The Security Podcast of Silicon Valley

Episodes

About

Blog

Subscribe

The Security Podcast of Silicon Valley

The Security Podcast of Silicon Valley

Episodes

About

Blog

Subscribe

The Security Podcast of Silicon Valley

Episodes

About

Blog

Subscribe

12. Founder Dan Sherry and Co-Founder Grace Chi deep dive into Pulsedive, Demystifying Threat Intelligence

Welcome, everyone, to the Security Podcast of Silicon Valley. I am here today with two very special guests, Dan Sherry and Grace Chi. Dan Sherry, he is the founder and CEO of PulseDive, a security startup. Dan has years of experience at doing incident response, security engineering, and security operations across both government and Fortune 500 financial services.

He is all too familiar with the struggles of filtering noise from open source threat intelligence and sees PulseDive as the first step to solving this problem. And Grace is co-founder and COO of PulseDive. Grace works closely with defense, security, and in particular, cyber threat intelligence teams to support and the development of integrated intelligence capabilities and programs. In addition to enabling the growth of CTI teams all over the world, Grace is an avid watercolorist on the weekends and a hyper-serious cooperative board gamer.

Oh, what's your favorite board game? I have many, but the more stressful and the bigger headaches it gives me, the more I like it. So XCOM has been one of my favorites, not the video game, the board game. Oh, that's awesome.

That sounds really stressful, actually. There's timers that range from like 5 to 15 seconds to do a bunch of tasks, and everybody is like contingent on each other because you have a budget, you have a military, and you're fighting aliens who are invading the world and descending upon you. There's like intense music background that plays too. And it is like, why do I do this to myself?

But it's also so much fun, and you still feel competitive because you have this shared enemy. But unlike cooperative games where sometimes people talk too much, you don't have that time. You just have to make decisions and move forward. So it's like being in a startup.

I'm super happy that you have a decompression mechanism that works best for you. And I might pass on any board game invitations, but no, she comes from a deeply unconventional and interdisciplinary background, including academic studies in neuropsychology, product marketing roles, and a lifelong affinity for mixed media and visual arts. Grace draws on her multiple disciplinary love of learning to enrich her work and place in the cybersecurity community. Welcome.

Welcome to the show, guys. Great to have you both. Would you like to share a little bit about what PulseDive is and the problem space? In short, PulseDive, we are a cyber threat intelligence startup.

We offer both platform and data, and our users are vast majority, like blue team defensive security, security operations center, incident response, threat hunting type practitioners in the cyberspace. But it is global, you know, every continent except Antarctica right now, and teams small and large, both within the dedicated cyber services and vendor space as well as institutions and enterprises. What we offer is enrichment, kind of external scanning and scoring of various indicators of compromise.

And then we correlate all that within different threats, different threat actors, and allow our users to really access like transparent, raw, but structured data, pivot, and bring that in so that it helps them in their investigation, research, and analysis in producing finished intelligence. One major component that we have as well is that we try to be very versatile technically and very intuitive for the UI and the analyst.

So while we have users who are engaging in a more manual way or conducting very sophisticated research based on their expertise and their understanding of their threat environment, we also allow for a ton of automation and interoperability across other tools and solutions because the security space changes all the time so that you can really plug and play PulseDive through API, through feed, and get our intelligence and our enrichment however you need it. No, that sounds very powerful, especially the opportunity to automate a lot of those processes.

So as a quick example of how you might help, I know one of the huge challenges that folks face is just making sure that those layers of security that we set up don't allow for bad actors into our cloud environments or even our data centers if you're on-prem. So PulseDive, essentially, it fingerprints or scans the network for the traffic that's known to have malintentions. Is that? Malintent.

I like that. Yeah, so we offer a portfolio of products and offerings. So like at the most basic level, we have a freemium community tier. Anyone can use it.

You don't even have to register. Like you can go in and conduct some passive or active scans, pull back data, and then never even have an account with us. And we do that very intentionally. Those users are typically who are getting started in threat intelligence.

Oftentimes, we. . . I have a lot of grateful users who are IT, but also have to wear the security hat, but they have no budget, they have no resources, and they need to do some manual research and triage based on their, you know, team needs, and they're trying to grow.

At a more mature level where, you know, you might be paying for the commercial API or the feed licenses with PulseDive, that's when you can automate enrichment based on things coming from your SIM or building into a workflow for your source. So there's like IPs, domains, URLs that are coming through. You push it to PulseDive scan, pull all that data back, take actions, look at the score, you know, whatever that is, or you can bulk enrich alerts that come in as well. And then at the highest level too, we offer an enterprise tier where you get to configure really your version of PulseDive.

