Social Advantages of EU Memebership

Social Advantages of EU Memebership Presentation The accompanying working paper presents the Social help and social favorable circumstances in the European Union and third nation nationals (with extraordinary consideration for Turkish people). It has been sorted out in seven principle sections which are summed up quickly in the accompanying passages. So as to have a perspective on what makes the legitimate reason for TCN’s rights in European Union, this paper attempts to depict the most significant International and European lawful instruments. These instruments set least norms identifying with the security of vagrants, their families and exiles just as for universal co-procedure on movement. Worldwide law secure vagrant as indicated by central standards like; balance of treatment between customary transient specialists and nationals in the domain of business and occupation; all inclusive human rights apply to every single person, including all transients, paying little mind to status. Worldwide instruments give regulating guidelines to all national enactment and strategy on relocation. The fundamental worldwide human rights Conventions and Covenants apply to every single person, including vagrants and exiles. The Council of Europe’s relocation instruments spread general human rights and increasingly explicit understandings identifying with vagrants and transient specialists. The Community has capacity to go into concurrences with third nations which understandings may either be restricted to issues inside the elite skill of the Community or spread a more extensive blend of issues including territories of shared ability between the Member States and the Community[3]. Agreement with third nations in this working paper are referenced not on the grounds that they give direct social rights (alluding to the Turkey consent) to TCN’s but since the European Court of Justice regularly make reference to them giving direct effect[4]â for the equivalent treatment of TCN’s. Under the EU law, where a correct getting from an understanding is seen as straightforwardly enforceable by the ECJ (direct impact), it is a piece of the acquis communautaire and must be applied by the Communitys national courts. The statute of the ECJ explain the treatment of third nation nationals having a profitable lawful status near nationals of Members States. Also, it has been attempted to give a general perspective on social points of interest for TCN’s in European Union. It is notable that social favorable circumstances and social rights for TCN’s rely principally upon their lawful status. Various classifications of TCN’s are dealt with diversely in regard of social rights inside the Union. Irregular outsiders and people unlawfully dwelling in a nation are referenced in this paper however are not rewarded profoundly thinking about that they have confined rights in regard of social rights. Standard outsiders have an increasingly positive circumstance and appreciate rights and commitments similar to those of residents of the European Union. A portrayal of various mandates and guidelines has been made so as to clarify what social rights and points of interest have the classification of third nation nationals inside the European Union. Reference to the meaning of social points of interest as per ECJ case laws has be en made. In the accompanying section, Social help with the European Union, it has been attempted to clarify a few definitions that exist for social help, Social Regimes and Social Protection Delivery Systems, the job of social help, its own degree, level and span of social help advantages and molding of social help. The general circumstance of social help is additionally examined in four European nations; Germany, Austria, France and Belgium. European Union Countries give social help to people deprived in various manners. They are guided nearly from similar standards however apply various arrangements and qualification rules since access to social help is represented by national principles. This area means to introduce an investigation of how social help frameworks are regulated in Germany, Austria, France and Belgium, their legitimate and regulatory structures and rules of qualification, relative guidelines which decide the advantages and so forth. By and large, workers with perpetual home status approach government managed savings benefits on a similar premise as nationals in all Member States. There are more prominent contrasts in guidelines identifying with social help, where the extraordinary dominant part of the States give access to long-occupant third-nation nationals on a similar premise concerning nationals. Guidelines and works on in regards to the arrangements accessible for refuge searchers likewise contrast. Commitment put together advantages are commonly open with respect to a similar premise as they are for nationals. However, there are regularly restrictions connected to least commitments or holding up periods. States of access to social help can importantly affect the social consideration of foreigners. Considering the abovementioned, in the part 6 of this working paper â€Å"Social help for third nation nationals in four European association countries†, it has been attempted to give a perspective on h ow TCN’s are treated in Germany, Austria, France and Belgium as respected to social help. The choice of these nations has been made by the distinctions they have in giving social help to third nation nationals. France and Germany have progressively liberal social help framework concerning third nation nationals than Belgium and Austria. In the initial two nations social help is accommodated all people with no condition identifying with time of living arrangement in the national domain, then in Belgium and Austria home condition is compulsory for being qualified to social assistance.â In the last part of this paper has been depicted diverse social rights, which are found in various mandates and guidelines for Turkish people in European Union. Even however, clearly the courses of action for Turkish vagrants under the affiliation instruments give less legitimate security looked at nationals of Member States, they have a more positive social circumstance than other third nation nationals. The system utilized is that of subjective substance examinations of International and European essential and optional lawful instruments just as a depiction of the circumstance of social help with four European Union Countries. 1. Legal Instruments For Social Security of TCN In European Union Universal and European legitimate instruments set least principles identifying with the insurance of vagrants, their families and exiles just as for global co-procedure on relocation. In spite of the fact that States have their sovereign rights over movement approaches in their nations, worldwide law secure vagrant as indicated by basic standards like; balance of treatment between ordinary transient specialists and nationals in the domain of work and occupation; all inclusive human rights apply to every individual, including all transients, paying little heed to status. Universal Legal Instrumentsâ Universal instruments give regularizing gauges to all national enactment and strategy on relocation. The primary worldwide human rights Conventions and Covenants apply to every single person, including vagrants and evacuees. In any case, explicit arrangements of instruments have been explained to address the specific circumstances of, separately, exiles and refuge searchers, transient laborers, and dealing and pirating of individuals. Certain parts of other worldwide bargains likewise apply to relocation, remarkably International Labor Standards, global consular law and certain universal exchange understandings. Worldwide Human Rights Conventions give a wide and adequate regulating system for the assurance of transients. The Universal Declaration of Human Rights of 1948 spread out an extensive arrangement of general human rights standards. It isn't lawfully authoritative, yet it has given the establishment to the acknowledgment of social secuâ ­rity rights in arrangements consequently received. Workmanship. 