The Most Significant Bottleneck for Security Operations? With Innovation Sandbox finalist Dov Yoran CEO at Command Zero.

[00:00:00] Hey, it's Andrew here. Just quickly before we start the episode, I want to tell you about one of my favorite newsletters. It's called Strategy of Security. If you want to understand the companies, ideas, and trends shaping cybersecurity and its submarkets, you should take a look. Cole Gromos runs the newsletter and he has spent the last 20 years in cybersecurity, including stints at PwC and Momentum Cyber, the investment bank dedicated to cybersecurity.

[00:00:27] Recent articles I'd like include, how could platformization work in cybersecurity, where he talks about there being lots of single vendor platforms, but not a multi-estate platform. And also one called demystifying cybersecurity's public companies, where he explores the pure play ones and also hybrid companies, which are in cyber. He lists all of them and then breaks down the numbers in all sorts of different ways. Now, this is not a paid promotion. I just simply enjoy what Cole is publishing.

[00:00:57] Check it out at strategyofsecurity.com. Now, on with this episode.

[00:01:12] Welcome to the Cybersecurity Go-To-Market Podcast for a special showcase episode. We're talking to the leaders of the companies who've been selected for the 2025 RSA Conference Innovation Sandbox. These are the very few, in fact, only 10 that the judges have selected from literally hundreds as the most innovative startups in cyber.

[00:01:37] Cybersecurity Today. I am your host, Andrew Monaghan. And today we are talking with Dov Yuran, CEO and co-founder at Command Zero. Dov, welcome to the podcast. Hello, hello. Thank you for having me. I'm looking for our conversation, Dov. I mean, you're a multi-time founder. This isn't your first rodeo, right? So you've had some success in the past, which I'm sure is governing and fueling and informing your approach to building Command Zero.

[00:02:03] So as we get into this, I'll be kind of interested to see which directions we take the conversation and what we can learn. So let me ask you my first question, though, and this may be the most important one. Where in the world did you have your first sandboxed off? Where did I grow up? So I grew up in the Northeast in the U.S., just about an hour north of New York City, a very, you know, rural part of the state.

[00:02:27] So like northern Westchester. So, you know, in the woods, you know, there was, you know, a walk, long walk the driveway to get the school bus in the morning. And so, yeah, that was a fun upbringing with lots of work and lots of sports involved. Now, do you still feel comfortable out in the rural areas or are you a city guy now? I've been a city guy mostly since college, living in cities. And that may change. We'll see. I've got a couple little ones.

[00:02:53] So we need to get them more space at times, too. So, CBD. I know the feeling. Well, let's talk about Command Zero, though. So let's start with the problem that you're solving. Who's having this problem and what is the problem? So the problem are analysts that are overworked, SOCs, security operation centers that are oversubscribed, you know, from medium to large to fortune-sized enterprises, right? They're relying on individual knowledge.

[00:03:22] They're relying on manual processes, just things that don't quite scale. And so there's a solid perspective on these teams and these individuals. And so that's exactly what we're looking to help change and to help bring a future to. So I guess intuitively I get that, you know, then taking a long time is not a good thing, right? But why is it a big deal?

[00:03:45] Like I noticed on your website it said, was it the most important or problem in security operations today? I'm wondering why that is. What's the big deal about this that makes them want to spend some money and go solve it? Yeah, well, it's the most, in my opinion, it's the most significant bottleneck in the industry, right? It's a very underserved group. So if you think of tier two analysts, tier three analysts that are experts, there's very little tools that are provided for them.

[00:04:13] And this is a problem that plagues the entire industry, no matter what vertical you're in. You have an incident, you have an escalated event, you want to draw a conclusion, you want to come to a verdict. You're trying to come out of the gray and come up with a definitive answer. And boy, it's been a challenge my entire career over the last 30 years in cyber.

