Embracing the Cybersecurity Industry

Hosted By Matt Watson

Full Scale

See All Episodes With Matt Watson

Anurag Gurtu

Today's Guest: Anurag Gurtu

Chief Product Officer - StrikeReady

Dublin, CA

Ep. #1179 - Embracing the Cybersecurity Industry

In today’s episode of Startup Hustle, Matt Watson and Anurag Gurtu, CPO of StrikeReady, discuss embracing the cybersecurity industry. Hear their candid conversation about cybersecurity, the threats businesses face, and how to be better prepared. Learn why there is a need to augment cybersecurity practitioners’ skills and what the future of cybersecurity looks like with AI out front, along with other new technologies.

Covered In This Episode

Data breaches and cybersecurity threats are an ever-present issue, giving everyone and their uncle an ulcer. StrikeReady is doing things differently to mitigate the situation more effectively.

Listen to Matt and Anurag’s conversation about StrikeReady and its layered approach to cybersecurity. They discuss the need for technology to empower cybersecurity practitioners, StrikeReady’s CARA, and integrating generative AI. Anurag recounts his journey to becoming a Chief Product Officer and joining TechCrunch Disrupt. They agree about the importance of building relationships with market analysis and the future of cybersecurity.

Get Started with Full Scale

So what are you waiting for? Join the conversation in this Startup Hustle episode now.

Learn How to Build and Scale Your Business


  • What is StrikeReady? (1:20)
  • StrikeReady’s layered approach to cybersecurity (4:33)
  • StrikeReady’s focus (5:45)
  • The biggest cybersecurity threats that small businesses face (7:33)
  • The threat of phishing (8:22)
  • The dangers of ransomware attacks (10:06)
  • A need for technology that can empower these practitioners’ skills in cybersecurity (16:12)
  • Anurag’s journey to becoming a Chief Product Officer (17:42)
  • StrikeReady’s CARA and integrating generative AI (23:54)
  • StrikeReady is a remote-first company (26:44)
  • Joining TechCrunch Disrupt (28:17)
  • Building relationships with market analysts (30:36)
  • What does the future of cybersecurity look like? (36:14)

Key Quotes

A lot of organizations will have, on average, 40 to 50 tools to protect themselves. And this is where the exact pain comes in. I mean, the practitioners that they have the security analyst, they’re just overwhelmed with the number of tools. Having competency in operating 40 tools, it’s extremely hard…You need some sort of technology that can empower these practitioners and augment them so that they can be a lot more productive and efficient.

– Anurag Gurtu

That’s what the CPO does. He sort of places a bet and says, you know what, here’s where the market is going to go in five years. And I’m going to place my bets now because it will take me a couple of years to build it. And when the problem becomes very evident, I will be in a very good position because I will already have a product that could solve that problem. So it’s more about vision and understanding where the market is moving.

– Anurag Gurtu

We only are getting a glimpse of how LLM and other technologies advanced technologies can be used and will be used to create extremely sophisticated malware and compromised organizations. So it’s pretty evident that cybersecurity is not going away. The war between the attacker and the defender is going to get worse. And the shortage of people will still remain. So there will still be a need for the next five years to augment them with AI-based technology.

– Anurag Gurtu

I think cybersecurity is super fascinating. It’s one of those things. It’s almost like HR, one of those things that really small companies try to avoid until it, like, they really need it or becomes a problem. But you know, especially once you have a lot of revenue in your business, you’ve got a lot of sensitive data you got to worry about, you know, talk to all this different stuff security, and it all becomes important, and people need tools.

– Matt Watson

Sponsor Highlight

It’s time to build a software development team without all the fuss. Let Full Scale help you. Just define your technical needs in two minutes. Full Scale’s platform will automatically match you up with a fully vetted team of developers, testers, and leaders. It will also help you manage your team easily.

Lastly, don’t forget to check out our Startup Hustle partners. These organizations offer varied services for different businesses.

Rough Transcript

Following is an auto-generated text transcript of this episode. Apologies for any errors!

