BLOG

From the Desk of the CEO: ZeroFox Listed!

21 minute read

ZeroFox was founded on January 14, 2013 and on August 3, 2022 we reached the milestone of becoming a public company. Nearly a decade ago, we recognized an unmet need to help companies manage and reduce cyber risks associated with the next generation of digital transformation. To remain in contention, companies and threat actors alike found new opportunities to capitalize on in cloud, social media and digital platform adoption. Endpoint and perimeter protections were not enough to address this new era of threats. Mitigating risk required a new security paradigm shift – enter ZeroFox.

Our Mission

ZeroFox’s mission is to make the internet safer, eradicate cybercrime, and promote digital prosperity. Said differently, we are helping address humanity’s cyber crisis that this digital paradigm shift introduced. Admittedly, it is a bold mission that has both informed and differentiated both our technical approach and modular design. Our artificial intelligence processing capabilities’ depth and scale, enhanced by our data collection and human intelligence capabilities, have given us an advantage over attackers. This head start is meaningful because, simply put, there is no substitution for historical data and intelligence and they are constantly being leveraged to train our AI models to catch the “next big external attack pattern.”

As businesses embraced digital technologies to support remote work – cloud computing, digital collaboration, social media marketing, online recruiting, customer targeting and next generation metaverses – it became clear that traditional internal endpoint and secure edge firewall protections would require complementary external cybersecurity protection to round out the cybersecurity triple crown tech stack: internal, edge, and external security. We knew our overall solution to this challenge would entail long-term thinking and innovative planning. 

For the last nine years, we’ve been laser focused on just that. We’ve partnered with customers always, in all ways, to ensure that we were effectively innovating; built an AI-powered platform to thwart the next generation of cyberattacks, and have amassed one of the world’s largest and most experienced groups of threat intelligence analysts, cyber defenders, and cybersecurity breach response experts. Our relentless pursuit to improve our customer’s outcomes drives us to hire amazing talent, which has become a consistency for us culturally. We are purpose-driven and seek out those who will constantly raise the bar. #FoxDenMentality

“The experience has been as rewarding as it was challenging.”

– FOSTER

The Long-term Vision & Opportunity

Our investors and early-adopting, forward-thinking customers afforded us a unique opportunity to think long-term. All too often, I am told stories by start-up CEOs whose investors ask them to become profitable out of the gate or skip critical architectural development steps to achieve short-term margin gains. Our platform took years to mature and bring to market. We created philosophical rules to drive our vision and set the stage for future innovations. For example, our technology team did not purchase any servers or hardware. We knew that, to be successful and achieve scale, everything must be operated in a cloud environment on day 1 – this rule is still in place today! We also decided against a standalone QA team; we would instead force ourselves to work in multiple hosting environments, with security baked into everything we do. We instilled in our software engineers personal accountability for their design and code. This enabled us to hire a different type of software engineer and became a principle for the company, where accountability became a guiding light for our evolving culture. 

It became increasingly clear that the ZeroFox Platform must solve three challenges to be successful: 1) find and process huge amounts of unstructured data; 2) analyze that disparate data in real-time; and, 3) once the data is found and analyzed, take meaningful action to address risk and protect our customers at scale. We quickly found that scale would require artificial intelligence. 

Becoming World-class at Global Intelligence Collection

Our initial data collection goals and requirements led us to build a global intelligence collection apparatus that was always-on, always-efficiently-scaling, and modular, where adding the next intelligence source could be accomplished in minutes – not weeks – of development cycles. Our collection capabilities had to support various ingest formats including APIs, app stores, internal company data streams, underground dark web forums that are nearly impossible to access by untrained individuals, text-then-email-then-slack messages, pictures, emojis, and even videos. We began to amass data in every language from every country in the world, including places where people don’t want others accessing their data, i.e. the darkest corners of the underground web. This constituted the top of our customer value proposition funnel. If we didn’t collect on a piece of intelligence, then we wouldn’t have been able to process and alert on it, remediate the issue and protect their brands, people and data; and ultimately create a safer environment for our customers across the internet. We had to master intelligence collection, and, indeed, we did master it, while understanding that our work here would never be finished. 

