Purandar Das, Co-Founder and President of Sotero

Tony Zayas 0:06
Everybody, welcome to the SaaS Founder Show. We’re back for another episode where we get to talk really fascinating founders who have interesting SaaS businesses, and we get to hear all about the journey. So exciting stuff joined, as usual, with my co host, Andy Halko. Andy, how you doing today?

I’m doing fantastic. Excited about another show. We’ve got someone here talking, I think about Cybersecurity. Right. Tell me you were talking to

Yes. So we are talking to Purandar Das. He is the co founder and president of Sotero for the next generation data encryption. Patients to encrypt data in use and data in motion to realize faster time to value from mission critical data. So with that, let’s bring him on Purandar. How’re you doing?

Purandar Das 1:01
I’m doing well how about you.

Tony Zayas 1:03
Very good. Thank you. We appreciate you taking this time to join us. But you there front and center. So awesome. So I read the disruption of your business. I would love to hear from your perspective, tell us what Sotero is all about.

A little freezing. So Purandar, if you could?

Oh, no. This happens sometimes with technology, right?

This happens with technology

Or in cybersecurity. We’re talking cybersecurity. Maybe we got act. I don’t know.

That is possible.

Andy Halko 1:49
But this is the fun of it.

Tony Zayas 1:51
This is the fun of it.

Tony, how you doing dog

He’s good. It can be a hassle at times, but but he’s worth it

I’m sure that exactly what people tuned in.

I’m sure I’m sure. So I’m gonna send him a quick message. Okay, looks like he dropped off. So why don’t we talk? Let’s wait for him to hopefully jump back in. But until then, I didn’t have a chance actually to talk about it today. But tech, throw it up. We got that coming up. And we’ll bring parameter back on. It looks like he’s there. And he gives us the 32nd what tech throwdown is all about?

Yeah, we’ve got it. We’ve got a really cool thing coming up a pitch contest for startups. You can submit, win some money, we’ve got some cash prizes. We’ve got some inkind services, some from some really amazing company, companies even mentoring and coaching from some folks. So if you’re interested, go to link, your SaaS startup. And, you know, add so that you can pitch in at the tech burnout, maybe?

Awesome. Let’s try this once again. Purandar, how are you doing?

Purandar Das 3:04
I’m doing good. technical glitches, I apologize.

Tony Zayas 3:08
No problem better this time. You’re moving? Yeah, froze up on us. So yeah, the question that I asked was, you know, just tell us about Sotero talk, you know, how do you explain the business when you meet someone in the elevator?

Purandar Das 3:22
Sure. I mean, what we do at Sotero is reimagining cybersecurity, right. And if you think about cybersecurity, it’s all about protecting people from getting to data. What we are saying is protect your data first, and then worry about preventing people from getting the data. So data is all about keeping your data encrypted while it’s being used, which is a big gap killer, right? I mean, it’s a big change in paradigm, a big change and shift in how people imagine cybersecurity or data security more specifically.

Tony Zayas 3:55
Why is that such a shift? You know, why have most people gone the other direction? And and why did you decide to go in, you know, kind of this approach of encryption of data?

Purandar Das 4:06
Sure. So why have people gone in the other direction, right? Historically, data security products have leveraged encryption, which is about the best security protection you can get. But it comes with a severe limitation, right? If it’s encrypted, you can’t use the data. Right. So even though people say their data is encrypted, it essentially is not protected while it’s being used. And if you think about organizations, they’re using data all the time to drive their business. So essentially, data is not protected while it’s been used. We I come from a data background, having worked with marketing companies, all my most of my career, dealing with huge amounts of data, huge amounts of sensitive information is what I did for a living. The aha moment was, Hey, big data stolen because it’s not protected. What’s in use? How about, we figured out a way to keep data protected while it’s being used, and flip the paradigm on its head, right and say start with data. That’s what you’re trying to protect. That’s what everybody’s trying to protect. So we wanted to shift the paradigm and say we have a better way of helping organizations protect their information. That was the big guy, flipping Ira mindset.

Tony Zayas 5:22
So what was the you know, catalyst for you starting this business? Were you sitting somewhere else said, this is a huge problem, I’ve got to solve it. Did you meet some co founders? And, you know, say, we’ve got to do this together? What was kind of the catalyst that got you started?

Purandar Das 5:39
So do different factors. One is, I was fortunate enough to meet my co founder, right? We were working together. And we’ve been thinking about what we could do to come to start something on our own, right? I mean, you you work in large organizations forever, and you say, Hey, I think we have an idea, we have the skills, and we have the passion to build something. But coupled with that was a personal experience where my data was stolen in a breach, right, and I was affected when they attempted to file a tax return in my name, open credit card applications and even opened up a bank account. Right. So putting the two together, and kind of looking at what was being done for data protection, we can Okay, it became clear to us that there was a big opportunity, a big gap that needed to be filled or a problem to be solved. And we both were at a point in our career saying we should do something, right. And that something happened to be around data protection, because there was a driver that was pushing us towards that.