Matt Watson  00:00

And we’re back for another episode of the Startup Hustle. This is your host today, Matt Watson. Today we’re going to be talking about security, cybersecurity, everybody’s favorite and least favorite topic, I think. But it’s something that’s really important. Nobody cares about security until they’re till they get hacked. And also, it’s a big deal. So security, security is a big topic, always. And we’re going to talk about some best practices with that today. So today we have on Anurag Gurtu from StrikeReady. He’s one of the founders and Chief Product Officer. So we’re talking about cybersecurity talk, learn what they do. Before we get started, do you wanna remind everybody that today’s episode of Startup Hustle is powered by FullScale.io. Hiring software developers is difficult, but Full Scale can help you build a software team quickly and affordably and has the platform to help you manage that team. Please visit FullScale.io to learn more. Anurag, welcome to the show, man.


Anurag Gurtu  00:49

Hi, Matt. Nice to meet you. How are you?


Matt Watson  00:50

Oh, you know, I’m having a great day. You know, I took a I took a fall on a bicycle last week. And I have some stitches. I know nobody listening can see my stitches. But yeah, I got some stitches on my forehead here. And you know, I should have been wearing a helmet. And the reason I bring this up is it’s kind of like cybersecurity, right? Like, you know, I think you guys sell helmets, right? We all need helmets. And so tell me what is StrikeReady? Do what is StrikeReady?


Anurag Gurtu  01:21

Yeah, as you can see the name of is pretty interesting. It’s like, are you ready for for the next strike? Right? So it’s all about how can we protect organizations so that they are in a much more proactive position to deal with modern day threats, evolving threats. It’s the the main pain point that we that we see within cybersecurity is not just about threats, right? It’s dealing with threats. And if you if you think about dealing with threats and boil downs to products that you have, are you sufficiently, let’s say you have the right ammo to combat a warfare? And second, do you have people to use the ammo, right? And what we’ve what we clearly saw in the industry is there was no there’s no shortage of products. I mean, I’m not sure if you’ve been to any of the cybersecurity conferences where but they are pretty fun. I mean, RSA has over 2000 vendors out there, from North Hall to South Hall, you can you keep walking for a mile, and you will have a booth after booth. So


Matt Watson  02:18

Well hold on this sounds this sounds about as exciting as buying a bicycle helmet. It doesn’t sound exciting. You know, but it’s but it’s something everybody needs. Like ever, everybody needs it though. Right? And so my question for you, though, is when you think about cybersecurity, that could be a lot of things. It could be like email phishing, downloading viruses, like we had, we had one of the founders of Island, which does a secure web browser, which has become super big was on the show. There’s a lot of different cybersecurity-related stuff. So for for StrikeReady, what what part of all of that? Do you are you guys focused on? Is it more like Server Security? Is it responsive? Being responsive to when there are problems? Like what what part of that of that whole ecosystem? Do you guys plan?


Anurag Gurtu  03:08

Yeah, so we we pair the play on at the core level we play at the level where our believe is that you can have a far more better security posture as an organization if you have skilled people in your organization. Right. So there is a massive shortage of cybersecurity practitioners in the world. And they are they are a lot of organizations who have them the best of the best talent, but not every organization can have the best talent because the number of people are less, right. It’s like the cream of the crop is always less. So everyone is fighting to get that. And a second, a lot of organizations even if they want to hire them, they don’t have the budget because they are extremely, extremely expensive to hire, right, and retain. So what we, at StrikeReady, focus on is can we build a technology that can augment any practitioner in the world using democratized human intelligence. That means can we learn from the best of the best practitioners and make that knowledge accessible, and available to any practitioner in the world so that they can do their job much more faster, much more accurately, at scale, at speed, and so on?


Matt Watson  04:21

So does that mean it’s something that recommends to me how to configure my AWS or Azure account and all that kind of stuff like best practices, or what does that mean exactly?


Anurag Gurtu  04:33

Right. So it’s, it’s a layered approach. It can offer you knowledge to enhance your ability to understand and comprehend a situation. It can offer you recommendations, which you can apply by yourself. It can go up to a level where it can exactly tell you what you need to do and do it on your behalf. So think of it like it’s like Matthew, sitting in a Tesla. And let’s say you extremely tired and four hour long drive, and mostly it’s on the freeway, and you just want the car to drive itself, right? Or, or let’s say you are in a, in a moode where you want to race the maybe raise the biker who, who made you fall, and you want to like just go into into the ludicrous mode, right? And so it’s just like, think of it, it’s like a Tesla that can drive itself help you protect against cyber threats proactively, or you can avail intelligence.


