Safety Detectives: Please share your company background, how you got started, and your mission.
Stairwell: I founded Stairwell in 2019 to provide tools that help security teams defend against the onslaught of attacks they face every day. Today, teams are struggling to sift through exploding security data sets and understand what signals are relevant to them. Earlier in my career, I saw first-hand how organizations with deep pockets and teams of analysts are better able to put their security data into context. But most organizations don’t have those kinds of resources and are forced to rely on tools that don’t map macro security trends to their unique environments.
As a co-founder of Chronicle, I started to see how different approaches to providing meaningful security knowledge to security teams could yield better results. At Stairwell we are advancing these concepts giving companies capabilities they haven’t even thought of yet. We are rewriting the rules for cybersecurity so that every security team can outsmart any attacker.
SD: What is the main service your company offers?
Stairwell: Stairwell offers a platform called Inception, the first technology for recursive threat hunting, detection, and response. It allows teams to search huge volumes of their data that was never before searchable, and generate an intelligent view of the organization’s environment. It enriches this view with emerging external threat intelligence to identify artifacts, patterns, and relationships that are indicative of nefarious activity. It provides insights by identifying hard-to-detect relationships between the organization’s systems and emerging changes in the security landscape, proactively seeking out interesting threads, and synthesizing known and unknown threats.
With this inside-out knowledge, teams are now able to study what’s going on inside their environment and identify when behaviors or relationships start to look different. Think of it as a heat map for systems that shows where attacks are most likely to occur.
SD: What is something unique that helps you stay ahead of your competition?
Stairwell: By pre-preserving evidence in an organization’s environment, Inception removes the time-sensitive nature of detection, and can identify compromise faster by applying new learnings to the past, present, and future state of an environment. Until now, storing this volume of data was untenable, and technologically cost-prohibitive. But the team behind Stairwell has decades of experience working with massive amounts of data and we have designed a platform that works differently to enhance cybersecurity. Google didn’t invent search, they invented search that was relevant, fast, and useful. We aim to do the same in the security space.
SD: What do you think are the worst cyberthreats today?
Stairwell: There are too many serious cyberthreats to choose from, with ransomware and software supply chain vulnerabilities among the fastest-rising threats. With more insights into an organization’s past, present, and future state environments, better synthesis of internal and external data, and the ability to recursively apply new learnings to enrich its security knowledge, companies are better equipped to prevent and defend against attacks. The specific threat doesn’t matter; every organization should have the power to continuously increase its security knowledge and create tailored defenses that keep it out of attackers’ reach.