29 Aug Airo Labs Announced Scott Chasin Builds Enterprise Security Company ProtectWise…
A Series of Forbes Insights Profiles of Thought Leaders Changing the Business Landscape: Scott Chasin, Co-Founder and CEO, Protectwise.
“ProtectWise is my fourth business, so I look at it as an evolution of everything that I’ve done in my career,” says serial entrepreneur Scott Chasin of his latest endeavor into network security. Cofounded in 2013 by Chasin and CTO Gene Stevens, the Denver, Colorado-based security firm is growing fast through a combination of security savvy and moxie unique to the security field.
Protectwise positions itself as a cloud-based enterprise platform that provides enhanced threat visibility and accelerated incident response.
“It all started with a concept of shifting network security to the cloud. It had never been done before, so that served, really, as the thesis for getting ProtectWise off the ground. We went out and raised a seed round, found investors in Silicon Valley that believed in this vision of security as a utility,” says Chasin.
The company raised a $3 million seed round in April of 2013 with Crosslink Capital and Trinity Ventures that started a 24-month, stealth R&D effort to solve the engineering hurdles required to create a memory for the network and put it in the cloud. Chasin and co-founder Stevens had the idea that if they could essentially “record” everything that happens on an enterprise network, whether that network is in the cloud or that network is at headquarters or a remote office, and they could replay that network into a cloud platform.
They would then use that memory to retrospectively investigate security alerts to find threats that have existed in the network undetected. This enables teams to identify exactly if, when and how an attack entered a system, and mitigate to prevent further damage. In looking backwards, memory streams can be applied to better understand real-time security analytics, like intrusion detection, malware detection and exfiltration detection. Unique to Protectwise, they would offer a service that could store the network traffic in the cloud for a long period of time, creating a retention window that could exceed that of a breach detection window. “The average breach detection window for most organizations out there is eight or nine months, that’s over 200 days before you realize the bad guys are in your network, and so we thought, “If we could create a memory for the network, put it in the cloud, and provide a retention window that could meet or exceed that of the breach detection window, then we could have a repository that we could continuously analyze for new threats, breaches, and attacks,” says Chasin.
Most if not all security today is real-time. Protectwise creates a “time machine” that allows its customers to continuously go back in time to inspect data with new and enhanced intelligence as it becomes available. “The idea I actually borrowed from the International Olympic Committee’s protocol for testing athletes when they train and compete going back over the last decade plus. The interesting fact there is that they store those samples. When they learn about new masking agent signatures that they couldn’t test for, historically, they go back in time and they re-test all those samples. So the idea was, Well, why couldn’t we apply that to security? If we learn about breaches and attacks after the fact, how come we’re not looking backwards to try to compress that breach detection window?’,” says Chasin. Thus the idea for Protectwise was born.
Today ProtectWise is growing fast, quarter over quarter, with blue chip customers that from industries like media, healthcare, oil & gas and major league sports to name a few. The company has attracted over $42 million in funding, most recently with series B round of $25 million led by Tola Capital in November of 2015.
While its approach to creating a virtual “camera” that streams network data to the cloud was a first, its focus on creating a greatly enhanced visual presentation on the data is truly unique to the staid security arena. Chasin and team hired a Hollywood special effects artist who worked on movies like “TRON: Legacy” and “Oblivion” to create its data dashboards.
“Mission control for security needs something more than Fox News and some pie charts and line graphs, and so we brought in a Hollywood designer who was one of the lead designers at Digital Domain in L.A., Jake Sargeant. We’ve been working together for the last three years to create something that not only can be that heads-up, situational awareness, but also leverage the kind and size and scope of data we have to create a much more efficient response when something is detected so that we can connect the dots a lot more efficiently. That really falls into one of our key visions that we have for the company, which is addressing one of the biggest challenges we have in cyber security, which is not necessarily a breach tactic or a zero day, it’s a human resource issue,” says Chasin.
Chasin has been involved at the forefront of security since the early ‘90s. He was the founder of the first software vulnerability alerting service, Bugtraq, in 1990. That service morphed into a company called SecurityFocus and was acquired by Symantec in the late ’90s.
In 1995, he founded USA.NET, which introduced Web-based e-mail to the world. “That was a convergence of technologies and was a seven-year venture. We raised an amazing amount of capital and filed our S-1 to go public at the end of ’99, which wasn’t necessarily great timing, but did a private placement with J.P. Morgan and the business continued to grow. Instead of competing against top provider Hotmail with that venture, we actually private-labeled our technology to companies like Netscape, which was one of our largest customers, and an investor,” says Chasin. That business was sold to Perimeter eSecurity, which is now a part of BAE Systems.
In 2002, he founded MX Logic, which was focused on e-mail security in the cloud. After the company was acquired by McAfee in 2009, Chasin became a CTO at McAfee and was there for three years through the Intel acquisition, running cloud security strategy for Intel McAfee. He then got the itch to start anew.
“In 2013, I started ProtectWise as a reinforcement of what I’ve been doing, which is delivering security as a service or a utility model, and that’s really in my DNA. I’ve been doing that before the cloud was the cloud back to we used to call it application service providing,” says Chasin.
Chasin is not the typical security industry entrepreneur. He grew up in Houston, Texas and went to the University of Houston, but dropped out in his…