Matt Watson  05:31

So as your guys, or is your product more focused on the server side of things, though, and like data centers and hosting, or is it also include like people’s desktops and configuring desktop security or all of it? Or?


Anurag Gurtu  05:45

Yeah, we focus on all aspects of security, we focus on circles, we focus on workstations, we focus on laptops, but it’s sort of a very different way where we would converse with technologies that are installed on those devices. Right. So you would have, let’s say, endpoint agents deployed on your workstations and your servers, you would have firewalls, which will be protecting your servers and your workstations, you would have proxies, and many other devices, right? So we will be conversing with all these devices, we understand the depth, the capabilities, the features of these devices. And then using our intelligence, we are telling these devices, what they what they need to do, at at any point in situation.


Matt Watson  06:32

So what for your guys’ company? Who is your target customer? Is it somebody that has more than 100 employees? Or somebody who’s in specific industries? Or how do you what is your guys’s focus?


Anurag Gurtu  06:45

Yeah, it’s mostly mid to large organizations. So I would say organizations, which are about 3000 people or higher would be a sweet spot for us, which are very, fairly small. I think they just start dealing with getting to a certain level of security maturity, where they can really understand what type of threats can come and affect them. So it’s not most of mid to large-sized organizations, that would be an ideal customer for us.


Matt Watson  07:15

Well, so the if I’m a small company out there, and I’ve got 510 2050 employees, what, what kind of security concerns though, should they be worried about? Like, maybe they’re not ready for your guys’s product yet, but what what kind of security, you know, issues are the biggest threat to them.


Anurag Gurtu  07:32

I would say, typically, malware and phishing attacks would be of more concern to organizations or those size. I mean, I would highly doubt that abt nation threat nation state threat actors would come and target them and compromise them. But it depends. I mean, if they if they’re storing PII information, they’re storing PHR information, like depending on I mean, we’re focusing on health care, but they have health records. Assuming they’re so small in size, maybe you’re a startup and they should be concerned about. But I would, I would say, mostly that they would be concerned about is their employees getting compromised by phishing attacks, and then stealing the employee information with their credit card information, etc, to cause more damage.


Matt Watson  08:22

So I work at a company that has like 75 employees that does digital marketing related stuff. And yeah, about every couple of weeks, I get a text message or an email from our CEO asking me to go buy Apple gift cards or, like, weird stuff. And it’s like, very clear, like, I don’t think I don’t think I don’t think Katie, our CEO, actually sent this to me. Like, there’s so much of that kind of stuff out there. Right?


Anurag Gurtu  08:49

Yeah, there’s a lot of bad stuff. And actually, we got we got blinded by these messages as well. I mean, we will get an email from a fake looking for CEOs email account saying, You know what, I’m really busy. I cannot talk right now. Don’t call me. But I need to send you I want you to send me $500 immediately. So why didn’t you just text me? Like, why? Why you like, with that method? So yeah, it’s very common. I mean, the easiest way is to compromise individuals. And the reason is they’re trying to compromise this, your employees or individuals, right, not only for maybe stealing the credit card information or stuff like that, but once they are compromised, and once they can somehow get a malware to install on their machine, right, their laptop or something like that. Then they have access to your system. And then they will try to move laterally and see well can we can use Matt’s laptop and get into your school leave or his CEO, and so on. And once once they are there, then again, they’ll they’ll try to move much laterally or try to get some other information. So I think most of the organizations do get targeted by phishing. Phishing is one of the biggest vectors. Yeah, On. And off the board. It’s not just mid-size, small-sizes, large organizations as well.


Matt Watson  10:06

Seemed like a couple of years ago, we were hearing a lot about ransomware kind of attacks where people were getting some kind of virus that would take over their data centers or their systems or whatever. And then people were asking for like, millions of dollars of Bitcoin or something to, to unlock it all, is that kind of stuff still happen too?


Anurag Gurtu  10:27

Extensively in large capacity, it happens. And it’s definitely targeting fairly large organizations and we see it, we see it very often. And a lot of our customers use our technology to combat against those type of attacks. Because in those situations, you have to be extremely fast to react before big drawdown happens in your organization, right? One, one system getting encrypted, you may be able to deal with it. But if a critical asset gets encrypted, I mean, you will be in a tough spot and you don’t have an option. I know it’s it’s it’s not asked to pay the ransom. But the organization which is under distress, they actually are not left with an option. And I see that they do pay ransom to, to unlock the system.


