Interview With Kabir Mathur CEO and Founder of Leen
Get ready for the most recent release of Founder Spotlight! This time, we had an amazing chat with Kabir Mathur, the CEO and co-founder of Leen. Leen is a groundbreaking company that offers a unified API for cybersecurity data. Leen’s mission is to simplify and expedite the integration of security products. Their pre-built connectors and unified data models allow teams to concentrate on their core products instead of dealing with complex integrations. Dive in to discover more about Leen’s phenomenal journey through Kabir!
Can you explain how Leen is simplifying the process of accessing security data from various tools through a unified API?
Security has a big data problem. There are nearly 4,000 security vendors with 10,000+ products today. These products have different data models and perspectives to describe a finite set of assets that most security teams are trying to protect. This has created a scenario where it’s a real challenge for both enterprise security teams and security product companies to access the data from and normalize data across dozens of security solutions in their or their customers’ environments.
Leen simplifies this process by offering out-of-the-box connectors and unified data models per major category of security products (Vulnerability Management, Endpoint Detection & Response, Cloud Security, Application Security, etc.). Our customers need to integrate with our data models and APIs once and we handle the complexity of the individual vendor APIs.
What inspired you to create Leen and address the challenges associated with security APIs and documentation?
Our founding team is seasoned and has firsthand experience solving similar problems in security and with integrations. My co-founder, Neel, worked at a security unicorn where he had to build dozens of security integrations and normalize data across them. I’ve also worked on scaling CRM, ticketing, productivity, and martech integrations at Typeform. We knew it was likely that we weren’t the only ones who struggled with integrations in our previous roles but we wanted to validate this hypothesis.
We spoke to 100+ CISOs, founders of security companies, and security engineering leads. We learned that they only had 2 options to address their integration challenges- invest expensive internal engineering, product, and data resources or work with overseas service providers that require a lot of project management. A combination of our past experiences and the strong pull from the market gave us the conviction to build Leen.
How does Leen handle data normalization across different security tools, and what benefits does this provide to users?
There’s a high cost to managing security integrations. Most engineering leaders likely understand the actual cost of dedicating their resources to this task well. However, the opportunity cost of maintaining a large library of security connectors over time is often an order of magnitude higher than the cost of your internal resources. Engineering and product teams should be focused on high-leverage features that differentiate their products from their competitors rather than building integrations. Leen simplifies this end-to-end process by acquiring NFR licenses for the vendors we integrate with, building connectors to various products and endpoints, providing sandbox data to test with, updating connectors when upstream APIs change, and correlating data across various vendors. Taking all of these tasks off a product team’s plate helps them stay focused on building their core platform.
Can you share some examples of how Leen enables integrations to be shipped in hours rather than weeks?
We build unified data models per sub-category of security tools. Our customers integrate with these data models once and get access to any additional connector that we add to that category out of the box. All they need to do is enable the new connector via our API, test it with our sandbox data, and make it available to their customers. This process is much shorter and simpler than building individual integrations with several security products.
How does Leen ensure that security data accessed through its platform remains secure and compliant?
We’ve architected our platform with security in mind. We’ve taken several precautions to secure our customers’ data such as ensuring that all the data in Leen’s system is encrypted in transit and at rest. We received our SOC 2 Type 2 certification earlier this year and plan to pursue other global certifications such as ISO27001 to help us continuously test our security posture.
How does Leen cater to the diverse needs of various teams and departments in an organization?
Our platform is primarily targeted towards product, engineering, and security engineering teams. We help product and engineering teams stay focused on the most valuable features on their roadmaps. Our value proposition for security engineering teams is to help them build custom reports, and internal tools, and assess risk across various tools in their security stack.
What pricing model is employed by Leen, and how does it accommodate user’s needs and usage levels?
We charge our customers based on the number of connectors they use via the Leen platform and in some cases the amount of data flowing through these connectors. Our product is architected to be very scalable and can handle data from environments with millions of security findings.
What are some future developments or features that users can expect from Leen?
We have an exciting roadmap for the rest of 2024. We plan to release dozens more connectors across 5-6 additional categories of security tools. We’ll also build an admin dashboard to make it easier for our customers to manage and troubleshoot the connections in their environment. Lastly, we plan to spend more time building correlations across different security products we integrate with to make it easier for our customers to classify, prioritize, and remediate security findings.