10.12-13.22-DigitalTech-Allthenticate
Startup Exchange Video | Duration: 5:36
October 12, 2022
-
Interactive transcript
CHAD SPENSKY: Howdy, y'all. So I've been in computer security my entire life, starting as a hacker kid and then eventually getting hired by MIT Lincoln Laboratory to do offensive research for the DOD for about 10 years. And now, as a practitioner, it's always been kind of a bittersweet industry, because while it's really fun to break things, objectively the products that it puts out make our lives pretty miserable. So my goal with Authenticate is to make that a little less miserable.
And the more frustrating part of all of these products, if we look at what's on the market today, when you onboard an employee just to get them on-board with all the security product takes forever. And then when you off-board them, if you forget just one, they could come back. They can hurt your company.
There was press recently where somebody had back door keys. And we're just losing hours in our day. Every day we have this battle with passwords and our RSA tokens and our YubiKeys. And it's this constant fight with cybersecurity, which is an industry I love. And we're losing the game. Hackers, the little kid version of me, are still winning. 80% of our attacks are still based on these very simple credential theft attacks.
So if you look at the products on the market today, they're mostly band-aids. If you look at each little individual component that we're patching up, like, hey, we need to log into websites. We have too many websites, let's throw a password manager on it. Hey, managing all these keys is hard. Let's throw a smart card on it, right? Or, oh, two factor is now an issue. They're stealing passwords. Let's throw a YubiKey at it.
And that's not actually solving the core problem, right? We're treating the symptoms but not actually looking at the disease. So one of the perks with working at Authenticate-- sorry, I'm colorblind and they tell me to hit the green button. So my apologies. I found out which one's green.
But the problem with all these band-aids is they're not actually going to solve the problem. So one of the really big perks, everyone asks me, why didn't anyone else think of this. They didn't have the luxury to sit at MIT for 10 years and just pontificate, right? If I just rebuilt the whole world, how would I do it? And to actually vet all of that research and try to solve the root problem.
So what we came up with is that now people don't think I'm as crazy. 12 years ago people thought I was absolutely insane, was that we should use our smartphones for everything. And we actually vetted all of the technology in those phones. There's actually really good hardware-level security on there. There's secure elements. There's stress execution environments. We get to interface with Arm engineers.
And then what this allows us to do is that you can come to work. You'll bring your phone. Your phone will unlock the door as you walk in. You can then walk up to your website, log in to-- or sorry, log into your computer. You can browse the websites. They can recognize you because your phone is proximally close, and log you in. And then you can even log into all of your servers.
So when you onboard an employee, on day one they come in. Everything will work magically. And then when you off-board them, poof, it's gone instantly. So this is the goal. This is the dream, that you have one credential for everything for your employees.
And thanks to all the hardware on the smartphone, you can elevate security as high as you'd like to go. They all have biometric sensors built into them, accelerometers. You can do all sorts of really nice security functions.
And why is this different? Why is Authenticate different than every other company out there? One, it's highly usable. Most of the time it just works. You don't even know that anything's happening unless it's a privileged interaction.
It's as secure as it possibly can be, given all of the modern hardware on the market. It's extremely modular, so it's a fully distributed system. If the internet goes down, it doesn't matter. Everything talks to everything else point to point. And it's wildly flexible. I put it in my F-150. I put it in my Forerunner.
I've installed this thing everywhere, because I love it and it's cross-domain, like you're going to use it to interface with the physical world and your digital world. So you really have one credential everywhere in your workplace. So where we are so far in our authentication revolution, we are officially a funded startup, which feels very nice.
We have some very cool financial backers. One of them is actually a corporate partner, Ping Identity. We have paying customers. Right now we've only been pushing out our access control solution. So this is to get you into the doors of your building. But we're ready to launch everything else, hence us being here.
We have really nice door hardware. It's actually a smart light switch that can augment any door. It can plug in your existing smartcard readers. We have a really nice app experience. Everything is being upgraded as we speak. We'll be releasing it soon.
So what we provide is this comprehensive admin portal where you can manage literally every asset in your company. And your employees can authenticate with it simply. It's completely password-less. This is not a password manager.
This is real computer security cryptography stuff, not crypto coin. And there's really nice integrations. It works currently with any SSO website that you'd use. So Gmail, Okta, Ping, ForgeRock, GitHub, GitLab, you name it, Salesforce, all that works.
And what we're looking for in a partner are channel partners, so folks to help us get to market. Anyone who's good at building hardware, like I said we design the hardware. We have the security architecture for it. We're not great at scaling hardware. I'm a computer scientist by trade.
So any partner that would like to help us build and scale the hardware, and anyone who just wants to pilot it, integrate it with us, use it in your company, and alleviate a little bit of pain in your day-to-day work life. So if you have any questions, please reach out to me and join us in this authentication revolution.