It is your instance. It is private to everyone except your organization. You get to really then look at what threats matter to you, configure your own sources of data, internal and external, and then use PulseDive as that like data analytics and threat intelligence database layer to then operate and have that feed into your integrated program. Yeah, that's really important stuff and a complex space, keeping our bad actors out of our cloud environments or on-prem, especially with that enterprise-grade offering that you have.

It sounds like it fits the bill really nicely. So being in the security space, oftentimes I find, especially with founders, that goes, it ties into something maybe from childhood that really shaped who you are, how you see the world, and giving back to the security community in such a concrete way, especially with that free tier, it sounds like a great starting point for a lot of folks. But maybe there's a story or something that you'd like to share that really speaks to what gave you maybe some of these values to look at this difficult problem and take a lot of time out of your life to help solve it and build a more secure future for everyone.

Yeah, I mean, I think like when I was in college, that was around the time that like Facebook was like getting huge and when the social network came out. And so for a long time, I wanted to, I knew I wanted to start a company and try to be one of those overnight founderships. And so I had like these apps that I would make in college to try and build a business around while I was studying cybersecurity. When it started working, the job itself was really fulfilling.

So I knew I kind of wanted to do something within cybersecurity because it was not only the opportunity to build a business around that, but also something that actually did important work. And so when I was working, I mean, that was kind of when I ran into the problem of like, okay, you know, we're collecting a bunch of data. How do we leverage all that so we're not hunting for the same things that people already know about? And so that problem was, I mean, it was like the perfect candidate to build a business around that.

It was something I was really passionate about. I really liked building things that help other people and make their jobs and life easier. And so that's kind of how PulseDive was born. No, that's spectacular.

Really awesome. So you're focusing your passion really zoomed in on security and then how to use it to help people. Yeah, yeah. Yeah, I mean, I was lucky because the things that I was passionate about coincided with like a booming industry.

So when I first started working in the industry, it was like 2013. So that was really when it was starting to grow exponentially. And then over the past decade, the industry really exploded. Like threat hunting was relatively like a new field, for example.

So yeah, I was definitely lucky to be like on the cusp of that. That's awesome. And Grace, do you have any childhood experiences that it sounds like you're a very diverse background? Yeah, so like my childhood, like one thing that I think is really fun about PulseDive is Dan has the traditional like security engineering incident response, like working on threat intelligence as a practitioner for multiple years, built the product, right, that he wanted to use.

And then like I come in as this complimentary, completely out of the like right field person. But that's been something that's been building my whole life. Like when I was young and a lot of times I feel like in the American education system and just in general, like it's easy to try to box yourself into one role or do one thing. But I was just full of these like weird dichotomies where I was like, I don't fit in.

I'm okay with it. But like, for example, I was like, I got like most artistic in high school, like in the yearbook. But then when I went to art school, like I hated here. I don't want to do this.

And usually if you do art, you want to get a career in art. Okay. And then I loved academia. So when I was in college, I took on these double majors that were teaching me how to think for the sake of thinking, not going for the more traditional, like what job do I want with this major?

But then at the same time, like I love business and I also love volunteering and giving things back to the community, but then also growing a business and making money and commercializing, which is why I ended up in marketing because it was a great way to balance and learn about how businesses grow and work directly with a lot of leadership because it's so. Critical. And so my entire life, I would find these weird opportunities, not because I had applied to the traditional openings or whatever, but I'd walk into a museum and be like, I want to volunteer here, just because, I don't know, I like art history. I'm studying art history.

And then that would turn into a job. Or I would, like, tutor, or I would volunteer at Chinese school, for example. And then the parents would come to me and be like, can you be a private tutor? And I'm like, oh, okay.

So my whole life, I just saw that there was a lot of opportunities in hidden places and that they don't have to fit within what you've been necessarily building your whole career or persona out to be. And I think that's why I love being in cyber, because I don't have that traditional background that's so critical, but that there's so much that can be applied and help enrich, like the entire community, the entire industry with outside perspectives. And that's thinking about it from a marketing perspective, thinking about it from a human perspective. Technology is so important, but it really fits within processes and people.

