William Leonard

Hey everyone. Welcome back to the Atlanta Startup Podcast. My name is William Leonard, and you’re in for a treat today, as I sit down with the founder and CEO of Valor‘s newest portfolio company, Senteon. If you don’t know, Senteon has built a fast solution that is providing proactive protection for their client’s network. Basically, they’re enabling clients to audit endpoint behavior and identify system-level settings that can be implemented on machines and production to guard against the array of active threats that corporations are facing today. And with the current cybersecurity market, is estimated to be greater than $150 billion globally. We’ll discuss why Henry believes the Senteon team is well-positioned to succeed in this growing market with their innovative platform. We’ll also discuss the early impacts that supporters and investors like Purdue, Georgia Tech, and others have had on the business as well as Henry’s outlook on the state of cybersecurity in this wide-ranging and informative conversation. Let’s jump right in. Henry, I’m excited about the conversation today, man.

Henry Zhang

I am, too. Thanks for having me.

William Leonard

Awesome. You and I have gotten to know each other over the last few months, on a very strong level. But we’d love for you to just give us an intro into who you are, your background, and what was your segue or your path into entrepreneurship?

Henry Zhang

For me, it started back when I was doing my undergrad at Purdue. When I came into the program, I was doing a major in Cybersecurity. I wanted to expand what I was learning so I picked up a second degree in management. Part of what that did for me was I learned about some accelerator programs, they have a program called Firestarter. Sorry, the name escapes me for a sec. I think that was one of the very first experiences I had with what it might look like to run a startup getting, get an idea of what would that require. It was something that you actually really, really enjoyed. While I was at Purdue, I did a couple of internships with Archer Daniels Midland, and then I did two with Cisco. Those internships give me a pretty interesting view of what I was learning in security, as well as some of the problems that maybe they don’t really teach us in school. I think that combination of those two things pushed me along that path where I was like, “Hey, I think I can make a difference in what’s being done right now in the industry and what I’m seeing in my internships and these things I’m learning in management are a really great way to do so.” When I asked my mom, she told me I’ve been talking about starting a company since I was in middle school. I don’t remember that but I guess it’s actually been going on since then. But for me, I definitely remember those programs at Purdue were the first thing that kind of drove me toward it.

William Leonard

Awesome. I love that. And you know, we’ll dive into your background in a second, but give us the 90-second overview of Senteon and some of the solutions that you all are building to help protect your clients’ valuable assets.

 Henry Zhang

Senteon is a company that is looking to help solve some of the more fundamental issues that we found to exist in the cybersecurity field. What we’re really looking to address is the system hardening part of cybersecurity? I think it’s a rather broad term. It encompasses a lot of different elements. But specifically, what we’re looking at is operating system hardening and the process of creating a baseline. Traditionally, it’s a process that takes a lot of time and requires a lot of testing on the administrator side. It requires a lot of interfacing with the user and that’s a process that we’re really looking to improve and make a little bit more automated and provide information to the administrator in such a way they can do it in a timely and reasonable fashion.

William Leonard

For some of our listeners, who may not be astute in the cybersecurity world, what is system hardening? How do you simplify that for our listeners a bit?

Henry Zhang

I think the best way to think about it is if you’ve ever used a computer, I’m sure you’ve run into the problem of having different settings on your computer, whether that’s like, “Oh, my computer goes to sleep in five minutes.” That’s really annoying because I’m trying to read something and it goes to sleep, right? Or for my login, this computer requires me to put in a password that lets me set up a PIN. Those are all different settings that you can influence in the backend behind some of the panels that the computer offers you. As a security company or as security personnel, there are certain settings that we look at because we recommend setting up certain settings to improve the security of your computer. The problem with that is depending on how you might use your computer, some of those settings can be really annoying or just straight up disruptive to what you do on a day-to-day. It’s about finding a balance between what we want those settings to be and what you as a user are okay with having.

William Leonard

Got it. That definitely helps a bit. As you think about, Senteon’s place in the innovation realm, what are the customers that you’re targeting currently using today and why do you see Senteon better positioned to protect their points?

