 Hi, everyone. Welcome to another fireside chat. I am here with Yunan, who is the co-founder and VP of products at Wiz. Yunan, thank you so much for joining us today. Thank you for having me. So, yeah, let's dive right in and get started. I'd love to know more about your personal journey in the tech industry. How did you get from where you started to VP of products? OK, so I was born in Tel Aviv. So I actually started my studies as part of the Air Force Elite Programme, called Tel Piot in the Hebrew University. I learned studied math, computer science, physics, and I started my journey as a cyber specialist. And basically, after completing my service, I joined Adelon. Adelon was a startup. It was a very new startup in the cloud security space. We were barely like 10 people and I was thought can be the VP of product. It was very small and I basically took over the product role and ran for a very fun ride for two years until 2015, where we were acquired by Microsoft. We were a Cosby product, SaaS security. At Microsoft, I actually had the privilege to take the product from being a startup to enterprise scale. So taking it all the way from all the way to one and a half billion dollar across hundreds of millions of users. And then two years ago, the team we left to found Wiz. Wiz is a cloud security company. And again, same old VP of product. Excellent. So I'd love to dive in and ask you some questions about cybersecurity. But let's start with talking about Wiz. In products, we're always talking about being obsessed with the problem and not with the solution you're trying to build. So can you tell me what problems you're obsessed with at Wiz and how you're solving them? Yeah, of course. So basically the problem that I'm obsessed on is cybersecurity, right? But I think that it's much deeper than just cybersecurity. When we look at cloud security, so let's start with cloud as a whole. Cloud is obviously a very new space when talking about technology. It's here for, let's say, a few years, a decade, but only the past few years. I think we have realized the benefit of cloud. So we have seen massive migration to the cloud. So any organization is either now born cloud native or now migrating to the cloud. I think cloud is advancing in a phenomenon faster than any other technology we have seen in the past by and offers like really all the cool stuff to the developers so they can run as fast as possible. On the flip side, doing security for cloud is actually a huge problem or a challenge, I would should say. First, I think that the complexity of the environment that organizations need to secure is, let's say, much more complex than what they used to have. So multiple clouds, multiple architectures when you think about containers, VMs, past services, serverless functions, all of this operating, and you need to secure all of them. Thousands of technologies that are being put into place. So everybody wants to use the latest and greatest. So that's around the environment. The other complexity is around basically the risk. So understanding like, what is risk in the cloud? Is it just vulnerabilities, misconfigurations, or is it something much deeper? For instance, around understanding exposure path, understanding permissions. So actually cloud security is much more complex than what we were used to and lots more options. And the third problem is actually around how do you do it at scale? How do you do it at the scale of the business, at the pace of the business without blocking the business? So I think when you take these three complexities, they really create a very problematic environment for cloud security teams that basically want to enable their businesses to run as fast as they can to develop, to modernize, to actually become digitally transformed and do more, but they need to secure this. So that's the challenge. One more data point, by the way. I think that interesting to see that according to Gardner by 2025, more than 50% of all IT spent in the world will be around cloud services, like cloud functionality. So you can see like how you can really, we are moving to this space, but we're still not really equipped to secure it. So definitely not small challenges that you're facing or small problems that you're solving. This is big stuff. And apparently you're doing it very well because I think was it CNBC, that was it CNBC and Business Insider named you guys the fastest growing security company. Congratulations on your success. That's amazing. I feel quite lucky that as a co-founder, you may be able to give us a bit of the inside scoop of how you guys did that. How did you manage to build the fastest growing security company? So yeah, we are actually running super fast. So we were founded actually tomorrow. It's going to be two years since we were founding. Then we are running super fast, right? So I think we raised we are topping like 300 employees, more than $600 million in revenues and $600 million in funding. And I think that the nicest figures is actually that we have more than 20% of the Fortune 500 using the service already today in just like two years since inception. So I think that this is a really fast growing. And when you look at the story of Whiz, so really Whiz is a result of 20 years of teamwork. So Whiz is a team. The same actually my story, the story that I told you earlier on is the same story of like the core team of Whiz. So more than like 20, 30 different folks on the team that we went together for the past 20 years building cloud security products. So I think that one is the teamwork. And when you think about teamwork, actually it's about the ability to work together in a very harmonious way. So think about two years ago where was the word? So it was just COVID started. We were all in quarantine, but we worked seamlessly together because we simply