In this ESG On Location Video, ESG's Mark Peters interviews David Dufor, VP of Engineering and Cybersecurity of Webroot.
Announcer: The following is an ESG On Location video.
Mark: So Dave, we're back from the mayhem and the manic RSA. I thought we'd take advantage of this beautiful Colorado day to just recount a little from there. But before we talk about what went on at the event, one of the things when we talked last week that intrigued me was, I won't say the reporting structure, but what you have under your control. Can you talk about that a little?
David: Right. So at Webroot, we have a very large engineering organization that builds our products like you'd expect, but we also put our reverse engineer and our threat teams under that same organization so that we have a very tight relationship between what we discover and what we are finding out there in terms of threats, and then how that can be built into solutions to protect against those threats into our products.
Mark: And so talking about threat intelligence, how did you see that reflected at RSA this year?
David: So it was interesting to us, and I think a little bit surprising. Threat intelligence had been popular for a while. There were a lot of smaller companies trying to really do that threat intelligence piece, and we've been focused on threat intelligence for 10 years now using a lot of machine modeling...
Mark: Before everyone else was.
David: Before everyone else, we were really focused. We're in a lot of companies. People don't even realize it because we're in a lot of OEM appliances. And so it kinda became old hat for us and we were surprised at the resurgence and interest in threat intelligence. But now people...I think the industry has matured where consumers know what to ask, know what to look for. And so a lot of folks have actually disappeared because they were offering maybe lists or things of that nature. Where what a consumer looks for today is something that's more sophisticated, providing more on-demand, and it's updated in real-time, things of that nature. So it's been really good for us in terms of threat intelligence this year.
Mark: Quality really matters. You can have sensors and metrics and everything up the wazoo, but you've got to make sense of all this.
David: That's exactly right. You have to have that global network being able to collect it, you have to be able to analyze, process it accurately, reduce your false positives, that's a big machine model effort, and then you have to be able to, most importantly, get it to your customers and the people who need it in a timely fashion. All of that logistically, that's a lot of work, and I think a lot of people didn't realize the level of sophistication required to do that.
Mark: Well, talking of sophistication, that's a good lead into... As I understand it, Webroot's focus is on the SMB space, small and medium business.
David: That is correct.
Mark: How does that sophistication play to what you have to deliver because many SMB business are not gonna have a lot of security skills necessarily. And so you need to be easy, you need to be easy to use, you need to still be efficient and cost-effective. So how does all that play with what you actually produce?
David: So what has kind of happened for us is we've seen the, again, the market come back around where for a while there was a lot of focus on detecting and then alerting so that maybe a SOC engineer, somebody from a security operations center could evaluate what was going on. And that is great for the enterprise market, those higher end companies that can afford lots of people to sit and analyze. But our sweet spot is with the MSP and the SMB because we have a huge investment in automation, in prevention, in using our machine learning technology to actually detect, remediate automatically and alert on things that are critical that maybe are new or something that people really need to focus on.
Mark: You said the magic thing, you said machine learning.
Mark: There seems to be a rule in this industry now that you can't do any conversation like this, you can't go to any event, you can't write a white paper without talking about machine learning. But what does it mean to you? What do you bring to the party?
David: Right. So at Webroot, the fundamental belief we have is in automation, and it's something we've been doing since 2007/2008. From the engineering side, we're like, "Why is everybody talking about machine learning? We've been doing it so long it's kinda old hat." But again, back to the sophistication, it's not just building the machine model and having it analyze data, you have to reduce the false positives, you've got to be able to retrain models over and over and over quickly and then get those models out to your customers.
And I'm not talking daily or hourly, I'm talking continuously throughout the course of a day. You're training, standing up models, comparing to see if one is better than the other and you're continuously feeding data in. So again, none of this should matter to our customers. That's why we look at MSPs and SMBs. We don't want them to worry about that. That's what we do. But we've been doing this so long. We've got a very large sophisticated ecosystem that allows us to gather half a trillion data elements a day. We analyze that, we put it out, and we publish it into all of our solutions continuously.
Mark: You use the MSP model a lot.
Mark: Why do you do so and why do you think your eventual customers want that model?
David: Right. So we use MSPs because it's a great channel for us. We have great relationships with them. And because of the automation and the simplicity of our solutions, they're really attracted to our products. MSPs are challenging. They're very demanding, they're very vocal, there are a lot of them. So when something is not right, you're gonna hear about it. So for some reason, we like that. We work really well with them, we can accelerate delivery of new solutions that really lets us hone what we do and the products we bring to market and our sales folks, our marketing...we just have a really good relationship with the MSP market.
The second part of your question, if you're an SMB, why are you gonna use an MSP? If you're welding company in Oklahoma, you wanna weld stuff. You wanna invoice your customers at the end of the month. You wanna collect payment. You don't wanna worry about security. You don't wanna worry about your computer infrastructure. Now this day and age, everybody does need to worry about that. And so an SMB is attracted to the MSP services simply because it alleviates that concern both from an infrastructure support and a security perspective. So that's why SMBs are attracted to it, and we really have great relationships with them that we've developed over time. And so it's been a great boon for us.
Mark: It makes sense. I'll let you off the acronyms because it makes sense. Last thing really, getting away from Webroot, just for the closing question here. We've had a little bit of time and distance from RSA, just enough I think. I always think big events, it's so easy to just...you know, you're on the Kool-Aid, you're on the adrenaline. Any big takeaways from this year's event?
David: A couple of them. One was there was nothing that felt like the overwhelming theme for the first time in many years. You know, you usually walk out of RSA and something just was..."Boom. That was it." So I think people are starting to settle into security and they're becoming more demanding of what is being brought to market. So I think that's one thing. The other is, this is probably a bad word to use, but I think people are starting to look at how we Applefy security. They don't want the engineer developed solution that nobody can figure out how to use, they want things brought down market, simplified and available for them to simply implement and have it take care of their problems for them. That's really what I saw this time.