Today I joined Menlo Security and the reason is simple: After spending more than a decade in the security industry it’s become clear that detection-based security technologies are losing the war against cyber attacks. By joining Menlo Security I’ll be able to help organisations to end attacks delivered via Web and email and push the major fronts of the cyber war back outside of their enterprises.
I’ve worked with many different security technologies, but in the end they all depend on the ability to detect an attack in order to stop it. Detection-based security is like a blood test: It can tell you what you’ve caught, but it doesn’t prevent an infection. Cyber attacks are evolving too quickly for any detection method to be effective for prevention: As soon as we create and deploy a new detection system the attacks evolve to avoid it.
Email and web remain the top 2 vectors of attack for businesses today. Menlo Security is taking these risks off the table, allowing security teams to catch their breath and focus more attention on other issues such as insider threats rather than chasing down endless security alerts, reclassifying blocked Websites and cleaning infected devices.
The Menlo Security Platform is very easy to try – and this addresses another key issue I’ve dealt with when introducing new security technologies. There’s no appliance or endpoint software – it works with your existing device, OS and browser – and an evaluation of the SaaS offering can be set up in minutes.
I’m excited to be part of a transition that moves from trying to detect bad stuff, which we know can never be completely effective, to the Isolation of everything to eliminate threats once and for all.
So goodbye detection, hello Menlo Security!