22 of The Universal Declaration of Human Rights ensure the privilege to government disability. Craftsmanship. 25 of The Universal Declaration of Human Rights perceives the privilege of everybody to security in case of joblessness, affliction, handicap, widowhood, mature age and other absence of work in conditions past their control[5]. Explicit shows along these lines unequivocally expanded the utilization of general rights to casualties of racial separation, ladies, kids, and transients: Convention for the Elimination of Racism and Racial Discrimination (CERD), Convention Against Torture (CAT), Convention for the Elimination of Discrimination Against Women (CEDAW), the Convention on the Rights of the Child (CRC), and the Convention on the Protection of the Rights of All Migrant Workers and Members of Their Families(CMR)[6].These instruments have been portrayed as crucial human rights instruments that characterize essential, all inclusive human rights and guarantee their express augmentation to defenseless gatherings world-wide[7]. The Convention on the Status of Refugees 1951 gives basic norms with respect to acknowledgment, assurance of and help to displaced people and shelter searchers. The Convention characterizes who is an exile, sets out privileges of people allowed haven, portrays the obligation of States to non-refoulement and gives different arrangements, for example, with respect to displaced person travel reports. ILO Convention No. 102 on Social Security (Minimum Standards) perceives the accompanying nine speâ ­cific parts of standardized savings: clinical consideration, ailment benefits, joblessness benefits, oldâ ­age benefits, joblessness injury benefits, family benefits, maternity benefits, weakness benefits and survivors’ benefits[8]. Minimum reâ ­quirements are specified with regards to the c

American old film class Gone with the Wind and Red River Essay

American old film class Gone with the Wind and Red River - Essay Example In any case, when we experience the real history, we could understand that the slave exchange was a pinnacle cause for the out eruption of the common war, and furthermore we could comprehend the slave exchange and the treatment of slaves, the negligible or zero opportunity given to them even to settle on choice in their day by day exercises and so on. This angle is by all accounts missing in this film, however the term ‘darkies† has been alluded to the dark slave characters who show up in the screen, is one of the impacts of the history and the slants of the common war. The photography of the Old South, the manors of the Tara, where the courageous woman needs to take evacuee with her family, is all likenesses of the Civil War time frame. Be that as it may, at that point the true to life impact could be recognized as standoffish from the real world. The character of Mammy, one of the most joyful of dark slaves is discovered to be a remarkable slave, as she is by all accounts a cheerful individual, using the full opportunity in her family. This perspective, as referenced above strays from the verifiable idea or the Civil War thought of how a balm was treated during that time. Opportunity was an imperative for the slaves during the Civil war time. Going to the Red River, the dairy cattle crowding, which was discovered to be the most beneficial pay for the ranchers and which additionally gave a decent acknowledgment for the cowhands during when Chisholm Trial was opened. This occasion was likewise occurred during the hour of Civil War. All in all both the films were focused on the years 1850-1870. The area, Texas, where the film was shoot is one more point for the accomplishment of this film. In any case, getting to the heart of the matter of steers crowds that were passed through the preliminary, is turns out to be calm dubious whether the steers groups appeared in the film driven by Dunstan truly draw out an exact picture or impact of the first chronicled episode. Since it has been recorded in numerous history books that there were thousands and

Cyphort

Cyphort INTRODUCTIONMartin: Hi. Today we are at one of the safest places in Santa Clara, the Cyphort. Fengmin, who are you and what do you do?Fengmin: Yes. I’m a co-founder and also the Chief Strategy and Technology Officer od Cyphort.Martin: What is Cyphort?Fengmin: So at Cyphort, what we are really doing is we are offering the next generation advanced threat defense product. Think of it as a tool, but it’s a tool that is helping the enterprise IT people to really implement this new thinking about the best way to defend against advanced threat. And with that new thinking, new approach, our tool is actually designed to best help people implementing that new approach.Martin: When did you start this company, and what did you do before?Fengmin: The company was started in around March of 2011. And before that, I kind of did a few startups. And I’ll go back a little bit just to give you an idea. After I finished my PhD from Washington University in St. Louis, Missouri in the U.S., I spent a bout eight years on DARPA funded research projects, and that is mostly working on high speed networking and basically security. So for DARPA project, you typically actually build a prototype, not like National Science Foundation kind of project where you write papers.So that eight years, I always think of it as a training for me. Once around Year 2000, that’s where we saw a few security startups, the early days of intrusion prevention or detection products, we realized that we have been doing much more advanced technology and building prototype under the DARPA project. We believed a much better technology and solution compared to some of the startups. So that’s where I started having the initial idea of maybe I should create a startup. Actually, it’s around that time that I got the first opportunity, first call to do a startup in Silicon Valley. So that’s when I moved and started my first company called IntruVert Networks. That is really an intrusion prevention product compa ny.Followed by that company, we were basically acquired by McAfee. So we went to McAfee and I worked there for a few years to help integrate that product into McAfee portfolio. But then I went to start up my second one, that is, Bartel Networks, a next generation firewall, followed by also two years as a Chief Security Content Officer at FireEye.What I want to probably really point out, the main thing, I think, in this kind of past is always I tried to keep up with what the security threats are going, where it’s going, and how the IT infrastructure actually is evolving because a combination of those two really create or define new needs for tools for people to defend. So pretty much that’s kind of my