And I think sometimes in the past, security, like they push just the technology without the operationalization or without the right skilled staff, right, to meet up with it. You know, I try to balance that out and look at that and apply those kind of learnings, both from science and art history and liberal arts and marketing into the field at large. Wow, that's spectacular. It sounds like you both complement each other very well, which is really important in a startup.

Got to hit the ground running. And if everyone is a clone of each other, then you're kind of preaching to the choir all of the time and the company won't be as resilient as it could be if you had a nice diverse team. And it sounds like you both bring so much different experiences to the table. So nice job.

Would you like to share one truth that you see with the world that most people tend to miss? It's funny because I had thought of some earlier, but now I'm like, none of them sound that good. Dan, do you have any? Yeah, I mean, when I'm looking at our industry, I think that the industry is trying to move towards building the newest and like latest and greatest technologies, but we haven't really nailed the foundation yet.

I feel like there's an opportunity to take a step back and try to smooth over a lot of those basic processes that a lot of small, medium-sized businesses are struggling with. Can you come to Ed with like a lot of these new ideas that we haven't really seen before? And like investors are trying to invest. They want to look for new ideas that haven't been tried.

Right. They want to take risks. Yeah, right. But there's a lot to do with innovating or changing existing ideas or improving them.

And actually, I remember reading a while ago that according to the research, the most successful companies are actually iterations over previous ideas versus ideas that are completely new. So I think there's a lot of opportunity there. I see what you mean. Innovation is very often taking ideas that already exist and making them more accessible, sharing them with a wider audience, removing barriers to entry.

To innovate doesn't require that much risk-taking. You just put together what you've noticed already works, works well, and you can make it available and accepted across the entire world to help change things for the better. No, I get that entirely, Dan. Yeah, I don't get that.

I'm going to add, like, when you're iterating over existing ideas, you don't, it's not a new sell to new customers, but they're already familiar with that type of solution. So it's actually easier, like, it's easier to enter markets that way too. Right, because what you're selling is already connected to what they expect to build or to find out there. And you're just doing a lot of that manual work for them, stitching it together in a way that adds value more quickly.

Yep, exactly. Awesome. Was it your experiences in the industry that led you to see this? You go to, like, meet up and you talk with a lot of people that are in, that are, like, also engineers or incident responders.

And they're struggling with the same problems that you are. And they're problems that are like, you know, shouldn't this have been solved? Like, shouldn't, like, we see all these new companies drop, like, coming out with, like, shouldn't, shouldn't more people be trying to address these problems for organizations that aren't as mature or who have, like, smaller budgets? So, yeah, I guess that's where it was just sharing the frustration with other engineers who are trying to automate and support these vendor solutions or incident responders who are really just trying to understand if something is a false positive or if they should dig deeper into something.

So it's just those frustrations that, okay, maybe we need to take a step back and understand the problems better and see if there's better ways to solve them. Yeah, that makes total sense. And they're lucky to have someone like you lead the charge and notice this and sit down and think through the bigger picture, take a step back and really help. Everyone build a more secure future because really at the end of the day, everyone that has a cloud environment has a responsibility to help protect those systems that are up there in the cloud or data, same thing, you have a responsibility to protect the data that's up there in the cloud too.

And if things are priced out of reach or too complex to be used by the smaller markets, the SMB markets, or even fellow startups, then there's going to be huge gaps in the market. So inviting everyone to have a place at the security table with that free tier that you guys have, very admirable, and you'll take a lot of the market share that way too, right? The, yeah, that accessibility is important.

And I think one thing, the industry is changing a little bit, and I know it's like not easy, but another truth that started with PulseDive, maybe not in the earliest stages, but shortly after there was a free community tier, is the ability to share intelligence because when threat intel hit the market, it was a little bit convoluted. Like everyone wanted lots of feeds, feeds were coming out. They come in the dozens, if not thousands, right, at this point. And no one can really truly benchmark the quality, the efficacy, the relevancy of various lists of IOCs.

And what that resulted in is every organization has threat intelligence, even if they don't have threat intelligence, if their intel lives in emails or blog posts, like that they're linking to each other, that that's what it is, and it's not great. But being able to create venues in which multiple users can share intelligence, add commentary, submit things for other users, makes it so that it's not like every SMB that has like very limited resources and also lack of like expertise and understanding, they're not living as individual troops trying to fight this very large growing and evolving enemy, multiple enemies, but that you can start bringing it together and working as a united front.

