SlideShare a Scribd company logo

Disrupting Security (2017)

ā€¢
ā€¢
Dug Song
Dug Song

Keynote for AGC's annual security conference / meat market in San Francisco ahead of the RSA Conference, February 2017. "This is your industry I will not let inside me - NO I steered clear, long (and hard) ago I wiped the slate clean As the whistle I hear Downtown - noon Within a visible distance It's with invisible distance" -- Universal Order of Armageddon, Baltimore, 1996 https://www.youtube.com/watch?v=yfi9dtZj6Y8

Technology
1 of 52
Download to read offline
Disrupting Security Dug Song, CEO duo.com
Disrupting Security Dug Song, CEO duo.com
Disruptive Innovation An innovation that creates a new market by providing a different set of values, which ultimately (and unexpectedly) overtakes an existing market
w00w00: Disrupting Industries Since 1999
w00w00: Disrupting Industries Since 1999
w00w00: Disrupting Industries Since 1999
w00w00: Disrupting Industries Since 1999
w00w00: Disrupting Industries Since 1999
Best-In-Class SaaS Growth $15M $30M $45M $60M Q 1 Q 2 Q 3 Q 4 Q 5 Q 6 Q 7 Q 8 Q 9 Q 10 Q 11 Q 12 Q 13 Q 14 Q 15 Q 16 Q 17 Q 18 Q 19 Q 20
Best-In-Class SaaS Efficiency $150M $300M $450M $600M $60M $87M$90M$96M$99M $119M $143M $177M $347M $559M $49M Median
1. Threats 2. Architecture 3. Market
1. Threats 2. Architecture 3. Market
A Portrait Of The Hacker As A Young Man (ca. 1999) Break Build Authentication dsniff,ā€Ø Kerberos v4 OpenSSH,ā€Ø RPCSEC_GSS (NFSv4) Firewalls Cisco PIX,ā€Ø Check Point FW-1 pf (OpenBSD) VPN Check Point FW-1 OpenBSD IPSEC,ā€Ø dsocks IDS / IPS Sourceļ¬re, ISS, etc. Anzen/NFR (Check Point),ā€Ø Arbor Networks
ā€œA lot of people think that nation- states are running on zero-days, but there are so many more vectors that are easier, productive, and less risky.ā€ Rob Joyce, NSA TAO, Jan 2016
ā€œIn the world of advanced persistent threat actors, credentials are king for gaining access to systems.ā€ Rob Joyce, NSA TAO, Jan 2016
ā€œBetter-defended networks require speciļ¬c methods for accessing resources, monitoring credential use, looking for anomalous behavior, and two-factor authentication.ā€ Rob Joyce, NSA TAO, Jan 2016
95% OF BREACHES involve stolen credentials ā€” Verizon 2015 Data Breach Investigations Report #1: Users
#2: Devices 75% Of Breaches Involve Compromised Devices Source: Duo analysis of 2M+ devices, Jan 2016
#3: Access
Obama To Schmidt: Nationā€™s Cybersecurity Priorities?
Obama To Schmidt: Nationā€™s Cybersecurity Priorities? āœ“ Strong Authentication āœ“ Up-to-Date Devices āœ“ End-to-End Encryption
President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats.
President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats. āœ“ Up-to-Date Devices
President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats. āœ“ Up-to-Date Devices āœ“ Two-Factor Authentication
President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats. āœ“ Up-to-Date Devices āœ“ Two-Factor Authentication X Encryption?!ā€Ø ā€Ø THANKS OBAMA
1. Threats 2. Architecture 3. Market
Security Bingo Network Firewall/ VPN UTM IDS/IDP Data Messaging/ Encryption DLP Web WAF/Fraud Endpoint Desktop Mobile Identity IAM/SSO Management SIEM/ Analytics VA/GRC
Security Flipped! ( Ā°ā–”Ā° Network Firewall/ VPN Cloud & SaaS Microsoft, Amazon, Google, Salesforce, Box, etc. UTM IDS/IDP Data Messaging/ Encryption DLP Web WAF/Fraud Endpoint Desktop Modern Devices iOS, Android, Windows 10, OS X, ChromeOSMobile Identity IAM/SSO Management SIEM/ Analytics VA/GRC
From Bolt-On To Built-In Security
1. Threats 2. Architecture 3. Market
Defenseā€Ø in Depth
Defenseā€Ø in Depth Expenseā€Ø in Depth
Better Security, Not Just More
Goldilocks Strategy
Goldilocks Strategy Solve for Time, Value, Access, & Skill
Enterprise-Grade Security + Consumer-Grade Design
Mission DEMOCRATIZE SECURITY by making it easy & effective
2
7 7
Siloed Point SolutionsSiloed Point Solutions Users Devices Network Apps 13
Modern Access SecurityModern Access Security Users Devices Network Apps Trusted Access 14
Trusted Access Ensure only trusted users & devicesā€Ø can access protected applications
2017DuoProductLine Duo Free Easy two-factor authen1ca1on, free for up to 10 users. $0 Duo MFA Easy, best-of-breed two- factor authen1ca1on for cloud and on-premise applica1ons. $3 Duo Beyond Our next-genera1on security control pla?orm for modern, perimeter-less organiza1ons. $9 Duo Access Our essen1al security suite to manage trust and address risks from mobile, BYOD, and cloud adop1on. $6
Inbound Marketing: 93% of Leads, 75% of ACV
1/12 3/12 5/12 7/12 9/12 11/12 1/13 3/13 5/13 7/13 9/13 11/13 1/14 3/14 5/14 7/14 9/14 11/14 1/15 3/15 5/15 7/15 9/15 11/15 1/16 3/16 5/16 7/16 9/16 11/16 High-Velocity, High-Volume, Predictable Growth ā€£ Time: 75% of customers up and running in < 1 day ā€£ Value: 50%+ new ACV from expansion & upsell ā€£ Access: 25% SMB, 25% Mid-Mkt, 50% Enterprise ā€£ Skill: Most buyers IT, not security ā€£ Love: 70 NPS, 1000+ New Logos/Qtr Series A Series B Series C
1/12 3/12 5/12 7/12 9/12 11/12 1/13 3/13 5/13 7/13 9/13 11/13 1/14 3/14 5/14 7/14 9/14 11/14 1/15 3/15 5/15 7/15 9/15 11/15 1/16 3/16 5/16 7/16 9/16 11/16 High-Velocity, High-Volume, Predictable Growth ā€£ Time: 75% of customers up and running in < 1 day ā€£ Value: 50%+ new ACV from expansion & upsell ā€£ Access: 25% SMB, 25% Mid-Mkt, 50% Enterprise ā€£ Skill: Most buyers IT, not security ā€£ Love: 70 NPS, 1000+ New Logos/Qtr Series A Series B Series C
duo.com Moscone South #1247

