This article is a continuation of the series about the cybersecurity mafia networks

Some companies play an outsized role in shaping the industry: not just because of what they accomplish, but also because of the kind of startups their alumni create. In this piece, I dive into Splunk, Okta, Cylance, Palo Alto, CrowdStrike, and Zscaler mafias in cybersecurity.

This article is a continuation of the series about the cybersecurity mafia networks. If you haven’t read the previous two articles, you can do that here:


Welcome to Venture in Security! Before we begin, do me a favor and make sure you hit the “Subscribe” button. Subscriptions let me know that you care and keep me motivated to write more. Thanks folks!


This issue was brought to you by... Tines.

Work faster and reduce barriers to automation with AI in Tines.

Everyone is talking about AI right now, but the value of AI depends on your ability to trust it.

AI in Tines is designed with security and privacy in mind - you decide when and how your workflows interact with AI.

Here’s what security leaders and practitioners are saying about AI in Tines:

  • “Automatic mode is a gamechanger for new users, it makes the learning curve for advanced use cases very short.” - Amulya Namburi, SOAR Team Lead at Experian
  • "It's unlocking new use cases for us.” - Allen Cox, Senior Director of Security and IT, MyFitnessPal
  • “In terms of what you can build with it, the limit is your imagination.” - Kyle McGaley, Senior Security Engineer, Udemy

Mafias in cybersecurity: a quick recap

If you haven’t read the previous two articles, here is a quick intro (feel free to skip it if you are familiar with the other pieces in the series).

A disproportionately large percentage of what is known today as the Silicon Valley tech ecosystem can be traced back to one startup - PayPal. From companies such as OpenAI, Tesla, Uber, Facebook, Palantir, and YouTube, to VC firms such as 500 Startups, Khosla, and Founders Fund, a disproportionate number of Silicon Valley’s movers and shakers can be traced to that one company.

Source: Fleximize

“This isn’t about conspiracy theories or stories about world domination: in business, as in all other areas of life, everything is about people, and when large numbers of smart people work together, they gain immense power. Cybersecurity is a textbook example of how this plays out in real life, and the origins of security as an industry are the perfect place to illustrate this reality. It was Check Point, an Israeli cybersecurity company, that established the foundation of what is known today as a global cybersecurity market. Check Point alumni went on to start tens of industry-defining players, including Palo Alto, SentinelOne, and Orca Security.

Founders of CrowdStrike, Mandiant, and Cylance were all previously a part of Foundstone. Yet, that is just a small piece of the puzzle. Mark Curphey (Foundstone) founded SourceClear (acquired by Veracode), and then he started OpenRaven with Dave Cole (also Foundstone). After this, Mark started Crash Override with John Viega (McAfee). Anthony Bettini worked at Foundstone and started Appthority (acquired by Symantec); he then started FlawCheck which was acquired by Tenable; following that, Anthony started VulnCheck. Corey White (Foundstone) founded Cyvatar.ai. Michael Price (Foundstone) started Vulnr, which was acquired by ZeroFOX. James Foster (Foundstone) started ZeroFOX, which IPO'd. Aaron Higbee (Foundstone) & Rohyt Belani (Foundstone) founded Intrepidus Group (acquired by NCC Group). Aaron Higbee & Rohyt Belani then founded PhishMe (which was acquired by Private Equity and renamed Cofense).

Generally many of the Foundstone alumni mentioned above, also worked at McAfee, so it can also be given a lot of credit. Dmitri Alperovitch who started CrowdStrike with George Kurtz was also from McAfee. John Viega who started Crash Override with Mark Curphey was from McAfee. Oded Horovitz from McAfee started PrivateCore, which was acquired by Facebook. Fengmin Gong from McAfee was a co-founder of FireEye, Palo Alto Networks, and Cyphort.

Cisco and Juniper Networks, to name some, also gave rise to a large number of cybersecurity companies, including Netskope & Illumio.” - source: Follow the people: @stake, NetScreen, IBM, Israel Defense Forces and the US Armed Forces mafia networks in cybersecurity

Splunk mafia in security: defining the future of security data

Splunk was founded by Michael Baum, Rob Das, and Erik Swan back in 2003, over two decades ago. By 2007, the company had raised US$40 million, and only two years later, in 2009, it became profitable. Nine years after its founding, in 2012, Splunk went public, trading under the NASDAQ symbol SPLK.

Although Splunk products are not security-specific, the company has had a tremendous impact on the evolution of cybersecurity, both in terms of defining the profession of a SOC analyst and their expectations and in terms of preparing a generation of future founders.