SPEAKER 1: Thank you, Chad.
[APPLAUSE]
Next.
-
Interactive transcript
CHAD SPENSKY: Howdy, y'all. So I've been in computer security my entire life, starting as a hacker kid and then eventually getting hired by MIT Lincoln Laboratory to do offensive research for the DOD for about 10 years. And now, as a practitioner, it's always been kind of a bittersweet industry, because while it's really fun to break things, objectively the products that it puts out make our lives pretty miserable. So my goal with Authenticate is to make that a little less miserable.
And the more frustrating part of all of these products, if we look at what's on the market today, when you onboard an employee just to get them on-board with all the security product takes forever. And then when you off-board them, if you forget just one, they could come back. They can hurt your company.
There was press recently where somebody had back door keys. And we're just losing hours in our day. Every day we have this battle with passwords and our RSA tokens and our YubiKeys. And it's this constant fight with cybersecurity, which is an industry I love. And we're losing the game. Hackers, the little kid version of me, are still winning. 80% of our attacks are still based on these very simple credential theft attacks.
So if you look at the products on the market today, they're mostly band-aids. If you look at each little individual component that we're patching up, like, hey, we need to log into websites. We have too many websites, let's throw a password manager on it. Hey, managing all these keys is hard. Let's throw a smart card on it, right? Or, oh, two factor is now an issue. They're stealing passwords. Let's throw a YubiKey at it.
And that's not actually solving the core problem, right? We're treating the symptoms but not actually looking at the disease. So one of the perks with working at Authenticate-- sorry, I'm colorblind and they tell me to hit the green button. So my apologies. I found out which one's green.
But the problem with all these band-aids is they're not actually going to solve the problem. So one of the really big perks, everyone asks me, why didn't anyone else think of this. They didn't have the luxury to sit at MIT for 10 years and just pontificate, right? If I just rebuilt the whole world, how would I do it? And to actually vet all of that research and try to solve the root problem.
So what we came up with is that now people don't think I'm as crazy. 12 years ago people thought I was absolutely insane, was that we should use our smartphones for everything. And we actually vetted all of the technology in those phones. There's actually really good hardware-level security on there. There's secure elements. There's stress execution environments. We get to interface with Arm engineers.
And then what this allows us to do is that you can come to work. You'll bring your phone. Your phone will unlock the door as you walk in. You can then walk up to your website, log in to-- or sorry, log into your computer. You can browse the websites. They can recognize you because your phone is proximally close, and log you in. And then you can even log into all of your servers.
So when you onboard an employee, on day one they come in. Everything will work magically. And then when you off-board them, poof, it's gone instantly. So this is the goal. This is the dream, that you have one credential for everything for your employees.
And thanks to all the hardware on the smartphone, you can elevate security as high as you'd like to go. They all have biometric sensors built into them, accelerometers. You can do all sorts of really nice security functions.
And why is this different? Why is Authenticate different than every other company out there? One, it's highly usable. Most of the time it just works. You don't even know that anything's happening unless it's a privileged interaction.
It's as secure as it possibly can be, given all of the modern hardware on the market. It's extremely modular, so it's a fully distributed system. If the internet goes down, it doesn't matter. Everything talks to everything else point to point. And it's wildly flexible. I put it in my F-150. I put it in my Forerunner.
I've installed this thing everywhere, because I love it and it's cross-domain, like you're going to use it to interface with the physical world and your digital world. So you really have one credential everywhere in your workplace. So where we are so far in our authentication revolution, we are officially a funded startup, which feels very nice.
We have some very cool financial backers. One of them is actually a corporate partner, Ping Identity. We have paying customers. Right now we've only been pushing out our access control solution. So this is to get you into the doors of your building. But we're ready to launch everything else, hence us being here.
We have really nice door hardware. It's actually a smart light switch that can augment any door. It can plug in your existing smartcard readers. We have a really nice app experience. Everything is being upgraded as we speak. We'll be releasing it soon.
So what we provide is this comprehensive admin portal where you can manage literally every asset in your company. And your employees can authenticate with it simply. It's completely password-less. This is not a password manager.
This is real computer security cryptography stuff, not crypto coin. And there's really nice integrations. It works currently with any SSO website that you'd use. So Gmail, Okta, Ping, ForgeRock, GitHub, GitLab, you name it, Salesforce, all that works.
And what we're looking for in a partner are channel partners, so folks to help us get to market. Anyone who's good at building hardware, like I said we design the hardware. We have the security architecture for it. We're not great at scaling hardware. I'm a computer scientist by trade.
So any partner that would like to help us build and scale the hardware, and anyone who just wants to pilot it, integrate it with us, use it in your company, and alleviate a little bit of pain in your day-to-day work life. So if you have any questions, please reach out to me and join us in this authentication revolution.
SPEAKER 1: Thank you, Chad.
[APPLAUSE]
Next.