career, how it has evolved, and even come into founding Cyphort is actually continuing on the same path and always trying to build the next best tool that IT people can use.Martin: Who are your customers?Fengmin: For us, the customer really includes all enterprise class companies. T he product is helping them to really protect the threats that are either coming from the external coming to their network or some threat landed on their network, actually moving laterally inside the network. It’s not going to be industrial sector-specific because, as you know today, that kind of threat problem is applicable to every sector. It’s only mainly determined by how sophisticated and at what stage their enterprise actually understands the problem. So it’s across the industry sectors.Martin: Fengmin, do you only help identify the threat, or are you also helping mitigate the threat?Fengmin: Yes. That’s a very good question. We built a product to actually best support this new, I would call it, paradigm shift in terms of how do you deal with advanced threat. What we realized was really for enterprise, the bottleneck, if you will, in advanced threat defense is really with the ability to detect the threat reliably, cover all the vectors of potential threat propagation, a nd also provide a very actionable, relevant results for them to take action. So once we realized that is the main problem, the Cyphort product was built with the focus on accurate detection and covering all the bases, make sure that you detect them, and also with very reliable and very relevant data to the enterprise under protection.But today what we don’t do is we do not provide a firewall function for you to do an enforcement. The reason we didn’t position the product this way is we realized that most of the enterprise already have one form or another next generation firewall or some of the security web gateway and they already made an investment. They have that product deployed, and those products are not doing the best defense for the enterprise because they do not know what data to use to actually make a blocking, for example. So if someone tells them this is the kind of data you use to do that blocking, they can block it well. So we come in to fill that gap and we want to provide that detection data.Martin: So this means that your main focus is identification of the threat and then you push this kind of information or the result of it, who’s the threat and who is not to the firewall, who will then decide if this a threat according to Cyphort, you won’t allowed it in?Fengmin: Correct. Actually, that brings us to this second notion. We talked about this new paradigm shift, right? The notion people say is you have to continuously monitor all the possible vectors and then you try to determine what exactly happened, what’s relevant to your environment, at what stage the attack is going, and then with this very specific data, you want to turn it into actionable data. So what we end up doing is associated with this notion is a notion of an ecosystem-based defense approach. So that’s when Cyphort detects something from Day 1, the product support is out of APIs. So it basically allows any other product to consume the results in a fashion that is read ily implementable for blocking something.Martin: How do you define a threat? Is spam also included in the definition?Fengmin: We would not consider the typical email spam you think in the past where someone is mainly sending an email, a lot of message just to spread maybe some rumors, right? What we are focusing on is think of malware pieces, maybe a piece of code, compared to the old days of the virus. Now the advanced one that comes in not only have a lot of attack payload but also have a lot of capability to try to hide itself and also have a lot of network-based communication to go back to the server. So that’s where the malware is really the most lethal weapon, if you will, for the modern threat, right? So the malware is really the focus, and then anything associated with that. So you mentioned the email. Although the spamming is not the focus, but email as a vector for the malware to get into the enterprise to infect someone’s machine. So we also cover the email. We make s ure we are able to extract the files and then inspect them to actually detect them as well.Martin: You have two sides of the equation. You have, on one side, the attackers, and you have on the other side something like Cyphort who is defending the company. And there’s always this kind of competition. One time the attackers are in the frontline, and sometimes the defenders. How do you keep up with the speed that the attackers are developing? Because they are using different strategies. How do you keep up to date?Fengmin: Yes. It’s very interesting, and this is indeed a challenge for us. One of the fundamental components in our detection technology is, in addition to use… people are all aware of this notion of sandboxing. Sandboxing is really useful to be able to detonate or run a piece of code and, based on behavior, try to determine if it’s malicious or not. Now, just using the sandbox to detonate it may not allow you to adapt and to cope with the new ones, but that’s how the old generation of the product typically implements a set of specific rules or look for a pattern, if-then-else kind of pattern or heuristics try to then determine if a piece of code is malicious or not.But for Cyphort, one of the things from Day 1, we realize what we need to do is to marry this detonation behavior-based with machine learning. So the machine learning allows us to do two things. Number one is indeed even for a piece of malware, we’ve already seen it’s something that maybe just happened, but by looking at the behavior of that and relying on the machine learning model to train and then build a more sophisticated mathematical model to predict and to generalize into the class of malware that have a similar behavior but it’s not the same thing. So we are able to detect that. That gives us the ability to detect unknown or you can also refer to as a zero day from a malware perspective.Then the second thing that machine learning allows us to do is once we have this systematic architecture, then if we are able to continuously monitor, use additional means to collect new samples and to do the training periodically and then release the new model into the product, now we have a continuous learning and adaptation. So of course to complement and support the second part, what we have been able to do is, in addition to collaborating with a lot of other entities, the threat intelligence, companies and also community-based feed out there, we also have built what we refer to as a crawler infrastructure in Cyphort labs. What the crawler infrastructure allows us to do is to constantly go out, use our own hardware-based sandbox to go out to the wide internet and to get our sandbox infected. When that happens, and then we have the collection of new exploit pack and new samples, and that feeds into our machine learning, so that’s really at least a main part of our approach how to keep up.Martin: This is also where my question relates to. I totally understan d if you have lots of users and you get lots of data that you can improve your machine learning algorithms for detecting those threats. But when you started out, you did not have that much of a customer behavior data. How did you convince the first customers to say, “Yes, I’ll go with