It's rare that a startup emerges with a new and different take on how to improve cybersecurity. One could even say that it would take a … gutsy … approach.
Today a trio of former Palo Alto Networks employees formally announced their startup, Gutsy, after a year of development. Alongside the startup emerging from its stealth mode, the company announced a staggering $51 million seed round led by YL Ventures and Mayfield.
Ben Bernstein (cofounder and CEO), Dima Stopel (cofounder and VP of R&D), and John Morello (cofounder and CTO) all had joined Palo Alto Networks after their previous startup Twistlock was acquired in 2019 for $410 million.
The basic premise of Gutsy is simple: to help organizations use process mining techniques to better understand, remediate and optimize security processes.
“Security is fundamentally all about people, process and technology, and the industry that we're in has really only focused on the technology, not the people and process piece,” Morello told SDxCentral.
How Gutsy works to improve the security processMorello commented that while many security tools focus on specific technical problems, Gutsy aims to give security leaders a different type of solution.
At its core, Gutsy is fundamentally a governance platform that allows an organization to see how all the people, processes and technologies work together and where the inefficiencies and inconsistencies are so it can get better outcomes. Gutsy achieves this by working with existing security and IT tools to collect event data and analyze processes across an organization.
The platform has a library of more than 50 integrations with commonly used enterprise tools for operations, security and development. Once integrated, Gutsy is able to assemble processes based on observed activities to generate a visual process flow. Gutsy applies various data science techniques to analyze how effective or ineffective a process is and can identify when there are potential deficiencies.
By analyzing variations in processes, Morello said Gutsy aims to help quantify what the process risks are and to make the case for investment or change in the organization to reduce those risks. He added that a primary goal for Gutsy is to provide security leaders with the data they need to identify inefficiencies and drive process improvements.
[caption id="attachment_134987" align="alignnone" width="800"] Gutsy system enables organization to better understand and optimize security processes. Image source: Gutsy.[/caption]
Sure there is some artificial intelligence (AI) there too, but that's not what makes Gutsy workIn 2023, every vendor seems to be claiming that AI is somehow helping technology to be better and more intelligent.
Morello emphasized that the Gutsy platform isn't about AI, though he did note that there is some AI in the platform. He explained that a lot of the data Gutsy collects comes from unstructured systems like Slack and the body of JIRA tickets. Gutsy applies AI, specifically using the BERT model from Google, to analyze this unstructured data and extract security-specific information to incorporate it as steps within the analyzed processes. This allows a security team to utilize more of its available data sources.
“Process mining is not a singular thing; it's a family of data science techniques,” Morello said. They use the data framework that they create within the product as the primary output. Then, Morello said, “A lot of what we do though, is simply looking at timestamps and logs and normalizing data across them to be able to show what that sequence of activities is as the data and as the activity flows from one system to the next.”
Morello hinted that more AI capabilities are likely to be part of Gutsy's roadmap, though he was also clear that it's not a primary focus for the startup.
“If you want to get kind of like the really aspirational idea of what we want to do: really the most transformative thing that we can do in the security industry is to give leaders a way to really understand how their organizations work to set clear goals to have those goals automatically measured, and to be able to have strategic accountability,” he said.