Henry Zhang

I think there are a couple of cases a question. I think there are definitely solutions that help companies maintain baselines, and ensure that they’re set up and that the settings are set the way they’re supposed to be. There are also companies out there that help enforce baselines and do things along those lines, right? But we’ve never really seen a company that is actually helping these companies create baselines and figure out what works for them. As a result, we find that a lot of the companies we’ve been talking to, a lot of the organizations, they’re not really doing it, or they are but it’s a really long manual process. One of the people we’ve been talking to says he had a company that he worked for, and they spent three years on it. By the time he left three years later, they were still working on it, right? They’ve just been trying to go through that. It’s a manual process. On that side of things, I think there really hasn’t been anything to simplify this process. The other half of this, I think, with all these different solutions doing parts of what is required to maintain a baseline. We’ve had customers tell us they’ve never been able to really get a handle on the whole process because they don’t have a place to go where they can manage this. It’s oftentimes something that’s inserted as an afterthought and maybe an antivirus solution or some other kind of management solution. And so for us, we’re taking that as an opportunity to bring a platform that does solve these problems for them but also gives them a place to really understand and manage it from beginning to end.

William Leonard

I love that you all are building something into the end and not just a small piece of the cybersecurity stack as well. Taking a step back here, you worked at Archer Daniels Midland as an intern and IT management team, then you did two stints at Cisco, I believe. Across those experiences and some other experiences outside of that, what was the Aha! the moment for you to say, “Hey, there’s an opportunity here for Senteon or for me to build a company that can solve the cybersecurity gaps that enterprises and clients are having today.”

Henry Zhang

I don’t necessarily know if there was an Aha! moment. I guess there are some of the same backgrounds I sent you out there, right? The solution we’re working on, it’s definitely not the first iteration of our company. I would say, technically, we failed twice. When we first got to college, were finding our feet. Back then we were actually working on secure case management software for law firms. I forget, honestly, how we were going in that direction but that ended up being a bust pretty quickly and that taught us a lot of different things. We took that and we moved on to the next iteration. We went through that process a couple of times before. I really sat down with Nicole and Cliff, who were the two co-founders at the time, we talked about what we knew, what we understood, and what we felt were problems. This fit itself into what we understood as a problem really well. But if I did give it an Aha! moment, it probably is when we brought on Jordan. And so for context there, he’s acting as our CISO. He was our first team hire. We raised with family and friends just to bring them on as soon as we could. He came with some industry experience from the consulting side of things. He was the first piece of internal validation. I’ve been working in consulting for two years and consistently, the problem I see is that these baselines are not set properly. I wouldn’t say it was an immediate Aha! but it was a very gradual flow where it makes sense to me, then it makes sense to Nicole, and it makes sense to Cliff, then Jordan came on, he was like, yes, absolutely. This is something that we experienced and so it was a very graduated process in that sense.

William Leonard

It sounds like it. You mentioned several pivots before landing on this solution here. At what point when you were building the original iterations of Senteon did you know to pivot because oftentimes, we have a lot of listeners who are early-stage founders building the first iteration of the product. You have to realize the inflection point of, “Hey, this product is gonna work or I need to pivot to something different?” Was it a sense of a customer’s voice? What was the moment for you all that kind of led you all to pivot from the first iterations?

Henry Zhang

I think a lot of it came internally and some of it definitely is somewhat of a gut feeling. That definitely is guided by what the customer is saying, right? Talking about their case management solution, we had one person tell us it was a good idea. She was super interested in us making it. Every single other person we talked to, it was a big bust. That obviously lends itself to being like, okay, this is not a good idea very quickly. But on the other side of things, when we were working on security solutions that were rare, we definitely had customers tell us I don’t know if this is interesting to us, but more often the answer was, “I think this is something pretty interesting.” And then that’s all you really hear, right? It was difficult to know. Well, we haven’t really built anything out yet so we can’t say for sure if they will hate it or like it or anything like that. But at the same time, we’ve already sunk 6-8 months of development into this. We want to see it through but it’s coming to a realization, at least for us, personally, it was the understanding of, is what we’re building unique for the customer, or is it unique for us because the process is different? What I mean by that is we ended up doing something that a lot of other companies already do. It was just interesting to us because we were doing it in a way that hadn’t actually done it. But at the end of the day, if you think about it from a user perspective, does it really matter if it’s doing it differently if the end result is the same? Those are the kinds of realizations that we had where they gave us the idea that we had to pivot, we had to change it up, even though we’ve been developing for several months.