Cyphort,” without you having that much data which machine learning algorithm you can apply to?Fengmin: Right. Of course, there are two parts to it. One part is indeed we need to leverage some existing collection of malware samples, and luckily with both some of the partners and also one of the well known ones that you’re probably aware of is Virus Total, and it probably has the largest collection of the malware samples. So by applying, using the existing samples, we are able to learn a model fairly recent. So that’s from the technical part. But then when it comes to engaging the customer, really I would say a few big steps that we have taken.Number one is indeed really be able to identify the key problem the customer is facing and also showing that we understand the customer’s problem, and also have a common understanding of the best approach to actually improve their defense.Once we have that conversation, then the next thing is we share how we build this product or the tool, how that tool would support this understanding of how to approach it.And once we have that, really the third step is basically almost all enterprise customers would require that we actually make the product available and for them to actually test drive it. So they would actually go through an evaluation on their network.Of course, in that process, we provide as much help to get them through the hurdle where they typically are always resource-limited, so we help them make it easy for them to install it on the live network and go through an evaluation period. So we are able to approach the customer that way, and we’re happy with what we have been able to do so far. Yes.Martin: Fengmin, how do yo u show the customer whether there is a malware? For example, if I’m looking at a company and the emails they are getting. And what I understood is that you are also scanning some kind of files, whether there’s malware included or not, for minimizing that the system is breached. How do you do this in minimal? Is it just that you have some kind of bar which says, “Okay, 95% chance there’s malware included,” or if there is a special threshold the email doesn’t go through? What’s the process?Fengmin: Yes. For us, actually in Cyphort product, we end up using multiple inspection message, we refer to. Because we realize for the modern attack, the malware, they can come in different ways and also they all have their sophisticated kind of evasive behavior in them. Some of them may evade a traditional virus scan, like a static analysis, right? You look at a code, how the code structure looks like, and then the behavior based on when some of them actually are able to detect if th ey are being watched in a sandbox, they may stop running. So what we end up doing is once we realize this, then whenever we get a piece of code that we feel this unknown, they could be a malware-carrying file, then we actually go through both static analysis, looking for known patterns, and also we have repetition data referenced to Virus Total, in addition to our own more kind of sophisticated static analysis and behavior. So in this case, what it means is when we decide if something is really bad, indeed there is typically a kind of a range of behavior, and you can almost think there is a threshold.Today what we have done is intentionally not expose that kind of slider to the customer but we are able to take into account of this multiple methods of inspection, then we look at those information together. So for the machine learning, indeed we actually come up with the behavioral-based score. They range basically, let’s say, from a 0 to 100, that kind of scale. And we choose a thr eshold based on our training and also we in the future can allow customers to set based on how aggressive they are.But the interesting thing, it’s helpful when we use both Virus Total and static multiple kind of method is if something is already known…because you expect, right? They don’t always use something totally new. There are a lot of them that use some existing things. So that’s the benefit of the product. If they use something that is not new, then additional methods, including the Virus Total, actually give us a context, and in that case, it’s fairly black and white. And we can even tell them what are the other products already, be this bad or the same thing, and then what the names they are referring them to. And then we can basically compare that with what our machine learning is telling us. So they both help us to improve the machine learning. At the same time, we can tell the customer if something is already known, potentially how long ago they have been out t here versus all the way to something really new. So that way, the customer, based on how aggressive they want to respond to it, they could choose different path towards it.BUSINESS MODEL OF CYPHORTMartin: Fengmin, let’s talk about the business model of Cyphort. How are you making money with it? Is it a SaaS model or is it something like an installment fee?Fengmin: Yes. That’s a very good question because we always have to make money. So in this particular case, the current model is we choose a software of virtual appliance-based delivery model but it’s subscription-based. So we have seen a lot of customers. The subscription-based one gives them some flexibility, at the same time gives them more like a steady kind of cadence for them to make the budget decisions. So the thing really, so far it worked the best for us, is really the software-based delivery along with support for virtualized environment. And in this case, we can be deployed both on premise and also when they choos e to, like we have customers where already most of their computing have gone to AWS, and so in that case, they can actually deploy our product in the AWS environment as well.The way the product is designed, because it’s API-based and software-based delivery, it allows it to be easily deployed and also provides a service in a SaaS model. So we are actually right now working on that based mainly on the customer demand because in the initial set of customers, we’ve definitely seen more customers want to have products deployed on premise because there is still some concern about their data going out of their network.Martin: Are you somehow differentiating the SaaS products maybe based on volume or based on number of employees of the customer or some other metric?Fengmin: Oh, the pricing model you are referring to? Yes. Right now, actually we have a pretty much unified pricing model that is based on the protected bandwidth.Martin: What’s that?Fengmin: So the notion is let’s say y ou may have multiple links, network action links you have to watch. So on that link, you know what the typical amount of traffic is going through it, so then you purchase our product based on that expected amount of data that we have to inspect and then detect and then protect. So actually that’s also one thing that we have got very positive customer feedback. What ends up happening is let’s say you purchase five gigabits worth of the traffic and then the Cyphort product does not limit the customer how many links that you are monitoring, maybe how many servers you deploy to monitor this link. So for them, that is very flexible because you may have multiple offices and distributed across the globe and then you don’t have different pricing models. It’s the total amount of protected link bandwidth.Martin: Fengmin, how did you acquire the first customers, and