Processing the World’s Intelligence

Through both organic growth and acquisition, we have created a comprehensive and functional threat intelligence data lake that we believe gives us a competitive advantage to solve our customers’ most pressing security problems. To process this ever-growing intelligence data lake, we wrote our own patented programming language, which is appropriately named Foxscript. Foxscript is a purpose-built security language that enables us to run real-time intelligence processing and contextual alerting through rapid script creation. Our AI processing engine and unique library of Foxscripts functions somewhat like a Rosetta Stone. Consequently, we can write general rules that detect threats like malicious URLs and impersonations, as well as customized policies for each customer. Those rules employ our AI libraries for tasks like computer vision for image analysis, neuro-linguistic programming for language and sentiment analysis, and machine learning for link analysis. This modular design enables us to leverage the appropriate technology for the right challenge set and empowers us to automate actions to operate efficiently and effectively while mitigating risk in near real-time to protect our customers. 

Responding to Security Threats, Breaches and Incidents

The last piece of the puzzle entailed making our intelligence actionable for our customers. Customers had become increasingly frustrated with the state of the security intelligence industry, specifically the need to endlessly search for information in a sea of valuable, yet seemingly unending and unstructured, data. We aimed to make life easier for our customers, not create additional work for them. We knew that innovation would be required to automate end-to-end disruption and response capabilities. The ZeroFox disruption capability set enables us to takedown an attacker’s infrastructure, remove digital accounts that impersonate our customers, and thwart a digital attack before a single packet ever hits a firewall or endpoint device. We became our customer’s first line of defense! This is a role that we embraced and a responsibility that we take seriously. 

This response capability has expanded through our interconnected, 24×7 global security operations centers. Our security operations centers were built to align with customer platforms via automation to ensure we can stay in lockstep ahead of a rapidly evolving adversary. With the addition of IDX, a leading digital privacy and breach response provider and ZeroFox’s long-standing partner, our response capabilities will extend across the full lifecycle of external cyber attacks, pre- and post-breach. IDX has protected more than 40 million individuals at thousands of organizations across the private and public sector. As attackers and attacks persist, we will continually answer the call for customers around the world. 

Executing on that vision is made possible because of the people that comprise ZeroFox. Investment in our people has always been one of our uncompromising strategies. We measure employee happiness, health, and career security regularly to understand what’s working, what’s not, and how we can show up for employees moving forward. Our team members act not only on behalf of ZeroFox, but also as extensions of our customers. The better our people are, the better we are, and the safer our customers are. 

“Our most important and valuable advantage is our people. I am unbelievably proud of what our foxes have accomplished over the last decade and especially everyone’s perseverance throughout the pandemic.”

– Foster

We work hard and reward those who work toward mastering their trade, enable their fellow Foxes, and lay it on the line for our customers. While our continuous pursuit of perfection pushes us every day, helping our customers win fuels our inspiration and energy. 

“Our secret sauce: hire people who will love where they work, with whom you want to work, and who will put our customers first.”

– Foster

What’s Next

Over the last few years, we’ve made strategic investments that have strengthened our protection and disruption capabilities while moving us toward expanding our platform, which now includes ZeroFox Protection, ZeroFox Intelligence, ZeroFox Disruption and ZeroFox Response. We’ve combined critical threat intelligence (ZeroFox Protection) with digital protection  (ZeroFox Intelligence) to safeguard brands, domains, and employees against threats across the internet – where business happens and threat actors lurk. With the addition of IDX and our new ZeroFox Response, we will better execute on our shared vision of addressing threats at every stage in the external cyber attack lifecycle.

Collectively, we have been protecting businesses and individuals for decades. When a breach happens, how we respond affects the outcome. By combining ZeroFox and IDX, we are creating the only company that addresses the full lifecycle of external cyberthreats and risks. As such, we have been recognized by the best for being the best.

As the first external cybersecurity company, our duty has always been to protect our customers – their businesses, their brand, their people, and their customers. We take every opportunity to outpace the adversary. Accordingly, we empower organizations to innovate and operate uninterrupted by informing early, protecting proactively, and responding rapidly to every phishing attack, fake account, stolen password, botnet, breach and whatever comes next. 

We’re ready for the next step in our journey, leading the way for the cybersecurity industry to embrace strong external cybersecurity strategies as one of the three required pillars of the modern security triple crown. We thrive in the unknown, and our AI-powered technology is purpose-built to adapt alongside threats and business needs.We believe that security shouldn’t stunt innovation; it should strengthen it. 

At ZeroFox, we recognize that we are in the midst of a cyberwar where our customers are perpetual targets. We will help customers bring the fight to the adversary beyond the perimeter, where threat actors have had the advantage for far too long. We will answer the call, as cyber defenders, hackers, and intelligence dark artists. We will work as an extension of your organization as  passionate customer advocates, innovators, and disruptors. We will defend customers always, in all ways, because, most importantly, we are Foxes. 

Until next year. 