I know that there's a ton of trust groups and there's also coalitions, there's public-private partnerships. So there is a lot of work being done, but at this point, it's still quite disjointed and it's really hard to keep up. So PulseDive is looking to be at least one niche of that space that's trying to help each other, ourselves, communities, individuals, hobbies, and obviously organizations in bringing this threat intelligence together. So there's a strong sense of community amongst everyone and you're all in the same boat together, benefit from each other's knowledge.

How do you incentivize folks to give back into the community? Offering free things is a really great way to be like giving value before asking for anything is a fantastic way. Awesome, to give first, so the community can give first and then if you give back, it just continues to pass that love forward. In a lot of ways, yes.

The other challenge that we have though is that you want people to contribute, but you also want to protect them. So we have a lot of safeguards in place where you don't actually know who it is or it's a username or they can do their intel research without submitting and sharing that information with the actual community if it's sensitive. So we're always like trying to toe the line of like you opt in to share, not you're forced to share. But Dan, as far as your early, I guess your early story on giving a little bit, getting back and then building PulseDive to like V2 and V3, what would you say was like a major turning point that a community started to evolve?

Yeah, well, in the beginning, it was supposed to be like an enterprise platform to compete with a lot of the other ones that were coming out at the time. But when you're trying to get people to look at it and view the data in it, so they can kind of understand what the platform does. So I started working on putting data in the platform and was, you know, trying to show people, but, you know, people didn't want to go to some login screen to try to discover something that they don't really know that they need or that they want. So I started making a lot of stuff accessible for free without an account to try and lower the barrier to entry.

And if people were more interested in using the platform and the data, and so that's how we saw this opportunity with a lot of people who are finding value in just the community tier and just this data and they're willing to pay for the data. So it seemed like the right way to go. And so we actually discontinued the enterprise tier for a while. And for the past probably year or so, we have been ramping that up again because we're at a point where now the value of PulseDive has been proven, so people want that value within their environment.

That's really getting people to contribute. You'd actually be surprised at like the amount of people who just want to help smaller organizations or who want to put their data out there so that people can use it. I mean, there's so many open source projects and repositories, but yeah, I mean, it's great to mention, like a lot of it is pretty. You know, I think you do want to provide some value to help solve their problem, but I think they just want reassurance that you're also willing to provide this data and make it accessible for other organizations, and that you're good that you have the flexibility to support those types of data sets, and then that you're going to be around for a while.

Because if they're submitting a lot of data to this platform, they want to know that, like, okay, people can actually use it. I'm not wasting my time submitting to, like, a startup that's going to fold, and you're able to accurately represent the data that I have so that people can use it in the way it's meant to be used. So yeah, I think a lot of people are willing to contribute with the right tools. And in addition to contributing, so like when we talk about contributing, and I think what Dan's thinking about is like sharing data, submitting IOCs, IPs, URLs, associating with threats, adding, you know, comments with blogs.

The other way that they contribute, and I will be frank, I was surprised, was like, obviously feedback for the community tier. People want it because they know that that's going to benefit them. They provide user input, complaints, what they love about it. So when we conduct that user feedback, it's great.

When we were doing research into the pro tier, which had launched a year ago, users were also really excited. And it was like, I asked maybe 30 people that I somehow knew or didn't know that used or didn't use PulseDive, and they were all willing to hop on the phone because they know that even if this is a paid product, we're trying to be affordable. We're trying to meet like a specific segment that there's a gap for and that, you know, even if they were or were not fans of the community platform, that they wanted, they supported our vision, they supported our effort. And I did not expect people to want to help, you know, like provide input for a paid product.

And that helped and that made our product much better. It made people see the value. And, you know, we had like a great Black Friday because of it. So it's the community is so open and great.

And if you contribute to it, they give back in in droves. It sounds like you're doing a great job of building that community and building up a sense of, you know, we're all in this together. And if you give, then the community will always be giving back to you as well and set up a situation where people can feel like they're part of something bigger. That's really what you want in a community, right?

I've also heard, I think it was actually from a VC that mentioned this, that if you don't have community, then eventually you just become commoditized and you'll be like any other product. And, you know, a Kleenex is a Kleenex, no matter what the brand is. But if you have a strong sense of community, then there's always going to be that that can help drive forward your brand recognition and not that your brand recognition is going to be synonymous with the community, but that there will always be a group of people because at the end of the day, that's, I think that's what all of this stuff is about. And that's why we do this.

There's people that we're trying to help, like in a very concrete and tangible sense, right? So if there's a gathering space for that one group and you can form a sense of community around other people that are struggling with the same things, then now you have a very long and lasting brand. Right. And when we're this early, like us as people, like we're very different, but we are very much part of that brand too.