Tony Zayas 6:43
So going back parental, it’s super interesting and awful experience to go through, right? So you have that personal motivation to want to solve that challenge, because anyone has gone through anything, even even that it’s significant. It’s painful, and it happens all the time. I wanted to go back quickly to just your approach and how you said, you know, protecting data while it’s being used. So how do you guys from a label? You know, if you’re explaining to the lay person? How do you guys go about doing that?

Purandar Das 7:15
So very simply, if you visualize your own information in a database somewhere, right, your name, address social security number, I mean, there’s probably 1000 different databases that you have companies that you interact with, right? Typically, what most of them or all of them do is, say, will encrypt this data, meaning that it’s encrypted when nobody’s processing, accessing or using the data. But the moment you go to access or use it, that data is unencrypted in plain text, because they want to search for a Tony or search for anything, right, your records and your information. The moment you do that the data is unencrypted, which kind of like really there’s no protection. So we can my co founder Shanti. And I said, let’s figure out a way to keep Andy and Tony’s information encrypted, even while it’s being queried, processed or used, right? That way, you have much better control a better security framework to keep the data encrypted from anybody that’s not authorized to see it. We not only keep the data encrypted, while it’s being queried or used, we also validate which user in which application is accessing it in real time, and make sure that it is privileged user or they’re authorized to see the data before we decrypt and let them access and view the data. That’s essentially our core intellectual property, our patented intellectual property capabilities about being able to process data in encrypted state.

Tony Zayas 8:42
Super interesting.

Yeah, just to dig into the house a little bit more, I’d love to know, you know, okay, how does an organization implement this? Is it a middleware? Is it something that sits on top of other systems? You know, is it more for the enterprise or for you know, mid market?

Purandar Das 8:59
I mean, literally, my response to that would be as we’re commoditizing, security, data security, right. I mean, that’s been one of the big challenges with security products, very expensive, very hard to implement, you have to have lots of money, a lot of budget, and you have to have resources to deploy that. That essentially becomes a big barrier for organizations to adopt security. Our approach is to make it really simple. And not just be one platform specific solution, right? We want to be able to protect all of the data in an organization, whether it’s sitting in a database, it’s in a file somewhere, it’s in some semi structured data stored in the cloud doesn’t really matter. We we set ourselves design objectives when we started to build the product, and said the biggest thing because keep in mind, we are actually coming from the flip side of the thing we’re not. cryptographers are security experts, right. We came from the other side of having consumed security products and we know knew the headaches and the challenges. So we said it’s got to be easy to use. It’s got to be inexpensive, relatively so that everybody can afford it. And it’s got to be a product that support that protects all of the data in an ecosystem, not just one, because you don’t want to be dealing with 35 products to protect data. We said, Let’s build it in a way where it can scale and at the effective price point, be able to help a company help any company protect their data, whether it’s in their premise in their data center, or in the cloud. So to your the your question, it essentially is like a middleware. So if you’re familiar with data, or database technologies, we look like an ODBC, JDBC, or a database driver. That’s literally all that’s needed to implement sotera. And what that also does is it eliminates the need to modify applications to leverage our security framework. We don’t require applications to be modified at all, which is another big headache when it comes to rolling out security products.

Tony Zayas 10:59
I’m kind of curious that something you said is that, you know, you weren’t from a cybersecurity background, you’re more consumer had a challenge. So how did you then get into it? And how did you understand to build something when you’re starting from that perspective?

Purandar Das 11:18
Michigan? Yeah, but keep in mind that we had like a, like I mentioned, we were dealing with billions of consumer records, right. I mean, we were helping companies monetize information, that was the marketing industry, right, go collect information, gather information, collated, aggregated, be able to analyze it and act on it, which meant we were sitting on billions of consumer records with sensitive information. So all of the problems as it relates to scale speed to market processing, we were very familiar with. We were also familiar with the challenges posed by security products that essentially were bottlenecks to utilizing information, right? If you use a security product, all it did was put bottlenecks in your way, right? So we said, hey, we know both ends of the story. Let’s figure out an architecture that makes it easy to good, easy to deploy easy to embrace, and easy to consume, while providing a platform that preserves security and privacy, but also enable faster time to value. Right, you don’t want to spend a month trying to anonymize data, or obfuscate data, so you can share it act on it, we do that in minutes, right, you can take your sensitive data, deploy it, share it with whoever you want to securely in the knowledge that nobody’s gonna be able to see the data that you don’t want them to see. But they’re able to extract the value that you want them to extract from the data.

Tony Zayas 12:43
Yeah. So our audience is a lot of founders. Do you mind talking a little bit about what did the startup process look like? What was the first, you know, six months of trying to build a company?