Matt Watson  11:21

So that you think they pay a lot like the companies end up paying the the


Anurag Gurtu  11:25

Yeah, I mean, we know we know, organizations that have paid a lot of 40 million in Bitcoin. Wow. So there are a lot of companies, obviously, you can’t reveal the name of the organizations, but it’s they’re fairly publicly known information, because you have to you have to inform if you have been compromised, and you’re paying out a ransom. So but yeah, it’s very, very dominant form of an attack.


Matt Watson  11:51

Well, so my last startup was called Stackify. And we, we were see this is like 2019 or 2019, 2020 timeframe, when the solar winds attack happened, you remember the solar winds attack? Yes. So SolarWinds is like an IT monitoring vendor. And somebody managed to put something in their code, which is an installed like on 1000s of servers all over the world, that then allowed backdoors. So it’s like a vendor attack, right? Like, you think you’re using the safe vendors product. Also need has a backdoor in it. And that caused all sorts of problems all over the place, right? You remember that attack? That happened?


Anurag Gurtu  12:37

I remember SolarWinds? Yeah. I mean, the sequel to SolarWinds was Locked for J, if you remember. Yes, everyone was, was leveraging Lock for J libraries, and they were compromised, and you just didn’t even know that you’re using the login mechanism. So yeah, they are. They’re very common. I think that’s the easiest way for these threat actors, to basically spray and attack at a very high success rate. Right? Think of it, think of it like, instead of just sending a sending man, a phishing email, what if I can compromise iOS, let’s say iOS operating system, just hypothetically, right? Because most of the world is on iOS or Android? I mean, you have you have access to a billion people, if you just compromise iOS. And if everyone is using that version of the software, right? Are you compromise your Gmail, right? You’re compromised Gmail, a lot of I mean, I will say, I don’t know, the exact stat, but a lot of people, billions and billions of people will be on Gmail. So it’s very easy. It’s very easy. And it’s very good tactic for these threat actors to compromise technologies, and then use those compromised technologies, which have a very broad adoption.


Matt Watson  13:52

Well, and so one of the ways that we protect ourselves these days is from two-factor authentication or multi-factor authentication, right is a great way for everybody to secure everything they do everything they should use multi-factor, but then you hear about people stealing your SIM cards. So like you steal somebody’s SIM card and then put it in another phone. And then you can receive their text messages to get their like login codes. Right? Like, like there’s all sorts of like crazy stuff that goes on out there that people would never think about. But if somebody wants to hack into something bad enough, right, like they will go to great crazy lengths.


Anurag Gurtu  14:29

Yeah, they will go to crazy lands. And that’s why I think there’s a there’s a whole paradigm shift in the two factor authentication as well which has moved towards biometrics so you can take Matt SIM card but you can’t take his his eyes, his face, his voice, because


Matt Watson  14:47

Well, you can if you can’t if you wreck his bike, yes. Because this happened to me last week, I wrecked my bike, and a neighbor across the street like saw me or saw it happen. I don’t know like I I had a concussion I got knocked out. And or at least I was not 100%. Like, maybe I was still awake, but I don’t remember exactly what was going on. But yeah, she used my thumb and she unlocked my phone and called my wife. So yeah, even the biometrics like they just hit you over the head.


Anurag Gurtu  15:18

That’s true. That’s true. Yeah. But yeah, there is. I mean, if let’s, let’s put it this way, if an attacker has decided that they want to compromise an organization, and they are at a very high level of competency and aggression, it’s very difficult to deal with them. Can you save yourself? I mean, I would say yes, it’s possible, but it’s going to be a war between your team who’s going to be protecting you versus, and, and highly competent and an aggressive attacker who wants to compromise you.


Matt Watson  15:53

Well, and that’s the key to what you guys do, right is playing defense and playing defense at all these different levels, right? Like, the people it’s training, it’s multifactor authentication. It’s endpoint security. It’s server security. It’s like cloud security. There’s all these different things, right? And they’re all just different layers of defense.


Anurag Gurtu  16:11

Yeah, that Yeah, exactly. There are that it’s a, it’s a layered defense architecture. I mean, even in all enterprises that we see, I mean, it’s a layered defense technology stacks that they would use, from firewalls, to AV products to proxies to valves to ADRs, they may have an EPP, right, to an IPS technology, stack, sandboxing, and so on. So it’s always a layered security stack. And now with cloud coming into play, obviously, the stack has grown grown much more. Well, they’ll have cloud security posture management, data security, posture management and Caspian. I mean, there’s, like I mentioned right there, 1000s and 1000s of cybersecurity companies. Yeah, a lot of them are focused on different aspects of cybersecurity. So, and that’s what we see a lot of organizations will have, on an average 40 to 50 tools to protect themselves. Wow. And this is where the exact pain comes in. I mean, the practitioners that they have the security analyst, they’re just overwhelmed with the number of tools. Having competency in operating 40 tools, it’s extremely hard. I mean, think about Yeah, it’s like going to your undergrad and having 40 courses, I’m getting A plus and all 40 of them. I mean, how many undergrads are there? Right? Right, that’s the same concept, right? You need, you need some sort of technology that can empower these practitioners, augment them so that they can be a lot more productive and efficient.


Matt Watson  17:42

Well, I do want to take a second to remind everybody that finding expert software developers doesn’t have to be difficult, especially when you visit FullScale.io, where you can build a software team quickly and affordably. Use the Full Scale platform to define your technical needs and see what developers are available to join your team today. Please visit FullScale.io to learn more. Well, I’m I’m curious to learn a little more about your backstory. So for those who are listening today, and they hear a Chief Product Officer, I always feel like we should take a minute and tell everybody what is the Chief Product Officer? And how did you become a Chief Product Officer? So you mentioned before we started recording used to work in engineering, but you know, I would I would love if you could tell us for a couple minutes. Like how you how you went from engineer to Chief Product Officer and what do you do as a Chief Product Officer?


Anurag Gurtu  18:31

It was a fairly long journey. 22 year long journey in cyber. Like I said, my career started on the engineering side, I was focused on developing a 3d modeling software for UCLA to detect Alzheimer’s early on so that we can treat them. And then from there on, I moved into a role based access control startup, which was highly focused on on cybersecurity, but more on the provisioning and the governance side. And over there, my role sort of switched from being an engineer, obviously, I was developing stuff, but I was very customer facing. So the requirements were getting fed in real time from the customer. So it was sort of a pseudo engineering and professional services play. And then from there on, I moved to another cybersecurity startup, which was very much focused in the one multi-management space. And then I started going heavy in professional services, but with a very strong inclination to build products, like our team was to capture requirements from the accounts that we were serving, and then build a product based on those requirements. So we were building completely something different than what our engineering team is to do. And our product eventually started driving 20% of the company’s revenue and which is where we transition that product officially over to engineering. So it was sort of a journey where was not back and focus So I was very customer facing focused. And then I transitioned to a very large company like Cisco. But I moved into more of technical marketing, which is, well, you have these products, but how do you take to market? What can you come up with? Can you come up with some sort of cool ideas to showcase technology and make it differentiated against other vendors and technology stacks. And then from there on, with the vision that we used to portray of showcasing Cisco products, I transition to product management drove a lot of innovative products. And then over the course of time, more got inclined towards the marketing side. How do you help once you have this amazing product? How do you take it to market? Who’s your customer profile? How do you sell how do you price and so on, and just sort of journey through but the foundation was always always engineering for me. But as you can see, over the course of time, things brought you out more, you got more understanding from a business perspective and, and eventually led me to the CPO and CPOs. I think role is not about, I mean, yeah, can CPOs drive features? Obviously, they can drive features, can they help you prioritize features, they can prioritize features, but CPOs role is more about vision, it’s understanding what sort of products should there be in the market in the next five to 10 years, and they are trying to place their bets on those technologies to act. On the products that would solve a problem in future I mean, that problem might not be that evident, holistically to everyone, but it will be very evident to a CPO, right? I mean, people will not be making noise about that problem, the problem will be there. But people are not making noise. So nobody, very few people know about it. And that’s what the CPO does, it sort of places a bet, and says, You know what, here’s where the market is going to go in five years. And I’m going to place my bets now because it will take me a couple of years to build it. And when the problem becomes very evident, I will be in a very good position because I will already have a product that could solve that problem. So it’s more about vision. And understanding where the market is moving.


