Skip to main content

Obsidian Security's Ben Johnson - From the NSA to Emerging Cybersecurity Startups





I've worked at rapid growth companies and emerging technologies are always on the milestone. In the Cybersecurity space, tools in security operations and analytics such as EDR, NTA, UBA, SOAR, and recently, XDR have evolved into household terms.  So what's next? 

CDR - Cloud Detection and Response

When I heard about cloud security, I researched and came across an online interview - "Frictionless SaaS Security" -  with Ben Johnson, one of the Co-Founders of ā€‹Obsidian Security,ā€‹ a three-year-old startup based in Newport Beach. "Frictionless" evokes visions of seamless, smooth, and easy deployment and use. Is it really possible to deploy an uncomplicated cloud security solution that will address a very complex problem?  This frictionless solution is the next emerging tool called Cloud Detection and Response. 

I found the interview very insightful as it dove into Benā€™s backstory from working for the NSA (National Security Agency) to launching Obsidian, a cloud detection and response platform. Johnsonā€™s first exposure to security began when he saw the thriller, ā€œEnemy of the Stateā€. Soon after fiction turned into fact. The Computer Science major was so fascinated with the NSA that he applied for a job and was hired at the agency.  He says it was such a valuable training ground in cybersecurity and software development that he would have worked unpaid.  Hmmm, I wonder if he would have taken another path if he had not seen the movie.  Note to self - ask him if I ever see him at RSA or a tech conference. 

Seven years later, he transitioned to Finance and Trading but missed working in security and product development which led to him Co-Found Carbon Black. In 2017, he left Carbon Black, to form Obsidian with fellow partners Glenn Chishold (former CTO at Cylance) and Matt Wolff (former Chief Data Scientist at Cylance).



From Endpoint to the Cloud:

But why pivot to the cloud? The founders found their answer after surveying 300 customers and enterprises on what their challenges are around the cloud. The answers werenā€™t too surprising. CISOā€™s didnā€™t know what was going on such in their GSuite, or Salesforce. NGAV (Next Generation Anti Virus)  and EDR (Endpoint Detection and Response) tools "was always their focus but SaaS is a new world... the major concern of whatā€™s going on in their SaaS accountsā€, Johnson said. 

ā€œEndpoint focused binary and malware processes but SaaS comes down to accounts and maps to the employee... each user may have about 20 accounts but what is each user doing? And what kind of access do they have?", Johnson further explained. 

Challenges:

Disparate tools - You access Box by logging into Okta but youā€™re mapped to a particular area, or have certain privileges.

User behavior - You need to understand whoā€™s logging in, who has the account, how are they downloading content, and if they share a lot and to whom?

Tracking all this data is very time consuming and overwhelming for IT, whoā€™s primary focus is to onboard or terminate user accounts behind the firewall. But now when youā€™re outside the firewall and everything is accelerating so fast, how do you detect and respond?

ā€œWeā€™re creating the same problems in 10 days in the cloud that took us 10 years to create on-premā€, said Johnson. ā€œIf you have a staff of 18, that equates to 80 SaaS apps.ā€ This is a major pain for IT teams when trying to determine control, access, and privilege.


Answer to SaaS Security:

Obsidian looks for external adversaries and keeps them out while looking at insider activity whether it is malicious or accidental. Obsidian is like a SaaS EDR (Endpoint Detection and Response).  It's my understanding that their deep integrations can hook to customer's platforms and thread the users, roles, and behaviors - into a single view of different systems. It answers all the questions such as who the user is, what is their role, and where are they located (IP address and data center). Detection, response, and investigation will map the data across the applications.

Deployment:

Sounds like a complex process, but Johnson says onboarding is fast and will reduce dramatically alert fatigue. Analysts will no longer bounce between four different consoles (such as Zoom or Salesforce). According to Johnson, just click for a few minutes and it will start grabbing data. Obsidian is fast to install and has a quick time to value by providing insights in a single view with no impact on productivity. Itā€™s just that simple.

If Obsidian's frictionless SaaS security tool is able to help security operations teams dramatically reduce the time to detect and respond to cloud threats with behavior analytics -  they could be the next cybersecurity startup spearheading the new CDR space. 

If you really want to see how it works, Obsidianā€™s offers a free 14 day trial of the full functionalities of the platform.

Click here to test it out


Labels

Labels:

Comments

Download free softwere saidā€¦
Wow, amazing block structure! How long
Have you written a blog before? Working on a blog seems easy.
The overview of your website is pretty good, not to mention what it does.
In the content!
Crack2dl.com
Cylance Smart Antivirus Crack
DAEMON Tools Ultra Crack
Amazing Slider Enterprise Crack
PDF Shaper Professional Crack
LUXONIX Purity Crack
VideoProc Crack
Artweaver Plus Crack
Altium Designer Crack
June 5, 2022 at 11:56ā€ÆPM
Post a Comment

Popular posts from this blog

Alzheimer's hits again

I just found out that actor Sean Connery, who passed away last October, died of complications due to Alzheimer's. Alzheimer's debilitates cognitive function. The cause of his death hit me three-fold: He was my mother's favorite movie star, they are both in their 90s, and she too has Alzheimer's. According to a recent   AARP feature story ,  I was shocked that the great jazz singer Tony Bennett has Alzheimer's. Tony was also another idol of my mom. She would always perk up whenever she heard his infamous "I left my heart in San Francisco" ballad. Photo by Dyna Lopez In 2017, one year after his diagnosis, my mom, brother, and I watched him for the first time performing in San Francisco to a packed audience amongst a sea of silver-haired ladies. He was 90 at the time and did not disappoint. He belted out hit after hit and showed no signs of the debilitating disease. She sang along to a melody that was unfamiliar to my brother and me. My brother asked her, ...
Post a Comment
Read more

Cupertino Cherry Blossom Festival

It is refreshing to write about a non-political and lighthearted review of a local cultural annual event. Yes, I'm "taking a well deserved break from politics",  my boyfriend Paul chimed. To give you some context, when I do watch television or go online,  I primarily watch news and the current political climate.  The balmy weather was the perfect backdrop for the two day 36th annual Japanese spring celebration known as Cherry Blossom Festival last weekend.  I've seen the banner line the streets of Cupertino last month but decided to attend by invitation of my friend Miyuki who was performing the traditional tea ceremony. It was the perfect lazy Sunday to visit Miyuki and watch her craft at the Quinlan Community Center.  I also had a chance to see my other ex-coworker, Maki, who also participated in the tea ceremony. I've seen tea ceremonies on television but never live so I was really excited to see Miyuki in action. A woman was narrating the entire ...
Post a Comment
Read more

Interview This! 48 Hour Film Project - San Francisco Style

So who the heck are these filmmakers who paid to get their one-weekend-produced film on the big screen? And in this economy? The  48 Hour Film Project  (48HFP) in San Francisco is an annual homage to quickie film making where producers have only two days to create a film out of scratch. When I first heard of 48HFP, I thought these people were bananas. Film production is an unpredictable, challenging and expensive hobby. Why go through the torture, stress and looming deadline and not get paid for it? Uhhhh, can you say out loud P-A-S-S-I-O-N? You can't put a price tag on creative drive and entrepreneurial spirit. Directors, Producers, Writers, Editors, Sound Engineers and Actors from 70 teams showcased their pride and joy during the five day screenfest. These are some of their stories from the June 30 premiere screening that was held at Landmark Lumiere Theater. But wait! Come back for more. I'll upload another feature video this we...
Post a Comment
Read more