did any of the process for customer acquisition change over time?Fengmin: Yes, and that’s a very good question. The ini tial customer is really based on some of the connections, in this case, both the connection, let’s say, with the executive team and also the connection, for example, with our venture capital funding partner. That is very typical practice. It’s more about initially with the connection we have someone that is willing and open their ears to listen to us, and that is very important. But then quickly as the time goes, today we have a lot of customers, now they’re already coming through a very typical funnel. You think of that process from you have mind share and you have lead generation. So that means now it becomes at scale operation because those customers, because they know they have heard about Cyphort and they have a problem, then they see Cyphort as a potential contender for that, then that’s how value comes in. Today our customers, both from that kind of normal channel, at the same time they become much larger customers compared to the early set.Martin: Sure. Is it mainly driven currently by inbound marketing, or is it also that you have a direct sales force which goes out to meet potential clients and then tries to acquire them?Fengmin: Yes. We actually have. Cyphort has, I think, maybe a very interesting, very initial result. We were so happy we were doing so well. As you imagine, most of the enterprise company products, you always rely initially on a direct sales force to go after the account. But then for Cyphort, as actually even early this year, we already have several dozen partners.Martin: Distribution partners?Fengmin: Correct, and these are the ones… So it’s very rare in even my past several companies. At this early stage, we have so many partners and signed with us, and actually today we definitely have over 50% of our deals directly coming through the partner source versus our direct sales.Martin: And can you describe this kind of partners? Are they more some kind of antivirus or firewall programs, or are they consulting companies, or what type of companies?Fengmin: Yes. Actually, one example I would mention is this company called Optiv. They used to be there were two companies. One is called FishNet. The other one is called Accuvant. These are the companies that they have their own labs. They also have their own, of course, sales engineer and the whole workforce from the marketing all the way to product. So they typically help the customer define a set of solutions for their security protection needs. So these are really major players, and they help both for getting the customer and also, of course, some of the training and support, installation also are coming from them. So those two companies actually, a few months ago, they merged and they became Optiv. And we are one of the very select few small set of partners that they have.Martin: Over the last four years, what have been the major obstacles while building and growing Cyphort? How did you manage those obstacles?Fengmin: I think for us, the main things are all related to scaling up the sales, and this is where, of course, one of the things that we learned is, for instance, the kind of product. We are indeed an advanced threat defense product, so if you compare it to the old generation of some of the security products, they are more complex, and that means going to the enterprise, there are more dependencies with other product and also there is the education of the customer aspect. So we have basically at the same time not only helped to educate the customer for their adoption of the newer approach, the better approach for defense, at the same time to basically improve the product because you always scale from smaller customer in the key features then to more mature at scale features and for what we refer to as enterprise readiness. It’s really talking about more deployment scenarios and more other products to integrate with and also to account for different kinds of IT configuration. So most of our work has been along these lines, along with scaling up the sales force. That’s the main challenge in the last few months.ADVICE TO ENTREPRENEURS FROM FENGMIN GONG In Santa Clara (CA), we meet co-founder and CSO of Cyphort, Fengmin Gong. Fengmin talks about his story how he came up with the idea and founded Cyphort, how the current business model works, as well as he provides some advice for young entrepreneurs.INTRODUCTIONMartin: Hi. Today we are at one of the safest places in Santa Clara, the Cyphort. Fengmin, who are you and what do you do?Fengmin: Yes. I’m a co-founder and also the Chief Strategy and Technology Officer od Cyphort.Martin: What is Cyphort?Fengmin: So at Cyphort, what we are really doing is we are offering the next generation advanced threat defense product. Think of it as a tool, but it’s a tool that is helping the enterprise IT people to really implement this new thinking about the best way to defend against advanced threat. And with that new thinking, new approach, our tool is actually designed to best help people implementing that new approach.Martin: When did you start this company, and what did you do before?Fengmin: The company was started in around March of 2011. And before that, I kind of did a few startups. And I’ll go back a little bit just to give you an idea. After I finished my PhD from Washington University in St. Louis, Missouri in the U.S., I spent about eight years on DARPA funded research projects, and that is mostly working on high speed networking and basically security. So for DARPA project, you typically actually build a prototype, not like National Science Foundation kind of project where you write papers.So that eight years, I always think of it as a training for me. Once around Year 2000, that’s where we saw a few security startups, the early days of intrusion prevention or detection products, we realized that we have been doing much more advanced technology and building prototype under the DARPA project. We believed a much better technology and solution compared to some of the startups. So that’s where I started having the initial idea of maybe I should create a start up. Actually, it’s around that time that I got the first opportunity, first call to do a startup in Silicon Valley. So that’s when I moved and started my first company called IntruVert Networks. That is really an intrusion prevention product company.Followed by that company, we were basically acquired by McAfee. So we went to McAfee and I worked there for a few years to help integrate that product into McAfee portfolio. But then I went to start up my second one, that is, Bartel Networks, a next generation firewall, followed by also two years as a Chief Security Content Officer at FireEye.What I want to probably really point out, the main thing, I think, in this kind of past is always I tried to keep up with what the security threats are going, where it’s going, and how the IT infrastructure actually is evolving because a combination of those two really create or define new needs for tools for people to defend. So pretty much that’s kind of my career, how it has evolved, and even come into founding Cyphort is actually continuing on the same path and always trying to build the next best tool that IT people can use.Martin: Who are your customers?Fengmin: For us, the customer really includes all enterprise class companies. The product is helping them to really protect the threats that