Purandar Das 12:58
Sure. I mean, having the idea was easy, right? Then trying to figure out how to how to build a product was a challenging piece, because you mean, you have all the ideas, and you need the right skills, right? And then it’s a trial and error process to get the architecture, right, get the design, right. And you also need to get a lot of feedback from people that are potentially customers or prospects telling you this is this works in my environment, or this is not, this is not going to work. So the early year or so was a challenging piece. I mean, what what what got us through the thing was the passion and the belief that we were on to something and that there was an opportunity. We were also very fortunate to have good interactions with friends and a wide network that gave us invaluable feedback as we started out on this journey. Obviously, that support belief is what got us through the challenging period.

Tony Zayas 13:58
How did you handle we talk a lot about MVP’s minimum viable products. You know, what did you What were you able to put out there to start getting feedback? And and how did you create that?

Purandar Das 14:11
Do so that we were probably a bit lucky in that context is remember our background, we had enough knowledge to build to build build out an initial product, right? I mean, we had in implementation experience, practical, real life experience in using data using databases and using application. So we were able to craft a lot of the capabilities where we got feedback was performance, right? The speed, the performance and the scale that we needed to be the different database storage technologies, the different interfaces, and the challenges that different applications posed when they were talking to data data stores. So that’s where we got a lot of feedback as we deployed the early versions of the product into the market.

Tony Zayas 14:59
Forever like to hear a little bit about the co founder dynamic. And what does that look like? How do you guys? How did how have you gone from having this idea early on to building this business? How do you guys strategize? How do you work together? What are your strengths? What’s the relationship there?

Purandar Das 15:19
Oh, I mean, the relationship has been awesome. We, I will say this. I mean, one of the things we realized early on was working around two to two characters, I would say, one is integrity, interaction, being honest, open, acknowledging challenges. And the other thing was working with acknowledging that we needed to be extremely resilient as we went through this thing. startup world, there are more nose than yeses, right? I mean, whether you’re selling a product pitching a product, having somebody talk to you that are more nose than yeses, right across the board, building a technology product, it’s lots of challenges, what you have in your mind is not how it works. So being dealing with each other very openly and honestly, was is a big factor. We both have similar strengths and differences, right. And we were both, we both come from technical backgrounds. So we have that area that we can relate to each other, and help each other out. She’s my co founder, Shanti is a lot more in depth from an architecture and technology perspective. So that helps I, I kind of joke around and say I throw out ideas or she makes talk. I’ve been more on the outward facing in terms of getting feedback, talking to prospects, pitching customers, pitching investors. So it’s worked out well. It’s worked out really well.

Tony Zayas 16:55
So you said you came from a marketing background? Correct? Yeah. How did that help you grow the business, obviously, that’s an advantage, having that skill set and also having, you know, technical acumen, you and your co founder. But what was the approach from a marketing standpoint.

Purandar Das 17:12
So, from a marketing perspective, I will say I’m come from a marketing technology perspective, I’m aware of marketing, but it’s more marketing technology, building large solutions to facilitate marketing. I am familiar with it. I mean, truly, in all reality, our marketing actually has gotten a boost, once we got our head of marketing on board, she’s been able to take the messaging the content, to a level that I really couldn’t have done it ourselves. She’s been very influential in kind of helping package the messaging, identifying the right audiences, developing the right pitch, in even reaching out to the right channels to get in front of people and getting get our message out there.

Tony Zayas 17:57
I’d love to hear a little bit about that. That’s something that you know, again, the and I talk a lot about work with clients. But that was really foundational elements, getting the messaging, right, articulating what it is that Sotero does, making that resonate with the target audience. How did you guys work through that?

Purandar Das 18:18
I mean, for a technology product, most technical technology oriented founders tend to believe that their product is so good that it’s going to sell itself. Really, there isn’t a big misconception out there. Right, you could have the greatest product, but if you’re not getting the message out there, if you’re not getting getting in front of the right people at the right time, with the right pitch, you’re really not going to make much progress. Acknowledging that limitation on our part was a big step for us. Right? I mean, we were very successful in working on networks, getting to the right people getting the right feedback, getting early adoption and all that. But really, we wouldn’t have been able to scale. If we hadn’t acknowledged that we had a we needed a professional to come in and help us with the marketing. That is that for somebody that spent two decades in the marketing industry, that was an eye opener for me, right, in terms of how effective finding the right audience, finding the right message is is critical to scaling the product.

Tony Zayas 19:21
That’s great. And along those lines, we’ve got a question that just came in, says, given your marketing background, what is one piece of advice that you’d give to early stage founders? We’re trying to get the word out about the product or service.

Purandar Das 19:34
Really, I mean, I mean, this may sound like a lazy answer, but this is I believe this. Find somebody that can help you get to the right channel, get to the right audience. You’re not going to be able to do this by yourself. Especially if you don’t if you don’t have experience or you’re not familiar with this thing. It’s critical to partner with somebody even if it’s a part time partnership to find the right channels, the right platforms, the right message. In the long term, it’s well worth the money that you spend. It’s not all about technology. It’s about evangelizing it’s about getting the message out.

Tony Zayas 20:12
I kind of want to go back to something that you said and always sticks out to me. You know, we talk about perseverance a lot in being in a startup, and you said, you’re going to face a lot of nose and yeses. How do you you know, as a person handle those challenges that you face as a founder and the nose. And, you know, sometimes when you hear stories about startups, you see the good things in the highs, but no one sees or hears about the lows. So you can just talk about the mentality of being a founder and trying to build a business.

