Orion Hindawi On Why Tanium's Management Platform Beats Microsoft

Tanium Co-CEO Orion Hindawi dishes to CRN on why Tanium has refrained from going public, how the company plans to win the trust of partners going forward, and where Microsoft’s management platform has come up short.

One Platform To Rule Them All

Tanium’s ability to identify and quickly make changes to massive numbers of assets in a highly accurate manner sets the company apart from its pure-play security peers as well as more holistic technology vendors like Microsoft, according to co-founder and co-CEO Orion Hindawi.

The Emeryville, Calif.-based endpoint visibility and control vendor most frequently finds itself competing and winning against Microsoft’s management platform, Hindawi said, while most other security vendors offer point products that don’t pose serious competition to Tanium’s comprehensive platform. Microsoft didn’t immediately respond to requests for comment.

Hindawi also discussed with CRN at Tanium Converge 2019 in Nashville, Tenn. why the need to please short-term shareholders makes being a public company very painful nowadays, key hires the company has made to do a better job interacting with the partner community, and why ego is the biggest impediment to more companies embracing a co-CEO model like Tanium did earlier this year.

Read on to get Hindawi’s view on the biggest opportunities for channel partners in 2020 as well as how Tanium has managed to be one of the only cybersecurity vendors that’s both profitable and growing exponentially.

What was the purpose of having two nine-figure funding rounds in 2018?

They’re all for secondary. We have used them to buy back employee stock and early investor stock. It does not look fun to be a public company today. There’s a mythology that being public is the measure of success, and that’s been pervasive in the industry for the last 30-40 years. But the reality of the situation is that public companies often end up making bad decisions to service a short-term shareholder. I don’t want to trip into that situation for the wrong reasons. Eventually, it may be the perfect situation for Tanium, but I don’t think it is today. I also want to be fair to my employees. We have a lot of employees that own a lot of stock in the company. So every employee that we have owns stock. We’ve been very proud to make that work. And if I want to be able to allow my employees to get liquidity and I don’t want to go public, then I want to be able to offer them secondaries, which we’ve been able to do. And I think we’ve been very generous about it, because, to be honest with you, I like it that people can buy the house they want, they can send their kids to the school they want, they can buy the car they want, and that we as a company don’t have to take on huge pain to make that happen. I consider being a public company today to be a very painful-looking thing. And, by the way, I’ve heard it from a lot of my peers over a dinner table that this is just not soul-nourishing for them at all. I would rather be able to serve our customers well. And I know that, if we can keep focus on that instead of on quarterly earnings call and all kinds of other machinations, that the rest of it will work its way out.

What conditions would need to change for Tanium to consider going public?

We analyze this all of time. There are lots of different variables. As we grow, it becomes harder to run secondary [rounds], just more people, and the environment in the public market will change. And if public market investors becomes longer term-focused again, if the onerous requirements that are being placed on public companies for disclosure either become acceptable or we see them not being such as onerous burden, that may change. But the reality of the situation is we didn’t start Tanium to be a public company. We started Tanium to be a meaningful company. If we think that it’ll make us more meaningful, then we’d consider that.

Are you considering an IPO for Tanium anytime soon?

No, it’s not something I’m thinking about doing in the short-term.

Given the challenges of being a public company, why have so many of your peers gone in that direction?

Because they want money. It’s really simple. The only thing we can’t do as a private company is that I can’t sell hundreds of millions of dollars of stock. In theory, I guess I could, but practically, it would be difficult to organize. As long as I’m comfortable running the company instead of trying to figure out how to run a racing team or whatever other garbage people are doing, this is unnecessary. I know a lot of CEOs, and you can put them in two buckets pretty easily. The ones that are mission-oriented and are doing it because they care about what they’re doing, and the ones who enjoy the glamour. And I really hope that Tanium never becomes the second kind of company.

Who would you consider to be your top competitor, and what is your biggest differentiator?

