Meet the founder: Jonathan Haas, ThreatKey

11/28/2022
We sat down with Jonathan Haas, CEO & Founder of ThreatKey to discuss Customer Experience from the perspective of a founder. We covered topics such as the value of speed in Customer Experience, differentiation as an early stage software company, organizational structure, and much more.

Thanks for making time to connect with us today! Can you give us a little bit of background about yourself and ThreatKey?

I'm Jonathan Haas, the CEO and founder of ThreatKey. ThreatKey came to us through a number of realizations that myself and my co-founder had in prior roles. I led Security Operations at Carta before this, had a similar role at DoorDash, and before that at Snapchat. Carlos, my co-founder, had similar experiences.

What we essentially realized is that we were going from company to company, these really high-growth, amazing businesses – but we were setting up the exact same things. We started thinking about how that didn’t really make a lot of sense, going from place to place and essentially building the same thing, and that actually, this problem was everywhere. So we started ThreatKey.

ThreatKey allows organizations to secure their SaaS apps and Cloud Infrastructure. Our main value prop is how fast it is: a customer can get in there and get a sense of what’s wrong or broken without spending a lot of time or effort. We help make sure everything is secure, very quickly.

In an interview with LimaCharlie, you talked about how you are focused on delivering real value to people, and oftentimes that means a 24/7 process. How do you think about the value of speed as it related to the Customer Experience at ThreatKey?

Speed to us is everything. For example, for our GitHub integration – you can connect to it and start securing Github in under a minute. That’s valuable to us in terms of our go-to-market strategy for sure, but it’s also very valuable for our customers when they can jump in and immediately get the value that our product can provide. It’s not a long process of setting things up: in many cases, you don’t even have to talk to us and we can start providing value from day one, minute one.

Would you say that speed to value is a commonplace emphasis in the market that ThreatKey serves? What's your read on Customer Experience in the cybersecurity space more generally?

Speed and a focus on Customer Experience are definitely areas where ThreatKey is differentiated from competitors.

If you look at most of the competitors in our space, they have very traditional enterprise go-to-market motions and customer success motions. Maybe you’ll have a CSM who you can call, but you can’t go in and purchase the product. You can’t self-serve, you typically have to reach out to support; there’s ticketing involved, etc.

For us, those things are slowing down the customer from achieving their goals. We believe you should provide all the things to support them, but if the customer decided they wanted to buy something right now, or they wanted to set up an integration right away, they can’t do that with the offerings that are currently on the market. We think that’s unacceptable.

We believe there should be a solution that you can set up quickly and start securing your environment from day one.

Are there any companies in the space that you look at as really clearly having a strong customer-centric philosophy and approach?

I think LimaCharlie actually does this well. They have a similar mindset to us, which is essentially: let’s start from first principles to make sure we’re delivering value for customers, and then how we can make that customer base broader.

In the beginning, we ask ourselves does this solve a problem for SMB’s, does this solve a problem for Enterprise, or does it solve a problem for Mid-market? If it solves a problem for one of those markets, can we expand outward and grow that coverage while ensuring that we are still solving the right problems? Are we delivering on the value that each of these folks needs at the level at which they need it?

Along those lines, how do you go about understanding the answer to the question, "Is what we are building the right thing?"

We get a lot of feedback from customers. For instance, our product surfaces security findings for our end users. When you’re on a page and you’ve received a couple of security findings, we’ll simply ask in-product what you think of the quality of that finding. Depending on your answer to that question, that might result in us taking a different approach.

If you didn't love the finding, is it because you didn’t like how it was described? Or maybe you don’t think it’s accurate? We want to be able to quickly get that feedback because if that experience is had by one customer, there’s a good chance multiple customers will have a similar sentiment.

If you say, yeah you loved the finding, that could be something where we go in and say let’s explore what you love - what about this made it fantastic for you? Was that exactly what you were looking for? Did we surface a risk that you didn’t know about?

One of ThreatKey's core values is "Customer Delight." As the founder of a growing startup, what do you look for in hiring new team members and how do you think about embedding this value throughout the organization?

To start, we focus on hiring people who have experienced the problem very acutely. I can go to every person on my team and ask, “Why did you join ThreatKey?” and the response is basically well if we didn’t, I’d be building a crappier version of ThreatKey at some company I work for.

For us, customer delight is important in large part because we’re starting with that route. We want to have delight in our own product. We’ve been in our customer’s shoes and we want to be able to experience something really really good.

Another important detail on this topic - instead of just customer obsession, we raise the bar to customer delight. It’s not enough to just focus on your customer acutely and say “Hey, we’re all about the customer.”  For us, it’s not enough for us to just meet the bar of our competitors. It’s not enough for us to say, “Hey, we have feature parity, or we are faster, or we have more findings.”

It really distills down to everyone on the team focusing on delivering customer delight – from engineering to sales, to marketing, no matter who it is. The experience for a customer should be fantastic.

That also translates into how we do support. One of the reasons we use Channeled, is because being able to very, very quickly respond to customers and triage feedback to appropriate teams is super important to us. If you’ve purchased a security product before, oftentimes you send a support ticket that goes somewhere – who knows where, and two days later you get a response saying “Hey, we installed it.” Oftentimes, they installed it wrong, so then you submit another support ticket. At this point, you’re four days into maybe accomplishing the goal you originally set out to accomplish – and the support that you're supposed to be getting has made you nothing but frustrated.

That’s where we say no, that’s not acceptable, that’s not the experience we want for folks.

How do you think about your org structure, as it relates to streamlining customer feedback and breaking down information silos?

From a very early stage, we established core functional groups on the team. For example, we have an internal platform team, and other teams are branched off of that team. Another example, we just launched a Jira integration, and we have functional owners of that integration. This allows us to take an issue and rapidly assess and route information to the appropriate teams.

Additionally, back to the point of Customer Delight, by having individuals directly responsible for a portion of the product, they really own the success of that product and that drives an intrinsically higher quality.

Who is typically on the front lines of customer communication at ThreatKey?

It’s mostly myself and one of our SDR’s. Many of our customers are more engineering-leaning, whether that be on the security side of the DevOps side. We do a decent bit of back and forth between our core engineering team and our customers. When someone needs to go technically deep on a topic with a customer, they’re capable of doing that.

What communication tools do you use for communicating with customers?

We like to work where our customers work. That’s a core tenant of what we believe in. It really starts with, let’s meet them where it’s best for them so that we can get this feedback as quickly as possible and do something about it.

Oftentimes, that’s Slack. Slack is great for being abel to provide really quick feedback and iteration. A customer is able to say, “Hey, this thing doesn’t look right” and then we’ll be able to quickly triage that, jump in, and understand the problem.

Put it this way – we’ve had customers who have messaged us, and 15 or so minutes later we’re responding back with a solution or change that we’ve implemented. Such a great experience, right? We’ve gotten consistent feedback from customers that are like, wow, you really went above and beyond and responded in a couple of minutes. Sure, that’s customer obsession, but it’s really delight.

You’re not just focused on making them happy, you’re focused on making it a wonderful experience.

How did you learn about Channeled and what problem were you hoping to solve?

A customer of ours was actually using Channeled and we happened to see that they were very very good at communicating with us – their response times, how quickly they would categorize issues, their efficiency in tagging folks on their team that needed to respond, etc. For us, we had many of those same goals.

We wanted very quick responses, we wanted the right people to be responding, and we wanted a way to do that in a more streamlined fashion than just sort of ad hoc jumping in. I mean, ad hoc jumping in is great – but when you can really have SLA’s around things, alert people, quickly prioritize, triage, etc. – we’ve found in our experience it’s a much better approach. You really can’t do that with existing tools in Slack.

It’s been fantastic. Channeled allows us to assess how we are performing: are we responding in time? Are we surfacing the right things to the right people? Are we making sure that we never lose some context that’s important? Channeled is immensely helpful in making this happen.

Any shoutouts or roles that you are hiring for?

Yes! We are looking to hire an Account Executive, folks who have existing security experience ideally. We feel like we have got the delight part down, and now we are ready to grow. You can learn more on our website at www.threatkey.com.

Thanks again to Jonathan for sharing his insights and experience with us. Have follow-up questions or topics? Reach us below – we'd love to hear your feedback. 💙