So we participate in the community and things that we enjoy. We, you know, lean into our strengths. And as part of the, instead of like collateral damage, it's like the collateral benefit is we talked to thousands of CTI teams. We've helped people get placed in jobs just because we know people both hiring and job seeking.

And that's really important. And we help advocate for, you know, diverse and new talent coming in. And that is just part of the culture we have because we want a great product, but to be a great product, you have to understand the market and to understand the market, you have to participate in the market. And that's, that's where we are now.

No, that's exactly what I was going to say, that you need the community, but you also need to be a part of that community to make sure that you're listening to them. Yeah, great. Yeah, exactly. So tell me about the best day that you've had at PulseDive.

Oh, what was that day like and why? So I'm on the COO side, so I'm always like looking at measurements and operations. Where are we focusing? And so whenever we have QBRs, so quarterly business reviews, in which I'm just wading through a lot of data and then putting things down, it always feels like such a grind.

But then you look and you sit down and you measure the change quarter over quarter or year over year. And when you're living in a small startup where every day is chaos, you're trying to learn something new. There's new problems. You feel like you can never keep up.

You feel like you don't make that much progress. But then you sit there and you talk and it's like a really long meeting we have every quarter where you're like, wow, look at who our customers are. Look at who's been signing up. Look at how they've been using us.

Look at what we succeeded in and also didn't expect. You know, there's not a specific. Quarter that was it was the absolute best, but taking that time just to like really sit down and like look back and then also plan forward has kept us, or at least me, Dan, you can tell me if you agree or not, very aligned and interested in seeing the value of what we're doing. Yeah.

Yeah, I totally agree. I mean, it's really exciting to see it grow from like a vision that I had, like, working nights and weekends, like, you know, years ago. It's just wild. So working nights and weekends now, and during the day.

Yeah, I guess, like, I guess I'm still on that schedule, but because I'm not doing like 9 to 5, like I used to, yeah, it's flexible. I still take it, but yeah, I mean, it was definitely like the first big sale that we had a couple years ago when I was still on my own. That was when I was like, wow, like, can I do this? Like, this is like a viable business model.

Yeah, yeah. How long, how long did it take to make your first sale? For like the first serious sale, it's probably, I've been about a year. It was a while of just building the product, but I mean, building the product wasn't even the hard part.

It was getting people to use it and then like getting feedback and making sure that we were offering something that like provided enough value where people could justify a line item budget for it. So that, yeah, it took a while of like just doing sales and doing development and yeah, meeting. But you cracked the code and you made, you closed the deal. Yeah.

And how long ago was that? Like a couple of years? Yeah, it was a couple of years ago. That was like four, three, four years.

Yeah, it was like, it was like a couple of years ago, yeah. And, and was that sort of like the thing that tipped you over the line and did you leave your day job at that point or because I, I know you mentioned this was the passion project in the very beginning, but. So that was a year after, after I was on my own. Oh, so you were, so you were already full time and, and that year passed and you have kind of like still in experimentation mode.

So the, if you're going to ask like what the worst day of the whole time was, it was like that first year where I was like out of money basically. And when I realized like, okay, I need to probably start working again. So I started contracting and it was actually like right when I started contracting when someone came out of the blue and were like, hey, we're interested in your highest tier, you know, can you send us an invoice? And so that, it was, yeah, that year was just a roller coaster because I was just, that's spectacular.

They just showed up out of the blue and I was like, can I, can I, can you send me an invoice? That's unheard. Yeah, yeah. Yeah, because they're like, oh, we're, we're interested in, in the fee, you know, and I thought it was like probably a small, like one of the lower tiers.

And they're like, no, we want the highest tier. We're ready to purchase. That was pretty exciting. Hey, just to, just to add to that, like, that like, who are these people who reach out to us?

That happens all the time. And that's only because we have one, no like outbound sales process. We don't do paid advertising, right? Like we, we're not really tracking specific like users either.

We just let people use what they want, but then you've penetrated the market and we have some visibility or at least we understand what our users are thinking. But so often something will come in and they'll be like, can you give us an invoice for this and that package, blah, blah, blah. I'm like, Dan, have you ever talked to these people? And he's like, no, do you know who they are?

I'm like, no. And we're like, cool. All right. You like working on that voice now.

That's awesome, dude. Do you ever, do you ever ask how people learn about you then? Every time, like every time. And so what, what do they tend to say?

