Every business has an origin story. So, how did Axonius come into being?
That’s the question Chris Cochran and Ronald Eddings posed to Axonius CEO and Co-Founder Dean Sysman at a recent episode of their Hacker Valley Studio Podcast.
In this excerpt from the podcast, Dean provides insight on what led him to identify the market opportunity for Axonius: his realization that many CIOs and CISOs still struggle to answer the simple question, ‘what devices are on your network and where?’.
Editor’s note: The following transcript has been edited for brevity and length.
Can you share the founder’s journey and how Axonius started?
Dean Sysman: While working at another cybersecurity startup, this huge U.S. company reached out to us and said, ‘We want to do a bakeoff of a deception product.’ I flew down to their Midwest headquarters to deploy our solution. Like most deception technology vendors, it was based on something similar to honeypots. We deployed our solution, then after about a couple of days, we saw something interacting with it.
It wasn’t just interacting, it actually used a credential that we put in a real machine to install code on our decoy. We looked at this code, the IOCs, and it seemed like an active group that had been attributed by other companies to the state-backed Chinese hackers.
At this point, you would imagine me to be really like, ‘Yeah, we nailed this POC.’ I showed it to them, and they said, ‘Thank you for showing this to us. Let's keep working.’
I was a little surprised, so I said, ‘Why isn't this more surprising to you guys?’ They said, ‘We got a tip that this might be happening and that's why we brought you guys in. But there's not really much we can do about it now.’
I said, ‘Look, there’s a host name, there's an IP address that they’re operating from and we can look into that machine to understand more.’ They said, ‘We're not going to be able to find that machine. This is a part of the network that we don't really understand well.’
I said, ‘This looks like an endpoint, a workstation, at least based on the MAC address, and if there's a person behind the keyboard of this machine and they want to say install Office, what happens?’ They said, ‘They'll open a ticket and then IT will use one of the tools that we have to manage endpoints to install that software.’ I said, ‘Fantastic. Which tools are those? That way we can go into the tool console, look up the IP or host name."
They said, ‘We don't know,’ and I said, ‘What do you mean? How many tools do you have?’ They said, ‘We don't know how many.’
They ended up giving me this list of about 20-plus tools. We went through the ones we had access to, and still couldn't find it. Then we went to the SOC, the networking team, and it was the same.
There was really no way to understand what this thing was.
I go to them the next day and ask them, ‘Do you know how many devices you have?’ they go, ‘Yeah, we have between one and a half to three million.’ And I said, ‘I'm not trying to be offensive here, but doesn't that mean you don't know?’
They said, ‘No. The network's really dynamic.’
The more I talked to them, I realized it wasn't that they weren't doing their job well. It's just that this was an industry-wide problem. Then I started asking every CISO, every CIO I would meet, ‘Do you know how many devices you have?’ And they would say either, I don't know, or give me a really wide range to mean the same thing.
Listen to the podcast episode, “Living Your Values With Dean Sysman” to learn more about Dean’s journey, the many values he brought to Axonius, and how he figured that the determining factor of success was realizing the problem that the organization needs to solve and focusing on the customer’s experience.