William Leonard

Always listening to the customer’s voice is the most important thing to do at this stage of the business. The fact that you had validation from one of maybe 10 potential customers is definitely an indicator to maybe pivot a bit or rethink the strategy.

Henry Zhang

It was like 1 in 50.

William Leonard

Everybody has to start somewhere and learn from something. Definitely appreciate that viewpoint. Previously when you were talking, you mentioned some names Nicole and Cliff, can you talk to us about your co-founders a bit? What was the story behind meeting them? As a leader, how did you really go about assembling this team to ensure that you all were going to be well-positioned to build Senteon?

Henry Zhang

I’m super proud of my co-founders. They’re such an interesting bunch. I put together the team, right? They didn’t know each other prior to starting Senteon. But for me, they were like a single person from almost every chapter of my life. Cliff was somebody I grew up with. I’ve known him since elementary school, we grew up together, we swam competitively together, we study for the SATs together, if you want to go back to that. I’ve known him for a long, long time. When I first introduced the idea to him, he took a while to roll around and play with it and sort of decided it was an idea that he wanted to take a risk on as well, or at least I guess, take a risk on me, because that idea really didn’t pan out. And then Nicole was from my high school. She also attended my Magnet High School. We did a program in Computer Science. I gotta say, she helped me out a lot with that. Computer Science is not my gig. But again, the same deal, I introduced the idea to her when I was going to college. I distinctly remember because she was the first co-founder that agreed to join me. I sent her a message, a text while I was on a plane, I was like, “Please come on. This is such a great idea. You have to come work with me on this.” She shot me down like four times. But finally, I bothered her enough that she was still here. And then Zach, I met him in college. He would be the last person that I brought on. It is actually an interesting one because I met him because he was doing a minor in IT and then when I brought on my extra degree for management, he was a couple of years older than me, and he was just finishing his Management degree. I was hoping to get some help from him. I don’t remember getting any help. I remember getting laughed at a lot. But regardless, we kept in touch after he graduated and he had spent a couple of years doing sales in a lot of different companies. He had actually called me up originally because he was looking to get some help with prepping for some interviews he was doing with some other tech companies and security-related companies. That whole process of helping him out was like, “Why don’t you just come on and join us?” And he was like, “Sounds like a great idea. I guess brought them all in from different points where I had known them.

William Leonard

It sounds like you have a characteristic that a lot of great CEOs have. That’s the ability to sell. Obviously, you have to really sell the vision, especially at the idea stage of a startup to have such talented individuals surround you and really accompany you on this mission. Kudos to building a strong team. You mentioned the ties that everyone has to Purdue. You all went through an accelerator program with Purdue as well and at Firestarter. Talk to us about that. How has Purdue been pivotal in helping you and the team really get into and off the ground?

Henry Zhang

Obviously, they’re an investor now so that’s a big part of it. But when we were first finding our feet, Firestarter was a really cool program because it almost acted like a class as I could just schedule it as a part of my week. I’d have a cohort that I go in and meet with every week. We will just learn these kinds of things. We also did the accelerator with Georgia Tech a couple of years later, CREATE-X, and thought it was a really interesting graduating experience, because for whatever reason, even though they’re both, I guess, university accelerated programs, Purdue was very focused on very early stage. It was really about, how do you find your feet? How do you find what you want to do and things like what a napkin drawing is, and actually go on talking to people, at least initially, about your solution? They would push us, “I need you to go and talk to 30 people about what you think your target customer base would be.” You’ll actually end up driving like an hour out to Indianapolis, just to talk to a lawyer based o  their guidance. It was a really interesting experience where it felt like a class at times, but at the same time, they definitely pushed us to really treat the company and treat the idea as something that was real and tangible and does things to act on it, right? I think for a lot of people, that’s sort of the catalyst that you need first. Everybody has a great idea going on and acting on it. Sometimes you’re pushed to do that. I think Purdue was fantastic for that. And since then, they’ve been a great network for us. I love catching up with Bill over at Firestarter and letting him know what we’ve been up to. Then the community and network they’ve got there are great. They’re really trying to push a more entrepreneurship-type mindset at Purdue. I’m loving that as well. I think given that first push that was really big.