[00:04:35] And it's just even more exacerbated given cloud, given SaaS, given data, and given just the advent of AI and how that's both a friend and a foe. And what are they using now that you're looking to replace or augment? More often than not, it's manual processes or internal processes of what's already been deployed and trying to sort of get the best leverage from various products that have been deployed, each with its own siloed perspective.

[00:05:02] So they've got all these, what was the number I saw that said large companies will have between 70 and 80 cybersecurity products. So they're getting alerts from all these different products. They're using their SIM as well. They're trying to figure all out. Is that where they're at right now? Yeah, there's swivel chair. You're moving from one product to the other. And each product has different schemas and structures and what the data output looks like. And how do you sort of collect it all together and present to one narrative?

[00:05:30] And that's what we're really helping to solve, helping teams that have tremendous amount of experience, those with lesser so, draw those conclusions, draw more productive, more consistent investigation outcomes. And how did you come to this realization that this is something actually you could solve now? Is there a moment that caused it to be able to be solved now that hadn't been for the last 20 years? Or is it just the natural evolution of your thinking? Honestly, it's more of an iterative process. So I've been in the space, you know, my whole career.

[00:05:59] And I've always been involved in a lot of young startups and always sort of pushing the envelope and sort of looking at new ideas differently. And so to me, it's always been part of the journey. And this has been one that's been reinvented a few times over. And, you know, going back to AI and LLMs as part of a useful, powerful tool, one of several tools that can be combined and used to really make a dramatic impact for teams this go around. So I'm super jazzed up for that opportunity.

[00:06:28] And since you've been selected for the innovation sandbox, I'm guessing the judges saw some new innovative way to tackle this that they hadn't seen before. What are they looking at? What are they seeing? What impressed them? Yeah. So I think the idea is really a combination of a few different items. It's encoding our knowledge base, right? It's taking our decades and me and my co-founders, the lead engineers and other folks involved, right?

[00:06:53] Decades of experience around instant response, malware analysis through intelligence, security operations, and codifying that into a knowledge base and putting that into a platform where you can leverage both that knowledge base, automation, and LLMs, and obviously AI. And so all those things is a really unique and incredibly powerful combination. And they're all, you know, they all have their unique perspectives and sort of how they're influencing, you know, the right outcome.

[00:07:22] But that's something I think is truly innovating and sort of nothing really out there in terms of what I've seen in the past, you know, years. And when you show the product to prospects, what's the wow moment? What's the bit where they go, oh, I see this all now coming together into a completely different way of working?

[00:07:39] You know, one thing that I've found in this go-around, and we talked a little bit earlier about, you know, things that you pick up and learn along the way, the UI and the user experience around how we present what we present and how we draw together all various loose strings in the environment and how we present it in a cohesive way. We spend a ton of time and energy, and my CTO and my co-founder is in the UI constantly, and he's obsessed with it.

[00:08:07] And it really shows, and that's almost a universal comment with every conversation that, wow, this is incredible how intuitive it is. And, you know, we take the Socratic approach. We're asking questions, pulling back answers, and just reiterating and reprocessing that motion to come to the best outcome. And so, to me, that's really a cool thing that folks recognize the effort we put into that, and our clients appreciate that.

[00:08:37] Well, I think the cybersecurity products in general are known for being a little bit hard to use, not for being beautiful and easy to use. Was that a design thinking right from the start, or did you kind of get there halfway through the journey? No, no, no. Right from the start. And we have a large, an atypical number of engineering members of the team that are dedicated to the UI and UX, much more so than any other startup or organization I've been a part of in the past.

[00:09:05] So, that is very conscious in how we're building a platform from day one. I think there's probably quite a few companies in our industry that are sitting there right now going, what can we copy that Wiz did? But one of the things that they were known for was being unbelievably easy to use in a beautiful demo. And people just kind of got it in seconds is what I heard. I've never actually seen the demo myself. But I think that's one of the things that seems to be coming out of that, which hopefully is good for the industry. A lot of people might recognize that's something worth investing in like you have. Yeah, no.

