This site uses cookies to ensure the best viewing experience for our readers.
“Get enough in your war chest to make sure that you can execute through the bad times as well.”

20-Minute Leaders

“Get enough in your war chest to make sure that you can execute through the bad times as well.”

Michael Matias is joined by Slavik Markovich, co-founder of Sentrigo and Demisto, who discusses his impact on the cybersecurity industry

CTech | 09:29  04.04.2021

The development of new technology has boomed over the last decade, and as the number of novel devices has increased, so has the demand for an improved cybersecurity system. At the forefront of cybersecurity innovation is Slavik Markovich, co-founder of Sentrigo and Demisto. Markovich began his career in cybersecurity at PlayStation and soon realized that, as a contractor, he had access to millions of user credit cards. There were two options for Markovich at that moment: sell the cards on the black market or develop a superior security solution. Clearly, Markovich chose the latter option and went on to co-found Sentrigo, a company that monitors activity within databases, and Demisto, an organization that aids security teams in coping with excessive amounts of security alerts. Throughout his time as both an engineer and entrepreneur, Markovich has positively impacted the cybersecurity space and hopes to continue to do so for years to come.

Click Here For More 20MinuteLeaders


Slavik, thank you for joining us. What surprised you most moving remotely and working from home?

The number of meetings increased. That kind of surprised me. I would have assumed that people would focus on their own work, but we actually found that because you don't have an interpersonal connection in the office, it actually helps quite a lot. Maybe it's not a compliment, but we hear from some folks who usually work remotely that now they feel a bit more connected.

One of the things that I'm noticing in my work is that usually you have meetings and you have to give a five-minute buffer between each one so you can walk to the next one. Now, all of a sudden, you don't have to walk anywhere, so you end up sitting there for five minutes and just waiting. The whole mind-set has shifted.

Yes. We try to set all of our meetings for 45 minutes so we can actually move between them, but you're right. Now we have 15 minutes to make more coffee, so that’s another thing that surprised me: every five minutes I go and pour myself more coffee.

Slavik, you sold two companies, the most recent one being Demisto, for hundreds of millions to Palo Alto Networks. Talk to me a little bit about how you even get into cybersecurity.

I was in the Israeli army in one of their computer units, and before that, I studied in the Technion. We actually developed a very distributed system around the Oracle database, and this kind of got me started with databases. My job wasn't very connected to security, but that was something that I found really interesting. I was the leader of a team of developers in the army, and we had obviously limited roles and permissions. I hacked into the system to elevate privileges to myself so I could actually do something that I wanted to do in the system. This was the first time I actually got court-martialed by somebody. It was not for malicious purposes, but I didn’t have the relevant permissions. My punishment was that I needed to prepare a cybersecurity presentation for the team. After the army, I naturally went into large infrastructure and database consulting, and that was when I first thought about why we need security. I did a very large project with Sony PlayStation databases, and at the time, I was still in Israel working remotely. I could see tens of millions of credit cards, and nobody knew. I was just a contractor from Israel; how do they trust me with that? So I said, ‘I could either sell these 10 million credit cards on the black market for a lot of money or I could develop some solution for it.’ This was the first time I thought about database security in particular, and I actually started a company called Sentrigo that did activity monitoring for databases to make sure that nothing went against policy. That was my idea in 2006, and I raised some money from Benchmark Israel to get Sentrigo started. This process also taught me a lot about the whole startup industry. You need to reverse engineer the database, understand the memory structures, and then through memory understand what's running. It was reverse engineering of Oracle, SQL, Sybase, DB2, and all of those relational databases. That was really challenging, but the go-to-market of it was even harder because you had to get the DBA and the security guy in the same room agreeing. It taught me a life lesson about engineering: hard problems are interesting, but you need to build something that the customer actually wants and is easy to sell and market.

Slavik Markovich, co-founder of Sentrigo and Demisto. Photo: Courtesy Slavik Markovich, co-founder of Sentrigo and Demisto. Photo: Courtesy Slavik Markovich, co-founder of Sentrigo and Demisto. Photo: Courtesy

Do you think that your experience in the army positioned you to understand what was happening and have that confidence to take ownership over something as complicated as database security?

I think overall the army helps you by giving you a lot of responsibility at a very early age. You get a lot of responsibility, and since you can manage that responsibility, you gain confidence. So from that perspective, definitely.

You joined the McAfee team as a result of the acquisition, and then you went on to create an even bigger company, Demisto.

With Sentrigo, we went through the 2008 crisis, which kind of reminds me of current times. I moved to the US in July of 2008, literally a week before the entire economy tanked. It was a terrible experience because there's a huge amount of uncertainty and you're looking at your customers and they all freeze. We were struggling to raise money, we were struggling to sell, and immediately after I came here, I had to fly back and fire a lot of the team because we didn't have enough money. That experience taught me that you need to have enough in your war chest to make sure that you can execute through the bad times as well.

All of a sudden, you're not an engineer anymore and you're a leader. How do you work through that?

It was very tough for me but even tougher for the ones that we had to let go. We really tried to act responsibly and maintain payments as much as we could. We also found jobs for most of those folks, but it was hard. Don't let anybody tell you it's easy; it was super hard. We let go a third of the team, and the rest took a pay cut. I like to think we handled it correctly because I'm still friends with a bunch of the folks who we let go, but it was rough. It also affected me moving forward. I think we sold the company a bit too early, but we were scared of what was happening around the corner. After we sold, I stayed with McAfee for four years trying to do both ends and make sure that the team landed correctly, but after two years, it became boring. Going into 2014, I was looking around thinking about what I should do next. I had a small espresso machine in the office, and one of my future co-founders, Rishi, and I started talking about this idea of creating an EDR solution that was based on a distributed database. It was kind of a cross between Carbon Black and Tanium. You could do real-time queries, understand what the situation was, and also keep the historical knowledge in a very efficient way. We started reading academic papers around peer-to-peer databases and began to develop this interesting architecture. Then in 2015, we had the RSA conference, and we interviewed a lot of CISOs. I think we met between 30 and 40 CISOs, and we presented that idea to them and all of them pretty much unanimously said it was a crappy idea. They said they weren’t interested in another endpoint, so we actually asked them about the big problems they did face and what the big pain points were. Eventually, we landed on this idea of what became Demisto, which is helping security teams cope with too many alerts, too many security tools, and not enough security people.

Years go by and you sell it to Palo Alto Networks. You’re now leading the Demisto product within Palo Alto Networks. I haven't seen too many integrations, but from the ones that I have seen of a company acquiring another company, this is considered a very successful integration.

I think Palo Alto Networks did the best thing that you can do when acquiring a company: leave the team alone. This allows the acquiree to maintain the structure of their team and the same spirit that got them to the successful state in the first place. It's up to us, the leaders, to see how the merge is being executed and make sure that the team is still feeling like an elite unit that can do what they do best.

Before we leave, I need three words that describe you.

Curious, tenacious, and smart. 

Michael Matias. Photo: Courtesy Michael Matias. Photo: Courtesy Michael Matias. Photo: Courtesy


Michael Matias, Forbes 30 Under 30, is the author of Age is Only an Int: Lessons I Learned as a Young Entrepreneur. He studies Artificial Intelligence at Stanford University, while working as a software engineer at Hippo Insurance and as a Senior Associate at J-Ventures. Matias previously served as an officer in the 8200 unit. 20MinuteLeaders is a tech entrepreneurship interview series featuring one-on-one interviews with fascinating founders, innovators and thought leaders sharing their journeys and experiences.


Contributing editors: Michael Matias, Amanda Katz

share on facebook share on twitter share on linkedin share on whatsapp share on mail