Sramana Mitra: How do you go to market? Do you sell directly?
Piyush Pandey: Yes, it has been a harder course. We sell directly to customers. We’re trying to build a channel strategy. Our solution is technical. It’s not a category solution, which is why we go direct.
Sramana Mitra: What kind of penetration are you getting? What kinds of companies are you seeing adoption in?
Piyush Pandey: We think our solution is relevant for 20,000 large enterprises. We define it as any organization that has 5,000 employees or more. For us, that’s an enterprise account. There are 20,000 plus enterprises that fall under our category.
We decided to focus only on North America. In North America, we have 7,500 accounts. Our penetration is around 3% in that market. Our goal is to reach 10%. There are not too many players who can compete with what we do.
Sramana Mitra: In the 3% that you have penetrated, is there any other segmentation nuance?
Piyush Pandey: We are very focused. Our solution is targeted towards large enterprise applications like SAP/Oracle. If you look at the broader enterprise application market, they usually have 50 different applications.
We are focused on this too because we are tightly ingrained to these applications and making sure that we add a lot of value from managing the business rather than being a horizontal solution which cuts across different applications. We are more vertically-integrated.
Sramana Mitra: If I’m hearing you right, you are going to market in Oracle and SAP accounts and wrapping your solution around those?
Piyush Pandey: Exactly. That’s our focus.
Sramana Mitra: The cyber security purchase cycle has become very complicated because there’s so many vendors and so many different types of point solutions that a CISO has to look at.
In that process, they are prioritizing what they want to buy first and in what order. What are you seeing in terms of where you fit in that priority cycle?
Piyush Pandey: That’s a very relevant question. If anybody is thinking about building a security company, this is very important. There’s a two-pronged approach to this. It’s a crowded and noisy space. Last I checked, there were around 600 security vendors.
If you look at them, everybody claims a lot of things. I have spoken to a number of CIOs. They say there’s no real way that I can evaluate all the vendors and make the right decision. It’s a matter of what are the strategic key initiatives that drive my company’s business/ How do I align? Based on that, what are the capabilities I need? What are the applications I manage?
In a typical large enterprise, they will have anything from 35 to 100 security software and hardware pieces. There are multiple things you do which are point solutions for different capabilities. Our view is, unless you have a lot of capital and you can hire the right people, we focus on specific use cases and projects where we solve a problem.
We started pitching it to customers. We made a list of use cases that we could solve. We solved the problems they have. Through the channel, we can show the complete portfolio of our capabilities rather than trying to take CISO’s attention directly.