Why I Joined Verodin — By Colby DeRodeff

For nearly two decades, I’ve been fortunate to be a part of ground-breaking, visionary cybersecurity companies like ArcSight, SilverTail, Anomali, and now Verodin. Being a part of a cybersecurity company that’s truly reshaping the industry is a no-brainer. But before I go into why I joined Verodin, I want to first share why I got into cybersecurity in the first place.


Being involved in cybersecurity for me is like being on the frontlines of challenge and change. The challenges that we all face, not just as large organizations and government agencies but as humans living in a digitally transformed society, are sizable. Helping others mitigate real threats by improving, augmenting, and changing their approach to cybersecurity creates a sense of accomplishment that I truly enjoy. I’ve learned that we are all better off when we are all better protected. This backs my love for cybersecurity – a love that started for me in a desert.

I went to my first DEF CON, DEF CON 9, in Las Vegas in 2001. I was intrigued by the feeling of comradery and community in what was at the time a conference unlike anything I’ve ever seen. Sitting in a blazing hot tent at Alexis Park hotel – yes, DEFCON used to be in tents – I listened intently to talks about hacking. I saw folks throwing laptops from the top floor into the swimming pool, and I even spotted a fed. I was all in!


At the time, I was just starting out my career in cybersecurity working at a very early-stage, pre-product SIEM company (SIEM wasn’t even named SIEM yet) called ArcSight. I was lucky enough to sit in the cat-bird seat and spent the next 10 years working with the largest, most sensitive, and most complex organizations in the world. In doing so, I also was afforded the opportunity to solve really tough challenges that couldn’t be solved before ArcSight. Internal to ArcSight, I leveraged what I learned in the field working with customers to help guide product development for what would eventually become the industry-leading SIEM solution year after year.

The most important thing I learned at ArcSight was customer empathy. The late Robert Shaw, ArcSight’s CEO, taught me that we are nothing without our customers and customer success is everyone’s responsibility.

What did ArcSight provide that organizations really needed? It boiled down to VISIBILITY. Security teams needed a way to collect all of the alerts and system messages from all of their disparate security tools to provide a single pane of glass. This provided great visibility and detection for everything happening in the user system and network spaces.

ArcSight eventually acquired a company called Enira Technologies. This is where I first met Chris Key, CEO and Co-Founder of Verodin and former CEO and Co-Founder of Enira. By the way, Chris just happened to invent the orchestration space with Enira – he was just a decade too soon when ArcSight acquired his company. Chris Key, Brian Contos, now CISO at Verodin, and I immediately clicked based on our relentless commitment to customer success and our love of cybersecurity. The three of us worked very closely together through ArcSight’s IPO and have been friends ever since.


Post-IPO, Hewlett Packard purchased ArcSight. During that time, I worked with a colleague building custom fraud monitoring solutions utilizing ArcSight’s correlation engine. I really enjoyed the challenge and learned a whole new space. I worked with AML teams and online fraud and loss prevention departments. It was a new world, one which I decided to pursue further.

So, wanting a change, I joined a company called SilverTail systems, where I worked under Tim Eades, another industry visionary that is currently the CEO of vArmour. Tim taught me to lead from the front and to never ask someone to do something you wouldn’t do yourself.

At SilverTail, we again focused on visibility and detection, providing insights into user behaviors in online transactional banking and retail systems.


Eventually, RSA acquired SilverTail, and I began conversations with a former colleague from ArcSight, Greg Martin, CEO and Co-Founder of JASK. We met at the W Hotel in Union Square, NYC and began to discuss the challenges around Threat Intelligence and the overload of threat data being consumed by organizations. It was a problem that needed to be solved, and I was all in (again).

So, I teamed up with Greg Martin, Hugh Njemanze, and Tom Reilly, the successor to Robert Shaw at ArcSight and current CEO of Cloudera. I became the Co-Founder and CTO of ThreatStream, which has since been rebranded to Anomali.

The premise of Anomali is that it allows organizations to aggregate the plethora of threat intelligence that is available and orchestrate it throughout the security stack in order to detect compromise by known adversaries. Once again, visibility and detection. 


Throughout my career, I have built cybersecurity solutions that provide visibility and detection capabilities: ArcSight = Internal Visibility, SilverTail = Transactional Systems Visibility, and Anomali = External Threat visibility.

Across all of these platforms (and many others), executives rely on the fact that their cybersecurity stack is working and actually providing the visibility that they think it is. Vendors will tell you they detect the latest malware, stop the latest threats, and are the silver bullet to solving the world’s cybersecurity problems. Well, are they? Do they? Are you willing to bet your company, your job, or even someone’s life?

Cybersecurity is a constant cat-and-mouse situation. Defenders get better and adversaries change their tactics and techniques accordingly. How do you know that your defenses are going to detect and stop the latest attack? How do you know that your operations team is going to respond to the alert in the flood of alerts that they get every day? How do you know that you will successfully block or know about adversary activity?

I joined Verodin because it allows you to validate your cybersecurity tools, to know and no longer guess. The question, “Are we safe?”is a board-level question; when the threat du jour hits CNN and the board asks the CEO, “Are we safe?” Verodin answers this question based on proof and empiric data.  

When Chris Key explained to me how customers are using Verodin and the multitude of disparate use cases, I immediately became excited. Although I was still building Anomali at the time, I took the opportunity to invest in Verodin at an early stage. Now, a few years later, I have seen amazing growth. I’ve seen customers do amazing things from validating network segmentation, tuning controls, and monitoring for environmental drift to implementing frameworks like MITRE ATT&CK, war gaming, and aligning cybersecurity with business priorities. 

Verodin is more than the technology – it’s also about the people. For me, it’s about working with people that you know are 100 percent committed to customer success. It’s about people that truly want to help others improve their cybersecurity effectiveness – all the people at Verodin who make this a game-changing company and platform. I look forward to seeing folks in the field, working with current and potential customers, and making it happen! Once again, I’m all in!

*** This is a Security Bloggers Network syndicated blog from Verodin Blog authored by Verodin Blog. Read the original post at: