Lacework hires Facebook VP of engineering to advance cloud security platform

Did you miss a session from the Future of Work Summit? Head over to our Future of Work Summit on-demand library to stream.

Lacework, developer of a data-driven cloud security platform that has seen rapid growth in the market, disclosed that Facebook vice president of engineering Arash Nikkar has joined the company.

Nikkar had previously been with Facebook since 2013, and he started with Lacework last fall as the company’s vice president of engineering. The hire was not announced until today.

In an interview, Nikkar said he joined Lacework in part because the security industry “feels like it’s at an inflection point — driven by the increased adoption of the public cloud. The traditional approach to securing your footprint just will no longer suffice.”

And with a huge amount of room for growth in cloud, “I’m really excited to be a part of that evolution and that transformation, and tackle it with Lacework,” Nikkar told VentureBeat.

Parallels at Lacework

Before joining Facebook, Nikkar had spent five years at Hulu as its principal software development lead.

Nikkar said that while he hadn’t previously worked in the security space, he saw a number of parallels at Lacework with his experiences at Facebook and Hulu.

Like those companies, Lacework is a fast-paced organization that is anchored in principles such as being “customer-first, data-driven, and highly collaborative,” he said.

There are also parallels between his past experiences and the way Lacework is approaching cloud security from a technical perspective, Nikkar said.

“Both of them deal with tremendous amounts of data, and require building out real-time data stream processing systems. Both require building out complex, distributed systems. There’s lots of machine learning and AI and other types of statistical analysis, as well as building out this common shared infrastructure,” he said. “So while the domains are clearly different than those I’ve worked with in the past, there are lots of similarities in the underlying technologies.”

Polygraph

Central to Lacework’s platform is its Polygraph technology, which collects and correlates massive amounts of data, detects potential security issues, and prioritizes the biggest threats for response. Key capabilities include ML-powered anomaly detection and deep visibility across cloud and container workloads. Additionally, the platform reduces alerts to an average of 1.4 per day and false positives by 95%, according to the company.

In terms of technology, Polygraph is “what caught my attention the most” at Lacework, Nikkar said. The technology contrasts with the traditional model where a security team must constantly evaluate and rewrite rules for anomaly detection, he noted.

“Polygraph just takes a much smarter approach—where you’ve built a baseline and you’ve applied machine learning to detect anomalies,” Nikkar said. “And you can cover far more breadth and different types of use cases.”

Founded in 2015, Lacework ranks among the best-funded and highest-valued privately held cybersecurity vendors, with the company most recently raising a $1.3 billion funding round in November that brought a post-money valuation of $8.3 billion. Lacework was originally incubated at Sutter Hill Ventures, following a model used to launch two other tech industry success stories, Pure Storage and Snowflake.

Growth surge

While Lacework doesn’t disclose specific metrics for its growth, the company “has been growing at 3.5X, year-over-year, on most of these metrics,” Lacework co-CEO Jay Parikh said in an interview. Customers include Snowflake and Pure Storage, as well as VMware, Cloudera, Reynolds Consumer Products, Nextdoor, and Brightcove .

With its strong growth and recent funding, “we’re scaling up what we can offer, investing in R&D, investing in our channel and partner program ecosystem build-out,” Parikh said.

Before coming to Lacework last July, Parikh had also previously worked at Facebook—from late 2009 until February 2021—in the role of vice president of engineering.

Nikkar is working under Parikh at Lacework, and he is the first major hire at the company for the co-CEO.

In terms of product development priorities looking ahead, Lacework will continue looking to advance its platform and its patented Polygraph technology, the executives said.

Advancing the platform

Lacework is built atop the Snowflake data platform and excels at collecting, processing, and normalizing data—and then deriving insights for customers, according to the executives. Lacework will continue to look at increasing the visibility and insights its platform can provide around the data being gathered from customer environments, the executives said.

“You’ll see us continue to evolve in terms of what types of insights we can provide—because we have both the understanding of the developer environment as well as what’s happening in your actual runtime environment,” Parikh said.

For example, with the Apache Log4j vulnerability disclosed in December, Lacework brings the ability to both scan for the vulnerability—and detect which specific binaries have the bad packages—while also showing in production where the flaw might be exploited, he said.

“Some companies can just do the scanning, but they can’t do the production analysis,” Parikh said. “We can do both, and it’s all on the same platform.”

This makes Lacework stand out from other cloud security players that are offering point solutions, he said.

“We fundamentally bring a different approach,” Parikh said. “And we can innovate faster and we can provide a much more comprehensive, end-to-end approach—because we’ve invested in building out this unique platform approach.”

Building the team

Along with continuing to drive the development of greater visibility and insights for customers in the Lacework platform, Nikkar’s priorities at the company will include building out a “world-class” engineering team, he said.

This will include hiring cybersecurity experts who bring deep knowledge of the space, as well as bringing aboard “people who don’t necessarily have any experience in the security domain,” Nikkar said.

“We look for folks who are intellectually curious, eager to learn, and comfortable dealing with a ton of whitespace and ambiguous problems—and who are genuinely unsatisfied with the status quo,” he said.

Because Lacework’s platform takes a “holistic” view across a customer’s cloud footprint, having a team that can bring different ways of thinking about big problems is essential, Nikkar said.

“We’re building really strong security domain expertise, as well as taking people who’ve solved problems within different domains—but have a lot of parallels to a lot of what we’re doing here in building these large-scale systems,” he said.

Ultimately, Lacework is “building technical systems that folks have never built before,” Nikkar said.

VentureBeat

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Source: Read Full Article