are either coming from the external coming to their network or some threat landed on their network, actually moving laterally inside the network. It’s not going to be industrial sector-specific because, as you know today, that kind of threat problem is applicable to every sector. It’s only mainly determined by how sophisticated and at what stage their enterprise actually understands the problem. So it’s across the industry sectors.Martin: Fengmin, do you only help identify the threat, or are you also helping mitigate the threat?Fengmin: Yes. That’s a very good question. We built a product to actually best support this new, I would call it, paradigm shift in terms of h ow do you deal with advanced threat. What we realized was really for enterprise, the bottleneck, if you will, in advanced threat defense is really with the ability to detect the threat reliably, cover all the vectors of potential threat propagation, and also provide a very actionable, relevant results for them to take action. So once we realized that is the main problem, the Cyphort product was built with the focus on accurate detection and covering all the bases, make sure that you detect them, and also with very reliable and very relevant data to the enterprise under protection.But today what we don’t do is we do not provide a firewall function for you to do an enforcement. The reason we didn’t position the product this way is we realized that most of the enterprise already have one form or another next generation firewall or some of the security web gateway and they already made an investment. They have that product deployed, and those products are not doing the best defense for the enterprise because they do not know what data to use to actually make a blocking, for example. So if someone tells them this is the kind of data you use to do that blocking, they can block it well. So we come in to fill that gap and we want to provide that detection data.Martin: So this means that your main focus is identification of the threat and then you push this kind of information or the result of it, who’s the threat and who is not to the firewall, who will then decide if this a threat according to Cyphort, you won’t allowed it in?Fengmin: Correct. Actually, that brings us to this second notion. We talked about this new paradigm shift, right? The notion people say is you have to continuously monitor all the possible vectors and then you try to determine what exactly happened, what’s relevant to your environment, at what stage the attack is going, and then with this very specific data, you want to turn it into actionable data. So what we end up doing is associate d with this notion is a notion of an ecosystem-based defense approach. So that’s when Cyphort detects something from Day 1, the product support is out of APIs. So it basically allows any other product to consume the results in a fashion that is readily implementable for blocking something.Martin: How do you define a threat? Is spam also included in the definition?Fengmin: We would not consider the typical email spam you think in the past where someone is mainly sending an email, a lot of message just to spread maybe some rumors, right? What we are focusing on is think of malware pieces, maybe a piece of code, compared to the old days of the virus. Now the advanced one that comes in not only have a lot of attack payload but also have a lot of capability to try to hide itself and also have a lot of network-based communication to go back to the server. So that’s where the malware is really the most lethal weapon, if you will, for the modern threat, right? So the malware is really t he focus, and then anything associated with that. So you mentioned the email. Although the spamming is not the focus, but email as a vector for the malware to get into the enterprise to infect someone’s machine. So we also cover the email. We make sure we are able to extract the files and then inspect them to actually detect them as well.Martin: You have two sides of the equation. You have, on one side, the attackers, and you have on the other side something like Cyphort who is defending the company. And there’s always this kind of competition. One time the attackers are in the frontline, and sometimes the defenders. How do you keep up with the speed that the attackers are developing? Because they are using different strategies. How do you keep up to date?Fengmin: Yes. It’s very interesting, and this is indeed a challenge for us. One of the fundamental components in our detection technology is, in addition to use… people are all aware of this notion of sandboxing. Sandboxing is really useful to be able to detonate or run a piece of code and, based on behavior, try to determine if it’s malicious or not. Now, just using the sandbox to detonate it may not allow you to adapt and to cope with the new ones, but that’s how the old generation of the product typically implements a set of specific rules or look for a pattern, if-then-else kind of pattern or heuristics try to then determine if a piece of code is malicious or not.But for Cyphort, one of the things from Day 1, we realize what we need to do is to marry this detonation behavior-based with machine learning. So the machine learning allows us to do two things. Number one is indeed even for a piece of malware, we’ve already seen it’s something that maybe just happened, but by looking at the behavior of that and relying on the machine learning model to train and then build a more sophisticated mathematical model to predict and to generalize into the class of malware that have a similar behavior bu t it’s not the same thing. So we are able to detect that. That gives us the ability to detect unknown or you can also refer to as a zero day from a malware perspective.Then the second thing that machine learning allows us to do is once we have this systematic architecture, then if we are able to continuously monitor, use additional means to collect new samples and to do the training periodically and then release the new model into the product, now we have a continuous learning and adaptation. So of course to complement and support the second part, what we have been able to do is, in addition to collaborating with a lot of other entities, the threat intelligence, companies and also community-based feed out there, we also have built what we refer to as a crawler infrastructure in Cyphort labs. What the crawler infrastructure allows us to do is to constantly go out, use our own hardware-based sandbox to go out to the wide internet and to get our sandbox infected. When that happens, a nd then we have the collection of new exploit pack and new samples, and that feeds into our machine learning, so that’s really at least a main part of our approach how to keep up.Martin: This is also where my question relates to. I totally understand if you have lots of users and you get lots of data that you can improve your machine learning algorithms for detecting those threats. But when you started out, you did not have that much of a customer behavior data. How did you convince the first customers to say, “Yes, I’ll go with Cyphort,” without you having that much data which machine learning algorithm you can apply to?Fengmin: Right. Of course, there are two parts to it. One part is indeed we need to leverage some existing collection of malware samples, and luckily with both some of the partners and also one of the well known ones that you’re probably aware of is