Crush Security Exits Stealth Seeking To Become AI-Powered Trusted Advisor Of The Future

When it comes to enabling better purchasing decisions for security tools with AI and automation, the startup’s goal is nothing short of ‘completely changing the way we've done it for the last 30 years,’ Crush Security CEO Joshua Jones tells CRN.

Crush Security, a solution provider startup founded by a team of former channel and security industry leaders, is aiming to transform the way cybersecurity tools are evaluated and purchased by bringing AI-driven analysis into the process in a bigger way than ever before, according to Crush Security CEO Joshua Jones.

Jones spoke with CRN as Crush Security exited stealth this week with its cybersecurity intelligence platform that has aggregated data on roughly 2,600 security tools. The startup has raised nearly $3 million in funding from individual investors, including from numerous CISOs who see massive value in the company’s novel approach, he said.

Crucially, Crush Security is distinguishing its approach from that of a SaaS vendor or an online marketplace, by positioning itself instead as a solution provider with a software platform at the center, according to Jones.

As the AI revolution ramps up, customers are continuing to look to trusted advisors for help with selecting the right security products for their needs—but AI itself offers a way to address many of the frustrations faced by CISOs, Jones said.

Crush Security is seeking to play a pivotal role by providing customers with “additional data visibility to help you make a better, more-informed decision,” he said.

Ultimately, “we are automating the VAR process,” Jones said. “We are the first autonomous platform VAR right now.”

Crush Security is seeking to accomplish this through the use of AI and data normalization to dramatically improve the way that customers compare cybersecurity tools, identify gaps and make purchase decisions, he said.

While Crush Security is looking to generate revenue through the familiar mechanism of software resale margin, the startup is aiming to provide far greater value for the “same dollar” that a customer would have spent through another reseller, he said.

The roughly 2,600 cybersecurity products on the Crush platform have all been mapped by feature, function, use case, framework alignment and environmental fit, according to Jones. The goal is to allow customers to better prioritize purchases before making a buying decision, he said.

At the heart of Crush Security’s platform is its AI-powered advisor, Cassandra, which can answer natural-language questions, according to the company. This provides an easier way for customers to understand their security environment, compare vendors, map products to key frameworks and uncover overlap across existing tools, Jones said.

Notably, instead of charging a separate subscription fee for access to the startup’s software platform, Crush Security’s platform is free to use for any customers transacting with the company or engaging on a project, he said.

The bottom line, according to Jones, is that customers want to be empowered to understand which products actually fit their environments before they make a purchase.

“The way we're going to market is mostly about how you make decisioning criteria around buying technology. But underlying that, we're automating services and allowing you visibility, allowing you access to the data,” he said. “It's a data conversation. It's much more about, how do we align to how you're making a decision?”

The founding team behind Phoenix-based Crush Security, which currently employs 12 in total, had most recently worked for Irvine, Calif.-based solution provider Tevora.

In addition to Jones, who had served as a regional vice president of sales at Tevora, Crush Security’s founders include CTO Josh Johnson (former Tevora field CISO) and COO Clayton Riness (former principal consultant at Tevora).

Members of the founding team had earlier worked at solution providers including Defy Security and at security industry vendors including Proofpoint, Palo Alto Networks and Beyond Identity.

With that experience across both the channel and vendor landscapes, “we are creating the first platform VAR that's based on data to help make your data-driven decisions,” Jones said. “We're doing it through our backgrounds of understanding every three- and four-letter acronym that's out there that you have to adhere to, from a regulatory perspective.”

Compared to online marketplaces, meanwhile, Crush Security is “five steps before that” in the buying process, Jones said.

Rather than just enabling the purchase itself, the goal of the Crush platform is, “how can we help you pick and choose the next technologies that will have the least amount of overlap?” he said.

While Crush Security is seeking to utilize AI to a much larger degree than other channel players, the startup is not automating all functions, Jones noted. Delivery services, for instance, will need to remain human-led, he said.

“You’re still going to have to do a manual process from a delivery perspective,” Jones said. “What we’re doing is helping you make that [buying] decision.”

All in all, by bringing a greater level of automation and intelligence to the process around evaluating security tools, Crush Security sees massive growth potential as well as a fundamentally new model for the reseller channel, he said.

The startup’s ultimate goal, Jones said, is nothing short of “completely changing the way we've done it for the last 30 years.”