Recommended

Passwords Found on a Wireless Network
Passwords Found on a Wireless NetworkPasswords Found on a Wireless Network
Passwords Found on a Wireless NetworkDug Song
Ā 
Ann Arbor Startup Development 2009
Ann Arbor Startup Development 2009Ann Arbor Startup Development 2009
Ann Arbor Startup Development 2009Dug Song
Ā 
Startups: The Extreme Sport of Business
Startups: The Extreme Sport of BusinessStartups: The Extreme Sport of Business
Startups: The Extreme Sport of BusinessDug Song
Ā 
From the Arsenal of Democracy, to Democratizing Security
From the Arsenal of Democracy, to Democratizing SecurityFrom the Arsenal of Democracy, to Democratizing Security
From the Arsenal of Democracy, to Democratizing SecurityDug Song
Ā 
A Hacker's Life
A Hacker's LifeA Hacker's Life
A Hacker's LifeDug Song
Ā 
The Balanced Engineer
The Balanced EngineerThe Balanced Engineer
The Balanced EngineerDug Song
Ā 
Letter from Ann Arbor Residence Inn
Letter from Ann Arbor Residence InnLetter from Ann Arbor Residence Inn
Letter from Ann Arbor Residence InnDug Song
Ā 
Nidsbench - Network Intrusion Detection Test Suite
Nidsbench - Network Intrusion Detection Test SuiteNidsbench - Network Intrusion Detection Test Suite
Nidsbench - Network Intrusion Detection Test SuiteDug Song
Ā 