It is not at all surprising that a large number of observability, data pipelines, and security information and event management (SIEM) challengers were founded by Splunk alumni. What is much less obvious is that the company’s impact goes far beyond security data space. Cybersecurity startup founders who previously worked at Splunk include:

  • Shashwat Sehgal, co-founder and CEO at P0 Security, a company that helps organizations govern cloud access for all identities - human and machine
  • Karthik Kannan, founder, and CEO at Anvilogic, a company that breaks the SIEM lock-in that drives detection gaps and high costs for enterprise SOCs
  • Clint Sharp, co-founder and CEO at Cribl, the Data Engine for IT and Security, which empowers organizations to transform their data strategy
  • Ledion Bitincka, co-founder and CTO at Cribl, the Data Engine for IT and Security, which empowers organizations to transform their data strategy
  • Dritan Bitincka, co-founder at Cribl, the Data Engine for IT and Security, which empowers organizations to transform their data strategy
  • Oliver Friedrichs, co-founder and CEO at Pangea, a company that delivers a single platform of API-based security services that are easily accessible and simple for any developer to build a secure app experience
  • Sourabh Satish, co-founder and CTO at Pangea, a company that delivers a single platform of API-based security services that are easily accessible and simple for any developer to build a secure app experience
  • Snehal Antani, co-founder and CEO at Horizon3.ai, a company that empowers organizations to continuously find, fix, and verify your exploitable attack surface
  • Terry McCorkle, founder and CEO at PhishCloud, an IT Security Services company
  • Charles Feng, co-founder and CTO at Lucidum, asset discovery company that eliminates blind spots across cloud, security, and IT operations
  • Micah Wylde, co-founder and CEO at Arroyo, a company building the future of stream processing
  • Fred Wilmot, co-founder and CEO at Detecteam, a SaaS-delivered cloud strength platform automating the detection lifecycle and improving detection performance
  • Maxim Lukichev, co-founder and CTO of Telmai, an AI-based data quality and observability platform natively designed for open architecture
  • Ross Lazerowitz, co-founder and CEO at Mirage Security, a company that protects organizations through AI Vishing simulations, training, and mobile-based mitigation
  • Pervez Choudhry, founder and CEO at Bornio, a company that offers a pure-cloud solution for data privacy
  • Prakash Sanker, co-founder at P0, a company building the future of API security
  • Subho Majumdar, co-founder at Vijil, an AI software startup on a mission to help developers build and operate intelligent agents that people can trust

Okta mafia in security: defining the future of the identity space

Okta, a leader in identity and access management, was founded in 2009 and went public just eight years later in 2017, reaching a valuation of over $6 billion. Today, Okta’s market cap is $16.15 billion.

Unsurprisingly, a good number of founders in identity and access management previously worked at Okta. The list of Okta alumni who went on to launch cybersecurity startups includes:

  • Alex Bovee, co-founder and CEO at ConductorOne, an identity security platform for the modern workforce
  • Paul Querna, co-founder and CTO at ConductorOne, an identity security platform for the modern workforce
  • Pratyus Patnaik, co-founder and CEO of Natoma, a platform to secure and manage all non-human identities
  • Paresh Bhaya, co-founder of Natoma, a platform to secure and manage all non-human identities
  • Zachary Hart, co-founder of Natoma, a platform to secure and manage all non-human identities
  • Will Potter, co-founder of Natoma, a platform to secure and manage all non-human identities
  • Arun Shrestha, co-founder and CEO at BeyondID, a modern systems integrator and managed identity services provider
  • Charles Fortune, co-founder and COO at BeyondID, a modern systems integrator and managed identity services provider
  • Arvil Nagpal, co-founder and CEO at Abbey Labs, an access governance platform
  • Zachary Miller, co-founder and President at Worklyn Partners, a holding company that invests in cybersecurity and IT services businesses
  • Kevin Sapp, co-founder and CTO at Aembit, workload identity and access management company
  • Andrew Fife, co-founder at Keystrike, a company focused on securing remote connections

Cylance mafia in cybersecurity: following one of the first AI-powered security companies

Cylance, a company founded by Stuart McClure and Ryan Permeh in 2012 to prevent viruses and malware, is definitely on the list of the most notable security players. The company is known for being one of the first to make use of artificial intelligence, and as we will see, to prepare a generation of security entrepreneurs with a deep background in AI. Cylance was acquired by BlackBerry Limited for $1.4 billion.

