Host: Hello everyone, welcome to another episode of ExtraMile by SecureITWorld, an interview series that aims to bring industry leaders closer to the audience. I am your hostย Sudakshina,ย and we are here to discuss the latest technologies, cybersecurity trends, risk mitigation practices, expert insights, and a lot more.
In today's episode, we are delighted to introduce Nicolas Mattiocco, Chief Security Officer of Patrowl.io. A cybersecurity company that is changing how businesses protect themselves. Patrowl.io creates smart tools that automatically find security weaknesses before hackers can use them. Think of it as having a digital security guard that is always on patrowl. Nicolas comes from a hands-on background in cybersecurity, and he has built Patrowl.io into a company trusted by organizations worldwide, even helping secure major events like the 24 Olympics.
Nicolas, it's great to have you with us today, I hope you are doing good.
Nicolas: Hi, thank you for theย invitation,ย and thank you for the introduction.
Host: Thank you. Okay, so can you share how your background in cybersecurity led you to found this company and what key experiences shaped your approach? How did that hands-on experience shape Patrowl.io's mission to โBe Faster than Hackerโ?
Nicolas: I discovered the cybersecurity field at the same time I discovered the IT and internet world. And it was a classic story. I was chatting on the MSN messenger stuff with my high school friend. Then he told me by message, okay, stop doing what you're doing right now, don't touch anything and let me show you. Then my screen was inverted and it started to open my CD-ROM drive remotely. So, it was very fun, very exciting and I knew right away it was fun and I wanted to work in this field.
Then I graduated an IT engineering school and I got a master's in cybersecurity. I got my first job as a penetration tester. I didn't stop since today. I joined EY as a manager and then I go freelance to be part of the red team of the Bank of France as a penetration tester, of course, it's definitely a passion work and I'm allowed and paid to act like a villain. So it was very nice. At this time, I was frustrated about my daily job.It was recurring penetration testing assessment, weekly assessment. I was the same mechanic and I was very, very frustrated and the impact was very, very limited. But I was conscious that the penetration testing is a very valuable approach and you give relevant data about your actual risk.But today it's a snapshot of a very limited parameter and the ratio between the cost, the time you spent on it and the risk coverage is not good anymore. And we wanted to change that. I got the opportunity to start my work for automating security operations at the Bank of France and I met my partner, Florent and Vladimir there, who are also penetration testers.
And then we started the Patrowl together and it's a very great adventure from day one. And we are very proud to have built a scalable business model and supporting tech. Which we productified our consulting job and it's very, very nice.
Host: I can understand this practical experience shows an approach to building solutions that addresses real-world security challenges.
So next up, you describe Patrowl as a digital Patrowl guarding homes (business). How does automating penetration tests make cybersecurity more accessible to non-experts?
Nicolas: Yes, today we don't have the time and the skills to check the external attack surface at scale. It's not possible. It's too complex.
You have to be continuously updated on new threats, new change, new vulnerability, new expert, new attack scenario. It's very hard and it requires a lot of different skills. So automation gives you multiple benefits. You can do checks more frequently just to identify vulnerabilities as soon as possible. We talk about the LTTD, the mean time to detect. We want to reduce the windows of exposure.
You can do more checks on your assets because you can add new controls every day on your control base. And it's very interesting to add this control. You can do it more efficiently, of course, because you can reduce the low value and add a new value added task and focus on what matters most because all the configurations, the settings of your scans and the triage can be automated.
And then you use your brain on very, very complex security cases. And also automation helps you to achieve compliance and benchmark. And it's very interesting to get the same base of control on the same or the subset of assets to benchmark yourself against all your entities with the same controls.
So, by automating data collection and triaging, you can focus on what matters most. And the question is not anymore how to find vulnerabilities, but because we know cybersecurity, we know how to find vulnerabilities, but it's how to prioritize and how to track them, how to remediate them. And this is where we want to focus. You don't need to be expert in detecting vulnerabilities, but you have to work on the remediation.
Host: That is really interesting to know about automation. So, Patrowl recently secured major funding. How will this accelerate your goal of real-time vulnerability remediation, especially after projects like securing the 2024 Olympics?
Nicolas: Yes, the 2024 Olympics was a very great opportunity for us because it was in France. It was next to our office and we wanted to be part of this big event. And we were not qualified as athletes. So, the only way to take part of this event was to offer our service to the Olympic staff. And we collaborated with the Protection Civil, which is like the British Red Cross in the UK, to support them and to monitor their assets before and during the event. And they are a client today.
Yes, we secured Serie A last year and we got three objectives. The first one was to structure the team, to be scalable, to hire mixing skills and senior people, of course. The second one is the international expansion.
And this is why I talked to you this morning. UK is a strategic move because of the addressable market size, of course, but it's also the maturity of the market, of the company here. And we wanted to have a presence in the country and to operate the business company.
And the third objective was to invest in innovation. Half of our R&D is spent on innovation projects. So it's very important to us to focus on this.