Purandar Das 20:47
Absolutely. You are so right about everybody wants to talk about all the highs, right? Nobody wants to acknowledge the challenges that you go through, I’ll go back to what you asked me about my interaction or my dynamics with a co founder, right? One of the things that we agreed on at the very beginning was, we were not going to build a perfect product on day one, right, we were going to evolve, we would be needed to be ready to pivot, based on the feedback and based on the way the market pushed us our customer base pushed us that helped a lot, right, having somebody to talk to about the constant knows that you get is critical. Right? It’s just a part of the process. It’s not personal. Though, it tends to feel like it’s personnel, but you have to have the resiliency to get just get through that face. I mean, as much as you believe in the product, as much as you think it’s solving problem. That’s not the message that resonates with everybody, right, you still need to find somebody with a need. Right? That you have going in finding that somebody with a need is obviously like one in 101, and 200. But you have to go through that process, having a good support system that you can just talk about this. Talk about the lows is critical.

Tony Zayas 22:08
Were there other people that you had in your circle, we, besides your founder, we talk a lot about mentors, you know, some of our founders talk about their family and how they support them during this process. You know, what did your circle look like to give you what you needed to, you know, launch and go forward.

Purandar Das 22:27
Support from the family is critical, right? Especially when you’re doing a startup, you’re you’re throwing off your safety net, you’ve been successful in your career, and you decide to you decide to give it all up and go. So support from the family is critical building a network of peers, mentors that will guide you, and help you maintain sanity. And also offer advice, connections networks is extremely critical. We were fortunate. I was fortunate I, family, of course, but also had a fairly fair number of people that have been supportive throughout this journey.

Tony Zayas 23:05
It’s great. You know, just one other thing that you mentioned is that you didn’t expect the product to be perfect. At first, there, you’re gonna pivot evolve. You know, it’s kind of an overused quote. But if you’re proud of what you launch, you probably waited too long. How do you feel about that idea of getting out quickly, and, you know, iterating, rather than trying to get something that really is your dream product?

Purandar Das 23:36
With technology, I will say this, there’s no such thing as waiting to build a perfect product. It doesn’t happen, right? I mean, for for many reasons. It’s not just that you can visualize the end product, but the circumstances change technology, the technology whole ecosystem is changing so rapidly, right? I mean, if you click, I’ll give you an example. I mean, if you think about where breaches were like four or five years ago to where they are, nobody was talking about ransomware, four years ago. Today, all everybody talks about is ransomware. Because that’s how the criminal aspect of this has evolved. So if you’re you have to be very right to pivot to change your strategy, change your technology, change your product, and in the whole quarter, but rubber meeting the road, right? Once your product is out there in real use, every weakness that it has, it’s highlighted, right lack of features, lack of performance, lack of integration, everything gets highlighted. So sitting and waiting around to build a perfect product is not a great strategy. You have to get it out there. Take your lumps and learn with the process.

Tony Zayas 24:46
I thoroughly agree.

With the, you know, to that point of how rapidly technology changes and shifts. Were there any shifts in the way landscape of cybersecurity that you guys weren’t ready for. That negatively impacted the business. That was a challenge that you had to really work through that kind of was a threat.

Purandar Das 25:14
Yeah, sure. I mean, if you if you go back to the beginning of the conversation, and I was telling you about what we did, right, we protect data. And in our early vision was to protect data in relational databases under the assumption that most data was in relational database. Yes, what, over the last couple of years, we realized that that is, as true as that is, there is an equal amount of data or a larger amount of data in unstructured database, unstructured data stores, right. And that’s where a lot of the risk case, migration to the cloud happened as we were building this out and rolling, rolling out the product. So we had to be ready for that. A lot of that were addressed in how we architected the product to be able to consume that in the in the on premise or in the cloud. But it still led us needing to support unstructured data, a large number of data stores that we hadn’t thought of that were really prevalent in the cloud, right, so we were doing all of this, and then the ransomware wave started, which kind of pushed us in the direction of needing to protect files, or unstructured data, because that’s where the bulk of the attacks are happening. Right. So we had to evolve. But there’s a positive side to all this as much as we had to evolve and modify our solution that’s actually led us to become to starting to offer and visualize a much broader security capability than we ever thought of back then. Right? We thought about support securing data in siloed, or independent data stores. Now we’re evolving towards a proposition where we can offer us data security fabric that enables an organization to protect data anywhere all the time, regardless of where the data is stored, what format it’s stored in, and what application stuck to it. So it’s helped us a lot. Right? We’ve gone from being what, what people could perceive us as being a siloed, small footprint data security, to becoming potentially a security fabric that organizations can adopt to consistently secure and protect their information anywhere all the time. So it’s been good, it’s been good, it’s been challenging.