Recommended

Passwords Found on a Wireless Network
Passwords Found on a Wireless NetworkPasswords Found on a Wireless Network
Passwords Found on a Wireless NetworkDug Song
Ā 
Ann Arbor Startup Development 2009
Ann Arbor Startup Development 2009Ann Arbor Startup Development 2009
Ann Arbor Startup Development 2009Dug Song
Ā 
Startups: The Extreme Sport of Business
Startups: The Extreme Sport of BusinessStartups: The Extreme Sport of Business
Startups: The Extreme Sport of BusinessDug Song
Ā 
From the Arsenal of Democracy, to Democratizing Security
From the Arsenal of Democracy, to Democratizing SecurityFrom the Arsenal of Democracy, to Democratizing Security
From the Arsenal of Democracy, to Democratizing SecurityDug Song
Ā 
A Hacker's Life
A Hacker's LifeA Hacker's Life
A Hacker's LifeDug Song
Ā 
The Balanced Engineer
The Balanced EngineerThe Balanced Engineer
The Balanced EngineerDug Song
Ā 
Letter from Ann Arbor Residence Inn
Letter from Ann Arbor Residence InnLetter from Ann Arbor Residence Inn
Letter from Ann Arbor Residence InnDug Song
Ā 
Nidsbench - Network Intrusion Detection Test Suite
Nidsbench - Network Intrusion Detection Test SuiteNidsbench - Network Intrusion Detection Test Suite
Nidsbench - Network Intrusion Detection Test SuiteDug Song
Ā 
Entrepreneurs Foundation of Ann Arbor
Entrepreneurs Foundation of Ann ArborEntrepreneurs Foundation of Ann Arbor
Entrepreneurs Foundation of Ann ArborDug Song
Ā 
Monkey-In-The-Middle (2001)
Monkey-In-The-Middle (2001)Monkey-In-The-Middle (2001)
Monkey-In-The-Middle (2001)Dug Song
Ā 
Network Situational Awareness with d00gle
Network Situational Awareness with d00gleNetwork Situational Awareness with d00gle
Network Situational Awareness with d00gleDug Song
Ā 
Silver Needle in the Skype
Silver Needle in the SkypeSilver Needle in the Skype
Silver Needle in the SkypeDug Song
Ā 
Fragroute - NIDS Testing Revisited (2002)
Fragroute - NIDS Testing Revisited (2002)Fragroute - NIDS Testing Revisited (2002)
Fragroute - NIDS Testing Revisited (2002)Dug Song
Ā 
Intrusion Detection 101 (1999)
Intrusion Detection 101 (1999)Intrusion Detection 101 (1999)
Intrusion Detection 101 (1999)Dug Song
Ā 
SSH Traffic Analysis Attacks (2001)
SSH Traffic Analysis Attacks (2001)SSH Traffic Analysis Attacks (2001)
SSH Traffic Analysis Attacks (2001)Dug Song
Ā 
A Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityA Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityDug Song
Ā 
A Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityA Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityDug Song
Ā 
A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)Dug Song
Ā 
A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)Dug Song
Ā 
Ann Arbor Startup Community Development H1'09
Ann Arbor Startup Community Development H1'09Ann Arbor Startup Community Development H1'09
Ann Arbor Startup Community Development H1'09Dug Song
Ā 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
Ā 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
Ā 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
Ā 
Finology Group ā€“ Insurtech Innovation Award 2024
Finology Group ā€“ Insurtech Innovation Award 2024Finology Group ā€“ Insurtech Innovation Award 2024
Finology Group ā€“ Insurtech Innovation Award 2024The Digital Insurer
Ā 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
Ā 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
Ā 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
Ā 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
Ā 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
Ā 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
Ā 

