On May 23rd, ReversingLabs announced that Peter Doggart was appointed as the company’s new Chief Operating Officer. Doggart, an Operating Partner at Crosspoint Capital, will head up the sales, marketing, business development and customer success organizations at ReversingLabs.
Doggart is well positioned for his new role. In his 20+ years of operational experience in the cybersecurity industry, Doggart has held leadership positions at Armis, Symantec and Blue Coat. Doggart’s knowledge and expertise span everything from hardware design and network security to product and business strategy, product management and marketing, alliances, channel and services marketing, and more.
A competitive sailor, Doggart understands the benefits and importance of teamwork, cooperation and good communication in a way that few can. So how does he view the road ahead at ReversingLabs? I sat down with Doggart to talk about his new role and what attracted him to ReversingLabs. We also discuss the fast-evolving software supply chain security space, and how Doggart sees threats to, and attacks on, development organizations and development pipelines reshaping the security marketplace in the months ahead.
The full Q&A with ReversingLabs COO Peter Doggart follows.
Paul Roberts: Talk about your decision to join ReversingLabs as COO. Why now? What interests you about ReversingLabs technology and its position in the industry?
Peter Doggart: I've known ReversingLabs for some time, and what interests me is that ReversingLabs has built out and pioneered, really, a set of technologies that is very differentiated and unique. One can argue that no one else is doing this to this extent, doing complex package analysis. And what we found very recently is, look, that there's a whole new suite of use cases here, a whole new level of pain around the software supply chain that frankly isn't tapped. There's been a lot of money being poured into, I'd say, other technologies to look at sources like SAST and DAST, and IAST, SBOM and SCA, all that good stuff, and they're all great. But ultimately, post build is you own the trust mark. You and that level of confidence that what I put out is going to be obviously secure, free of malware. This is your brand at stake, ultimately. So this is a very, very important space, and I think it's not going to get less important. It's going to get a whole lot more important over time. So I think that really interested me to say, hey, I want to be part of that. I want to help make ReversingLabs own that so when people think about that, they go “ReversingLabs.” So it's really about building a brand new submarket, and that's very rare to do in security.
Paul Roberts: I feel as if the last five or even ten years has all been about this notion of “shift left”, right? Pushing security more into the development lifecycle. But we bracketed or just missed the fact that attackers also were shifting left. They followed us there and woke up to the idea of ”hey, it's so much easier to just target these open source ecosystems that everybody's pulling stuff from.” And there's a lot of loose practice out there - a lot of ‘hope and a prayer.’
Peter Doggart: People often forget these software application engineers, these developers, they're not security people. They don't want extra hoops to jump through. They don't want extra tools. All they want to do is they want to produce, obviously, quality code. And if ReversingLabs can be that very simple, very fast way to produce quality code, they're going to love it. It's going to be something that they want to go to do versus having to jump through 15 different hoops as they build their software. So this could be very good for these software developers, not necessarily to sell to, but also the more so there can be a big advocate for ReversingLabs in the future.
Paul Roberts: Software supply chain security and attacks on software supply chains are growing in prominence. What about this particular threat is so challenging for traditional security firms?
Peter Doggart: I've been in big firms, I've been in publicly traded companies like Symantec, and they no longer have the innovation gene. It's kind of gone. I say innovation for them is more evolution of the tech stacks. They will look to basically just go acquire tech to grow. Like Palo Alto does that all the time. Cisco does that all the time. ReversingLabs, to me, is a very innovative, very research-forward company. It has the ability to go do that where larger companies do not, and they will not because they're not going to spend their extra opex to go do those things. Because this is hard. This is very hard, what ReversingLabs is doing. I think we're in a very interesting space and it's kind of ours to lose because those big infosec firms, they're not going to go there. They may try to acquire it in the future, but they're not going to go build it.
Paul Roberts: You have a long and storied history as an executive in the cybersecurity industry, with work at firms including Armis, Symantec and Blue Coat. What lessons have you taken from those prior roles about the best way to grow a cybersecurity startup?