A lot of people had used PulseDive before and they liked it. They thought, we hear like, oh, the interface is great or, oh, I could set up the API really easily. And, you know, the way the security industry works, people are jumping around all the time and then they share, you know, news and then they bring it to their new companies, right? Other ones, like sometimes PulseDive is listed in like an internal wiki for like, oh, if you're doing threat intel enrichment or research, use this tool.

So the new junior analysts come to us. And then other times, like for some of our larger products, it's because, you know, in all those secret dark alleyways on Slack and Discord, they put out an ask and it's just all warm referrals. And we've never heard these people, but somebody who we work closely with, who's a big advocate will be like, oh, check out PulseDive. And that's where they come from.

So it's all really organic and kind of like grassroots, which, which we like a lot. So you're bootstrapped, you have viral, grassroots. I'm sure everyone that's listening to this podcast that's a VC is, is wondering, are you, are you going to be raising? Are you going to like throw fuel on the fire and really grow?

Expedential growth and do that hockey stick thing. Oh yeah, the hockey stick that every startup says they can do. One thing I wanted to add, actually, too, which has enriched PulseDive a lot, but comes from having this community. We're so lucky is that integrations are the name of the game.

You have to integrate every tool with every tool. And our users are often the ones who start it off, like who will reach out to a tool being like, I want a PulseDive integration, or go out of their way and make their own community marketplace integration. And that in and of itself has built and given us like almost like development capability that didn't come from us, but because they know they could use it out of the box because they have the value, because they have that expertise and they're trying to solve this problem for their own company, they bring it back to us.

And then, of course, you know, we take them, we provide, you know, whatever kind of not compensation, but deals, discounts, and just keep it going like that. Do you have like an open source GitHub with the integrations that are all open source or? It's our API documentation. It's your API documentation.

Okay. All right, cool. And Dan's happy because he can just answer some quick questions and then it just magically appears and then we get new customers because they found, you know, this sort of integration or that sort of integration in this other tool. Yeah, that's amazing.

It's the best. It's the best when we get development efforts that are not, that we didn't even know existed until it's like published and people are coming to us using it. Yeah. Yeah, that's amazing.

And so you don't, you don't have to spend money on marketing. It's all word of mouth and it sounds like it's growing very rapidly and you're just expanding and using the help from the community to expand into different, different tools, different markets. I guess as you integrate those different tools, you're actually opening up new markets for yourselves too. Different use cases too.

Like when we talk about good days, when we launched Pro, you know, we do discovery, we do user research. We try to prepare ourselves for the most successful version of this product that we could build. But then they come back and people will be like, I found funkiness. We're like, great, that's perfect.

You know, they're like the single security person and there was a detection or, you know, something, however they use PulseDive helped them protect their company. That's, that's the end goal, right? So a lot of times, typical use cases, security operations, or just like doing research, they find funkiness, they pivot. Awesome, right?

That's what we want to hear. And people don't always tell us, but when they do, it's like, we always have a, we have a feels good channel in Slack that's private where we just send kind of feedback to each other and keep us motivated. But then we get like these like super users who don't come from a traditional use case. Maybe they're like red teaming and they're doing recon or they're doing like vendor evaluation and they're doing technical due diligence.

And they help us when they come to us being like, oh, have you thought about this feature? We're like, why? Why do you, you know, what are you doing? And they tell us and they're using PulseDive in ways we didn't even like dive into.

Like, sure, we know there's a lot of applications. We're sitting on a ton of data and we process, but they are the ones that are basically guiding us into new markets to test, to do research, to validate, to add functionality as well. What's the most surprising ask that you've had? Oh, surprising ask.

Dan, do you have that? Surprising? Not so much mind blown, but like a lot of users that were like, oh, we're surprised that you can look at this tool that's really optimized for like security operations teams. They come in, they do like anti-money laundering, fraud prevention or fraud detection, or once again, like third-party evaluation of tools where like we see that that makes sense, but we're not designed for it.

Do you ever get a little suspicious when you figure out or you hear that a red team person is using your tool? Maybe they're using it to try to cover their tracks or to see if what they're about to do is going to be detectable or. . .

Mine crashes out like a lot of red team people use us for kind of like that threat intel background or like when they could do pentest or something like that. Like. . .

You have like initial scan, like, hey, let's see what, see where our starting point is, our baseline. Yeah, or if like we'll show information, like if there are IPs that have been seen on feed. So if there's like, you know, maybe a company asset that was seen on one of our feeds or that somebody submitted or something like that. So I think it's those two cases are pretty much aligned, right?