know each other and we know like how to operate together. It's true for the team. It's true for the founding team. So actually I think that having a very strong team at its core is the most fundamental way to run fast. Second, I do think that we are experienced in multiple senses. It allows us to do less mistakes, okay? In the sense that one, we have built to scale at Microsoft. We've been in cloud security for a long time. We have done a startup. So we know how it looks like when you're a startup. So getting all of these angles actually build a very solid experience that allows you to know what is good, what is bad and so you can move fast. And we are, as you mentioned, in a burning space right now. So there is a dire need. There is actually a void of solutions right now. All of the solutions are, I would call them like fast generation. They're not really hitting on the pain point. And I think that it's a space that is in dire need for a better solution. And fourth, I think we have a really good culture in the end. I think that when we build a company, the culture is one thing that sticks. And a culture that basically helps you be successful. So very customer first approach. We'll talk about it. I'm sure it's part of the product, but customer first approach, the ability to have a very supporting environment, asking questions, collaborating, being very inclusive of other ideas and glorify trust, I would say. So trust is first of everything. So I think all of these makes us like fun to work with. So it makes people want to move faster. And I know we're talking about cybersecurity as one of those spaces that's really growing. I know that every time we talk about cybersecurity in our community or anytime someone brings up that they work in cybersecurity, there's always so much buzz around it of people saying, I want to learn more. I really want to get into cybersecurity. This is the career for me. What are some of the unique challenges of working in cybersecurity that maybe product managers in particular should prepare themselves for if they're thinking about moving into the space? So product actually being product in cloud security is really interesting because I think first the level of complexity of understanding what we call the red side, which is the threat actors. So the attackers understanding the blue side, which is the defenders. And then again understanding the technological landscape. The environment, you need to do all of these together in order to like go into and be successful, I think as a cybersecurity product manager. So you actually have to get a really solid view of the multiple parties and then you need to build a product that needs to face with huge amounts of data, a lot of noise, a lot of different personas, different levels of expertise with the teams. I think enterprise building it's mostly like enterprise software that needs to adapt for like, you know, be ready for enterprise adoption. So there are lots of challenges actually in cybersecurity that require you to be really in the details on the flip side. I think that cybersecurity is also going through and cybersecurity is like in a huge talent shortage right now. It's not about training so many like I think cyber specialists. It's actually about consumerizing the knowledge of cyber. So same thing that we became very aware with phishing. And now everybody gets a phishing email. We expect them to know that they, you know, they got phished and don't click on that link and so on. So I think in general we have a lot more awareness to cybersecurity and actually having security a bit simplified. I think this is one of the biggest challenges we have today. So it actually gives I think a different type of challenge for PMs that are going into that space. How do we simplify? So it won't be just for the very few that know cyber very well. And what would you say are some of the big mistakes that companies make when it comes to security and basically protecting themselves and their businesses? Okay, so the big mistakes. I think that the big mistake is not having. So if I am a company, the biggest mistake for me is not to be able to prioritize correctly. Where do I spend my effort? So let alone in a startup, we always say focus, focus, prioritize. But even in larger organizations, there are so many things to do. I mean, even when you look at security, you can improve yourself to like day and night. The question is, am I doing the most important things right now to secure my cloud environment? And I think that prioritizing it is what is very challenging for customers. So be ruthless about prioritizing your security like endeavors or initiatives. On the flip side, I think that visibility is like maybe the first biggest challenge because we may be thinking we're securing our environment. But in fact, we are securing a very small part of our environment. So I think visibility is in the core of like every security person, like am I seeing everything that I need to be secure? Because if I'm not seeing it, then I cannot protect it, right? So I think that visibility in the cloud, it goes to a new extreme because anybody can spin up and down new resources. Anybody can get like a cloud account or something without going through central security. So it makes it very, I think challenging to gain visibility and then prioritizing would be the next. So these are the two things that I would recommend. Make sure you have really good visibility to the environment on the flip side. Also make sure you prioritize the right things. Super useful tips there. Good, great advice. And as you've grown in your cybersecurity career, what do you think are some of the skills that have really helped you to get to where you are today? So it's a good question. I think that first the ability as a PM, right? So communications I think is