. [00:21:00] For example, a retailer has these cycles of, uh, employees, uh, of staff, because for example, towards the holiday season, they bring in lots of staff on to deal with the holiday season, and then at the end of the holiday season, that temporary staff goes away with us.
No problem. Add staff. You only pay for what you use. So add the 2000 people that you're adding for the period of time during the holidays. That's great. At the end of those, uh, two months. Take those licenses back and pay for the 300 people that you have on an ongoing basis for the year. I don't know too many other vendors that say that.
Once you lock them in, you can't get out. That's it. You're paying for that license for the year.
Sean Martin: That's wild. And I want to go back to, as we wrap here, just one point on the previous example. Um, you've done the work for the different regions, the different policies, [00:22:00] different regulations for the data governance.
very much. And I'm thinking, that's great as an individual company, thank you very much, but as an MSP, holy cow, they can easily serve a much broader spectrum of organizations and not have to deal with a ton of stuff, uh, differences between them as well.
Dror Liwer: Absolutely. Especially since a lot of their customers have multiple geographies to be, to begin with.
Might have some regional offices, uh, in different places and suddenly they need to now comply with Canadian laws. Uh, you know, just, just, you know, just across the border, uh, 20 miles, totally different rules, uh, of data governance of, of, uh, data residency and, you know, an MSP that sits in, uh, say Detroit. Uh, might also service people that are across the border in Canada and with us, seamless, completely seamless.[00:23:00]
Sean Martin: Nice. Nice. Well, I'm, uh, I'm looking forward to, uh, keep these conversations going, Dror, of course.
Dror Liwer: I'm looking forward to seeing you guys in Vegas. Come to see my, uh, talk.
Sean Martin: I know, it's August 7th, 335, yep, and uh, Business Hall Theater D, uh, Platformization Consolidation and other buzzwords debunked, and of course we're going to put a link to where you can find that information and, and uh, connect with the team at Coro, um, the energy from your team, Dwarak, I can only, uh, It's stuck in my mind, the energy that your team had when we saw them in London is amazing.
Dror Liwer: Our team is great. I'm so proud of them.
Sean Martin: So go see the team. There's a place to book a meeting here as well if you want a deeper dive into any of this stuff. So, uh, Dror, thanks a million for, for this chat. We look forward to seeing
Dror Liwer: you. for having me again, guys. I really appreciate it.
Sean Martin: Thanks everybody.
Marco Ciappelli: We'll see you soon. We'll have another, another conversation. And for everybody [00:24:00] else, Sean, I'm going to steal it from you.
Sean Martin: All right, go for it.
Marco Ciappelli: Subscribe. If you are in Vegas, uh, we can see you there, but a lot of people are not going to make it there and we will be your eyes and, uh, ears and, uh, we'll let you know what's going on there.
We'll Other great conversation like this and the conference and coverage goes before during and after so stay tuned And uh drawer, we'll see you soon.
Dror Liwer: See you soon guys. Thanks a lot.
Marco Ciappelli: Bye everybody