You have. . . Yep.

Agreed. Yeah. Nice. Okay, so what about the worst day at PulseDive?

You had like a, just a horrible, a horrible day and for whatever reason. My, my not one day answer was like, it was a slow, like, dreading burn, but like when the pandemic hit, all budgets were closed, right? Like threat intel was a great field to be in. We did not see any dip.

Actually, we probably saw an increase in user, free users and everything that was about to be purchased or, you know, no one knew what was going on from like basically end of Q1 through end of Q2. And so everything was closed. Nobody was hiring. Nobody was, everyone was trying to hunker down and see what happens.

So we were like sitting there like counting out. Yeah, and then I was sitting there like counting out our runway and like counting out what expenses we can cut and making sure that we could really last. And we were in a decent position, but once again, bootstrapped. So it's not like we're sitting on $5 million cash.

And so when that finally did lift and we were actually able to like four or five X our revenue for the year because Q3 and Q4 really recovered and cybersecurity as an industry is just booming. It was a major relief. So that's really six months of a low humming bad day. That counts as a bad day.

Six months of a bad day. Wow, that's quite the bad day. There was still like sales and leads. It was just like everything got tamped.

Right. And we hear that a lot across the industry, especially with startups for 2020. Yeah, I think the pandemic really hit everybody. What about you, Dan?

Maybe the same. Yeah, I mean, pretty much the same. I mean, it's also like I said earlier, that first year, that was really tough. It was just, you know, thinking about reaching out to people and being like, hey, like, do you have any openings for this type of work?

I think for me, that was really hard because when you come into a startup, like you definitely do it confidently, right? Because you have like this new idea and like the early feedback is good. And, you know, you have a couple of people who are, you know, asking you about some of your products. But when you just did do it for so long and, you know, you're having a, like you haven't gotten those initial sales yet.

It's just really tough to be like, okay, you know, I got to, we had failed because like you could still get the last weekend, like four, but it's kind of like taking a big step back. But I mean, luckily now we're in like a great place. So, you know, it was hard back then, but yeah, it's just, I think medicine like where, like that would be here now. So.

Yeah, just not getting the feedback that you want from the marketplace by not being able to close the deal line. Yeah, that could be a tough spot to be put in, especially because your heart is in the right place and you're pursuing your passions, but if the market doesn't respond quickly, you know. Yeah, I thought we today that like really resonated and it was something like failure is the default state and it's really the resilience and fighting that failure like every day is eventually what gets you to a better place. So yeah, that definitely.

Yeah, that's where we, we that first year. Yeah, so I mean, like when you're first starting out and, you know, again, you're waiting for that first sales, like disappointment after disappointment because you don't know what to expect, right? You're new to this side of things where you're selling to people. So it's really just like just finding ways to keep going.

And especially when you're bootstrapped and you're like, you can run out of your savings, but you still have opportunities and like you don't have to, like when I was on my own, I didn't have to let anyone go, right? It sounds like you have true grit and you really pulled through and now all of that's going to be paying off for you here and in the future too. So when we do look into the future, I'll leave it up to you of how far you want to look into the future, but tell me about what the next milestone of success looks like for PulseDive. I'll take a first step and then Dan can add to it.

In the short term, like any nice startup, you know, we want to make sure we're not churning customers, that they're either, you know, it was called being retained or upselling, which is something we've also witnessed. We kind of have this nice ladder where there's free and then there's individual pro and then there's data subscriptions and then there's a full platform. And we have some users who are just like bouncing their way up the ladder, which is exactly, you know, a validation of how we propose and how we are in the market with these products. So a hundred percent keeping users satisfied, having them continue that referral, that word of mouth.

And then in addition, being able to have a voice and like create, I don't want to say thought leadership because everyone, you know, so hackneyed, but being able to take and utilize this research, all this data we're sitting on, the communities that we're building, and then more meaningfully, more intentionally contributing to the future of the industry as well. And with that, it comes with like working closely with enterprise level users, with communities, with programs, profit and nonprofit types.

And then in the medium long term, it's building out that community forum functionality where individual users might be able to, and this is all like, you know, kind of on the vision, but we haven't committed. We haven't put a timeline to it yet. Sharing their intelligence with specific user groups or, you know, trust groups, having that PulseDive be a platform that that can maintain and users can work with each other or across organizations as well. And Dan, I know you have some more thoughts regarding like how that would look within the platform technically and people wise.