key. I think communications team work in the end as a PM. You work with customers. You work with your sales organization. You work with engineering and your goal is really to be able to communicate back and forth like what, how should we think about the problem? What, how should we think about solving it? What is good? What is bad? And being able to communicate it to all of the different stakeholders is in the end key. The second thing is being able to listen and basically get the information for all of the teams and have a really good analytical skill in order to understand what is more, what is the real truth? So what's, what's the real reason? What's the root cause for like, why are customers having a hard time doing this? Why is, this is a challenging task. Why is it hard to do today? So when you start really understanding the root cause and have a very analytical approach to it, data-driven, analytical in the sense that understand the details, why it happens. So there is this Y exercise that I actually do like, I know it's a cliche, but asking yourself, but why, why is this the case? I think that having this ability to have an analytical analysis of a problem really gets you to the place where you're saying, okay, I get it. I know what I need to solve now. And the third thing is technical skill. I told you, I don't think in our space like in cyber security, it's hard to overlook the technical aspect of it, both in terms of like understanding the problem and the solution. So, you know, leaving, I'm leaving you through it like 20 years now. I think that being able to understand the technique, you know, the technical aspects of the solution and the problem are key. Definitely. And well, this next question isn't the easiest one to answer because job titles in product management are pretty meaningless. Let's face it. Like you can be a VP of product at one company is doing something completely different to a VP of product at another company, but maybe to help us sort of demystify things a little bit, what's a typical day to day or a week to week like for you as a VP of product? First, we are very, it's funny to mention it. We are a very flat organization. We barely have teams with the, with the R and D and product teams, product team, because exactly for what you said, we actually work in what we call squads like we have two developers, one PM and you know, just go get it. Like you don't need anybody else. And I think this independence is important. So just thought it's the right place to say it about titles, et cetera. It's really, it doesn't matter. But to your question, I think that essentially for being VP of product today, it's really, I think about it as managing two coins that we have for the team and for the company. One is how much value do we bring to customer? Like, are we doing a good service? Are we bringing value to all the customers? And the second is like managing what I call a product debt. Are we doing it in a way that allows us to continue on in a fast way, right? So we are not agreeing technical debt. We are not agreeing too many like features that are not there yet. So making it in a very solid and consistent way that allows us to continue and run fast. I think that my typical day today, I think that the first talking to customers I actually have a lot of emphasis at this also with the team. So we actually do spend at least a third of our time. I know it's a lot, but at least a third of our time on customer calls across the entire life cycle. So across like them first demos, POVs, and like proof of concepts, proof of values also in terms of delivering. So a post-sale engagement and in general, like working very closely to customers to develop this really deep customer empathy. I think this is key and I keep doing it as like as much as I can. Second, I think I'm trying to read and understand the market to really asking the why question. So what's happening on the red side? What's happening on the blue side? What are the processes of driving like organizations to secure their space today? What are the challenges they face today? What are the most like, you know, latest and greatest on the technology aspect that we should account for? What happens with cloud technology with competitors? So all of these are things that we do. We start building a team. So being able to build a product management team that is independent, that can focus on various topics that is diverse, versatile in knowledge, in expertise and this is key, of course. And the fourth thing that is like, I think the reality check all of the time is identifying and continuously like unblocking, like sort of points in the organization. It can be anywhere, but I always say like, there is nothing like product love to untie a problem, right? So when APM looks like gives attention to a problem and now we use all of the tooling that we have from engineering for all of the resources like engineering data, all of these in order to basically solve a problem, like we can fix anything. So making sure that we identify the areas that are not smooth and unblocking them. So these are like the four things that my day-to-day looks like. Pick your choice. It's so interesting how I asked that question to all of our guests and I never get the same answer twice. I mean, there's some core things that tie product people together at their levels that are sort of universal, like caring about the customers, building teams when you get to a leadership level, but every role has its own certain flavor or certain choice. So I always love getting different answers to that question. So you mentioned team building in there. What are some of the things that you look for specifically when you're building out your team of product people? Are there any particular skills or traits or things that you particularly like to