In February of 2011, Mat Gangwer, a Purdue student pursuing a degree in Computer Information Technology, became an Information Security Analyst intern for Rook Security.
When Mat started, Rook’s core business was providing assessments to determine a company’s current security posture. As the company was getting ready to grow and expand, Mat — who was working as a full-time intern and going to school full-time — quickly became engrossed in the day-to-day of the company, focusing on project-level work alongside the owner, J.J. Thompson.
Even though he had a lot on his plate, Mat said it was worth it. “I was working 60 or 70 hours a week, but I was also traveling to client sites in New York and San Francisco,” says Mat. “I was lucky that my professors were flexible with my school work and exam schedule so that I could have the opportunity to progress in the company.”
Rook’s Move Into Product Development
In 2012, Rook decided to expand their business services. “When I started in 2011, Rook was a consulting company; the idea of managed security services didn’t exist yet,” says Mat. “However, we knew we had the know-how to provide managed services moving forward.” As a result, Rook opened the security operations center (SOC).
“We hired a few higher level people to be managed consultants for the SOC to help,” says Mat. “After having a strong advisory practice for four years, we knew we could provide better satisfaction to our clients with the SOC than other people that had been brought in to handle that operation. I really enjoyed helping with building out the SOC.”
As the business expanded, Rook started to evaluate the third-party products Rook used for their day-to-day operations for their clients.“We were finding that these products didn’t support the power user functionality that we needed to run security operations the way we wanted to,” says Mat. “We have strict policies and procedures for how we want our team to operate, and we needed to find something that would support our clients with these policies and procedures in mind. That’s what prompted us to get into product development.”
Specifically, Rook had tested and tried almost 10 different technologies for process whitelisting agents and endpoint detection agents. The lack of customization was a primary reason they ultimately decided to shift away from third-party solutions and develop one themselves.
“We hired a few developers to develop a custom solution based on our internal workflows for what is now known as Force,” says Mat. “The platform manages security operations staff and optimizes security operation workflows, metrics, and outcomes.”
The end goal of Force is automating the entire security management lifecycle from end-to-end. “There will always be a human component to security management, but there are defined processes that can and should be automated to save time,” says Mat. “This platform was designed to be a differentiator to attract more customers.”
When the product team was first started, Mat was still managing and heading the assessment side of the business. Mat got his first taste on the product development side when Rook started working on War Room™, a tool to facilitate real-time incident collaboration in the cloud.
“Not a lot of people had tried to tackle the challenge of collaboration during a security incident,” says Mat. “When there’s an actual incident, a team could use a variety of mechanisms to communicate, including conference bridges, email, instant message channels, and more. Instead, we wanted to provide one place where that collaboration could happen so everyone could get on the same page.”
Mat focused on helping the development team define the scope and feature requirements, and the Rook team received a ton of positive feedback on War Room™ when they showcased it at the RSA Conference. “We were in the back corner of this conference with hundreds of vendors, and people were constantly come by to check out the product. We were actually select for the best of RSA 25, an award that is given to the top products nominated by analysts at the event,” says Mat.
“I think we’re onto something with the products and product-enabled services we offer. We’ve always worked on things that weren’t in the market before someone else commercialized or developed them,” says Mat.
Transitioning into CTO
During his time at Rook, Mat has instilled a lot of confidence in his co-workers. So much so, Mat didn’t actually opt-in to the role of Chief Technology Officer; his co-workers elected him for the position in 2016.
“It’s a good feeling when your coworkers believe that you should lead this team and group,” says Mat. “I hadn’t talked about it with J.J., but he had hinted about it. After my name was put in the hat, J.J. and I formalized what the role would look like.”
While surprised, Mat felt up to the challenge and was able to help focus the product team on the products they were going to support and the direction moving forward.
“I’ve always enjoyed what I do here, and the reward I get out of helping customers is worth more to me than anything else,” says Mat. “There’s unlimited opportunity sitting on the table at Rook. Employees have always been encouraged to try new things they’re passionate about. I have the freedom to make my own path, and I don’t think I would have gotten that anywhere else.”
“I never thought of myself as an entrepreneur but I’m entrepreneurially-minded. J.J. and I work really well together because our differences feed off of one another and help us make better decisions,” says Mat.
“We have the ability to identify, build, and provide the things that companies or the security industry needs,” says Mat. “Whether our customers have a team internal or only one person managing their security, we can help them.”
To learn more about Rook Security, read their full company profile here.