Tony Zayas 27:27
It’s really interesting. I would love to hear a little bit, you know, we talk to the SaaS founders all the time here. And something we often like to hear is how you get your users feedback. And how you make improvements and feature sets, you know, plan out the roadmap with this type of software that you offer, where it’s security, right? It’s something that it’s essentially passive. from the user perspective, they’re probably not actively thinking about it. The goal is they don’t have to really think about it. How does that differ for you to collect that feedback?

Purandar Das 28:02
I would question that they’re not actively thinking about it. Right? It depends on which group of users you’re referring to. I mean, if you think about the security teams, right, they’re thinking of nothing but this all the time. Right. I mean, they just like literally live, breathe and sleep about security, we get a ton of feedback, we talk directly to we our marketing group organizes regular conversation with seasons, for them to we don’t sell to them. We just tell them what we’re doing and collect feedback from them about how they visualize the thing, where they think the shortcomings in the product, or what features are critical, we take a lot of that feedback to help drive the product direction. where users don’t, we don’t want users to think about security is the end users are the folks that consume the data, they should feel confident that the data is secure. But they can extract all the value and execute all of their operations on the data without needing to worry about security, that essentially is the value proposition of surterra. Right? We want to take that pain away from the end users, we want to we want them to not think about it and be secure in the knowledge that the data is secured. And their privacy is assured. The see the CISOs the security folks, the technical folks, they give us a lot of feedback. We solicit feedback actively, right without selling to them, because selling to them. We don’t want to sell sell them and say give us your feedback. And we’ll build these two things and buy it from us. We want it to be objective. We want them to tell us why this way our product or why our approach is not going to work for them. And what do we have to do to make it work? That way we solicit and get candid feedback on objective feedback, I should say.

Tony Zayas 29:53
I’m kind of interested to get your perspective just generally on the security industry and what’s going on I mean, not Yeah, over the last couple years, the ransomware story has gotten big. I hear about it just personally, you know, with folks that I talked to them having scenarios like that, literally, I think two days ago, the Insivia team got hit with a potential, you know, like scam where it was pretending to be me to my employees. You know, what, what does security look like right now? What are the challenges we face? And, you know, what do you think that it looks like in the next couple of years?

Purandar Das 30:35
There’s a lot of I mean, there are many, many factors, right about what security looks looks like today. What the first thing is security is focused on the perimeter. Right? It’s about trying to keep people out. It’s never been focused on protecting data, right, even though the encryption thing exists, but it’s more about securing access to the network preventing people from getting into the network. The challenge with that is in today’s in today’s world, systems are so interconnected. So there are so many integrations, right. I mean, there are no, there’s no such thing as a simple network, or a simple ecosystem anymore. They’re just really incredibly complex. The cloud added to that because the applications are in the cloud, your data is with someone else your encryption keys could potentially be with someone else. So even though you think you’re secure your data and your keys could be in the hands of someone else, right, and you’re going across all these integration points to access and operate on the data, right. And there’s been this whole notion of layering defensive mechanisms, one on top of another to make it more secure. What that’s leading to is an extremely complex legacy mess, right part of which you have visibility and control, and part of which you don’t, when you use third party integrations, or third party products, you’re counting on them to keep their products secure. But as you’ve seen with ransomware, today, they’re leveraging those as carrier vehicles to inject malware into your system. So you have no visibility or control about that. Right? It’s a very complex, really complex ecosystem, you come to ransomware, what used to be a very simplistic email phishing scam, has now evolved into becoming such a complex, sophisticated thing that the skills and talent on the folks that are executing this things are often much better than the folks that are trying to build security products, because they mean pure, simply, there’s just so much money in it. Yeah, right. I mean, it’s an economy by itself. I think the the focus on securing data, right, in validating that the whole notion of zero trust or trust, but verify, simplifying security mechanisms is going to continue, it will need to evolve. I mean, the cloud is the future of this, really, I mean, I’m not making a bold statement at this point about that. On Premise based systems are eventually going to go away, everything’s going to be in the cloud, whether it’s applications data, as much as some organizations want to find, find it. That’s where the future is. You organizations need to step up and take ownership of security and privacy, regardless of where the data lives, right? I mean, you from the marketing space, a huge portion of the marketing industry works, where companies share data, when you share data, you’re essentially losing control of it. That’s not going to be acceptable, acceptable in the future. You need to be able to secure stay in control of data, even though you shared it with someone else. How’s that possible? Right? That’s the whole notion of creating a secure sharing data sharing network or secure security fabric, where you’re in control of the data all the time. Right, and you’re you’re you have access and privileges to see who’s accessing when they access it, and why they’re accessing, accessing it and staying in control of it. The whole notion of saying it’s with a third party or with somebody cloud service provider, namesecure is not going to fly anymore.

Tony Zayas 34:06
Yeah, I mean, it makes sense. And what you’re trying to do is is makes a lot of sense. And one more thing about just kind of generally, cyber security and security is I just read an article and it talked about how certain countries, you know, there’s no penalty as long as they’re, you know, hackers are not focused on people within their own country. And it makes me think, like, Okay, this problem is not going to get any better. So I’m just kind of curious about your gut like reaction to, to things like that. And, you know, the fear that we need to have as business owners, consumers, whatever about security.