We are replacing Microsoft’s tooling more than any other company. If you look at SCCM [Systems Center Configuration Manager], to be honest with you, I haven’t been blown away by their strategy, and I don’t think a lot of our customers have been either. A lot of customers when we first get there are using Microsoft’s management platform, and can’t answer how many assets they have, where they are, or what they’re doing very well. They can’t, with high levels of assurance, patch them. They can’t deploy software to them consistently. They really don’t have great management architecture around their assets. Now, I will say that Microsoft has done an incredible job with Defender and ATP [Advanced Threat Protection], and I tip my hat to them, because when I look at that tooling, I think they’re going to take over the protection market over the next few years. They’re just doing leaps and bounds better stuff than anyone else in our industry. But, in the manageability architecture, I don’t think they’re doing a great job. And so, we’re going to customers that typically have SCCM and explaining to them how big of a gap they have between what that tooling is giving them and what they actually need to understand, and how Tanium can close that gap. And that’s been a really, really effective part of our message. There are a lot of security vendors that would love to be platforms, and they’ll use the word ‘platform.’ But we typically don’t compete with them because, at the end of the day, really what they are is a point solution that would like to be a platform. Microsoft has a real platform. I would have said IBM a year ago, but they sold Big Fix [to HCL Technologies in July 2019 as part of a $1.8 billion deal], so that’s no longer the same level of interest from our customers. I think Microsoft is the company we should all be watching when it comes to this.

What was the thinking behind promoting Fazal Merchant to the Co-CEO role?

I’ve been doing this for 20-something years between BigFix and Tanium, and I realize that there’s some things I love doing – building technology, talking to our customers and figuring out how we can support them better – and there’s some things I didn’t love doing. To give you an example, talking to investment bankers is not my favorite thing to do. It doesn’t mean that it’s not important. It just means that it’s not my best use of time or soul-nourishing activity, but I realize that it’s necessary and that we need somebody who can do it. And I think that Fazal and I have been working basically as partners in the business for years. And when we were thinking about how we can actually delegate responsibility to people who want those various responsibilities, Co-CEO seemed like a pretty obvious solution. I will admit to you openly that it’s not a standard answer. We can both think of Atlassian and Oracle and a few other companies that have done it successfully, but I think really the reason that most people don’t move to a model like this is because of ego. And I just don’t really care that much about being able to look at my business card every morning and smile at it. I would rather we win, and I think this is a more likely structure for us to win more.

What’s the rationale for rolling out a new partner program?

We actually have seen incredible success with the channel when we’ve enabled them well, when we’ve helped them create differentiated products, and when we’ve gone into customers hip-to-hip with them, and I’m thinking of particular partners like PwC that have built a lot of IP on top of Tanium, they have a differentiated offering that walk into customers with alongside us, and we bring them into a lot of our existing customers because a lot of what they’re built is really valuable. I think we as a company have reached the point where we are mature enough to enable our partners well enough that they can represent Tanium as well as we can in many cases, and they know the environments of the customers much better than we do in many cases. When I look at the partnerships we have that are working, the big difference is the focus we’ve put and they’ve jointly put on getting them enabled and up to speed and differentiated. Rather than hoping those ingredients come together naturally by themselves, our new partner program is essentially structured to drive that kind of engagement with our partners. The receptivity from the partner community has been really really strong for a good platform and endpoint that they can build on. It’s a recognition that there’s opportunity there, and I very explicitly do not want to build a services organization. That’s not historically what we’ve done. Our partners have a lot of people that are already embedded with our customers who are trusted there who know the problem set and, if they know Tanium, who will be able to do a great job enabling customers with it. And I just don’t think it’s been as much of a focus historically as we’re going to be making it.

What are the biggest ways channel partners can add value around the Tanium portfolio?

There are 52 different areas of the market that we’ve identified that Tanium can play in. We have built 14 modules. There are large swaths of the endpoint market that we don’t have modules for that Tanium actually has real conducive opportunity to play in. In my perfect world, partners are working with us to build differentiated IP on top of the platform. I think partners obviously have expertise, and we’ve seen this internationally work really really well to install the product, configure the product, actually build runbooks for our customers on how they can use the product, put hands on keyboard to actually drive usage on a day-to-day basis. Partners are in there hearing customer problems. And when they hear a problem that they think maps well to Tanium, I do want Tanium to be the first solution that they think about. And a lot of that is just building trust with the partner community. In our infancy, Tanium didn’t do as good of a job as we could have interacting with the partner community. And if you look at [new Chief Revenue Officer] Thomas Stanley, his background is running global partner programs. If you look at [Global Vice President, Alliances & Channels] Tom Hermann, we hired a very strong executive there. We’re building a very strong team there. We’re putting marketing resources behind it. It’s because we’re seeing a lot of opportunity for them at each stage of the cycle, from hearing about the problem to introducing Tanium into the customer, to actually installing it and building runbooks around it, tying it to their business problems, and then eventually building great IP that expands what we can do for the customer. I think our partner program will allow us to take all of that and instrument it. The other thing is that partners need to know we’re going to be there in the next five years. I think that’s a problem they’re having with a lot of their vendors is we have an industry where everybody’s burning the candle from both ends, and Tanium may be one of the few fast-growing companies that’s actually profitable and is actually going to be here in five years. So I think we’re finding a lot of receptivity for that.