Peter Doggart: I actually don’t consider ReversingLabs to be a startup. We have a very mature tech stack. With startups, you tend to go in and they basically prototyped software and they're trying to figure out the fit with the industry, with the customer. And then there's like 100 guys in the back room behind a curtain frantically writing features as the customers tell, if you're going to do this, then you've got to do this. So they're frantically prototyping to fit with the narrative.
Paul Roberts: Building the plane while flying it, basically.
Peter Doggart: Yeah, exactly. ReversingLabs, they built a very solid engine. And for me, joining here is actually really about taking the essence of that and making sure people understand what pain we solve. And what does ReversingLabs look like? What does a customer look like without ReversingLabs? And after ReversingLabs, how do we paint the picture of the business value after we go in? How do we show the proof points and show our differentiation? Basically tell the customer, “look, if you're going to go down our path, here's how we're going to make your business more valuable, more secure, lower your risk, improve your day to day” and so on. Just pull together those dots and - if you do that right- things just start to work.
I see a lot of failures in this business by just trying to sell a piece of tech and then you've got a piece of tech and you try to find a smoking gun. And you end a year of sales cycles trying to find that smoking gun that isn't repeatable. So you end up with a bunch of really expensive salespeople who are amazing about what they do, but all they're doing is trying to find a smoking gun. It's not repeatable. So I like to come in and build a repeatable playbook for the business. So the messaging is super clear, the pain we're solving is super clear, who we're targeting is super clear. And we go in with three or four plays that are very repeatable and then we can start to turn on the real sales machine, which includes the indirect go to market, the channel, the GSIS, they start to click with it and that starts to build the muscle memory. That starts to build more muscle memory and you just grow from there. It's that inertia to get going, which is the hardest thing. And that's where ReversingLabs is right now. It's that inertia to get it going. Makes sense.
Paul Roberts: You're joining ReversingLabs at an interesting time. The company recently penned two major partnerships, with PWC and Synopsys. Talk about the importance of strategic partnerships for ReversingLabs going forward, and what opportunities exist out there for a company with technology like ReversingLabs.
Peter Doggart: Partnerships, alliances, channels, all these things are very important because they add leverage to the business. So your customer acquisition costs dramatically drop when you go through these channels. So your leverage point becomes way way greater. You make your business look 100-fold bigger than it really is. So that's what I like about these things. And also, this Synopsys thing is amazing because it's very much a win win. We solve their pain, we solve our pain by basically scaling up our company by getting closer to those customers that actually care. So it's a very natural thing to do.
I think the other thing I like to do as well with these alliances — these strategic partnerships — is sometimes you can't get to everyone. Like I'd love to get to Microsoft as being a big strategic partner, but you start out with say the tier 2s as you start out going after and building up a partnership base and you start to get FOMO... People go, oh, I want that. Yeah, I want in. I like what you're doing over there. I like FOMO, it works.
Paul Roberts: Our work is only part of who we are. What are some interests and passions you have outside of the office?
Peter Doggart: So, a couple of passions. The biggest one is sailing. I'm a big offshore racer and sailor. Love doing that.
Paul Roberts: Did you grow up sailing?
Peter Doggart: No, I didn't, actually. I started 20-odd years ago when I met my wife, and actually she did sailing, and I was like, oh, she's cute. I got to sailing through that. But I just fell in love with it and sailed ever since. Twenty or 26 years now, I guess. And I love the capaciousness of it. I love the fact that when I'm offshore, I am completely alone. The freedom and the experience you get being offshore with just nothing around you. You have no communications. You just have yourself, your mind, and wind and the sea. That's it. And you are in complete control. It's exceptionally freeing. That's what I love about that. And the other passions I've got are good wine and good food. So that's why I like to do outside of work.
Paul Roberts: Peter, thank you so much for taking the time to talk!
Peter Doggart: Sounds good. Thanks, Paul. I appreciate it.
- Update your understanding: Buyer's Guide for Software Supply Chain Security
- Join the Webinar: Why you need to upgrade your AppSec for the new era
- Get the report and take action: The State of Supply Chain Security 2024
- Join the discussion: State of Software Supply Chain Security Webinar
- See Gartner's guidance on managing software supply chain risk