More Related Content

More from Dug Song

Entrepreneurs Foundation of Ann Arbor
Entrepreneurs Foundation of Ann ArborEntrepreneurs Foundation of Ann Arbor
Entrepreneurs Foundation of Ann ArborDug Song
Ā 
Monkey-In-The-Middle (2001)
Monkey-In-The-Middle (2001)Monkey-In-The-Middle (2001)
Monkey-In-The-Middle (2001)Dug Song
Ā 
Network Situational Awareness with d00gle
Network Situational Awareness with d00gleNetwork Situational Awareness with d00gle
Network Situational Awareness with d00gleDug Song
Ā 
Silver Needle in the Skype
Silver Needle in the SkypeSilver Needle in the Skype
Silver Needle in the SkypeDug Song
Ā 
Fragroute - NIDS Testing Revisited (2002)
Fragroute - NIDS Testing Revisited (2002)Fragroute - NIDS Testing Revisited (2002)
Fragroute - NIDS Testing Revisited (2002)Dug Song
Ā 
Intrusion Detection 101 (1999)
Intrusion Detection 101 (1999)Intrusion Detection 101 (1999)
Intrusion Detection 101 (1999)Dug Song
Ā 
SSH Traffic Analysis Attacks (2001)
SSH Traffic Analysis Attacks (2001)SSH Traffic Analysis Attacks (2001)
SSH Traffic Analysis Attacks (2001)Dug Song
Ā 
A Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityA Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityDug Song
Ā 
A Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityA Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityDug Song
Ā 
A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)Dug Song
Ā 
A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)Dug Song
Ā 
Ann Arbor Startup Community Development H1'09
Ann Arbor Startup Community Development H1'09Ann Arbor Startup Community Development H1'09
Ann Arbor Startup Community Development H1'09Dug Song
Ā 

More from Dug Song (12)

Entrepreneurs Foundation of Ann Arbor
Entrepreneurs Foundation of Ann ArborEntrepreneurs Foundation of Ann Arbor
Entrepreneurs Foundation of Ann Arbor
Ā 
Monkey-In-The-Middle (2001)
Monkey-In-The-Middle (2001)Monkey-In-The-Middle (2001)
Monkey-In-The-Middle (2001)
Ā 
Network Situational Awareness with d00gle
Network Situational Awareness with d00gleNetwork Situational Awareness with d00gle
Network Situational Awareness with d00gle
Ā 
Silver Needle in the Skype
Silver Needle in the SkypeSilver Needle in the Skype
Silver Needle in the Skype
Ā 
Fragroute - NIDS Testing Revisited (2002)
Fragroute - NIDS Testing Revisited (2002)Fragroute - NIDS Testing Revisited (2002)
Fragroute - NIDS Testing Revisited (2002)
Ā 
Intrusion Detection 101 (1999)
Intrusion Detection 101 (1999)Intrusion Detection 101 (1999)
Intrusion Detection 101 (1999)
Ā 
SSH Traffic Analysis Attacks (2001)
SSH Traffic Analysis Attacks (2001)SSH Traffic Analysis Attacks (2001)
SSH Traffic Analysis Attacks (2001)
Ā 
A Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityA Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm Activity
Ā 
A Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm ActivityA Snapshot of Global Internet Worm Activity
A Snapshot of Global Internet Worm Activity
Ā 
A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)
Ā 
A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)A Stateful Inspection of Firewall-1 (2000)
A Stateful Inspection of Firewall-1 (2000)
Ā 
Ann Arbor Startup Community Development H1'09
Ann Arbor Startup Community Development H1'09Ann Arbor Startup Community Development H1'09
Ann Arbor Startup Community Development H1'09
Ā 

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
Ā 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
Ā 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
Ā 
Finology Group ā€“ Insurtech Innovation Award 2024
Finology Group ā€“ Insurtech Innovation Award 2024Finology Group ā€“ Insurtech Innovation Award 2024
Finology Group ā€“ Insurtech Innovation Award 2024The Digital Insurer
Ā 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
Ā 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
Ā 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
Ā 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
Ā 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
Ā 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
Ā 
šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜RTylerCroy
Ā 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
Ā 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
Ā 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
Ā 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
Ā 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
Ā 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
Ā 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
Ā 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĆŗjo
Ā 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
Ā 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
Ā 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Ā 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Ā 
Finology Group ā€“ Insurtech Innovation Award 2024
Finology Group ā€“ Insurtech Innovation Award 2024Finology Group ā€“ Insurtech Innovation Award 2024
Finology Group ā€“ Insurtech Innovation Award 2024
Ā 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
Ā 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
Ā 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Ā 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Ā 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Ā 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
Ā 
šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜
Ā 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
Ā 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Ā 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Ā 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Ā 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Ā 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Ā 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Ā 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Ā 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Ā 

