De-Coder’s Ring

Consumable Security and Technology

Category: cybersecurity (page 1 of 7)

Startup Series: Life at a Startup

My colleagues know (since I talk A LOT) that I’ve had a long loving history for startups.  Like, Honest to God, hired by the founders as the first engineer (twice) kind of startups.

The first one was a very slow process to go full time at nPulse Technologies.  Randy, the founder, and I had been friends for years.  He started this packet capture company as a lifestyle company.  Something fun to do, enough to make a living, but that’s all.  For a while, I’d bill him $500/month to write a web app and some APIs to pull packets off this appliance.  We didn’t do the SaaS thing, or the PaaS thing.  We built a linux based server that had our software running.  After a few years of that, he and his co-founder decided they wanted to make nPulse a real thing.  He pulled me in as VP of Development, and it was off to the races.  By the end of the first year, we had approximately 5 full time employees.  2 more years, and we were up to 30 by the time we got acquired by FireEye.    I stuck around FireEye for a bit, but decided it wasn’t for me, and went to a big bank.  It had been approximately 10 years since I worked for a Fortune 500 company.

After two years of ups and downs (yeah, I keep it real in my blogs), I got a call out of the blue to join another company as VP Engineering.  This one was different.  I started day one with another developer at Perch Security.  The founder hadn’t quit his day job yet, but he had landed enough funding for us to get started.  I got to build a network monitoring appliance, that shipped MASSIVE amounts of data to a cloud service running at AWS.  There, data went through a pretty big orchestration to ultimately land up in Elasticsearch for storage and search by customers.   Speaking of customers, we started signing them up early, and often.  I stayed there for 14 months, until I was confident the infrastructure and code was solid, and due to many reasons, came back to the previously mentioned big bank.

Here are a few observations:

Startups are HARD

There’s no such thing as a slow day, if you have customers.  Customers demand quality (duh) and if anything goes wrong, you have to fix it immediately.  There’s no “oh, I’ll fix it when I come in in the morning”.  Small bugs, big bugs and crashed systems.  It was critical we kept everything top notch, especially when we were trying hard to find new customers, and leverage the good will and good word of our early ones.

Scaling is HARD

Five network sensors is easy.  It looks like things will scale, since all the tools are there to scale…. then one day, it stops scaling.  Add nodes, it still doesn’t scale.   Something is wrong.  Rewrite… and fast.  I switched data platforms three times with no downtime or loss of data.  Using intermediary queues like SQS, Kafka, etc is critical for scaling.

Building things is fun!

I shine when I get to build new things.  Give me a whiteboard, and I can fill it up with a pretty darned good solution.  Building an MVP is my dream job.  I get to write just enough code to prove a point, or try out a new approach.   Then it gets harder

You can make a big impact

You can make a big impact at a large company.  You don’t need a tiny company to make a big impact.  Heck, I think I make a bigger impact here.   At my last startup, Perch Security, I had a team of Cyber Security Analysts and a team of engineers.  We were up to around 30-35 customers.   That was awesome!   I could say “I built this!”..    at the bank, I’m supporting our messaging platform as the embedded technical lead, technical platform owner, whatever you want to call me.  A huge enterprise platform with over 150 developers that sends notifications and emails to every customer account holder…   Talk about an impact!

Good and Bad

Startups can be a blast.  They’re not all foosball and free lunches.  It’s collaboration at its finest, because you know everyone involved is onboard 100%, or they will lose their job.  Not by being redeployed in a down economy, but, because if they fail to deliver, the company goes under.

When a startup succeeds, and grows, and gets acquired, then it can be REALLY rewarding for those early folks (I’m still holding out hope on my Perch stock!)

Want to talk about startups? hit me up!.

Podcast – John Lockie on Tech (part 2)

This week is another great interview with John Lockie.. well, really, it’s a continuation of last week’s that you can find here:  Podcast – John Lockie Interview (part one)

John goes straight to some solutions for networks (capture all the things) as well as credential monitoring (“they pop shell ridiculously easy”).

Listen to the knowledge!

Finding Solid Information

Ever find an eye-opening new source of information? Not technical information, like javadocs (are they still a thing?), but personal growth information.

in the old days, we had technical sources like slashdot, freshmeat, digg  etc.. but, times have gone on, and now we have other places we can read regularly to keep up… here are some links and reasons why I love them:

Web Sites
https://www.reddit.com/r/programming/ – Lots of technical stuff.  New, updated code, procedures, standards, etc.

www.reddit.com/r/startups – I have a great deal of passion around new companies and people getting up, killing it and dragging it home.

https://techcrunch.com/ – Tech Crunch is great for big industry news, and a nice place to find information on up and comers

https://news.ycombinator.com/ – Hacker News – Great place for anything tech related, up and coming

Podcasts

Civics 101 – Not tech, but, crazy informative and a must listen for any US citizen and anyone who wants to learn how the US works.

http://www.npr.org/podcasts/512508710/civics-101

Science Friday – Cause, Science

https://www.sciencefriday.com/listen/

Source Code Podcast – This is new for me, and fantastic:

Podcast

 

What am I missing out on?!

Podcast – John Lockie Interview (part one)

Over the next few months, I plan on doing a big podcast binge on cybersecurity careers and will continue my focus on technology.

This week’s episode, John Lockie and I talk about his background and how it’s not the traditional path into cybersecurity if there really is one.  He affirms my beliefs in regards to CISOs with music degrees.  You’ll never guess what he says!

Find John on Twitter:  @thedefensedude

Please find and subscribe to the De-Coder’s Ring” in iTunes, and I’d be ecstatic if you gave me a great rating.

Leave feedback below about this episode!

 

Threat Hunting: Wireshark

Here’s the delayed 4th video!    Wireshark

I do a quick overview of loading a PCAP file within Wireshark, to do some analysis of packets and TCP reassembly.

Sign up for my mailing list above to get information on new podcasts and videos.

This is the last step in the education before jumping into Suricata next time!

Older posts

© 2017 De-Coder’s Ring

Theme by Anders NorenUp ↑