Interview with Cody Cornell - Chief Strategy Officer at Swimlane

Shauli Zacks Shauli Zacks

SafetyDetectives spoke with Cody Cornell, Co-founder and Chief Strategy Officer at Swimlane, about the importance of low-code developments, how his experience in the public and private sectors helped him found Swimlane, and how they protect their customer’s privacy and data. 

When starting Swimlane, how did you recognize that something was lacking in the industry?

Before starting Swimlane, I spent over a decade working in and building security operations programs inside of the federal government and in the commercial sector. In every one of those roles, it was inevitable that we would have a myriad of tools that were not connected with each other when they should be. They were pouring out alerts that had high false positive rates, and we were consistently at an untenable workload, and the teams were being burnt out. Day in and day out, teams felt like all their efforts were futile and even with their best efforts, there was nothing they could do beyond building custom software to help them solve the pain they were experiencing. That is what a lot of the bigger organizations did, but it didn’t help everyone, just their organization. This is what drove our desire to build a platform that could help any organization build their own platform and have a shared platform where teams from different organizations could learn and share their ideas, innovations, and best practices, and that would help the industry at large.

What is the advantage of low-code development?

Organizations continue to deal with threats that are more advanced and specialized. Security operations teams need a more proactive security posture to address these emerging risks. Low-code security automation is that answer, enabling faster action at the point of inception without the need for never ending additional staff. The power and flexibility of low-code allows security operations teams who might not have the time or resources for advanced programming to construct robust and effective automated playbooks quickly and easily to be able to support use cases inside and outside the SOC but also quickly iterate as adversary tactics and techniques change, without waiting on a vendor at every turn.

The platform’s extensive automation engine enables security teams to specify their application logic as a simple playbook, where each playbook action makes use of one or more triggers and actions to automatically take action when an event happens. Any kind of application can be created, deployed across different cloud environments and data centers, or built on-premises.

Without prior coding knowledge, the low-code approach to security automation can enable a broader set of security professionals to build adaptable playbooks that can be created in a matter of minutes. Thanks to drag-and-drop capabilities, anyone can quickly and easily construct a new playbook. The intuitive interface means you won’t need to devote hours learning how to use the tool before you can begin creating your first playbook. And while low-code security automation is simple enough to enable these adaptable playbooks, it is also sophisticated enough to satisfy the world’s most demanding security teams. The platform unifies security operations beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value.

Talk to me about Swimlane. What makes it unique?

Swimlane is the largest and fastest-growing pure-play security automation company. We have developed a breakthrough in low-code security automation with our Turbine platform, which captures hard-to-reach telemetry and expands actionability beyond the closed extended detection and response (XDR) ecosystem. It is different from the traditional security orchestration, automation, and response (SOAR) platforms that are notoriously complex and used exclusively to automate basic security operations center (SOC) workflows like SIEM alert triage, phishing, and threat intelligence. While these SOC use cases are important, security teams need the ability to ingest telemetry and apply automation to all security processes inside and outside the SOC. This can include automating workflows around privacy, audit, compliance, legal eDiscovery, vulnerability patch management, and user on/off-boarding, just to name a few. The options are limitless.

Swimlane has spent nearly a decade helping the world’s largest and most demanding organizations automate security use cases both within and beyond their SOCs. Through this experience, we have harnessed the institutional knowledge and expertise needed to deliver outcomes that satisfy the increasing demands of our most-mature customers while also making security automation more approachable to the average joe. With ground-breaking innovations that address customer requirements and evolving market demands, Swimlane is providing customers with the industry’s first true system of record for security operations, and customers are seeing tangible ROI. It’s all backed up by our world-class service delivery team, so when you become a Swimlane customer, you’re getting the best of product and people.

Who is your target market?

Swimlane’s target market includes enterprise security operations teams and managed security services (MSSPs) and Managed Detection and Response (MDR) providers globally. Swimlane counts some of the world’s most-recognized brands as customers, spanning automotive, financial services, healthcare, pharmaceuticals, MSSP industries, and more.

How does your company handle its customers’ security?

Swimlane is a fast growing company that not only aggressively invests in innovation and customer success, but we are aggressively investing in our own security programs as well as the programs that protect our cloud customers. Over the last several years, we have built out our own Security Operations Center, a combination of our own internal teams and in partnership with some of the best MDR providers on the planet. We’ve also invested in best-in-class tools for threat detection, intelligence, and response, leveraging Swimlane extensively to mature our capability well beyond our age. In addition to our SOC, we have several compliance initiatives in place, including our SOC 2, GDPR, ISO 27001, and FedRAMP to name only a few. On the product side of the house, we leverage best in class security tools and practices within our development pipeline to keep the Swimlane platform secure. We have security in our DNA and have had it from the start. We will continue to invest, innovate, and improve the security of the Swimlane products and the services we use to protect our company and our customers.

Thank you, Cody, for taking the time for this interview, and best luck in the future!

About the Author

About the Author

Shauli Zacks is a tech enthusiast who has reviewed and compared hundreds of programs in multiple niches, including cybersecurity, office and productivity tools, and parental control apps. He enjoys researching and understanding what features are important to the people using these tools.