William Leonard

Senteon has really been supported incredibly well by the cyber network that Purdue has. You all were in the Midwest, Indiana. You went through CREATE-X. How did you get connected with the team down here in Atlanta at CREATE-X?

Henry Zhang

With CREATE-X, Zach knew a company that was going through the program, I believe. They recommended it to us and it just happened that Nicole is a graduate of Georgia Tech. We kind of used her as our base to apply, although, technically, I think they had us all apply as students. But either way, that was how we got introduced to it. We didn’t really know what to expect going into it but it was a great program that took place over the summer, right? It was 12 weeks or 10 weeks, it was a couple of week course, we would meet once a week, get assignments, take them back, and then grow from there.

William Leonard

CREATE-X is one of the top programs here and not only in the region but also in the country for producing startups. We’re extremely proud to be affiliated with Georgia Tech. Robin is a Georgia Tech alum. We have strong ties with CREATE-X and actually sat down with the director, Rahul, on the podcast a few weeks ago. Really excited about the work that they’re doing here in Atlanta, to drive innovation. As we round out the conversation here and take a step back, what are your thoughts right now about the cybersecurity industry as a whole? Are there any trends that you’re seeing or anyone on your team is seeing that you believe will really shape the industry over the next few years or even the next decade or so?

Henry Zhang

That’s a fun question. I think there are a lot of ways to answer that. We could talk about how COVID-19 affected it, we can talk about how things have been going on around the world, whether it’s Ukraine or otherwise have been affecting it, but for me, I think the more fun thing to think about and I guess a little more lighthearted, is we’ve been watching a lot of companies move toward cloud-native solutions and infrastructure service. You got Azure, your Octa, you’ve got Overlays on Mesh Networks now like Tailscale. These things have become really popular. The people that are developing them put a lot of money. They’re putting a lot of effort toward improving the systems and it’s great, but it leaves a lot of older organizations that are on selfless infrastructures, like Active Directory, or companies that actually have to be on hosted infrastructure for compliance purposes or regulatory purposes. It puts them in a really funny place because their solutions are getting less developed because these companies are more interested in cloud solutions but it’s either too expensive or unfeasible for them to move to cloud solutions. They’re sitting there with these solutions that have really long-standing issues that just have never been addressed. They’ve just been trying to work around like, ”Oh, how do we get this process at work for us?” In particular, I’m looking at Active Directory because I think it’s got a lot of problems. I guess it’s a really funny sort of trend that is missing and I don’t know how that’s going to resolve itself over the next decade. But I think it’ll definitely shape the decisions that companies are going to make by the security over the next couple of years.

William Leonard

I think the shift to the cloud is going to create a tremendous need for more proactive, more touchless solutions in the cybersecurity stack. You all are going to fit within that vision for the industry here. As you are thinking about your customers and having these internal conversations with them, what is the pitch to the customers that are going to get them excited about Senteon and the solutions that you all are bringing to protect your business basically?

Henry Zhang

It’s a great question. I think the first part of that for us is understanding what makes them tick, right? Are they very compliance-focused or are they very regulation-focused? Or are they more security-focused or they’re more focused on the actual physical security itself? For people that are very compliant to regulation focus, this is something where based on hardening and operating system hardening has become a topic that is discussed more and more in these regulations. The CMMC guideline for government contractors is a recent one. Even like NES CIS, all those sorts of regulatory bodies, they’re putting requirements forward for having proper baselines, maintaining them, and monitoring them. That’s something where, on the compliance regulatory side of things, it’s really easy to talk about because it’s a popular topic right now and is something that’s being added in. That one,  it’s really easy, right? On the security side of things, it depends on what their knowledge base is. There’s a feeling of security because a lot of people came into doing security from other disciplines. Typically, their view on what they need to do for security is limited to what they really are familiar with, what they know, or the background they come from. I think it’s a learning process to teach them some of the things that we think about, which is security is a process, right? It’s more than just one solution. It’s more than just one answer, a one size fits all, it’s looking at all the different parts of your solution or of your system and deciding what is the most important thing to solve at the time. As the saying goes, it’s like an onion. You peel back layers and there are more and more layers. It’s educating them on that, and then showing them where we fit into that onion, right? Why it’s important to have these extra layers, why it’s doubly important to have these depending on how you have your infrastructure set up. The first part of getting customers excited is to help build that understanding.