Virus Total, and it probably has the largest collection of the malware samples. So by applying, using the ex isting samples, we are able to learn a model fairly recent. So that’s from the technical part. But then when it comes to engaging the customer, really I would say a few big steps that we have taken.Number one is indeed really be able to identify the key problem the customer is facing and also showing that we understand the customer’s problem, and also have a common understanding of the best approach to actually improve their defense.Once we have that conversation, then the next thing is we share how we build this product or the tool, how that tool would support this understanding of how to approach it.And once we have that, really the third step is basically almost all enterprise customers would require that we actually make the product available and for them to actually test drive it. So they would actually go through an evaluation on their network.Of course, in that process, we provide as much help to get them through the hurdle where they typically are always resource-limited , so we help them make it easy for them to install it on the live network and go through an evaluation period. So we are able to approach the customer that way, and we’re happy with what we have been able to do so far. Yes.Martin: Fengmin, how do you show the customer whether there is a malware? For example, if I’m looking at a company and the emails they are getting. And what I understood is that you are also scanning some kind of files, whether there’s malware included or not, for minimizing that the system is breached. How do you do this in minimal? Is it just that you have some kind of bar which says, “Okay, 95% chance there’s malware included,” or if there is a special threshold the email doesn’t go through? What’s the process?Fengmin: Yes. For us, actually in Cyphort product, we end up using multiple inspection message, we refer to. Because we realize for the modern attack, the malware, they can come in different ways and also they all have their sophisticated kind of evasive behavior in them. Some of them may evade a traditional virus scan, like a static analysis, right? You look at a code, how the code structure looks like, and then the behavior based on when some of them actually are able to detect if they are being watched in a sandbox, they may stop running. So what we end up doing is once we realize this, then whenever we get a piece of code that we feel this unknown, they could be a malware-carrying file, then we actually go through both static analysis, looking for known patterns, and also we have repetition data referenced to Virus Total, in addition to our own more kind of sophisticated static analysis and behavior. So in this case, what it means is when we decide if something is really bad, indeed there is typically a kind of a range of behavior, and you can almost think there is a threshold.Today what we have done is intentionally not expose that kind of slider to the customer but we are able to take into account of this multi ple methods of inspection, then we look at those information together. So for the machine learning, indeed we actually come up with the behavioral-based score. They range basically, let’s say, from a 0 to 100, that kind of scale. And we choose a threshold based on our training and also we in the future can allow customers to set based on how aggressive they are.But the interesting thing, it’s helpful when we use both Virus Total and static multiple kind of method is if something is already known…because you expect, right? They don’t always use something totally new. There are a lot of them that use some existing things. So that’s the benefit of the product. If they use something that is not new, then additional methods, including the Virus Total, actually give us a context, and in that case, it’s fairly black and white. And we can even tell them what are the other products already, be this bad or the same thing, and then what the names they are referring them to. And the n we can basically compare that with what our machine learning is telling us. So they both help us to improve the machine learning. At the same time, we can tell the customer if something is already known, potentially how long ago they have been out there versus all the way to something really new. So that way, the customer, based on how aggressive they want to respond to it, they could choose different path towards it.BUSINESS MODEL OF CYPHORTMartin: Fengmin, let’s talk about the business model of Cyphort. How are you making money with it? Is it a SaaS model or is it something like an installment fee?Fengmin: Yes. That’s a very good question because we always have to make money. So in this particular case, the current model is we choose a software of virtual appliance-based delivery model but it’s subscription-based. So we have seen a lot of customers. The subscription-based one gives them some flexibility, at the same time gives them more like a steady kind of cadence for th em to make the budget decisions. So the thing really, so far it worked the best for us, is really the software-based delivery along with support for virtualized environment. And in this case, we can be deployed both on premise and also when they choose to, like we have customers where already most of their computing have gone to AWS, and so in that case, they can actually deploy our product in the AWS environment as well.The way the product is designed, because it’s API-based and software-based delivery, it allows it to be easily deployed and also provides a service in a SaaS model. So we are actually right now working on that based mainly on the customer demand because in the initial set of customers, we’ve definitely seen more customers want to have products deployed on premise because there is still some concern about their data going out of their network.Martin: Are you somehow differentiating the SaaS products maybe based on volume or based on number of employees of the cus tomer or some other metric?Fengmin: Oh, the pricing model you are referring to? Yes. Right now, actually we have a pretty much unified pricing model that is based on the protected bandwidth.Martin: What’s that?Fengmin: So the notion is let’s say you may have multiple links, network action links you have to watch. So on that link, you know what the typical amount of traffic is going through it, so then you purchase our product based on that expected amount of data that we have to inspect and then detect and then protect. So actually that’s also one thing that we have got very positive customer feedback. What ends up happening is let’s say you purchase five gigabits worth of the traffic and then the Cyphort product does not limit the customer how many links that you are monitoring, maybe how many servers you deploy to monitor this link. So for them, that is very flexible because you may have multiple offices and distributed across the globe and then you don’t have different pricing models. It’s the total amount of protected link bandwidth.Martin: Fengmin, how did you acquire the first customers, and did any of the process for customer acquisition change over time?Fengmin: Yes, and that’s a very good question. The initial customer is really based on some of the connections, in this case, both the connection, let’s say, with the executive team and also the connection, for example, with our venture capital funding partner. That is very typical