Q&A on Founding Gomboc
In a recent Q&A with SafetyDetectives, I had a chance to delve into the pioneering realm of cloud security through the lens of my experience in information security. Her's the full Q&A:
Hi Ian, can you introduce yourself and talk about what motivated you to co-found Gomboc?
I’ve been in information security for over 25 years now, practicing various roles – from hacker, pentester, through managing consulting teams, with my last couple of roles at the executive level as a CISO. After my last CSO position, I decided to address one of the areas that I saw a lot of friction with but without any real solutions, which prompted me to start Gomboc.ai where we close the remediation gap in cloud security.
What core problem did Gomboc AI aim to solve in the cloud security domain, and how does your platform empower DevOps teams?
The gap we are closing is the security misconfiguration one. Almost everyone these days has the ability to point out such misconfigurations through CSPM and CNAPP products. However, when trying to fix them, all we get are templates and best practices, which just don’t work for DevOps since they aren’t taking into account the specific architecture of each environment. In turn, DevOps spends precious engineering time identifying, researching, and implementing a remediation for each misconfiguration. We solve this issue by utilizing deterministic AI that tailors remediations to misconfiguration issues for each and every context they are found in, and deliver these as code changes to the DevOps teams. This ends up saving hundreds of hours for DevOps, and allows them to focus on higher-level problems as Gomboc.ai takes care of the security configurations.
Could you explain how deterministic AI differentiates Gomboc AI from other security solutions in the market?
Of course – Generative AI solutions are designed to provide an answer to any question they are presented with, and to generate a solution each time they are run. This generative feature is inconsistent and will provide varying solutions, and quite often will also provide solutions that are not feasible, as the algorithm is designed to “force” an answer even if one isn’t available. There’s why we now have “AI hallucinations”. Deterministic AI, in contrast, is designed to provide a consistent and accurate answer to a given problem, and is more constraint based – meaning it’s designed to operate within a set of capabilities and cannot come up with additional ones that do not exist. Therefore, it’s much more suitable for problems that involve infrastructure as code (IaC) as the parameter set is constrained by the cloud resources and services and their configuration options. In short, the results are certain, stable, and precise.
领英推荐
Can you explain the benefits of having a vendor-agnostic approach in cloud infrastructure management?
By being vendor-agnostic we are enabling organizations to innovate and optimize their operations. They aren’t locked-in to a particular set of resources or services, and can even apply a consistent set of policies across several vendors that they are using. The solution is meant to serve the engineers, rather than to ask them to force-fit their infrastructure decisions into any set of templates or constraints.
What are some common challenges that DevOps teams face today in managing cloud infrastructures, and how does Gomboc AI help address these issues?
The common issues faced by DevOps team in managing cloud infrastructure range from configuration drift, to mastering the know-how of how each resource and service can be configured in the context of every other resource, to accounting for a consistent set of security policy and capabilities. These are all highly intensive tasks that require many hours of detailed work and research. Gomboc.ai allows DevOps and Security teams to easily define what policy they want to apply to their cloud environments, and deliver the most accurate and efficient configuration through any service and resource they utilize. Gomboc.ai, since it works on the IaC, can also identify inconsistencies between the IaC and the actual cloud environment, easily prompting DevOps to close such drift and allow for a more consistent and governable “gitops” process.
What are some best practices you would recommend for security teams to protect their cloud environments effectively?
Make sure that the basic configuration issues are handled quickly and consistently. Cloud infrastructure misconfigurations are the #1 root cause of cloud related breaches, and most organizations carry a backlog of issues they are slowly churning through (more often the backlog is growing rather than shrinking). This is the easiest attack vector that is being abused by attackers, and once removed, the likelihood of a breach drops significantly – raising the security posture of the environment and allowing security teams to focus on application and runtime level issues.