Trellix’s CEO lays out their plan to become dominant in XDR, as well as other elements of their strategy going forward.
On Wednesday, Trellix CEO Bryan Palma took the stage in the opening keynote of the company’s inaugural xPand Live customer event. While he has formally held the job almost a year, and has represented Trellix at multiple major tech events, this was his first large-scale exposure directly to Trellix customers and partners, and he used that to explain his vision of what the company is all about, and why he thinks it is well poised to succeed in a competitive XDR and endpoint market.
“Since the pandemic, the world has changed a lot but it’s the same kind of persistent threats that are the problem,” Palma said. “Now there are just more nuances. Because of this, cybersecurity has reached an inflection point. Trellix is in a position to lead in this.”
While Trellix is theoretically a startup, it comes with the legacy of Mcafee and FireEye, which gives them considerable experience.
“We’ve never had better insight as a company than we do right now,” Palma said, while pointing out four things that he said drive their strategy.. The first is the different role now being taken by nation states, where they attack private companies as well as governments.
“These kinds of attacks really started with Solarwinds, and they broke the protocol of only attacking other nation states by attacking private companies,” Palma stated. “We are really focused on that.”
The second factor is the expanding attack surface.
“Every year threats are more advanced,” Palma said. “77% work from home now at least part of the time, up from 23%. That has completely changed the corporate perimeter.”
The third issue is curated intelligence, most specifically ransomware.
“Ransomware is now going downmarket to to those who are more vulnerable,” Palma said. “These kinds of targeted threats are taking over.”
Finally comes the costs that come from many organizations having inadequate people, who are hard to attract and retain, but inadequate tools as well.
“Many customers have redundant tools from overlapping point products,” Palma noted. “We need to help them simplify operations and reduce costs.”
“We are building the company the way I would want it to work when I was a customer,” Palma explained. “As a customer, I would have wanted a company to work with me, instead of selling me things that don’t integrate or adding more widgets to the stack. We have decades of solving problems. We are ready to deliver stack function change. That’s what we are here to do.”
Palma entered the picture at the new company when he signed on to lead McAfee to help spin out Trellix into a separate company, in what he expected to be a short-term engagement.
“While I had just come on board to spin out the business, I saw the market transitioning, and thought we can have a big impact,” he said. “So on October 8 of last year, I signed up as CEO of Trellix.”
Palma said Trellix’s strategic objective is clear.
“We want to be the XDR leader,” he stressed. “We have the advantage of being very profitable and stable. But we have to do some new things. That’s what we have been practicing during the last year.”
That started by hiring an all-new management team, and then creating a new brand.
“We have to make real progress in automation because there is a huge shortage,” Palma said. “We know this is not a panacea, and we are going to drive for machine learning. Our goal with machine learning isn’t protection, detection and response – it’s focused, automated remediation.”
Palma also emphasized the importance of the partner ecosystem.
“We don’t want to be in the services business and we won’t be,” he said. “We currently have over 800 integrations. We will also make a real push around MDR, IR and MSSP. We have good experience there that we haven’t been able to get to market.”
Palma also highlighted another key strategic objective of Trellix.
“SIEMs are too costly, and not effective,” he said. “Customers tell us that they stay in place for regulatory reasons, not because they add value. We will replace SIEMs with something better in security operations,”
Most important of all is an enterprise platform, which Trellix has and many of their competitors so not.
“We started working on XDR 18 months ago,” Palma said. “You can’t say you have XDR if you don’t have also have endpoint, which we do on our platform. Nobody talks about data being part of a platform, and we will drive that as well.
“No one else has the assets and experience that we have,” Palma stated.