Matt Watson  22:12

So how many founders were there at at StrikeReady when you guys started?


Matt Watson  22:17

We only have two founders. Yeah.


Matt Watson  22:19

You and you and one more. So did you guys work together before? Or how did you know your cofounder?


Anurag Gurtu  22:25

Yeah, we worked, we had worked together in a previous company that went public. So we knew each other for over 10 years. And in our company, a lot of the founding team came from the same company that we used to work for in the past. So yeah, it’s always good to have people that you know in the past. It’s much more easier to start a company that way, and then build and grow. And even hiring talent becomes easier because when you see a lot of folks coming from the same company, it tends to attract a lot of other xx company individuals right to come in and work alongside with you.


Matt Watson  23:11

Well, especially if it’s people you enjoyed working with before, right? Like a lot of us have some of our best friends, which almost become our family as like our work family, right? So I mean, that’s the thing for me over the last 20 years, I made some of my best friends I’ve ever had were from people I worked with. So when you find good people that you enjoy working with, you always want to try and work with them as much as you can. So I can understand that. So what so when you guys started the company in 2019, how did you talk about, you know, there’s hundreds or 1000s of people that are in cybersecurity, how did you think about differentiating what you guys do today? Like, with what you started in 2019? Is that what you do today? Or did the original idea was different?


Anurag Gurtu  23:54

No, the original idea was the same. I mean, we always were focused on empowering cybersecurity practitioners and our vision and execution still aligns to the same problem statement that we have in the industry. So the we never pivoted out of that problem statement. Obviously, we enhanced our technology. We were building and we are building a conversational assistant. So think of it’s, like, it’s like a digital cybersecurity analyst that is okay. That is working alongside with you. It’s think of it it’s like your it’s like a buddy, right? I mean, you have a problem. You ask your buddy, the buddy’s gonna tell you, you you want to delegate some tasks to your buddy, the body’s gonna tell you and we call that buddy CARA. She stands for cyber awareness and response analyst or that or that buddy of yours will tell you and here’s the problem that they are observing, right? And they’re telling you this is a way that it can solve a problem and you can say, Okay, go ahead and solve me. Go ahead, go ahead and solve it because right now I might be busy with something else. So it’s the same. What we did was we read, we got mentioned and written about by multiple analysts forms, including Gartner as one of the most advanced implementation of conversational AI. And that was published in 2021. They did a rev and 2022. We were again mentioned. So we were the only cybersecurity company that was making that claim. But over the course of time with this year, Microsoft announcing Copilot there was a lot of excitement about Copilot, right? How can Copilot can come and assist with cybersecurity. And which ChatGPT, also, I mean, Microsoft investing 10 billion in Chat, Open AI, a lot of hype ChatGPT also drove the market towards technology like ours,


Matt Watson  25:51

It brought a lot of awareness and excitement to something you are already doing.


Anurag Gurtu  25:55

Exactly. And with that. We basically accelerated our technology stack and incorporated generative AI elements to it. Obviously, we had a very strong head start with the graph technology that we used to use, but we basically amplified our product using MLMs and Gen AI. So I would say in the market, we are way ahead of other players. And yeah, I mean, I think again, the problem is still the same. It’s practitioners, can you augment them? And with a product like ours, it just becomes, like, it’s extremely quick for these practitioners.


Matt Watson  26:37

So is your whole team in in Palo Alto, like, San Francisco kind of area? Or where are you guys all located?


Anurag Gurtu  26:44

Oh, no, we are. We are all distributed. We have. We have folks here. We have folks in Dallas, we have folks in DC, we have folks in pretty much a lot of different parts of the world. Okay, we are all we are a very distributed organization.


Matt Watson  27:00

So you basically, are you guys like basically 100% remote? Or do you have like a small corporate office somewhere?


Anurag Gurtu  27:04

Oh, no, we are, we are, we don’t, we don’t have a corporate office. We, when we started it was right before COVID timeframe. So we will we will and we were I mean, we’re a startup. So you’re very small company at that point in time. Like few few people, right? So we never went for an office. We just used to meet anyplace in Palo Alto and a coffee shop and stuff like that. So we always started that, like that. And then COVID hit so yeah, you know, there was no need for an office. And then things are working. And we also sort of used to it. And we never decided to get a corporate office. But it doesn’t mean that we will not I mean, I think eventually, yes, we would. But we are a remote-first company.