What is the delineation of responsibilities between Fazal and yourself?

In a structure like this, it’s super important for folks to understand how this rolls up. We can’t be amorphous about that at all. Fazal is running G&A [general and administrative], sales and marketing. I’m running the technical functions in the company – that’s support, that’s the TAM [technical account management] team, that’s engineering, that’s the whole technical side of the function. And everybody in the company knows exactly where they report to. If you end up with two in a box, that’s the wrong way to do this. The right way to do this is Fazal and I talk ten times a day. We’ll make sure that we are consistent. And then he can go and run his teams, and frankly, I think he’s doing a better job than I would have.

As a founding CEO, how have you created an equal partnership with someone that came in later in the process?

You try to listen instead of by default assert authority because you happen to have been there from day one. There are things that Fazal knows that I don’t know, and I’m very comfortable with that. I want him to be better at his job than I would have been. Otherwise, this doesn’t make any sense. As long as the goal is that the company wins by virtue of the fact that our customers and our employees are happier this week, then I win. It’s about listening, talking to people, making sure that you actually understand what it is that he’s seeing everyday, and conversely that he can do the same with me. It’s not that complicated if you don’t make it complicated. And if you can let go of the ego component, which honestly, if you’re running a company just to service your own ego, then something is horribly wrong with you.

Why haven’t you seen more competition from the pure-play security space?

To buy Tanium, you need to believe that you’re doing buying point solutions. Or at least that you want to stop. If you’ve got Vendor X that does one thing like compliance or integrity monitoring or assurance or whatever it is in the security space, or they do patch management or unmanaged asset detection or whatever it is in the operations space, if you as a customer are looking at that and you’re seriously considering adding yet another point solution in your environment, then we have not succeeded to convince you of our core thesis. If you’re convinced that you want a next-generation platform, that McAfee and Symantec and [Microsoft] SCCM and Altiris and Landesk and BigFix which used to work for you are no longer working and you need a new platform, I just don’t see the competition. If you want to buy yet another point solution, to be honest with you, we’re probably not a good fit for your strategy. So that would be why.

What are some of the management scenarios you’re able to handle better than Microsoft?

At scale, basically every single thing you want to do from a manageability standpoint boils down to two things – can I see what I have, and can I fix it? So, when you look at most of our customers, when we first walk in, we ask them simple questions like ‘how many endpoints do you have?’ and we either get ‘I don’t know,’ or in one case, I heard ‘between 200,000 and 700,000’ was the answer I got. You back out of that answer, and you realize that nothing in IT works there because when Oracle or Adobe or Microsoft or somebody walks in and says ‘we need to charge you for software,’ if you don’t know if you have 200,000 or 700,000 assets, how are you fairly paying your vendors? If you need to roll out an upgrade to the operating system or patch the OS or deploy a new piece of software or find a vulnerability or you think you’re being attacked or you want to find sensitive data, you can’t do any of those things if your resolution of what you know you have isn’t that low. And, by the way, if it was 350,000 or 400,000, that still means you don’t know if you have 50,000 assets. And we see that everywhere. That’s a primary failing of the incumbent tools. The second thing that we see is, when they actually need to make a change, when they’ve got a GDPR request and they’re being asked to do ‘right to be forgotten,’ to delete data across their environment, or they’re being asked to deploy an emergency patch, we routinely find customers who will admit openly they have no idea how to do something quickly in their environment anymore. So, when you have 2,000 assets, there are lots of ways you can do that. When you have 200,000 assets, unless you have Tanium, honestly I’m not sure I could think of another way you could affect change globally with slow links, with assets that are off then come on, with work from home assets, with data centers and cloud and virtualization and all these fun things in less than days or weeks. Tanium can do it in seconds where they’re taking days or weeks to do it historically. And with the days or weeks, by the way, they’re getting to 80 percent. Tanium will get you to 99+ percent in minutes. As a result of that, the biggest problem is getting our customers to understand that what we’re telling them actually works. And that used to be a much bigger problem before we had a majority of the Fortune 100 using it globally.

What’s allowed you to be profitable in this space when so many of your peers are losing money?