practice. It’s more about initially with the connection we have someone that is willing and open their ears to listen to us, and that is very important. But then quickly as the time goes, today we have a lot of customers, now they’re already coming through a very typical funnel. You think of that process from you have mind share and you have lead generation. So that means now it becomes at scale operation because those customers, because they know they have heard about Cyphort and they have a problem, then they see Cyphort as a potential contender for that, then that’s how value comes in. Today our customers, both from that kind of normal channel, at the same time they become much larger customers compared to the early set.Martin: Sure. Is it mainly driven currently by inbound marketing, or is it also that you have a direct sales force which goes out to meet potential clients and then tries to acquire them?Fengmin: Yes. We actually have. Cyphort has, I think, maybe a very interesting, very initial result. We were so happy we were doing so well. As you imagine, most of the enterprise company products, you always rely initially on a direct sales force to go after the account. But then for Cyphort, as actually even early this year, we already have several dozen partners.Martin: Distribution partners?Fengmin: Correct, and these are the ones… So it’s very rare in even my past several companies. At this early stage, we have so many partners and signed with us, and actually today we d efinitely have over 50% of our deals directly coming through the partner source versus our direct sales.Martin: And can you describe this kind of partners? Are they more some kind of antivirus or firewall programs, or are they consulting companies, or what type of companies?Fengmin: Yes. Actually, one example I would mention is this company called Optiv. They used to be there were two companies. One is called FishNet. The other one is called Accuvant. These are the companies that they have their own labs. They also have their own, of course, sales engineer and the whole workforce from the marketing all the way to product. So they typically help the customer define a set of solutions for their security protection needs. So these are really major players, and they help both for getting the customer and also, of course, some of the training and support, installation also are coming from them. So those two companies actually, a few months ago, they merged and they became Optiv. And we a re one of the very select few small set of partners that they have.Martin: Over the last four years, what have been the major obstacles while building and growing Cyphort? How did you manage those obstacles?Fengmin: I think for us, the main things are all related to scaling up the sales, and this is where, of course, one of the things that we learned is, for instance, the kind of product. We are indeed an advanced threat defense product, so if you compare it to the old generation of some of the security products, they are more complex, and that means going to the enterprise, there are more dependencies with other product and also there is the education of the customer aspect. So we have basically at the same time not only helped to educate the customer for their adoption of the newer approach, the better approach for defense, at the same time to basically improve the product because you always scale from smaller customer in the key features then to more mature at scale features and for what we refer to as enterprise readiness. It’s really talking about more deployment scenarios and more other products to integrate with and also to account for different kinds of IT configuration. So most of our work has been along these lines, along with scaling up the sales force. That’s the main challenge in the last few months.ADVICE TO ENTREPRENEURS FROM FENGMIN GONGMartin: We always tried to help first time entrepreneurs make less errors. What type of lessons have you learned over the last 10 years maybe, and some kind of lessons that you can share with the audience?Fengmin: Yes. A few things definitely, I think, that come off the top of my head and I’ve seen more entrepreneurs still having this issue.Number one, I would say, and also coming from a technical background myself is really for them to avoid falling in love with their technology, and they always think of their technology as the best, can solve everything. So that is where they tend to forget about the cus tomer side because oftentimes you have to have a direct connection to the customer pain and the problem. So that is one thing that happens a lot with entrepreneurs.And of course, the next one is more related to the product ease of use, ease of deployment. And for people with an engineering or technology background, they always think, “This is so easy for me,” but then you have to basically to put yourself in the customer’s shoes. In that case, maybe it’s not that easy. You have to make it easier for the customer.And then the third one, I would say, it happens a lot with first time entrepreneurs is they always are eager to present a big solution. So I refer to it as maybe the tendency to boil the ocean, where if indeed you have a good idea, you should solve the most urgent problem with that one or two features and you should show customer traction, and then you can move on. So that is a mistake they make, oftentimes also would give, for example, the venture capitalist the imp ression that they really don’t understand. They lack the focus. So those are some of the main things.Of course, when it comes to the team and then culture, there are some things, I feel, it’s also very important because being a startup company in general, to maintain a very innovative culture is probably the utmost for the team efficiency and everything else. So that’s sometimes the founders, and they have to balance it out. When you look for people with big company experience, hopefully they leave most of the big company operation culture behind, right? That will be one interesting thing to watch out for.Martin: And how do you check whether somebody is fitting into a startup based on the innovative culture?Fengmin: I think this is where… For instance, one example is certain developers or technical people, they are very strong but then maybe their thinking always says, “You give me as specific a task as possible for me to perform, then I just deliver to that,” versus som eone says, “I just want to understand what we are trying to build. What is this supposed to do?” And that’s what we call the objective, and then they actually can think about the best way to do it, versus you have everything specked out, exactly you implement this way and that way. So that will be very fundamental. Some people are very comfortable in working in one mode versus the other. And for startup, typically you would want to look for people who have a little experience and also willing, open to share and not to hesitate to say, “This is a better way to do it.” That will be a good way to look at people.Martin: Fengmin, thank you so much for your time and for sharing your knowledge.Fengmin: Thank you. It’s my pleasure.Martin: And next time if you are having a really big website and you are thinking about threats that are maybe coming at your company, just look at Cyphort. Maybe this is a good solution for protecting your website.Fengmin: Thank you.Martin: Welcome.Fe ngmin: My pleasure to share the thoughts.Martin: Thanks.