Host: That was really interesting. So many companies focus on blocking attacks, but you emphasize a unique philosophy, demotivate hackers, not just block them. Why is this strategy more effective in the long term?
Nicolas: Definitely, we are focusing on the anticipation step. And it's the very first step in the risk management. It's very strategic because if you identify vulnerabilities before attackers, you can save big money on all other things, cybersecurity function of detection, protection, response and recovery.
So it's kind of an investment. Maybe that's why penetration testing is mandatory. And all sites all around the world use this activity to check their assets. We also are in a big momentum regarding the regulation. We got Dora, Mistu and Sierra in Europe just this year. And it's kind of the. We know we are on track on this philosophy. And as an organization, you have to do both. You have to anticipate and to detect. It's a game. It's attackers versus defenders, the red versus the blue. It's evolving every day. And there is no rules in this game. And you have to know your opponent and you have to act like them to know what they are capable of and how to secure your infrastructure.
Host: That perfectly makes sense. How do industry awards and recognition reinforce your company's approach to innovation? What broader impact do you believe this visibility creates?
Nicolas: We had the opportunity, the chance to win two of the biggest awards in cybersecurity in France. It was every time a wonderful moment. Receiving an award is always a big, big achievement for the team first, because it's a recognition of their work, of their engagement, the initiative, the effort to deliver the product we got, to share the same vision.
And for the business, of course, because it's a validation by the market of our approach, which didn't exist a few years ago. And we got the alignment between our value proposition and the actual challenges of the company. And I think this is the duty of the startup to conduct and to support innovation.
It's key in cybersecurity. It's changing every day. And we have to support it and to continuously invest in technology. It's not static. And we have to adapt quickly. The cybersecurity ecosystem is moving very fast, and we have to maintain our advantage.
So, at Patrowl, we got major project innovation. Today, regarding how to fight more vulnerabilities. We got also a research project in robots automation, and of course, integration of AI in our product. How to serve AI and how to use efficiently AI in our detection and prioritization stuff.
Host: Definitely, awards like that really help you to set new standards to the industry. Many companies still rely on traditional security operations centers (SOCs). Why do you believe automated tools like Patrowl are future of the threat detection?
Nicolas: I'm sure it's humanly impossible to keep up the pace. So there is new vulnerabilities every day. The exposed attack surface is changing quickly, and the number of attacks is just increasing also high.
So, you don't have the choice of... You can miss the automation stuff. I observed that in a few years, major organizations are building vulnerability operation centers to improve their vulnerability management program.
And it's good news for us. By the way, I think there is maybe a catch with automation and stacking a lot of tools, because it may give you continuously a huge amount of events, of security alerts. And it can give you the feeling of security because you get the alert, so you know how it's going on your asset.
You can think that you are achieving a certain level of maturity, but the trade-off is to manage this tool and to manage them efficiently and to focus on results. And I think organizations are experiencing the Christmas tree effect because they got a lot of alerts, a lot of unqualified data. And of course, you can focus on prioritization, but I think we will smoothly move to consolidate the solution.
Host: The speed and efficiency advantages areย undeniableย in today's automation landscape. You have helped hospitals close security gaps. Why is healthcare a prime target for cyberattacks and how does Patrowl.io simplify compliance (like SOC 2) for such critical sectors?
Nicolas: Let's take the cap of an attacker. Attack hospitals are very sensitive data to manage. They have critical impact because at the end of the day, we talk about human beings, and this is the impact of humans. It's not a computer or an application or business. No, we are talking about humans. It changes your mind.
Hospitals are also very extended attack surface exposed on the internet, and they got few people in charge of IT and cybersecurity in this kind of organization. They also have a restricted budget. So, attackers are not so ethical, and they want quick returns of their investment.
It's an easy target. Setting aside the moral, the ethical considerations, all flags are green to engage their data. So with Patrowl.io, we are able to completely manage this, manage their external exposure and to continuously manage their risk. With few people, there are very few people in the hospital, it's easy for them and not time consuming to focus on relevant issues.
Host: Protecting sensitive health data is absolutely very important. So, the last and final question. With a passion for offensive security, was there ever another career path you considered, or was hacking always your main interest?
Nicolas: Today, I'm experiencing the entrepreneur job, and it's also fascinating. It's a big challenge and a huge achievement to talk to you today. I wanted to be an airplane pilot, but hacking was always my main focus.
Host: Amazing. That was it, Nicolas. Thank you so much, Nicolas, for sharing your insights today. Patrowl.io's work is truly making the digital world safer, and your perspective is invaluable to us.
Nicolas: Thank you very much.
Host: Thank you.
Nicolas: Have a good day.
Host: Same to you. Thank you everyone for tuning in to this episode of ExtraMile by SecureITWorld. I'm your host Sudakshina, signing off for today. Stay tuned for more insightful episodes with industry leaders. Till then, stay tuned.
Explore Our Other Insightful Interview:
