“Astrix is going to be the glue between different cloud services.”
With more enterprise end users adding third-party apps to their platforms, the process of integrating technology has become more decentralized, said Alon Jackson, co-founder and CEO of Astrix Security. Yet the security between different apps and cloud services is not well understood or monitored, which is why Astrix aims to be in this space in between. Jackson shares that he wants to give CISOs and security managers the tools to see what’s happening between apps and enable productivity. When customers tell him this is exactly the tool they’ve been looking for, he says that’s the best possible response. Jackson had an 11-year career in the IDF before joining Argus and gained some experience outside the 8200 world. Although his journey has been technology-focused, he gets really excited about the people he’s impacted. As CEO, he likes to inspire and motivate others the most.
Tell me a little about Astrix.
What really makes Astrix, of course, are the people. Not just great friends, but amazing people and amazing technology. We’re creating the first app-to-app security platform that truly changes how applications today integrate and connect to businesses. You know how you have all these apps today on your cell phone asking for permission to access your contacts or access your photos. It really is, but at the enterprise level, finding hundreds and thousands of such connections between different third parties, between different apps, to core systems in organizations. This is essentially what we are here to ensure.
How has your own journey to Astrix been?
Before Astrix, I actually left 8200, the cybersecurity unit, and I joined Argus, an automotive cybersecurity company, and I ran the R&D group over there. I learned a lot there from an amazing group of founders. I think it was important for both myself and my partner, Idan [Gour]to leave the 8200 bubble and learn a thing or two out in the business before we build our own baby.
Before that, over 11 years at 8200. I quit as a major. I think 8200 is really the best school in the world for technology and management in stressful situations, uncertain situations. It is a good school to grow up as both a technologist and a manager.
In terms of this professional world, where do you find your own joy and excitement if you look over these 15 years or so?
I think what I’m most excited about are the generations of team leaders and people I’ve worked with. In Argus, I managed four teams, and all the team leaders are good friends of mine. Before that, at 8200, I managed a couple of teams of amazing people who you can see really progress. It’s about people and growing together, and expanding your network together. When you think about being a founder, it’s really the opportunity to build something from the ground up.
What is the world we live in now that makes app-to-app security an important part of what’s going on?
Apps are becoming more and more like platforms today. They enable end users to build and connect on top of them. This is important for large applications because it makes them sticky. Building on top of them makes sure we won’t be able to travel so easily. It’s a growth engine for them because a lot of innovation is built on top of these platforms. The end users today, they just add new apps from the ground up. IT is truly democratizing. There is not always a security process when adding new third parties on top of business accounts.
No app today has value when it is in a silo. Data only has value when shared. This is the kind of world we live in where everything is connected to everything via API. This is the kind of world that Astrix makes it possible to map, monitor and secure.
When you think about where Astrix fits into these organizations, what are some potential products that are relevant?
I think the simplest way to think about it is that there are so many solutions out there for user access, but there is nothing that helps organizations today manage and secure all the non-user access that they have. The APIs really fly under the radar. There is nothing that helps security managers today gain insight into what is going on there. What we’re doing at Astrix is enabling them for the first time to get their visibility, control and of course automatic remediation into how all their third parties are connected to each other.
The past year was crazy in terms of different types of hacks. We had GitHub hacked via third parties from Heroku and Travis-CI. We call it the “service supply chain”. That’s the kind of hack of what’s going on.
How is the reception? Do CISOs and people in general really understand the pain point here?
We’re seeing the API ecosystem explode, and the latest attacks like last year are crazy. It’s actually just a huge wave which, on the one hand, isn’t good, but it really means there’s a place for it. Today, when I ask the CISO, “Are you managing user access to your critical systems?” The answer is like, 99%, “Yes, of course I do.” Then you ask, “Are you managing API access to your critical system?” They say, “Jackson, what are you talking about?”
It’s kind of easy to understand that there’s a big gap in most organizations simply because they don’t have the tools to actually deal with it. A lot of the time they know they have the problem. We actually talked to some businesses that were really looking for this kind of tool, and they said, “This is something we’ve been struggling with.” That is, I think, the most amazing response a founder can get.
What is the vision for Astrix and what impact will this have on the industry?
We are entering a world where we will have more and more third parties. The value is only provided when you integrate them with each other and then play with each other at the enterprise level. This is what pushes productivity forward. Astrix is really going to be the glue between all these different cloud services. Between them, it’s a difficult place to manage, especially for large organizations. You can’t really stop the business from running forward. It is complex. It’s a mess. We want to help CISOs and security leaders evolve from being gatekeepers to creating productivity.
Take me into Alon’s leadership world, what have you learned during these years?
I think the most important thing I’ve learned is to let go. Delegating and thinking, “Do I really have to be here? Do I have to be the one doing this?” This really empowers your people to do more on their own and allows you to really look ahead.
I find the best way to motivate other people through these short meetings, through the emails, through phone calls, WhatsApps, the corridor, making coffee, talking to them in the morning. Understanding that all the work and progress is done and done not only on time, but also in the way and way you think things should be done is very difficult when you start managing managers and you are not the direct manager of the individual contributors .
Where do you find the most satisfaction?
They are real people. First of all I would say my partner. Then we brought, more importantly perhaps from the type of technological diversity is the network diversity. Wonderful people who arrived very quickly. Everything goes really fast when you have amazing people with you. Such wonderful clients who really start out as great design partners, who you trust and you see eye to eye, and who believe in your ability to execute your vision. And then wonderful investors. The guys from F2 here in Israel, and Bessemer as well, followed by Venrock, a Bay Area VC fund, and some amazing cybersecurity angels who joined this round. It all comes down to people. I spend most of my time really talking, inspiring, motivating, pushing everyone forward. I think it’s the main role, and that’s what I enjoy the most.
Michael Matias, Forbes 30 Under 30, is a Venture Fellow at Innovation Endeavors as well as an investment partner at Secret Chord and J-Ventures. He studies artificial intelligence and human-computer interaction at Stanford University, and was an engineer at Hippo Insurance. Matias previously served as an officer in the 8200 unit. 20MinuteLeaders is a tech entrepreneurship interview series that features one-on-one interviews with fascinating founders, innovators and thought leaders who share their journeys and experiences.
Contributing Editors: Michael Matias, Megan Ryan