Matt Watson  27:48

Well, tell me about your experience with with TechCrunch. I saw down here you were went through TechCrunch Disrupt. And for those who who don’t know, that’s, you know, a competition that they do every year and you guys were selected and one of the top companies. So for those who who have heard of that before, I’m curious if you have any kind of, you know, behind the scenes story of, like, what it was like to go through that? Was it worth the effort to do it? Like what what was your insight from that?


Anurag Gurtu  28:17

Yeah, it was a it was a very exciting experience for for us. I mean, we participated in, I believe, last year in TechCrunch. And we got selected as one of the top companies over there. And I think the TechCrunch, in general is a it’s a highly reputed event. And getting selected as part of the event is a great achievement by itself. And obviously winning it is a different achievement on its own league. But it’s a great event, you you get to not only meet with our fellow entrepreneurs, innovators, but you get to meet with a lot of industry investors and stuff like that. So well, it was a really good event. And I think any startup who wants to who’s working on a very disruptive product, very exciting products should definitely try and apply. And if they if they do get selected. I mean, that’s that’s an achievement by itself showing that yeah, there is there’s something interesting that they’ve been working on and has been recognized by the industry.


Matt Watson  29:24

Did it help you get any customers or investors?


Anurag Gurtu  29:28

It does help with building relationships with investors, I think it’s less of a customer-centric event. Maybe for us because we are focused on large enterprise, mid, mid and large enterprises. So we’re not expecting them to come over. But I think for organizations that might be focused on more consumer-centric products, I believe, yes, that might be a great event for them. But yeah, you definitely you definitely get the value. Even if you’re focused on enterprise because you build a lot of relationships with investment community.


Matt Watson  30:01

Well on it sounds good, right? Like it’s a, you know, third party proof of what you guys are doing. You know, if anybody you talk to you’re like, Oh, we, you know, we were selected for this thing we did this thing. I mean, it always sounds good, right? It makes you more reputable, you know, no matter what I would I would think.


Anurag Gurtu  30:17

Absolutely, yeah. It definitely adds to, to getting visibility, and then getting brand validation from third party.


Matt Watson  30:27

So you mentioned earlier that you you guys have had a lot of success talking with you said Gartner. Right. Like you’ve had a good relationship with Gartner.


Anurag Gurtu  30:36

Yes, yeah, we we started. We have been very actively briefing Gartner for quite some time. And it’s I think it’s really important to brief the analysts forms can be Gartner or it can be IDC Forrester, there’s so many of them is good, because these books are being preserved a ridiculous amount. Right. So they they sort of know, what the market is doing, where the trends are, where investments are, what where the traction is, because they’re specifically talking to not only just vendors, they’re also talking to customers to understand what are they buying and not buying and where the problems are. And when you are building a new market category, it’s always good to have a conversation with these fellow folks. Because a couple of reasons. First, they can validate or devalidate the pinpoint that you’re going after, they can tell you if there is a need if there’s a buying pressure or not. And they can also tell you if that space is real, or has a possibility of becoming real because they are talking to other vendors who might be in the same space. Now, a lot of companies might be in stealth. So you as a vendor will not have any idea that they are companies working on the same thing. But these analysts firms what they would know, right? Because all these vendors who are still in stealth, will be poaching these analysts firms and pitching them and telling them what they are doing. So it’s always good to have a conversation early on with these on this phone.


Matt Watson  32:11

Well, the reason I bring it up is it’s it’s kind of its own, go-to-market strategy as well, right. And so in my last company, we would talk to Gartner and Forrester and stuff, but it felt like a complete waste of time. And we never got anything out of it. They didn’t they never like sent us any customers, like, I don’t know, I never got anything out of it. And but I was also wasn’t trying to sell to large enterprise customers like you. And I also didn’t necessarily have like a, I wasn’t really like a bright, shiny new thing, you know. So if you guys are kind of a bright, shiny new thing that nobody’s ever seen before. I’m sure they they take more interest in it, but does. That’s why I bring it up. For those who are listening are thinking I don’t know if I want to deal with these analysts or not. And I think it takes the right kind of product, the right kind of company, the right industry, all that stuff where it could be useful. So for you guys, do they do they help send your customers?


