In early 2016, Mike Armistead, Robert Hipps and I founded Respond Software to create something big that would make a difference for the security operations industry. We knew that by leveraging our combined backgrounds we could create a breakthrough solution to bring an end to console monitoring. Yes, you heard this right.
During those early days of the company formation, I was fortunate to recruit one heck of a team to help us. And, as a long-time practitioner myself, I wanted to find a way to share my experiences with a broader audience. With 22 SOCs built and 30+ counter nation-state investigations between us, this highly specialized and experienced group could share in the mental burn it required plotting the end of the status quo (which clearly isn’t working well).
However, extracting this team’s know-how in building Security Operation Centers and leading Computer Incident Respond Teams and then quantifying it into a mathematical structure seemed extremely complicated. It felt like enduring exploratory brain surgery. But, between Robert Hipp’s team of amazing developers, my team of security experts, and the injection of real-world situations by important design partners and early customer, we have successfully built a product that is already delivering on the Respond promise in the real world. I am almost reluctant to label our solution “revolutionary” because every founder believes they are doing revolutionary work.
But what we’re doing at Respond Software IS revolutionary. We’ve invented a practical approach to emulate and automate the decision-making and judgment of expert security analysts, a security operations solution that continues to learn over time. With our charter customers, we are measuring productivity that is orders of magnitude better than today’s SOC analyst at handling security events. Yes, I do mean ALL security events, continuously 365 x 24 x 7, with no funnel!
The genius of the Respond Software solution is that we enable scarce security professionals to be reassigned to a higher level of work so they can apply their creativity hunting for bad guys instead of watching events stream across a console. They can proactively manage security situations rather than triage alerts. We believe that this the only way the industry is going to gain on the modern threat. The end of the console is coming.
Chris has over 30 years of experience in defensive information security; 14 years in the defense and intelligence community and 17 years in commercial industry. He has designed, built and managed global security operations centers and incident response teams for eight of the global fortune-50. As he often says, if you have complaints about today’s security operations model, you can partially blame him. It’s from his first-hand experience in learning the limitations of the man vs. data SecOps model that Chris leads product design and strategy for Respond Software.View all posts by Chris Calvert