Immunity service
The CEO cyber-security vendor Venafi tells Doug Woodburn that every Global 5000 firm will need its ‘Immune System for the Internet' to defend against the new breed of threats
Despite predicting that every Global 5000 firm will eventually deploy it, Venafi's "Immune System" technology still needs evangelism from the channel before it is an easy sell, according to its chief executive.
"Is it a hard sell?" he pondered. "It's not even a sell; it's an education," Jeff Hudson told CRN after Venafi bagged an additional $39m (£25m) in a round of funding featuring Intel Capital and Silver Lake Waterman.
"This is not a category like next-generation firewalls where people say ‘I need to buy one'. This category is not well understood yet so it's an education and there are a lot of [channel partners] that are not good at educating - they will say they are, but you can't be if you have a line card with 40 vendors."
Salt Lake City-based Venafi currently has just 250 global customers and has endured a mixed track record in Europe, where resellers tell us they have often found it hard to turn the hype around its technology into sales. Two years ago it was forced to chop one in four global staff after expenses got ahead of income.
But according to Hudson, the concept behind Venafi's Immune System for the Internet offering is about to take the industry by storm as recent bugs such as Heartbleed and Shellshock prove the need for its technology.
The human immune system works by crawling through your body and eliminating every cell that does not have a tag which identifies it as you, Hudson said.
But the internet currently lacks a parallel mechanism, he argued.
"We [the IT security industry] put certificates on codes and devices we trust and we have given them the ability to not only authenticate with each other but to use the certificate - or the encryption involved in the certificate - to encrypt messages back and forth... So what we've got now is a world that blindly trusts certificates - and the bad guys know this. And they know that if they can slip a certificate into a large corporate environment, they can be pretty much undetected.
"What Venafi has done is create an immune system for the internet," Hudson said.
"Just like the human body, we crawl around and look for certificates that do not belong, and we disable them. That is why we got such good funding.
You don't too often see names such as Intel Security and Silver Lake unless it's a really big deal and my prediction, and their prediction, is that every one of the Global 5000 - or at least the ones that will survive - will adopt this strategy and will have an immune system."
Despite having been around for 10 years, Venafi sales are still hard to come by for partners and the vendor has just 14 European customers.
Hudson admitted his firm is still in education mode, something for which he said the latest $39m funding boost will come in handy, adding that Venafi had selected the wrong channel partners in the past.
"We are educating like crazy," he said. "I have visited probably 30 CISOs around Europe in the past nine months and there are lots of plans being made in customers for this. At one point, we signed up too many resellers that were box shifters and that was the wrong approach. What we want to do now is help the [resellers and consultancies] we already have become wildly successful."