Anurag Gurtu  33:05

See the objective of endless forms is not for them to send your customers. The objective that we approach these and this forms with is to tell them about this technology, and then see if they are if they’re writing articles or research papers, aligning, aligning to that content and seeing if you can get mentioned as one of the vendors in that, right? And the reason you want to do that is because they have very broad outreach of customers and clients. And when they are reading these research papers from these analysts firms, if your name is mentioned, you have a very strong view. I mean, you could have foot in the door, right? Yeah. If you and this is about startups, right. But if you’re a very mature organization, obviously these firms help a lot because they have, I mean, Gartner has Magic Quadrant and Forrester has its Wave, right? And they will do these placements. And these placements do make a difference, especially with very large organizations who would only go for the top right Magic Quadrant and we’ll look at top three players in it and then consider them for an RFP or an eval, eval. So it just depends on where in your journey as a company you are. And what is your objective to engage with them? I mean, if you’re a startup and you’re expecting these endless forms are going to get you customers. I don’t think that’s going to work. Yeah, that’s a strong position. Yes. It’s gonna help. I mean, depends on how you how they place you how they how they see you, but if you’re placed in the right quadrant, yes, it’s definitely going to help with


Matt Watson  34:44

Did you guys make Forrester Wave or any of that stuff?


Anurag Gurtu  34:47

So for us to Wave there is Forrester Wave and Gartner MQ they there they are well established categories. So that means the category has to be there for years. For for it to be exist in. And then second thing is you have to have multiple players to establish a category., right? Right, you’re working on a very disruptive product. It takes quite a bit of time for a category to establish, for example, about Tesla’s right? Tesla was disrupting EV market and Ammar the category was non existent for almost 10 years. I mean, the category is now getting established with companies like Rivian and Fisker and Lucid and other some of the companies which have already filed for bankruptcy. But now the category is getting established in US market as EV. Internationally to there are a lot of players in that space. But the current category never existed. People thought like Tesla cars like golf carts, and they will just like they look ugly, and they will maybe move at 10 miles an hour. And then that that’s about it. They’ll take forever to charge but I mean, yeah, it just takes time. And that’s true. Yeah. Okay, products better in cyber or any other space.


Matt Watson  36:03

Well, so what what is what is next for StrikeReady? You’re looking five years in the future, right, like, that’s your job. So what does the future hold for cybersecurity?


Anurag Gurtu  36:14

I think the future for cybersecurity is it’s gonna like like we have seen, I mean, we only are getting a glimpse of how LLM and other technologies advanced technologies can can be used and will be used to create extremely sophisticated malware and compromised organizations. So it’s pretty evident that cybersecurity is not going away. The war between the attacker and the defender is going to get worse. And the shortage of people will still remain obviously, there are a lot of universities which are focused on cyber but the shortage will still remain because a student coming out of grad school or an undergrad school doesn’t have the experience. The industry experience which is needed. So there will be there wil,l still be a need for the next five years to augment them with a with an AI-based technology. And we are just doubling down on that at this point.


Matt Watson  37:11

All right. Well, I do remind everybody if you need to hire software engineers, testers or leaders Full Scale can help we have the people and the platform to help you build and manage a team of experts. When you visit FullScale.io, all you need to do is answer a few questions on our platform match you up with our fully vetted, highly experienced team of software engineers. At Full Scale, we specialize in building a long term team that works only for you. You can learn more at FullScale.io. Well, thank you so much for being on the show today. I think cybersecurity is super fascinating. It’s one of those things. It’s almost like HR, it’s one of those things that really small companies try to avoid until it like they really need it or becomes a problem. But you know, once especially once you have a lot of revenue in your business, you’ve got a lot of sensitive data you got to worry about, you know, set sock to all this different stuff security, and it all becomes important and people need tools like you’re so eventually we all get there and need services like yours.


Anurag Gurtu  38:12

Absolutely. And for the pleasure, Matt, speaking with you as well. Thank you so much for covering cybersecurity and having us on the show.


Matt Watson  38:21

Awesome. So again, everybody this was Anurag Gurtu with StrikeReady, and your guys’s website is just strikeready.co. You guys can check them out. And thank you so much for being on the show today.


Anurag Gurtu  38:34

All right, thank you, man. Have a great day.