The cybersecurity industry has developed a reputation of sorts for rolling out complex solutions to complex problems. With many of these solutions, the user experience takes a back seat to their features and capabilities, often leaving security practitioners to trudge through their high-friction user interfaces, presumably in exchange for some “better” functionality.
While the status quo in the cybersecurity industry has seen an exceptionally low bar for user experience, there is at least one company whose user-first value proposition transcends its products and reaches all the way up to its brand: dope.security
In this alphaMountain customer spotlight, we sit down with Kunal Agarwal, CEO of dope.security, to learn more about how a focus on customer and user experience has propelled his company to international success in under two years:
alphaMountain (aM): Tell us a little about dope.security. What’s your origin story as it relates to Dope? Specifically, what was that “a ha” moment for you where you just knew you had to break out and do things another way?
Kunal Agarwal (KA): When you’re from the Bay Area, “dope” is a word we use colloquially pretty much every five minutes. One of the beautiful things about software is that if it does well, you’ll see it used everywhere in the world from Riyadh, to Cape Town, to London, and New York. I wanted to bring a bit of California to the world with dope.security!
Ultimately, “dope” means very good, and for us, it means that you have the passion, best designed UX, and attention to detail that I found was just missing in my other organizations. These were fundamentals I found missing at my previous companies, people just didn’t place an emphasis on that, and at dope we do.
So, the moment where I found I couldn’t be as passionate as I wanted to was when I left and started dope.security.
aM: Who is the typical buyer of dope.security within an organization? Are you focused on any industries or are there specific company demographics or use cases where you’re particularly strong?
KA: dope.security is typically purchased by the CISO within the underlying organization. This is one of the more mainstream cyber products purchased just because of how it helps most organizations control the internet. Without a secure web gateway, anyone could access anything on your corporate network, from malicious websites, to personal cloud apps, to unwanted content like piracy or adult websites.
We have customers who are huge (over 30,000 devices) to small (about 50 devices), but our sweet spot is organizations with 1,000 to 5,000 employees who are looking for a much more beautifully designed solution that is built for today.
We sell into every industry!
aM: You’re in a space that has a lot of competition, including some of the largest vendors in the cybersecurity industry. If we were on a pre-sales call and I mentioned that we use one of your competitors, what’s your move? How are you going to get me to the next step in the sales process?
KA: Usually the objection handling kicks in! It really depends on the customer, but typically using a secure web gateway comes with one major hurdle around re-routing of internet traffic to a datacenter.
When this occurs, the internet is much slower and unreliable, especially in non-metro areas. Think about it. You’re rerouting and using a tunnel for all Internet traffic! Customers also have to deal with the very complex management headache.
Although people are typically aware of these challenges, there’s never been a suitable solution until dope.security with our Fly Direct architecture and beautiful UX built-in!
aM: It’s been an interesting couple of years in terms of the overall cybersecurity market and it feels like a very different environment as compared to a relatively short time ago. From your perspective, what’s different about 2024 from say 2022 when you founded dope?
KA: It’s a bit of a gold rush. There are tons of cybersecurity startups out there these days. Unfortunately, it can cause a lot of noise which has brought even more focus on differentiation not only from a product perspective, but also as a brand. Unless you can clearly state how your mission is different from others, you’re just another startup dumping money into LinkedIn ads.
Everyone has to have a unique strategy on how they approach it. But, the gold rush has left customers tired of hearing about a new startup everyday and a bit jaded about it. Not every region is like this though. We see it mostly in the US.
aM: Since your product puts the user experience front and center, tell us: what makes for a good user experience in your view?
KA: It seems simple but you have to put yourself in the shoes of a user or product admin. It’s not all about just the UI alone.
Consider if you try to install a software and it fails with a generic error again, and again, and again. It turns out that when you installed it, you didn’t extract all files from the zip file, and there are some dependencies there. In the meantime, you’ve contacted support, waited a day, done the back and forth, and finally, the answer was to extract all files to disk.
Would it not have been better if the installer had a fast fail if it couldn’t find those required files? These types of small micro-interactions can completely change the overall user experience.
Take that concept and wrap it around every aspect of the product, then you will have an incredible user experience!
aM: Artificial Intelligence has been a fast-moving story lately, especially in cybersecurity. What is the AI story inside of dope? How are you leveraging it or what are your plans to do so? Has the drumbeat of AI accelerated or impacted your product roadmap in any way?
KA: I’m a big believer in using off-the-shelf components. Do you need a database? Great, go use AWS Dynamo or RDS. Don’t build what you don’t have to. AI is a similar component where we can leverage it without having to go into pytorch or huggingface and starting from scratch.
I’ll give you two examples of how we’re using AI.
alphaMountain’s URL classification uses a set of multiple machine learning models to rapidly classify a URL into some number of 89 categories. There’s a ton of fine tuning required to establish the difference between Lingerie or General Adult Content, but alphaMountain’s AI has automated this categorization whereas in the past, at Forcepoint and Symantec, we relied heavily on manual categorization.
It was a huge rocket booster not having to understand or develop any of this ourselves and instead rely on the expertise of individuals at alphaMountain who I’ve known for almost a decade and who also built the original Webpulse categorizations at Bluecoat!
The second example is our CASB Neural DLP which uses OpenAI’s large language models. Data loss prevention capabilities have used sets of pattern matching and regular expressions for decades. It’s fine, but it leads to tons of false positives and lots of tuning. I remember an aircraft manufacturer had 10s of thousands of incidents daily and most were false positives!
This capability is being released next month and it uses large language models to comprehend the data and do DLP in a completely new way. We call it Dopamine, which is a summary of the document and whether or not it’s considered sensitive such as PII, PCI, PHI, or IP.
Consider building all of this internally at a startup. It wouldn’t be possible at all in a short period of time! That’s why we always leverage the best of the best when it comes to AI at dope.
aM: Finally, you’re leading a startup and, of course, that comes with its own set of challenges. If you woke up tomorrow with a magic wand and could change one aspect of your job, or solve one internal challenge, what would it be?
KA: I have worked with some of my closest colleagues for the last couple of years, so I can’t complain! We’re super excited to build with passion and the attention to detail we were never able to at previous organizations.
And, we can even get to do all of our side projects like the fashion and clothing. I hope you get a chance to see our hand-painted jackets in person!
Thanks for reading and we hope you enjoyed this interview with Kunal at dope.security. Be sure to get a demo of their secure web gateway to see about making the lives of your security practitioners a bit more enjoyable.
If you’re interested in learning more about how you can plug AI-powered threat detection into your web security products, sign up for a free account at threatYeti.com and explore the alphaMountain diFFFerence in our Freshness, Factors and Fidelity.