William Leonard

You have to know the customer, very intimately, even before you go into that first conversation. Show that you did your homework. I love that you all take that approach. Thinking about 2022, Q2 just started, what is ahead for Senteon this year? What are some of the things that you’re most excited about and continue to build?

Henry Zhang

We’re super excited to finish building out the product and get that full product launch going. We’ve had a lot of people that are really excited about the solution and giving us a lot of feedback. I’m excited to be able to take all the things that we’ve learned from everybody, from all these people that have given us their time to give feedback on what they want to see, put that into the solution, and show them that we’ve been able to put up what they’ve been asking for. I think that the thing I’ve been most excited about is really watching it go to market and seeing what kind of a difference we can make.

William Leonard

What do you think about go-to-market in the cyber world like today where you can sell through various channels, you can sell through MSP channels, and you can go direct to your client? What do you think about go-to-market strategies today? Is there a one size fits all approach? Or is it more so tailored to the end-user to the customer?

Henry Zhang

I think there is definitely a space where you can get one size to almost fit all where the core development, the core features, what you’re trying to do is going to be agnostic, right? Doesn’t matter if you’re a 10-person firm, 100-person, or 1000-person. The need is still there. I think it’s about execution, what they’re looking for, and how they’re going to perform it, right? Because a 1000-person firm might have 10 people in security and have a lot more capacity for actually performing these kinds of things. For them, they’re looking for really good objects in the solution, right? They’re looking to get a lot of contextualized information whereas a 10-person firm or a 100-person firm, might be looking more just like, “Hey, can you get it to just do this thing for us? We don’t really care what the information is. We just need to get it done.” I think it’s about finding a balance within a solution where you can give them both. Be careful before you hit that point, right? Because that takes a lot of development time, it takes a lot of thought, and it takes a lot of processes. Go-to-market at first, I think it’s still about targeting a specific industry where you find a lot of interest, building that base, and seeing what you can bring after that. That definitely requires a lot of work. I don’t envy Zach and all the networking he has to do in every industry that we want to target but I think it is a graduated process there as well.

William Leonard

I love it, man. I’m excited. Valor is excited that you chose to partner with us, that you’re building an industry that we know well, and that we’re excited to help you scale into and also excited for the journey ahead, Henry. Thanks for joining me today. It was a journey to get the deal done but here we are. Now you’re back to the building and excited to see what 2022 will yield for you and the team. Let’s keep the momentum going, man.

Henry Zhang

Absolutely.

William Leonard

Cheers. Take care.

Henry Zhang

Thanks, William.

Lisa

We’re thrilled to have you as an Atlanta Startup Podcast listener to help you get the most out of the experience. Let me invite you to three insider opportunities from our host Valor Ventures. First, want to be a guest on this amazing show. Reach out to our booking team at atlantastartuppodcast.com. Click on booking, It’s a no-brainer from there. Are you raising a seed round? Valor definitely wants to hear from you. Share your startup story at valor.vc/pitch. Are you a woman or minority-led startup valor sister program? The Startup Runway Foundation gives away grants to promising startups led by underrepresented founders. The mission of the Startup Runway Foundation is connecting underrepresented founders to their first investors. Startup runway finalists have raised over $40 million. See if you qualify for one of these amazing grants at startuprunway.org. You can also sign up for our next showcase for free there. Let me let you go today with a shout-out to Startup Runway presenting sponsor Cox Enterprises and to our founding partners, American Family Institute, Truist, Georgia Power, Avanta Ventures, and Innovators Legal. These great organizations make Startup Runway possible. Thanks for listening today and see you back next week.