[00:09:35] Wiz has done a phenomenal job. And I've come across countless users and practitioners to see those that say, wow, that tool is so empowering or is so empowering. And we're hoping to replicate the magic. Ours is our own and our own swim lane. But we're pretty excited about what we've built. Dov, take me back to that time when you got your first real order, not an order from a friend or family member or a VC friendly who's doing a favor.

[00:10:03] Or a real live prospect out there who came in relatively cold and said, I like that stuff. I want to buy it. You know, it is exciting. I don't know. I guess I'm an old hag on it. But I know it was coming, right? I mean, it's no doubt. We went and hired and we brought an engineering team on. And we've been building product for a couple of years. We were in stealth for two and a half of the first three years. There was no moment of doubt about what we're building and our mission and what we're carrying forward.

[00:10:29] But, you know, it's an amazing feeling for, you know, to validate, yes, here comes a customer. This is real. They're ready to pay. And the fact when they find value, we go through their pilot debrief. It's just awesome to hear how useful a tool is, how it saves them time, how it gives them better insights. I haven't moved. But when we then sort of read that to the engineering team who've been working at this for quite a while, and it's just such a great feeling for those, you know, for those members of the team to, to, to,

[00:10:59] you know, to partake in that. Yeah. I feel like they, they need that juice, right? They need that feeling. It actually does matter what we're doing. You know, they're hopeful it does up to that point. Right. You know, it's because it's all about the people. Right. And I know we're like so focused on technology, but it is all about the people from the engineering team, from the go-to-market team and everyone in between that, you know, we're building this together. Everyone has roles to play and it only really works as a true, you know, as a true team concept.

[00:11:25] And so it's, it's truly awesome when it comes together and everyone gets to sort of enjoy in that moment when, you know, we get to ring the, you know, the bell, so to speak. And speaking of people and speaking of go-to-market, you know, this is not your first rodeo. I'm wondering what you've learned from the previous startups you've, you've run and started this informing how you do go-to-market now. Like what's your plan that you said, yeah, we're not going to make mistakes before. We're actually going to do this a little bit differently this time.

[00:11:53] You know, some of the things that are a little different is the, the, how do I pronounce, you know, think about this, the ability to kind of talk through and be more overt on what we're actually doing. You know, I'd say earlier in my career, we were, you know, not say secretive, but, you know, you got the thing, you want to build it and you sort of want to be coy and not, you know, competition and other people to kind of get in sort of grasp onto your, your

[00:12:18] product were incredibly, you know, even incomparable to what I'd done in my prior companies and how open, right? We have videos and we show exactly how the platform, the product works and we're out there, but, you know, there's a number of folks that are copying us and we love it. It's, it's flattery. And it's, it's, it's great to see that we're influencing others in the space, but it just, you know, it's, it's just a different page of like, you know, we're not here competing against the competition. We're here to make you guys in the enterprise chairs better.

[00:12:46] And so that's a, that's a, it's a, it's a cool way to, to approach it and be just a lot more out in front and a lot more open about it and showing it, demonstrating and allowing people to see what that looks like. So that, that's a, just a psyche that's just different than what I've done in the past. Well, it feels like maybe there's a confidence has come from having done it before to know really what the threats are and what the issues are. Also in these days, though, maybe you validate this or not. Someone can replicate your, your product in terms of, you know, a strain or something like

[00:13:16] that about how, how it works, but they can't replicate as all the experience that you guys are bringing as a founding team that governs your secret sauce behind the scenes, right? That's the bit that they can't replicate. That's exactly right. And kind of alluded to that said earlier, it's that decades of experience around this problem set and it's combining that with the content, with the knowledge base, with sort of the usability, the UI and LLMs and some, you know, modern things that can kind of help, help

[00:13:45] perpetuate that, that influence. Right. So we're, it's, it's great to see those coming out and you're exactly right. It's sort of like, Hey, yeah, sure. You could copy the screen, but there's so much going on under the covers that, you know, we, we welcome, you know, we, we welcome the challenge and welcome to continue to, uh, you know, be on the front and thought leaders in the space. You welcome them spending their marketing budget to, to increase the segment, right? Well, that too. And I've always had it and still continue.