I think there are two things. One is that we took six years to build the product. When we founded the company in 2013, we didn’t have a single salesperson or marketing person in the company. We were building product. And I think that investment is building a real platform from the ground up with the intent to build a platform, not to build a point solution and glom it into a platform is paying dividends for us. We’ve been able to expand into use case after use case every quarter and build what we can do for our customers because the platform foundation is strong. The other thing is that there are lots of distractions in this industry, and not to name names of companies, but if you look at the parties people throw at RSA, you look at the distractions that a lot of companies especially in the security space engage in. Tanium was built to be a company. We’re not built to be an entertainment company. We’re built to be a platform security company. And I think discipline is important. Large enterprise customers are willing to pay if you can deliver a high level of service. I don’t know the consumer business, I don’t know SMB, I don’t really think I’m going to know those markets anytime soon, but in large enterprise, if you can do something no one else can do, they’re willing to pay for it as long as you deliver what you said you’re going to deliver. And that goes back to that mission orientation. If we can get our customers to see us as their trusted advisor who will be there no matter what as long as it takes to help them, I think we can stay very profitable as a company.

What have been the biggest drivers of revenue and headcount growth for Tanium?

Revenue drives headcount. In our industry, a lot of companies are comfortable losing lots of money, and we’ve never been like that. We want to run a real business, so if you want to hire people, you really need to have the revenue to support that. Two things have been driving our revenue growth. The first one is that I’m seeing, especially in the last six months, an appreciation by customers of how broken the security and operations industries are from the standpoint of what they’re supposed to be buying. We’re routinely talking to customers who have 20 or 30 different endpoint tools. They don’t have any assurance that those tools are actually doing what they’re supposed to be doing. They don’t feel comfortable that the next attack is actually going to get caught by those tools. There’s too much fragmentation, and in addition, those tools don’t scale very well. They don’t really have a support model that works for enterprise. I think a lot of our customers are just getting tired of what our industry has peddled them, which is this idea that they should buy one of each thing and construct Noah’s Ark out of it. A lot of our customers have subscribed to this idea that what they did with ServiceNow with Workflow, what they did with Palo Alto for network, what they did with Splunk for data, they need to do with us for endpoint. We’re seeing a lot of customers that bought us for a couple of use cases that are now using seven or eight [different cases] and are driving a lot of consolidation in their environments and simplification because they can use the platform to do what seven or eight point solutions used to do. I know what’s driving our revenue because I look at it regularly. If you look at it, a lot of it is that. And then new customers who are just realizing they’ve hit critical mass with the number of little point solutions that they have, and that they need to change their approach.

What have been the biggest growth areas technology-wise within the portfolio?

We’ve seen a lot of our operations suite get adopted really heavily in the last year. If you look at the history of our company, we started with a lot of focus on security. And, what we realized pretty quickly is that, no matter what we did for our customers on security, they weren’t going to succeed at security if their operations function wasn’t working. If you don’t have good asset management, if you don’t have good software distribution or patch management, it almost doesn’t matter what else you’re doing in security – you’re probably not succeeding. We started broadening our portfolio to cover some of those security use cases that really meld into operations, and eventually, more core operations use cases, and we’ve seen really nice uptick. So it turns out that if Tanium is deployed in a customer and they’re using us for three or four security use cases, and we go to operations and explain to them that you’ve already got the platform in house, it’s already is doing real-time data collection and remediation for you. Let me show you how you can do your stuff too, like deploy patches. They don’t feel threatened in most cases; they feel excited. So huge adoption within that portfolio in the last year.

What do you feel has been Tanium’s biggest accomplishment thus far in 2019?

We’ve added a lot of people into the company. We’ve grown close to 50 percent on both the customer side, the revenue side, and also the employee side. And probably the thing I’m most proud of is we’ve been able to scale the company and keep the understanding by the individual employees on how important it is that our customers stay happy. And I think a lot of the people in the company understand how they’re contributing to that. If you look at a lot of companies as they scale, they lose that over time. Through really good hires and a lot of the leadership we’ve been putting in place, we’ve been able to find mission-oriented people who see the world the same way we do, where we’ve got a majority of the Fortune 100, we’ve got a lot of the federal governments that are friendly using our stuff, and how important it is that we keep them operational and happy.

Is there anything else you’d like channel partners to know about Tanium?

Tanium is super-focused on our partner community right now in a way that we never have been in the past 13 years. I expect our partners are going to see a lot of attention paid to enabling them, helping them see consistency from us, and in the end of the day, helping them make a lot of money, and with them us, because I think there’s a huge opportunity there.