Credit for tracking down the successes of the Cylance mafia goes to Christopher Ries, Co-Founder of SphereOne who summarized it incredibly well in his LinkedIn post. Christopher observed that “A lot of really talented people came together at Cylance Inc. to build the first AI-driven approach to detect malware on Windows and Mac operating systems. Many of these folks have continued on to start companies and/or venture funds. Where are they at today?

  • Stuart McClure - CEO of Wethos AI, Qwiet, and NumberOne AI
  • Ryan Permeh - Operating Partner of SYN Ventures
  • Glenn Chisholm - Co-founder of Obsidian Security
  • Matt W. - Co-founder of Obsidian Security
  • Christopher Ries - Co-founder of SphereOne
  • Jon Miller - Co-founder of Halcyon
  • Ryan Smith - Co-founder of Halcyon
  • Tanner Burns - Co-founder of HiddenLayer
  • James Ballard - Co-founder of HiddenLayer
  • Chris Sestito - Co-founder of HiddenLayer
  • Rahul Kashyap - Co-founder of Awake Security
  • Gary Golomb - Co-founder of Awake Security
  • Thomas Pace - Co-founder of NetRise
  • Michael Scott - Co-founder of NetRise
  • Corey White - Co-founder of Cyvatar
  • Eric Cornelius - Co-founder of Ghost Security
  • Rob Bathurst - Co-founder of Reveald
  • Chris Coulter - Co-founder of Auguria
  • Keith Palumbo - Co-founder of Auguria
  • Alex Matrosov - Co-founder of Binarly
  • Claudiu Teodorescu - Co-founder of Binarly
  • Greg Fitzgerald - Co-founder of Sevco Security
  • Colt Blackmore - Co-founder of Reach Security
  • Terry McCorkle - Founder of PhishCloud
  • Joel Bauman - Co-founder of Synqly
  • John Brock - Co-founder of Lamplight AI
  • Matthew Maisel - Co-founder of Lamplight AI

Fun fact: Cylance alumni have raised over $400M collectively to tackle a number of different problems.” - Source: Christopher Ries, Co-Founder of SphereOne on LinkedIn

Palo Alto Networks mafia: building the future of the cybersecurity industry

Nir Zuk, who later became one of the co-founders of Palo Alto, built an impressive career in security, serving first as a principal engineer at Check Point, and then as a Chief Security Technologist at Juniper Networks. Both companies gave rise to their own mafia networks, some of the most powerful in the industry.

Palo Alto Networks, similar to Abnormal Security, was incubated at Greylock. The company was founded in 2005 and seven years later, in 2012, it raised $260 million with its initial public offering. After Nikesh Arora replaced Nir Zuk as the company CEO, Palo Alto turned into the most active security vendor in terms of mergers and acquisitions.

Palo Alto Networks alumni who started cybersecurity companies include:

  • Garrett Hamilton, co-founder and CEO at Reach Security, a startup helping organizations to measure, manage, and improve their enterprise security posture at scale
  • Colt Blackmore, co-founder and CTO at Reach Security, a startup helping organizations to measure, manage, and improve their enterprise security posture at scale
  • Vinay Mamidi, founder and CEO at Whiteswan Security, an identity and access security startup
  • Parth Shah, co-founder & Head of Product at Dassana, a company that helps companies handle the vast amount of data from numerous IT security tools
  • Rajaram (Raj) Srinivasan, co-founder and CEO at Unbound Security, a startup working to secure Gen AI apps for the modern enterprise
  • Tim Kirk, founder and CEO at SureCity Networks, a company working to limit attackers’ abilities to move throughout networks and systems
  • Yahav Peri, co-founder and CTO/VP R&D at Cypago, a SaaS-based cyber GRC automation platform
  • Ravi Ithal, founder and CTO at Normalyze, a data-first cloud security solution; previously founder and Chief Architect at Netskope
  • Jamie Brummell, founder and CTO at Socura, a cyber security managed services business, focused on Managed SOC, MDR, DFIR, and SASE
  • Amichay Spivak, co-founder and CTO at Vorlon, a company that enables continuous near real-time detection and identification of third-party apps consuming data
  • Amir Khayat, co-founder and CEO at Vorlon, a company that enables continuous near real-time detection and identification of third-party apps consuming data
  • Vishaal Hariprasad, co-founder and CEO at Resilience, a company that integrates cybersecurity, cyber insurance, and cyber risk management
  • Pratyusha Vemuri, founder and CEO at raptorX.ai, an AI-based B2B anti-fraud solution
  • Aaron Shelmire, co-founder and Chief Threat Research Officer at Abstract Security, a platform, equipped with an AI-powered assistant, to better centralize the management of security analytics.
  • Or Priel, co-founder at CPO at Silk Security, a platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure, and application risk
  • Bar Katz, co-founder at CTO at Silk Security, a platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure, and application risk
  • Zion Zatlavi, co-founder and CBO at Blink Ops, a security workflow automation platform
  • Huagang Xie, co-founder at Ancilia, a Web3 security company
  • Yonghui Cheng, co-founder and CTO at Mammoth Cyber, a solution to secure remote access with the enterprise access browser

