Co-founded by former McAfee CTO George Kurtz in Irvine, California, in 2011 and funded by the likes of Google Capital, CrowdStrike has become the go-to cybersecurity agency for Wall Street and major corporations. --As told to Will Yakowicz
My light-bulb moment for CrowdStrike happened when I was on a plane. I noticed a passenger take out his laptop and turn it on. McAfee software popped up and started to scan the man's machine. The guy was waiting for 15 minutes. He was waiting and waiting and I was just sitting there, the CTO of the company that makes the technology. I realized there must be a better solution.
That's when Dmitri Alperovitch, who was the vice president of threat research at McAfee at the time, and Gregg Marston and I decided to build a security company entirely on the cloud. CrowdStrike became the first native cloud security solution, which means that it's lightweight and nimble and doesn't slow down the user's machine.
Every year, like clockwork, Warburg Pincus, the private equity firm, called me to see if I was ready to start a new company, because they wanted to invest. In 2011, I finally said I was ready to leave, and I pitched them on a Saturday morning via Skype with a 25-slide deck. They gave me $25 million--essentially $1 million per slide. The joke was that I should've made 30 slides.
I started programming video games in fourth grade on my Commodore. In high school, I built and ran bulletin-board systems. Back then, it was the Wild West days and I had my first experience with hackers. I realized security was not fun and games. After I graduated from Seton Hall, I worked for Price Waterhouse, where we had one computer; we did all accounting manually. I built a mainframe program that extracted all the data from our customers' systems. When they moved me to the security team, in 1993, I was the fifth employee for that division.
In 1999, I co-wrote Hacking Exposed, a best-selling book for network administrators who needed to protect against breaches. After that I started my first company, Foundstone, which made the Inc. 500 in 2004. It detected and managed software vulnerabilities. In 2004, McAfee acquired Foundstone for nearly $90 million.
When we launched CrowdStrike, we built prevention-and-detection technology based on robust machine-learning infrastructure and artificial intelligence that looks for behavioral attack patterns and indicators of attack to identify bad actors. The old guard uses signatures, or how a file is named, to identify known viruses and hackers. There are unlimited ways a file can be named, but there are not that many ways to breach a network; if you look for that behavior, you'll know when someone is trying to get in.
We have a massive cloud that keeps track of all of these behaviors. We can tell if something is bad even though we've never seen it before. That's the same for our machine-learning technology. We can look at the DNA features of a file and based on past known bad files, we have trained our system to know whether something is malicious.
We're collecting 14 billion events per day across 176 countries. Our security intelligence unit, over 30 people out of 400-plus employees, functions like a mini government. They identify the known bad guys and track those adversaries and map them back to adversary groups around the world. We track about 80 nation-state groups and high-end e-crime operators, guys making a lot of money off ransomware.
Once a behavior is identified as malicious, the behavior and the profile of the hacker are fed into the cloud and every customer becomes immune to that hack. So you operate on cloud scale, rather than with a single computer, which is how legacy security software works. We can prevent breaches, because once we ID a bad actor, everyone is protected.