[00:14:14] I am pretty tight on our marketing and go, you know, marketing budgets. We, we, we're, we're much stronger believers in thought leadership and, you know, things that we've done differently. Like we actually built the product in stealth for several years before then going out there and, you know, uh, leaflets over central park from a hot air balloon and Superbowl ads and whatever else the marketeers like to spend money on. But we're, we're pretty prescriptive in how we, uh, and how we budget. People seem to be very black and white on being in stealth, right? I've heard people say that's the most stupid thing in the world.

[00:14:44] And I've heard people say, Oh, it's definitely the way to go. Like you did it this last time. Is it great what you would do again? Did you learn anything about, uh, about it when you were in it? You know, it all really depends on what the problem set that you're solving is your access to design partners and users and sort of how close you are to that, to that problem set. So some things, you know, if it's a pretty simple model and it's pretty straightforward, I'm not sure if there's much need for a longer stealth, but when you're kind of building

[00:15:13] a thing that has some intricacies to it, um, we, we found it very helpful. You know, it being, once you come out of stealth and once you start selling, I hate to say it's a distraction with those pesky customers because it's all about the customer, but in all reality, it's, it's a whole different world. And then once you take the covers off, you're drawn in a lot of different directions. And there's a lot more people at the table wanting your time from press, you know, to, uh, VCs and investors, right.

[00:15:42] To industry analysts, you know, things beyond just customers and building the product. So it's, I won't call it a distraction, but it, you want to be prepared, you know, be prepared for when you're ready to have those engaging conversations. Yeah. Your singular focus becomes more three or four different areas of focus. I get that. Yeah. All of which are super important. Um, and all the, you know, balances to the table, but yeah, that's, that's exactly right. Yeah. Enjoy the calm while you have it because it won't be calm after that.

[00:16:08] Well, I, I would say, yeah, for me, calm, but you know, for others, I could see where it would be, well, is this going to really work? Are we there? Right. I mean, there's always a certain level of, oh, you know, of unknown until it's known until someone buys it, until someone uses it. So, um, you know, when you have a world-class team around you and amazing co-founders, it, it, it makes that a lot easier to, uh, to be less nervous about, if you will. Well, let's wrap it up with another important question for you.

[00:16:38] If Command Zero was a college basketball team, who would they be? Oh, wow. Okay. College basketball team. Um, you know, would it have the grittiness of UConn Huskies and, uh, coach chirping in their ears? I hope that's not my MO. Amazing talent of Duke, even though they lost, um, maybe St. Johnny's in the Red Storm, right?

[00:17:01] I mean, that team really went on a tremendous growth path with Patino and going from nothing to, I know they got upset in, in, in the, in the second round. Um, but he's really done an amazing turnaround job. My first time in 30, 40 years that they, you know, won the big East. So I'll go St. Johnny's, some, something back East. Love it. Love it. Well, listen, thanks for coming on the podcast. We wish you every bit of success in San Francisco and gosh, it's less than two weeks now. So, uh, hope things go well.

[00:17:31] Yeah. Looking forward to it. Looking forward to seeing everyone there. So many friends in the space. So, uh, it'll be, it'll be, it'll be an awesome, uh, it'll be an awesome week out there. It will mean a lot to me and to the continued growth of the show. If you'd help get the word at. So how do you do that easily? There are two ways.

[00:18:00] Firstly, just simply send a link to a friend, send a link to the show, to this episode. Um, you can email it, text it, Slack it, whatever works for you. And it's easy for you. The second way is to leave a super quick rating. And sometimes that can seem complicated. So I've made it as easy for you as I can. You simply have to go to rate this podcast.com slash cyber. That's rate this podcast.com slash cyber. And it explains exactly how to do it.

[00:18:30] Either of these ways will take you less than 30 seconds to do, and it will mean the world to me. So thank you.