Disrupting Security (2017)

  • 3. Disruptive Innovation An innovation that creates a new market by providing a different set of values, which ultimately (and unexpectedly) overtakes an existing market
  • 9. Best-In-Class SaaS Growth $15M $30M $45M $60M Q 1 Q 2 Q 3 Q 4 Q 5 Q 6 Q 7 Q 8 Q 9 Q 10 Q 11 Q 12 Q 13 Q 14 Q 15 Q 16 Q 17 Q 18 Q 19 Q 20
  • 13.
  • 14.
  • 15. A Portrait Of The Hacker As A Young Man (ca. 1999) Break Build Authentication dsniff,ā€Ø Kerberos v4 OpenSSH,ā€Ø RPCSEC_GSS (NFSv4) Firewalls Cisco PIX,ā€Ø Check Point FW-1 pf (OpenBSD) VPN Check Point FW-1 OpenBSD IPSEC,ā€Ø dsocks IDS / IPS Sourceļ¬re, ISS, etc. Anzen/NFR (Check Point),ā€Ø Arbor Networks
  • 16.
  • 17.
  • 18. ā€œA lot of people think that nation- states are running on zero-days, but there are so many more vectors that are easier, productive, and less risky.ā€ Rob Joyce, NSA TAO, Jan 2016
  • 19. ā€œIn the world of advanced persistent threat actors, credentials are king for gaining access to systems.ā€ Rob Joyce, NSA TAO, Jan 2016
  • 20. ā€œBetter-defended networks require speciļ¬c methods for accessing resources, monitoring credential use, looking for anomalous behavior, and two-factor authentication.ā€ Rob Joyce, NSA TAO, Jan 2016
  • 21. 95% OF BREACHES involve stolen credentials ā€” Verizon 2015 Data Breach Investigations Report #1: Users
  • 22. #2: Devices 75% Of Breaches Involve Compromised Devices Source: Duo analysis of 2M+ devices, Jan 2016
  • 24. Obama To Schmidt: Nationā€™s Cybersecurity Priorities?
  • 25. Obama To Schmidt: Nationā€™s Cybersecurity Priorities? āœ“ Strong Authentication āœ“ Up-to-Date Devices āœ“ End-to-End Encryption
  • 26. President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats.
  • 27. President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats. āœ“ Up-to-Date Devices
  • 28. President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats. āœ“ Up-to-Date Devices āœ“ Two-Factor Authentication
  • 29. President Obamaā€™s $19 Billion Cybersecurity Proposal Calls for 35% Increase Over 2016 Enacted Level Major Pieces of the Cybersecurity National Action Plan Critiques from the Tech Industry ā€¢ While manyin the techindustryhave applauded the presidentā€™s proposal for investment, many of the suggestionsare seen as basic and a sign at how woefully behind our governmentis on cybersecurity.BrianBarrett,a writer for Wired magazine,compares the plan to ā€œstandard advice youā€™d give a tech noviceā€. ā€¢ With the proposalcoming from a ā€œlame-duckā€ president nearingthe end of his second term, there is a growingpessimismthat pieces that require congressionalaction will go unfunded. ā€¢ Despite being a basic tenet of internet security, encryptionis notablyabsentfromthe presidentā€™s press release.While many in the tech communitybelieve encryption is necessary for continued cyber safety, the topic remains controversialin Congress. Full Multi-StepAuthentication Rollout While a large portion of the government uses 2-step or multi-step authenticationfor internal logins,the initiativeplans to extend this extra layer of security to citizen-facingfederal governmentdigital services.The President hopes this switch will also increase public awarenessof this identity proofing mechanism,encouragingmore