There are plenty of serial entrepreneurs such as Twistlock founders who exited to Palo Alto Networks and by doing so, ended up with the acquirer on their resume. I decided not to include them here because they were founders before joining Palo Alto.

Zscaler and CrowdStrike: companies that produced surprisingly few cybersecurity startup founders

Based on my analysis, CrowdStrike and Zscaler have produced surprisingly few cybersecurity startup founders despite being high-growth, and incredibly successful companies. Moreover, all companies started by alumni of these two security giants are still very early in their journeys.

CrowdStrike alumni have started the following security companies:

  • Jori VanAntwerp, co-founder at EmberOT, a critical infrastructure startup, previously founder at SynSaber, a cybersecurity startup redefining industrial asset identification, network monitoring, and threat detection for critical infrastructure
  • Brian Concannon, founder and CEO of EchoTrail, a startup building a search tool for IT and security professionals to better understand how processes behave on Windows endpoints, thereby giving them the context they need to sift through alerts with efficiency and accuracy
  • Maxime Lamothe-Brassard, co-founder and CEO of LimaCharlie, a startup that gives security teams full control over how they manage their security infrastructure
  • Ruben Sarino, co-founder at RiskHorizon AI, a startup that develops a continuous threat exposure management solution

Ex-Zscaler cybersecurity founders include:

  • Diane (Dianhuan) Lin, co-founder of Culminate, a startup that augments SOC operations by automating the tier-1 triage
  • Kartik CDS, co-founder and CTO at WideField Security, a cybersecurity startup that helps enterprises protect their identity attack surface
  • Kristian Kamber, co-founder and CEO of SplxAI, a startup that provides cybersecurity services for AI applications and chatbots
  • Vaibhav Mehrotra, co-founder and CEO of Secuvy, self-learning AI to automate data security, privacy, and governance for global enterprise
  • John Peterson, co-founder and co-CEO of PRE Security, a predictive analytics cybersecurity startup

Closing thoughts: shaping the next generation of cybersecurity founders

I have previously argued that software engineers with experience building security products are well-positioned to launch cybersecurity startups. This can be extended to say that people with experience building, growing, and taking to market successful cybersecurity products and companies, are most likely to become winning founders themselves. Or, to put it simply, if you want to identify the next generation of winning founders, you should be tracking those who have spent time at fast-growing security companies before or are doing it now.

Companies such as Wiz, Rubric, Vanta, Drata, Obsidian, Material, and Abnormal, to name some, are likely to produce high-quality founders. One observation I’ve made is that in security, the next generation of innovative solutions is most likely to be conceived and built by people who built the previous generation of solutions. It doesn’t always work that way because it can be easier to innovate and keep an open mind if one is unencumbered with past experiences and biases, but it helps.

Another thing that becomes apparent when we look at the list of companies started by alumni of Splunk, Okta, Cylance, Palo Alto, CrowdStrike, and Zscaler, is that not every large company is equally good at forging the next generation of founders. There have to be reasons why Cylance produced much more successful and growing security startups than, say, CrowdStrike or Zscaler despite the fact that Cylance and CrowdStrike started around the same time, while Zscaler was founded several years ahead of both these companies.


If you like my blog, please subscribe & share it with your friends. I do this in my free time, so seeing the readership grow helps me to stay motivated and write more. I don’t send anything except my writing and don’t sell your data to anyone as I have better stuff to do.
If you are a builder - current or aspiring startup founder, security practitioner, marketing or sales leader, product manager, investor, software developer, industry analyst, or someone else who is building the future of cybersecurity, check out my best selling book, Cyber for Builders.
If you are a security practitioner, check out & spread the word about the VIS Angel Syndicate.
If your company is interested in sponsoring Venture in Security, check out Sponsorships. Thank you!

Invite your friends and earn rewards

If you enjoy Venture in Security, share it with your friends and earn rewards when they subscribe.

Invite Friends

View in app