Ziften flags key Board reshuffle

Austin-based endpoint protection specialist Ziften has expanded its Board of Directors, naming venture capitalist and entrepreneur Dave Lin joining as a new director, with entrepreneurs Patrick O’Reilly and Jonathan Hung joining as board observers.

An experienced entrepreneur, investment fund advisor, senior operations executive, andinvestor in early-stage companies, Lin serves as CEO at Lin Ventures where he represents clients including Ad Hoc Labs, eSalon,PPG, and Slack.

Dave Lin

Prior to the formation of Lin Ventures, he held operational CEO and lead investor positions with nationally and internationally branded companies such as Maker Studios, OfferBuys.com, Upfront Ventures (formerly GRP Partners), PriceGrabber, Experian, Montgomery & Co., and UBS.

Patrick O’Reilly

Patrick O’Reilly, a recognized technology strategist and serial entrepreneur, joins Ziften as a board observer having served in the Office of CTO Cloud Computing for Cisco following senior level technology posts with Wikimedia Foundation, OmniTi, Schematic, Media Revolution, SonyPictures, and PHP Group.

He also served as CEO at Kismatic where his stewardship positioned the start-up for acquisition by Appenda. After the successful sale of his company Orly Atomics, O’Reilly became a senior adviser to Mesosphere and joined the governing board of the Cloud Native Computing Foundation (CNCF).

Jonathan Hung

Hung brings to his board observer role an extensive background in operations senior management, finance, business development, multinational business strategy, entrepreneurship, networking, and data analysis. As President of United Overseas Textile Corporation, Hung played a pivotal role in helping establish the global clothing and textile family business as a leader in the design and manufacturing of apparel in partnership with such major retailers as Amazon, Burlington, and Costco.

Hung is also the co-founder and served as CEO at Legacy Pioneers, a technology company dedicated to building the next generation of leaders by providing families with its unique educational, training and mentoring platform.

Ziften looks to Microsoft partnership to disrupt endpoint security

Heather Wright was in San Jose as a guest of NetEvents

Endpoint protection and response vendor Ziften has further extended its relationship with Microsoft, joining the Windows Defender Advanced Threat Protection advanced hunting project.

Ziften will provide analytics and queries so customers can conduct threat hunting for fileless – or zero-footprint – attacks across macOS and Linux platforms, with Ziften integrating with Windows Defender ATP.

Roark Pollock, Ziften SVP of marketing, said the partnership with Microsoft has been a driving force for Texas-based startup in the last six months.

In November 2017 the two companies announced that Ziften’s Zenith security platform had been integrated with Windows Defender ATP to provide a cloud-based single pane of glass view to detect, view, investigate and respond to advanced cyber-attacks across Windows, macOS and Linux endpoints.

Ziften was one of several companies Microsoft teamed up with in November as it seeks to add third party security to its Defender ATP offering.

The two companies co-sell into deals where Microsoft installs its Windows Defeder ATP endpoint on Windows machines, while Ziften installs its software for any Mac or Linux machines.

“The last six months working with Microsoft has been like going on a rocket ship,” Pollock said. “Our business was going well before we got the Microsoft business, but now it’s like being on a rocketship.

“Before the partnership we were slowly looking to expand into Asia and Europe but now it’s happening almost overnight.”

In January, Ziften rolled out a fast-start channel programme to recruit and onboard Microsoft resellers. While Ziften’s traditional partners tended to be smaller, specialist security partners, Microsoft has much bigger partners, selling its entire suite, from Azure to Windows to Office 365. Pollock said Ziften is currently on-boarding ‘a lot’ of those new Microsoft partners.

The fast-start launch was followed in March by the opening of an Australian and New Zealand office, headed by Greg Kieser – ex-Dropbox – as ANZ country manager, based in Sydney.

“The Microsoft team in Australia was by far the first and most aggressive part of the Microsoft sales organisation in picking the partnership up and rolling it out to customers,” Pollock

“We very quickly started going on customer visits with them and they introduced us to distributor Insentra who we’ve signed with.”

As part of Microsoft’s co-sell programme, Microsoft staff receive commission for selling Ziften into joint customers.

Pollock said Microsoft has taken Ziften into very large enterprise deals, which Ziften would previously not have been considered for.

He said more than 50% of Microsoft’s Windows 10 enterprise customers are using Windows Defender, while Gartner has told Ziften Microsoft is the most asked about endpoint detection and response tool by enterprise customers.

“There’s a huge opportunity for Microsoft and Ziften to disrupt the endpoint security space both on the endpoint protection platform side and on the endpoint detection and response (EDR) side, because if customers start adopting what Microsoft is doing… We’ve all heard of Netscape, Lotus Notes, Word Perfect, all of these tools that have been displaced by Microsoft because they have embedded these tools in their operating system.

“There’s an opportunity for the antivirus and EDR space to get disrupted in the same way – that’s one of the big reasons we wanted to work with Microsoft. If they’re going to disrupt this market it’s better to be a partner than one of their competitors.”

Pollock said the two companies solutions are similar architecturally, providing visibility into devices and taking data from the endpoint into the cloud where security intelligence and analytics are applied to discover breaches or threats.

“A lot of detection and response tools today are very much focused on looking at real time data,” Pollock said. “We do that but we also collect that data so you’re not just looking at real time data. We store up to six months of data by default and a lot of customers buy 12-18 months of storage capacity.

“What that means is that once I identify a threat or breach on any device I can go back and see where it came from, how long it has been in the environment, how it got in, where it started and moved to…Having that history enables you to root out where it started and eliminate that whole kill chain and not just an individual instance on an individual device,” he says.