Purandar Das 34:51
It certainly something that everybody should worry about, right? Whether you’re the consumer or a business owner thing. Yeah. I mean, it’s also no secret practically everybody’s data has already been hacked. And it’s available somewhere. Right? I mean, it’s just no secret, you can pretty much buy anything. Right? So now, how do you counter that? You counter that by eliminating the ability for people to monetize. Right? I mean, having a social security number and stuff is great. But monetizing it means you’re either trying to create a bank card, steal credentials to steal money, or open up a credit card. It’s about how you how you limit the criminals from leveraging or monetizing that information. To your point, I mean, I have a slightly different perspective on countries supporting criminals, right? I tend to believe that this has always happened. Okay. But it’s happened in the in the the smaller portion of stealing states state secrets, or proprietary information about processes or products, what is know happening is that same framework is being leveraged to generate billions of dollars in in revenue, quote, unquote, revenue, right? Obviously, everybody involved, including the countries that sponsor these guests are benefiting from some portion of that revenue. And as long as there’s money to be made, they’re not going anywhere. They’re just going to keep getting better, like we’ve seen with ransomware. It’s evolved so dramatically in sophistication in technical capabilities, that it’s scary, right? It’s it’s evolving faster than the, the capability to protect yourself. So yeah, keeping up with them, and then that’s where companies like ours, and this is not a plug for ours, but companies like ours, that are innovating on security approaches, security frameworks are going to be critical. Letting go of that legacy, belief that you’re secure in defense in depth and layering product upon product. That’s not going to work.

Tony Zayas 37:00
Yeah, I think if you’re not in the security space, you probably don’t realize that there. And again, I’m probably even not that knowledgeable. But, you know, you think of there are offices of people that are focused all day long on types of scans. And there are extremely intelligent people out there better than what are, you know, in some of the security companies that are are coming up with new methods? And so it’s a constant battle no matter what.

Purandar Das 37:30
Absolutely, right. I mean, and there’s always the inertia, right, if you have a large operational system, you have to deal with people complaining about you can make that an accessible keep that can’t be done for any amount of time. And we’ve got budget constraints. And all of these are essentially slowing down the adoption of new security and innovation. If you flip out the other group, they have no such inertia. They have all the motivation, and the drive to be as quick and nimble as possible. Because the faster they are, the more money they’re making. So that that that mindset has to change as well. And I think you’ve seen that being acknowledged all the way down from the administration right now. They had open conversations about getting the private industry involved. Everybody’s making billions of dollars and commitments. That’s just an acknowledgement of how bad the problem really is.

Tony Zayas 38:26
It’s crazy. It’s a game of cat and mouse.

Purandar Das 38:29
It is.

Tony Zayas 38:32
I’m shifting gears a little bit. I would love to hear about how you guys have grown, like funding wise, did you raise funds? Did you bootstrap? What did that all look like?

Purandar Das 38:43
Yeah, so we bootstrap the first couple of years, while we are tribal, validating the product concept and finding early adopters. You asked about finding good support and stuff, finding good investors is critical. Right? I mean, there’s a lot of money out there in this is notion that people refer to and I wouldn’t call it that, but they call it dumb money, right? There’s money if people are willing to give you money. But as a founder, I’ll tell you, finding the right. Backers, right investors that not just give you the money, but also believe in the product, believe in the concept and believe in the founders is critical. It’s critical because nothing goes to where you think it’s going to go. Right? This challenges having having good investors, that can be sounding boards that can help you work through to two issues, two challenges, and continue to give you support as you grow as critical. We’ve been fortunate to find a group, a group of investors that are completely supportive of us and backers. We did raise money back in 2019. We’ve been fortunate that the same group of investors have continued to back us multiple times so far. Just because they see the opportunity and believe in what we do. Finding the right investor system is really critical.

Tony Zayas 40:06
Yeah, and I’ve, you know, heard that point, a lot of, like you said dumb money. But I do think for founders that I’ve heard this over and over finding folks that have connections that have insight, there’s so much more to it than just the cash. Cash will get you only so far. So great point.

Purandar Das 40:27
Absolutely. And the other thing, I’ll say this, too, when it comes to raising money, as founders, there’s also a tendency to focus on dilution or loss of control, right? My personal opinion, and what we’ve experienced this, that’s not something you want to spend a lot of time worrying. Right? What that does is, if you’re focusing on just preventing dilution, you tend not to evolve, right? And you tend not to move fast enough. If the ultimate goal is to build a big, successful business that provides value, everything takes care of itself in the long run.

Tony Zayas 41:07
So what was the process of actually, you know, one thing we always hear is that it’s a full time job to raise money that, you know, you get a lot of these knows before you have to get 100. Before you get one, yes. What was the experience for you? And what advice would you have for other people looking to raise on how they should go about it?

