When I was initially approached by Appfire about selling Mohami, I wasn’t really interested in selling. I’d become very proud of Mohami, the team I’d built, and the growth that the company had. I was very invested in seeing that through. However, I was curious about how the process worked, so I decided to discuss it to get the experience.
But there was something happening in the background. We had been approached by Atlassian to build a set of security tools for Bitbucket on behalf of a very large public sector client. This client was concerned that they had a significant exposure to potential breaches because of accidentally committed credentials such as API keys, SSH keys, and passwords. These types of secrets are a common vector for privilege escalation by attackers. I realized that if this agency had this level of exposure, the rest of the world was likely far worse off.
Unfortunately, a global crisis in cybersecurity has become increasingly evident in the past year. Microsoft’s exchange servers were hacked by China, T-Mobile’s data breach exposed the personal info of more than 47 million people and even the U.S. government has been falling to large scale attacks, among many others. These breaches have become significantly more common; the push in recent years to move everything into the cloud makes their reach and impact that much worse.
The push for a centralized cloud where we have large companies providing almost-ubiquitous services (like Facebook, Gmail, Instagram or Atlassian’s own push for cloud-only Jira) creates easy targets for organized criminal groups and state actors. State governments are becoming more active in attacking these services, to a level which feels like all-out cyber warfare.
Now, I’m not advocating for moving back to pen and paper. Financially and logistically, cloud services make sense. But the tech industry has been unprepared for the consequences of a cloud-only world. We’ve been pushing into the cloud without building the necessary security tooling and infrastructure alongside it to make sure we stay safe.
This was eating at me. I realized that I had to push for building this tooling; I couldn’t just sit back and hope someone else would. So I decided to sell Mohami. This way I could devote all my time and resources to work on keeping people safe. And with that, Soteri was born.
The word Soteri comes from the Greek goddess Soteria, who is the goddess of safety, salvation, deliverance, and preservation from harm. My goal is to do that for both individuals and organizations. We’ve already been able to help Mercedes Benz, Barclays Capital and Anthem with our Soteri Security integration for Bitbucket. And in the coming months we will slowly be rolling out Soteri to other services. If you have any questions about integrating Soteri with your software, feel free to reach out to firstname.lastname@example.org.
If you or anyone you know is interested in helping us in this fight, we are hiring aggressively. Our core team is made of former SpaceX engineers, and we’re fully remote — you can join us from anywhere. Send your resume to email@example.com.