see that add to your culture? Yeah, so I like, most I like the curiosity, the natural curiosity of APM to want to learn, to want to understand better. I think this is like a driving factor that I'm looking and excites me about APMs overall. I do like the, I do think it's super important to have communication, very solid communication when describing a problem. And also the way, by the way just the way I look at it, I like to ask questions and by the response, I like to assess like what's the structure in which the response was given, right? Was it a structured response? Was it a super logical one? Was it like framing it? In the end, I think that the way I would love working with PMs is that they can describe to me their framework, how they are thinking about the word so I can maybe give my opinion, maybe I can adapt, right? So the ability to explain very clearly, how do you think about the word? How do, what do we learn? What should we learn to be, to do better products to build, to solve tough problems? I think this is key for them. And in the end, it's teamwork. I think that PMs in the end, it's all about teaming up with customers, with engineers, with marketing, with sellers. Like it has to be about the team. So that would be something that of course, I mean, part of the culture, it's really important for us to see. Absolutely. And another thing I love about getting answers to that particular question is all the things that product leaders love in their teams. It's all something that's very achievable for everyone no matter where they come from. No one has ever answered that question with, well, you need a CS degree from Harvard or Yale. No one has ever answered with specifics. It's always things that are very universal to product managers. So fantastic answer there. We're coming down to our last couple of minutes, but I think we've got time to squeeze in some more fun questions. Product people are always learning, lifelong learners. What are some of the things that you're learning about at the moment or something that you want to make time for learning in the future? Wow, about learning. So I think that today, I think that I'm seeing lots of challenges around. I call it enterprise usability. Okay. And it's interesting because enterprises, so we're operating in a B2B, of course, actually in the higher end of enterprises as well. It's interesting to see that enterprises have all of the technology they could afford, but the value they can get out of it is not always that it's max, right? And they can have various tools, but they don't work together. They don't integrate. So actually with, when I build with, one of the challenges that I really try to solve deep is how can we get it to an enterprise and they can simply use it across. And when you realize that there are many new, like many funk features that are not glorified in any way, but this is what makes it enterprise ready. I think this is like, for me, I'm learning more and more about these, let's call it the small things that make enterprise software consumed easily. So it's around functionality and integration and permissions and logging and all of these. And you could really see how great products fail because they couldn't cater for the enterprise space that early. Also, I have to say that in terms of cyber, you cannot stop learning and let alone, I know it's a bit happening like recent, but you're seeing what happened between the Ukrainian and Russian conflict and the role of cyber in the discussion. And you can look at the articles like cyber is like such a dimension, it's happening. It's happening and you can't, it's happening fast. So keep learning like what is this, how the threat actors use cyber and how can we defend against it? I think that in the end, and this is also when you look at the word economic form and they mentioned like, what are the terrifying things we should worry about? So of course there is climate change, but second, it's cybersecurity. These are things that can devastate the words. We know it because everything is connected to internet. Everything is from critical infrastructure to anti-airplane missiles that protect different countries. It's crazy and understanding this I think is key and I'm passionate about it. I'm reading about it every morning. That's the benefit of being in Tel Aviv. Basically, I wake up, there is nobody else that is awake, so I have all a few hours to read all the news, all the research, so I get up to date and then start my day. That's how I feel being on the European product school team. Everyone's asleep for a few hours, so we have like ourselves. As much as we love our American colleagues, it's really nice. So anyway, we've got time for just one more question, which you will either love or hate. If you could sum up the feeling of working in cybersecurity at the moment in just a couple of words, what would they be? It's a tough question. Actually, I would say it needs to be like it simply works, right? I think that basically when we think of cyber, I just want to make like when I think about it for me with, it simply works for customers. And I think this is what we're missing a lot. And when I hear from customers, for instance, I love it when they say, oh, it was just easy. I just used it. It seems simple. That's like after so many years of challenging products that you crank everything just to make it work. When you hear from a customer that it just simply works. Yeah, I get it. Yeah, I think this is like where we need to go to with cyber. It just simply works. Fantastic. What a positive note to end on there. Yunan, thank you so much for joining me. It's been an absolute pleasure chatting with you. Thank you very, very much for having me and it was a pleasure. And thank you everyone for joining us. We will see you in the next fireside chat. Bye.