A Q&A with Appthority co-founder and President Domingo Guerra. The San Francisco–based company was founded in June of 2011 and recently raised $6.25 million in Series A funding.
SUB: Please describe what Appthority is, and the value proposition you bring to enterprise security.
Guerra: Appthority is a San Francisco-based startup that helps businesses implement mobile app risk management. The Appthority platform is a cloud-based system that measures the enterprise risk of mobile apps and feeds this information—also called app reputation—to mobile device management, mobile app management, enterprise app stores, and enterprise app developers to enable a safer enterprise mobile experience.
The main enterprise security pain point we address comes from answering the following question IT departments are struggling with everyday: ‘How do I implement mobile policy if I don’t know what apps do?’ Traditional enterprise software came from established companies like Oracle, Microsoft and SAP. With millions of apps invading the enterprise from all kinds of developers, IT departments need a way to automate the app review and approval process as well as identify the risks hidden in mobile apps.
SUB: Who are your target users?
Guerra: Organizations concerned with the risks of mobile apps.
SUB: Who do you consider to be your competition?
Guerra: There are some companies trying to protect devices—on-device anti-virus and anti-malware companies—and different companies trying to do software analysis as a service. However, only Appthority is at every stage of the enterprise app life-cylce: 1) App Creation – Appthority works with enterprise app developers and 3rd party app developers to create safer apps by integrating into the software development life cycle; 2) App Distribution – Appthority works with enterprise app stores to keep the stores safe, and act as a gatekeeper for allowed content, and help IT departments identify risky behavior in apps, as well as layer policy as to which types of apps can be downloaded by each type of employee; 3) App Execution – Appthority integrates with mobile device management and mobile app management to provide on-device protection, levering the app intelligence we collect at every stage to implement mobile policy on the enterprise devices, whether employee owned or enterprise owned tablets and smartphones.
SUB: What differentiates Appthority from the competition?
Guerra: Appthority doesn’t try to offer a ‘one size fits all’ approach to security, which many firms employ. In other words, we don’t label an app as ‘good’ or ‘bad.’ The truth is, that each company has different definitions of what is allowed or not in their environments, and on what is ‘safe’ for them. One company’s Taylor Swift can be another company’s Lindsay Lohan. Appthority makes it easy for our customers to determine what behaviors they’d like to allow, either companywide or by job role, and create a customized approach to mobile security. This is impossible with competing technologies that simply offer a pre-defined white-list or black-list of apps.
SUB: When was the company founded and what were the first steps you took in establishing it?
Guerra: We founded the company in June 2011. We knew mobile security was a huge emerging space but saw too many products focused on the consumer market and felt the enterprise market was being ignored. We had just quit our jobs and were looking for a DARPA grant to fund our research in developing an enterprise-grade mobile security product. To apply for DARPA funding, we had to be incorporated first, so we worked with Gunderson Dettmer to get incorporated and become an official company. We ended up not getting the DARPA grant but loved the space and opportunities ahead—and it was really too late to go back to our jobs anyway—so we decided to bootstrap and fund our own research and development. We bootstrapped for 11 months until our A round.
SUB: What was the inspiration behind the idea for Appthority? Was there an ‘aha’ moment, or was the idea more gradual in developing?
Guerra: Early on, we knew we needed to improve the state of enterprise mobile security. We also knew that we couldn’t compete against the large traditional security players with the same people-based-analysis process they employ. If we were going to beat them, we had to out-innovate them in terms of app analysis. We spent a lot of time developing tools to automate app risk analysis and that became our core competency. Rather than trying to ‘do everything,’ we realized we had something special in having the ability to automatically extract app behaviors from millions of apps and collect information on what apps were really doing. Instead of just focusing on malware detection, we realized that the enterprise was also worried about a lot of other types of app behaviors—like exporting the corporate address book, tracking an executive’s location, and communicating sensitive financial information without encryption. We listened to our customers and delivered on what they had lost with the consumerization of IT and bring your own device: information and control.
SUB: What have the most significant obstacles been so far to building the company?
Guerra: There have been several distractions along the way, like early acquisition offers and requests for un-related products. With a small team and so many opportunities to improve enterprise mobile security, it is tempting to try and do ‘too much’ and lose our focus. We were also bootstrapped for 11 months, which was not always easy.
SUB: You just raised $6.25 million in Series A funding. What are your plans for the new funds?
Guerra: We’ve been able to do some amazing things with a relatively small team. We are now looking to grow our team so that we can have an even greater impact. Our goals are to increase our customer and partner acquisition while we simultaneously continue to develop the best-in-class technology for app analysis and mobile app risk management. We aim to be the authority in app security.
SUB: Do you plan to raise more outside funding in the near future?
Guerra: Not in the near future. We had a great A round with phenomenal partners. We are ecstatic to get back into growing a great company and put fundraising on hold. For now.
SUB: What are your goals for Appthority over the next year or so?
Guerra: 2012 is the year of making our partners successful. Our partners took a chance on us from early on and we want to continue showing them they made the right choice. We were named ‘The Most Innovative Company of RSA Conference 2012’ this year when we launched our company at RSA. We were fortunate enough to exit from stealth-mode with a solid group of partners. As we add more partners, our goal for the next year is to help our partners integrate our technology into their products and thus improve the state of enterprise mobile security. We know that if our partners are successful, we will be successful.
Appthority – www.appthority.com