'7 Minutes' with SafeBreach VP of Worldwide Sales Neil Stratz

SafeBreach's platform provides a “hacker's view” of an enterprise’s security posture.

Edward Gately, Senior News Editor

April 13, 2018

6 Min Read

**Editor’s Note: “7 Minutes” is a feature where we ask channel executives from startups – or companies that may be new to the Channel Partners audience – a series of quick questions about their businesses and channel programs.**

SafeBreach, a provider of breach and attack simulation technologies, wants to give partners added capabilities beyond the cybersecurity tools they already have sold and are selling to their clients.

The company’s platform provides a “hacker‘s view” of an enterprise’s security posture aimed at proactively predicting attacks, validating security controls and improving security operations center (SOC) analyst response. SafeBreach automatically executes thousands of breach methods from its growing Hacker’s Playbook of research and real-world investigative data.

The company’s centralized management system incorporates the complete Hackers’ Playbook of breach methodologies, and manages a distributed network of breach simulators from a centralized location.


SafeBreach’s Neil Stratz

SafeBreach has expanded its partnership with Visa to become the first breach and attack simulation provider to integrate Visa threat intelligence feeds via the Visa Developer Center API. Through this partnership, Visa’s indicators of compromise (IoCs) add to the SafeBreach Hacker’s Playbook, allowing payment industry customers to validate security defenses against new simulations of real-world, critical attacks in less than 24 hours.

“Historically, the payments industry has been the sector under the most widespread and aggressive attacks from all manner of cyber actor,” said Guy Bejerano, SafeBreach’s CEO and co-founder. “As such, it is a sector that requires the utmost vigilance, agility and preparedness to not only withstand assault, but to repel it. With an ability to almost immediately simulate attacks just emerging in the marketplace … a customer can quantify the impact of an attack before it happens.”

Headquartered in Sunnyvale, California, SafeBreach is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer.

We caught up with Neil Stratz, SafeBreach’s vice president of worldwide sales, to get a deeper look into the company’s platform and value proposition to partners.

Channel Partners: Tell us what customers love about your product or service. What’s the secret selling sauce?

Neil Stratz: Our customers love us because SafeBreach, for the first time, gives them real data that proves whether or not their security stack is working. Every business knows the risk of breach is growing, and every company has deployed some level of security to defend against attacks. From firewalls, proxies, endpoint controls, identity management — everyone has many layers of defense. Companies also have alerting, action plans and dedicated staff trying to thwart attackers before critical data is exposed. But despite all this, the attackers are still breaching companies every day. SafeBreach allows customers to get ahead of attackers, by actually validating their entire security stack – people, process and technology – before a real attack occurs. With SafeBreach, customers safely unleash thousands of real attacks to validate real production security. If the attacks can find a way through, so can a real attacker. If the attacks are blocked, the techniques are …

… proven to be stopped. Since SafeBreach runs continuously, security is validated in real time, all the time. Ongoing maintenance, new products, changes to policy, new alerts — they are all validated as they are implemented. This ensures that ongoing security doesn’t accidentally introduce new risks, and limits exposure windows to hours, instead of months or years.

Bottom line: Our customers love us because we help them get the most from their security every day. We actually prove where they’re protected against attacks, and where they’re exposed, so they can eliminate gaps and stay ahead of attackers.

CP: Describe your channel program — metal levels, heavy on certifications, open or selective, unique features? Do you work with masters and/or distributors?

NS: SafeBreach is committed to the channel — we know our partners are working hand-in-hand with customers because they have often sold them the security tools customers are using to defend themselves. SafeBreach gives our partners the ability to prove the value of those previous sales, and to help deliver true consultative engagements by offering not just “some more security” but the exact right security to close gaps and stop attacks, based on real data.

CP: Quick-hit answers: Percentage of sales through the channel, number of partners, average margin. Go.

NS: We sell 100 percent through the channel. We have dozens of partners, and we offer competitive margins based on tiering, so they vary, as does the enablement. Our focused partners receive the most integrated enablement, and generous margins.

CP: Who are your main competitors, and what makes your offering better?

NS: Verodin, AttackIQ and Threatcare. Our main competition comes from legacy validation methods like vulnerability scanning or human-based penetration testing. While these are both reasonable parts of security hygiene, vulnerability scanning doesn’t actually address true risk, and penetration testing is too limited (by time, skillset and frequency) to be useful against today’s relentless attacks. Sadly, this fact is proven by the alarming rate of successful data breaches today. Traditional techniques simply do not allow companies to validate their defenses in any meaningful way — all too often enterprises only find the weaknesses in their defense after they have been breached. SafeBreach runs continuously, has the largest set of hacker methods, and generates no false positives. This means customers get real, actionable results, prioritized based on real risk in their real production environments.

CP: How do you think your technology portfolio will change in the next three years?

NS: The current trend of cyberattacks will continue, and likely get worse, over the next three years. This trend will drive continued acceleration among large and midsize enterprises, both public and private, who are often the target of these attacks. To stay ahead of this attack trend, SafeBreach will …

… continue to expand our Hacker’s Playbook of attacks, just as we have always done. New techniques are always added in real time, so our customers can be sure they are validating security against proven and wholly new attacks — both today and in the future. Of course, our customers are the main driving factor in where our solution will move over the next few years. As we see customers adopt new security tools and processes, we will ensure that we support those new use cases, and will continue to work closely with evolving business processes for streamlined and simple deployment.

CP: How do you expect your channel strategy to evolve over that time frame?

NS: Our channel strategy will, of course, evolve over time — but the main theme will be growth. We have great regional partners today, but as we continue to expand, we’ll be adding to those ranks, and adding new enablement programs to help our key partners grow and get more value from the relationship with SafeBreach. We are looking to add additional focused partners that will share in our success and for whom SafeBreach can drive key business over the next three years.

CP: What didn’t we ask that partners should know?

NS: Partners tell us over and over that SafeBreach is one of the best tools in their arsenal, because it’s not “yet another security control” — so it provides a new reason to have conversations, and a new way to add value. Since SafeBreach validates both security controllers as well as alerting and subsequent action/process, it’s a new way to drive return on investment across the entire security stack. This means our partners have a new way to provide high value, and further solidify their trusted-adviser status to the end customer.

Read more about:


About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like