Purandar Das 41:29
So interestingly enough, we we’ve actually been extremely fortunate in terms of how we got connected with our investors and how we did a raise. I mean, it’s not typical. I will say this, but we were extremely fortunate. My our initial round of fundraising consisted of one conversation, which is supposed to be a one hour call, one hour meeting 15 minutes into it, we haven’t Yes.

Tony Zayas 41:57
Yeah, that’s pretty rare. Right?

Purandar Das 41:59
It is. But that also goes back to finding the right investors, right. I mean, our backers was somebody that was experienced in this space had invested in a prior generation company that did data security. 15 minutes into it, he was like, Yep, I get it. I want to, I want to be a part of the process. And I want to back it as truly, I didn’t actually believe what I was hearing. I’m like, Yeah, this can be real. But that was

Tony Zayas 42:32
Well, I think your point is, you know, do your research, find the right people. And that helps with that. Yeah, from that that perspective, I’m kind of curious, what stage did you decide to do it? Because I actually have a lot of conversations with people about, you know, how early do you go in to look to raise money? You know, and a lot of the belief that I tend to follow and think is, you know, you want to get to a certain point of revenue, so that you’ve got validation. You know, yeah, you talk about the dilution thing, but really making sure that you’re walking the door with some leverage when talking to potential investors.

Purandar Das 43:10
Which is true. I mean, there’s no doubt about that. I mean, the validation can be multiple things, right. And it can be, it doesn’t necessarily need to be revenue. It just, it may be a prospect that’s willing to talk about how they’ve looked at your product, believe your product and helps communicate how it solves a big need for them. That is, in many cases, plenty. I mean, there are companies that have gotten funded with just a concept with nothing but a deck of slides. That’s true, too. But that typically happens to folks that have been through the startup process before and have proved themselves. Revenue is great. If I mean, really, that the best validation you can get, you get customers and revenue. Nobody can argue with you. But that’s not necessarily always needed. If you can find the right prospects, or right industry leaders that say, Yeah, I believe in this product, I’ve looked at the technology, and here’s how it’s going to help me or help this industry. That can be plenty. That can be plenty. I mean, founders typically will do one or two things, as I’ve seen, you either try to raise money too early, or you wait too long to raise money. There’s there’s really no magic metric about that. I would flip on both sides and say, raise money before you think you need it. Because it will help you grow faster and scale faster. It will give you a better chance of being successful. Don’t worry about dilution too much because really, that’s dilution can’t be the sole focus of your existence. It’s got to be the sole focus has to be about how you can go conquer the mountain. And if you’re on top of the mountain, that dilution really doesn’t matter. Right. So yeah, I I will say this, I think you should raise money before you think you need it for most founders.

Tony Zayas 45:05
Yeah, it’s great. You know, just kind of going off what you said about customers, it sounds like you’ve had, you know, the good fortune with investors and some of these other things and your background. What about that first customer? He said, revenue, it helps prove it. So how did you get that first customer?

Purandar Das 45:24
It took two guys personally, my co founder and I two years to get our first customer. Not that easy. It was There’s nothing easy, but it be really nurtured them cultivated them. I can’t even tell you the number of calls, the number emails, the number of presentations we’ve done to that, to that one group. But two things. One is they’ve turned out to be one of our biggest advocates today. And they were patient enough to deal with us as we went through this journey. But it Yeah, it took us a long time to get that customer.

Tony Zayas 46:01
Yeah. And was that someone that you would target specifically? Or was one of many that you were trying to talk to?

Purandar Das 46:08
At the beginning? We were throwing spaghetti against the wall? It literally said why would stick that we had I mean, I I probably had, I’d say somewhere between 200 to 250 conversations in the first 18 months. It came in the many nose with few yeses can give you. I mean, I can’t tell you how many nose it was. But we persisted with a few of them that ended up being really big opportunities for us. I mean, obviously, they understood what we were trying to do. And they were patient with us as we tuned our product optimized our pitch to to specifically address the need they had.

Tony Zayas 46:54
And that was you personally making phone calls, you know, kind of the grind of having to reach out to people, right?

Purandar Das 47:01
There was just my co founder night. Yeah, I honestly, I never thought I’d like that many calls or send out emails. But it is a part of the process.

Tony Zayas 47:15
Yeah, and that’s kind of the point is, you know, for me is that for most founders, like you said, a couple of times throughout this conversation is that, I mean, you’re gonna be hands on, you got to dig in. And you got to have that perseverance and especially gaining that first customer is often one of those areas, that’s just a little bit of a grind to get through and make happen. But once you do and get over that, it can be you know, big success.

Purandar Das 47:39
Absolutely. Yeah, I mean, did. I’m sure that a company organizations and products that are banded easy, but for the most part, it’s not easy.

Tony Zayas 47:48
I would love to hear a little bit just from a psychological standpoint. What did that feel like going through that period of time not getting any customers? You know, putting yourself out there constantly getting knocked down, told no, yet keep getting up? And continuing on? Were there any moments where you felt like, you know, you second guessed the business? Or the model? And how do you how did you personally maintain that drive to move forward and make it work?