For what? For which part? The like. Supporting the cybersecurity and the threat intelligence community within the PulseSec product with their own feeds, with their own data, their own research.

Yeah. I feel like meeting Dan, it's like, yeah, we talked before about having people contribute, but we want to be that place where like, you know, people can publish interesting research and stand up their own feed and contribute in like a much more automated way and really grow that community. Okay, so your vision of success is when you step into an elevator and there's two engineers already in the elevator and they're arguing about how to grab the best and latest data for threat intelligence. And then finally one turns to the other and says, oh, let's just be done with it and use PulseDive.

We'll use that story, yeah, one when we, oh, we'll come back to you when that happens to us. You know, it's, it is fun because like when I started, and this was two years ago when I joined Dan two years, I think two years into his experience and it was growing beyond just him. Then he invited me in because I have a very different way of looking at the world and things that I enjoy and strengths. We were sitting at a B-Sides DC conference and this was the last one before like COVID hit and all the B-Sides were canceled, like in person at least.

And we're like sitting there like listening to some research and I don't know where like PulseDive shows up on the screen. And we're like, what? Like we've never, we don't know this guy. And we're like, that's awesome.

And that kept happening. And we're like, it is so motivating because we're living, you know, a lot of days, we're coding, we're working on the business. We don't get, like, we see the user activity, but we don't see the impact necessarily. And then when we put ourselves in the community, even not trying to sell, just attending to learn about things in security, like we see our name and we're like, wow, that's cool.

Wow, that's really spectacular. So you've just haven't gotten into the right elevator yet then. Exactly. And like some forums, like sometimes if I just like Google PulseDive and people will be like, oh, PulseDive is amazing.

You should check it for this and that. And I'm always like, awesome, sweet. That's the online elevator. That's spectacular.

You have like, great. If you remember, like we were, we went to, like they had like an after party at a local bar and we were there and someone like, I don't remember exactly, I want to assume like, oh, what do you do? We're like, I'm at PulseDive, like building that. And he was like, you built PulseDive?

And that was like, that was like, wow. Like that's never happened. Dan, Dan doesn't realize because he lays so low, there's like a world out there where people really admire and are grateful to him, but then he doesn't like necessarily see them. And then so we get a lot of users who come in and they're like, oh my God, Dan, you built this whole thing or like you're still like building it out.

And, you know, you didn't use, you know, pre-built tools or frameworks. It was like all a lot of native development. And so people like don't necessarily understand. And at the same time, that's when we hear from users.

They're like, oh, we thought you were bigger. We thought you had more people. We thought you had more, you know, we thought you had funding. And we're like, good.

We want to keep punching above our weight class. A lot of that impression is from Grace too. I mean, like the, like we don't have a full marketing team. Like that's all, that's all Grace that gave us that, that, you know, impression that we're bigger than we are.

It's not supposed to be an illusion. It's just, you know, I think. Right. It's a reflection of your reality and your humble beginnings.

And now it's all paying off. I think what I enjoy the most is that marketing gets a bad rap and I get it that people don't necessarily marketing well. I fully understand the frustrations, but as far as the discipline of like finding out what's authentic, finding out why users like you, why they want to talk about you and then applying that in a way where we're not forcing, you know, we have very consultative sales approach. We just put ourselves out there.

We try to educate. We, we do what we can with the resources we have to have a presence that reflects the reality. That's been a lot of fun because I get to like take all the skills I've built and learned, but I didn't necessarily believe in previous companies or for previous products and then do that for a community that's like cheering us on every day. Like that's a completely like 180 from places I've worked in the past.

It sounds like you've enjoyed a huge level of success already and going to continue it well into the future. Well, I'm just going to say thank you so much, both Dan and Grace, for joining me. We'll have to have you on again at some point in the not too distant future and we can see how PulseDive has changed and has changed the world and made it a more secure place for all of us. And yeah, just I'll leave you with a huge thanks and we'll connect again.

Yeah. Thank you so much. Maybe in the future we'll just have a user who likes PulseDive so we don't have to keep talking about ourselves. It's more fun that way.

Yeah. Sure. Sure. That works too.

Thanks so much, guys. Thank you.

‹ 13. Paul Nguyen, Co-Founder and Co-CEO of Permiso Security, On Innovating Security Postures

11. Robert Rounsavall, Co-Founder of Trapezoid Inc., Firmware to Frontlines ›