'Ours Is The First Effective Solution Against Unknown Attacks'

<div><strong>FireEye</strong>, described as Silicon Valley's hottest security start-up, recently opened its R&amp;D centre in Bangalore, India. <strong>Ashar Aziz</strong> founded FireEye, a network security company, in 2004 after his previous startup, Terraspring, a datacenter automation and virtualisation company, was acquired by Sun Microsystems in 2002. Before Terraspring, Aziz spent twelve years at Sun as an engineer focused on networking and network security. At present, Aziz leads both the technical and business strategies of FireEye as CTO and Chief Strategy Officer.<br /><br /> In 2012, FireEye went on to win the Wall Street Journal Technology Innovation Award, the JPMorgan Chase Hall of Innovation Award and three Stevie Awards at the 2012 American Business Awards. Recently in India to launch its new R&amp;D centre, Aziz spoke to <strong>BW Online's Poonam Kumar</strong> about how FireEye works and what he expects from the Bangalore R&amp;D centre <br /><br /><strong>You have been termed as the hottest security start-up in the Silicon Valley. What makes you rock?</strong><br />What made us rock is we have provided the first truly effective solution against unknown attacks that works in real time across all major threat factors. And we have successfully deployed it in close to 30 per cent of the Fortune 500 companies. We have done this while being tried and tested against all acclaimed competitors and winning close to 100 per cent of these bake-offs. It&rsquo;s a title we have earned professionally as opposed to a merely superficial title.<br /><br /><strong>How is FireEye different from other anti-viruses available in the market?&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</strong>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;<br />The most fundamental difference between FireEye and other anti-viruses like Macafee or Symatec is that they work on something that is already known to the antivirus vendor or some signature has been developed. But the attacks are far more sophisticated today. The attacks are consistently evolving and therefore, solutions with signatures cannot recognise them and cannot block them. We detect and block new viruses in real time. As for the most fundamental differentiator from the products available in the market, we work across all the major attack factors and across all the stages of a virus's life cycle. We provide a very accurate solution in the face of an unknown attack which is a very hard thing to do.<br /><br /><strong>How did the idea come to you and did you have any problem getting funds for your start-up?</strong><br />I had sold my previous company (Terraspring) to Sun Microsystems in 2002. When I left Sun, I was thinking about how to spend the rest of my life. As an entrepreneur, my philosophy is to look for hard problems. I was studying the evolution of all cyber attacks and malicious code in particular and there was a lot of talk about how it could evolve in different directions. <br /><br />If that evolution were to take place, it was clear that the existing defences would fail and that we needed a better architecture to deal with these attacks. I began working on that architecture at my home, in my living room. I spent eight months doing that. After coming up with the design and architecture for what is now FireEye, I was looking for some investors. It was a very useful and interesting technology and it took some 2-3-years to get the product right. But once it was ready, the product took off very, very rapidly.<br /><br /><strong>Who were the initial investors?</strong><br />Promod Haq from Norwest Venture Partners and Gaurav Garg from Sequoia Capital were the initial investors. Over time, we acquired many other investors including Juniper Networks, JAFCO Ventures. We recently announced a $51-million investment round with Goldman Sachs, Silicon Valley Bank and many others. So, at the moment all these are our investors.<br /><br /><strong>Can you describe how FireEye works?</strong><br />We have products which are system level appliance product that deploy at the key gate of the network such as internet gateway, email gateway, file, server, inspections point. We run suspicious objects inside instrumented virtual execution environment which is a proprietary technology that FireEye has. It&rsquo;s not just ordinary VM technology, nor is it ordinary sandboxing technology. It&rsquo;s a proprietary virtual execution technology designed to look for malicious activity and to find malicious behaviours. And it can do that in real time. You can put us on the gateway with a gigabit of traffic. And we built to inspect that gigabit of traffic by using virtual execution engine at in our office methodology. The output is incredibly detailed and incredibly accurate. Which is why we have been as successful as we have been because we are not estimating the thousands of false alerts. We have confirmation technology of the attacks built into the product and the information is very rich and very actionable.<br /><br /><strong>How long did it take for the business to take off?</strong><br />It took two-and-half-to-three-years to get the first product, FireEye Malware Protection System (MPS) right. Once it was ready, we took off and now it is one of the fastest growing and successful companies in the world.<br /><br /><strong>What are your plans for the Indian market? What will be your working model for India?</strong><br />We will invest $50 million in our R&amp;D activities in India in the next 4-5 years to develop cutting-edge cyber security solutions.&nbsp; During its initial phase, we will employ approximately 50 research and development specialists and plan to recruit 250 employees in the next five years.<br /><br />The working model will be to make sure that we will talk to the local business practices. And we find right partners to work with to take us into all the key areas of business for us. These areas are networking, cryptography, network security, and data center virtualization . These tend to be other geography as well as government, financial sector, high-tech, curriculum infrastructure, gas and energy, telcos and we are doing very well in these areas in US and we are hoping to do the same here in India.<br /><br /><strong>What is the purpose behind setting up R&amp;D centre in India?</strong><br />The Bangalore office is an important milestone for FireEye's global expansion. We expect the new Bangalore office to play a key role in maintaining cutting-edge technology and innovation in the FireEye line of security products. The Bangalore facility will serve as a hub for the development and testing of new FireEye products. We welcome Sridhar to the FireEye executive team. His extensive experience in building sophisticated product development teams in the US and India is an important addition. We already have first 50-100 accounts here.<br /><br /><strong>Do you develop applications for individuals or only for corporate only?<br /></strong>As of now, we make products for enterprises only. And we have no such plans to target individuals. In future, we will come up with such products for individuals also. But as of now we don&rsquo;t have such plans.<br /><br /><strong>How many startups have you launched? <br /></strong>This is my second start-up. I guess, it qualifies me as a serial entrepreneur.<br /><br /><strong>What are your plans for the future?<br /></strong>My future plan is to make sure FireEye&rsquo;s architecture saves gateways from cyber attacks in the world.&nbsp; <br /><br />poonam(dot)kumar(at)abp(dot)in, poonam(dot)bw(at)gmail(dot)com<br />&nbsp;</div>