Foster

Chairman, CEO, and a Member of the Fox Den

Forward-Looking Statements

Statements in this communication may constitute “forward-looking statements” under the Private Securities Litigation Reform Act of 1995. All statements, other than statements of historical fact, that address activities, events or developments that we expect, believe or anticipate will or may occur in the future, including statements related to plans, strategies and objectives of management, our business prospects, our systems and technology, future profitability and our competitive position, are forward-looking statements. The words “will,” “may,” “believes,” “anticipates,” “thinks,” “expects,” “estimates,” “plans,” “intends,” and similar expressions are intended to identify forward-looking statements. Forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those anticipated by these forward-looking statements. The inclusion of any statement in this communication does not constitute an admission by ZeroFox or any other person that the events or circumstances described in such statement are material. In addition, new risks may emerge from time to time and it is not possible for management to predict such risks or to assess the impact of such risks on our business or financial results. Accordingly, future results may differ materially from historical results or from those discussed or implied by these forward-looking statements. Given these risks and uncertainties, the reader should not place undue reliance on these forward-looking statements. These risks and uncertainties include, but are not limited to, the following: our ability to recognize the anticipated benefits of the business combination; defects, errors, or vulnerabilities in ZeroFox’s platform, the failure of ZeroFox’s platform to help customers minimize cyber attacks on their assets, misuse of ZeroFox’s platform, or risks of product liability claims would harm ZeroFox’s reputation and adversely impact our business, operating results, and financial condition; if ZeroFox’s platform offerings do not interoperate with our customers’ network and security infrastructure, or with third-party products, websites or services, our results of operations may be harmed; we may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements; our ability to introduce new products and solutions and features is dependent on adequate research and development resources and our ability to successfully complete acquisitions; our success depends, in part, on the integrity and scalability of our systems and infrastructure; we rely on third-party cloud providers, such as Microsoft Azure, Amazon Web Services, and Cloudflare, to host and operate our platform, and any disruption of or interference with our use of these offerings may negatively affect our ability to maintain the performance and reliability of our platform which could cause our business to suffer; we rely on software and services from other parties; ZeroFox has a history of losses, and we may not be able to achieve or sustain profitability in the future; if organizations do not adopt cloud, and/or SaaS-delivered external cybersecurity solutions that may be based on new and untested security concepts, our ability to grow our business and our results of operations may be adversely affected; we have experienced rapid growth in recent periods, and if we do not manage our future growth, our business and results of operations will be adversely affected; we face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition, and results of operations; competitive pricing pressure may reduce revenue, gross profits, and adversely affect our financial results; adverse general and industry-specific economic and market conditions and reductions in customer spending, in either the private or public sector, including as a result of geopolitical uncertainty such as the ongoing conflict between Russia and Ukraine, may reduce demand for our platform or products and solutions, which could harm our business, financial condition and results of operations; the COVID-19 pandemic could adversely affect our business, operating results, and financial condition; if we fail to adapt to rapid technological change, evolving industry standards and changing customer needs, requirements or preferences, our ability to remain competitive could be impaired; if we are unable to maintain successful relationships with our channel partners, or if our channel partners fail to perform, our ability to market, sell and distribute our platform will be limited, and our business, financial position and results of operations will be harmed; we target enterprise customers and government organizations, and sales to these customers involve risks that may not be present or that are present to a lesser extent with sales to smaller entities; historically, one U.S. government customer has accounted for a substantial portion of IDX’s revenues and is expected to account for a substantial portion of our revenues following the business combination; we may need to raise additional capital to maintain and expand our operations and invest in new solutions, which capital may not be available on terms acceptable to us, or at all, and which could reduce our ability to compete and could harm our business; there may not be an active trading market for our common stock, which may make it difficult to sell shares of our common stock; our common stock price may be volatile due to factors outside of our control; the convertible notes issued in connection with the business combination may impact our financial results, result in the dilution of our stockholders, create downward pressure on the price of our common stock, and restrict our ability to raise additional capital or take advantage of future opportunities; we rely heavily on the services of our senior management team, and if we are not successful in attracting or retaining senior management personnel, we may not be able to successfully implement our business strategy; and our management has limited experience in operating a public company.

Additional information concerning these, and other risks, is described under “Risk Factors,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations of ZeroFox” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations of IDX” in the definitive proxy statement/prospectus of L&F Acquisition Corp. filed with the SEC on July 14, 2022. We expressly disclaim any obligation to update any of these forward-looking statements, except to the extent required by applicable law.

Tags: Cyber Trends , News

See ZeroFox in action