Purandar Das 48:22
Believe me, I woke up a lot. And I’m sure my co founder did, too. We woke up a lot of mornings asking ourselves, what what do you guys do it? The belief in the technology, the belief in that we had a product that could provide value is what kept us going. I would say support from the family. Those are probably the two reasons why we kept going.

Tony Zayas 48:48
It’s great. Earlier you said you know, as far as investors go is finding the right people that was important. On the other side of it. From the team perspective, you know, growing out the Sotero team, how did you find how has the team grown? And how do you continue to find good people that help you realize your vision?

Purandar Das 49:13
We’ve added I mean, we’re actively adding people we’re growing right now we’re hiring people, especially on the go to market side, as you would say, sales and marketing. We’ve been fortunate and some of the I mean, when we when we talk to people and I won’t say interview, right, it’s more of a conversation but finding the right fit, which is a big part of that interview. Interview clean slate. Feels like you’re interrogating something and interrogating somebody and that’s not the right way to approach it. It’s got to be a conversation to find the right fit the philosophical philosophically as well as skills wise, right? I mean, you just said something about in a start up, you just have to be ready to do everything. That’s a big part of it. Right and in And what we do is evaluate or validate that they kind of work with the two tenets that we have is work with integrity and be resilient because challenges haven’t stopped. I mean, as a startup, you’re constantly either growing or finding new customers, you’re scaling, there are always going to be challenges. Finding people that interact with everyone in the organization with integrity is critical. Because you don’t want to have a lot of guesswork to do about how somebody is feeling. Did they tell you the complete truth, the heightened, you don’t want that because that just takes away a lot of energy, right, and makes you less productive. Being ready to deal with setbacks is a big, big key part of the process. It’s really key, right? I mean, even today, I mean, even though we’re growing and scaling, and we’ve gotten traction, there are still more nose than yeses. Being ready to deal with that being ready to deal with customers saying, hey, we want something today. They’re a big customer, you can’t really say no, constantly dealing with that being resilient is a big part of it. In short, I think you as founders in a startup, you need to figure out what your key beliefs are going to be, as you build out the culture, and make sure that people buy into that culture.

Tony Zayas 51:20
We talked to a lot of founders about that culture piece. How how intentional Have you been about the culture? You talked about integrity, resiliency, great, you know, traits. But how, how much have you kind of intentionally put into that you and your co founder

Purandar Das 51:39
we have, we have spent, we have spent a lot of time validating people as we bring them as we bring new people in. Because like I said, I mean, one bad hire, right, or one person that doesn’t fit into the culture can be extremely detrimental, especially in a startup, right, you have to count on everybody in the organization to be successful, you can’t have one person that’s not bought into it. We spend a lot of time validating that they fit into the thing. I mean, we demand that let me put it that way. We demand those two qualities of all the people that we bring in. I mean, it’s just because we’re focused on the bigger picture of being successful as an organization. And we are kind of aware of what even a single person that doesn’t buy into the thing can cause.

Tony Zayas 52:29
It’s great. So just kind of as we’re getting close to wrapping up, what’s the future look like for the product and the organization? What do you what do you see happening in the next one to three years?

Purandar Das 52:42
I’ve been really right now the product is the company. For us. It’s all about scaling. I mean, it’s about getting, we’ve gotten the product to market, it’s about finding more adopters, finding things, getting fine tuning some of the remaining features of the product in terms of supporting unstructured data, so we can really roll out this notion of a security fabric. Right? We have all the pieces in place, including the good market aspect of it. Now it’s just a matter of scaling. Yeah, that’s great.

Tony Zayas 53:15
So I was just gonna jump in handy before we ask kind of our last question here. And wrapped up forever. Where can people who are watching want to learn more about Sottero? Perhaps more about you? Where’s the best place to look and connect? And sure.

Purandar Das 53:33
So on our website is Soterosoft.com. Put on dash on LinkedIn, or dashGP on Twitter, Soterosecure on Twitter, which is our company Twitter as well. Please feel free to reach out happy to share with you our journey and how we can help.

Tony Zayas 53:54

So just kind of a final question that we ask everybody is, if you were able to go back in time to have coffee with yourself. Right before you started the company, what advice would you give?

Purandar Das 54:09
I would have said, confidence and belief in yourself. much earlier than then when I made the jump. Really that that was that’s all that’s needed. If you’re confident about what you believe in, you’re good to go.

Tony Zayas 54:27
It’s awesome. Well, forever. Thank you so much perimeter dos from Sottero encourage you guys go check out the site and pay attention to what he’s doing. We really appreciate your time on the pop up one last comment here. Cool stuff. Very interesting. It’s awesome what you’re doing and hopefully we you know, see you guys continue to grow and do great things. Thank you to everyone for tuning in. We will see you again next time. And until then, thanks so much.

Purandar Das 54:55
Thank you, Andy. Thank you, Tony.

Tony Zayas 54:58
Thank you, everybody.