wide use amongprivate online systems. $3.1billionInformation TechnologyModernization Fund This fund enables the retirement, replacementand modernizationof IT equipment throughout the government.Many see this initiative as overdue as some branches of the governmentare running antiquated as old as Windows XP which Microsoft stopped officiallysupporting in 2014. National Initiative for CybersecurityEducation $62 billion is requested to invest in educatingthe nationā€™s next generation of cybersecuritypersonnel. Proposed programs include the CyberCorpsReserve which would offer scholarshipsfor Americanswho wish to obtain cybersecurityeducation in exchange for civil service in government. EINSTEINandthe ContinuousDiagnostic andMitigation Program The president proposes allocatingincreasedfunding to the governmentā€™s primarycyberdefense system: EINSTEIN,which has faced significantcriticism since it is currently unable to dynamicallydetect new kinds of cyber intrusions, makingit only useful against known threats. āœ“ Up-to-Date Devices āœ“ Two-Factor Authentication X Encryption?!ā€Ø ā€Ø THANKS OBAMA
  • 31.
  • 33. Security Flipped! ( Ā°ā–”Ā° Network Firewall/ VPN Cloud & SaaS Microsoft, Amazon, Google, Salesforce, Box, etc. UTM IDS/IDP Data Messaging/ Encryption DLP Web WAF/Fraud Endpoint Desktop Modern Devices iOS, Android, Windows 10, OS X, ChromeOSMobile Identity IAM/SSO Management SIEM/ Analytics VA/GRC
  • 34. From Bolt-On To Built-In Security
  • 40. Goldilocks Strategy Solve for Time, Value, Access, & Skill
  • 41. Enterprise-Grade Security + Consumer-Grade Design
  • 43. 2
  • 44. 7 7
  • 45. Siloed Point SolutionsSiloed Point Solutions Users Devices Network Apps 13
  • 46. Modern Access SecurityModern Access Security Users Devices Network Apps Trusted Access 14
  • 47. Trusted Access Ensure only trusted users & devicesā€Ø can access protected applications
  • 48. 2017DuoProductLine Duo Free Easy two-factor authen1ca1on, free for up to 10 users. $0 Duo MFA Easy, best-of-breed two- factor authen1ca1on for cloud and on-premise applica1ons. $3 Duo Beyond Our next-genera1on security control pla?orm for modern, perimeter-less organiza1ons. $9 Duo Access Our essen1al security suite to manage trust and address risks from mobile, BYOD, and cloud adop1on. $6
  • 49. Inbound Marketing: 93% of Leads, 75% of ACV
  • 50. 1/12 3/12 5/12 7/12 9/12 11/12 1/13 3/13 5/13 7/13 9/13 11/13 1/14 3/14 5/14 7/14 9/14 11/14 1/15 3/15 5/15 7/15 9/15 11/15 1/16 3/16 5/16 7/16 9/16 11/16 High-Velocity, High-Volume, Predictable Growth ā€£ Time: 75% of customers up and running in < 1 day ā€£ Value: 50%+ new ACV from expansion & upsell ā€£ Access: 25% SMB, 25% Mid-Mkt, 50% Enterprise ā€£ Skill: Most buyers IT, not security ā€£ Love: 70 NPS, 1000+ New Logos/Qtr Series A Series B Series C
  • 51. 1/12 3/12 5/12 7/12 9/12 11/12 1/13 3/13 5/13 7/13 9/13 11/13 1/14 3/14 5/14 7/14 9/14 11/14 1/15 3/15 5/15 7/15 9/15 11/15 1/16 3/16 5/16 7/16 9/16 11/16 High-Velocity, High-Volume, Predictable Growth ā€£ Time: 75% of customers up and running in < 1 day ā€£ Value: 50%+ new ACV from expansion & upsell ā€£ Access: 25% SMB, 25% Mid-Mkt, 50% Enterprise ā€£ Skill: Most buyers IT, not security ā€£ Love: 70 NPS, 1000+ New Logos/Qtr Series A Series B Series C