Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem
Cloud Security Podcast10 Tammi 2025

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

In this episode our host Ashish Rajan sat down with Ross Haleliuk, author of Cybersecurity for Builders and creator of the Venture in Security blog, to explore the current state and future of the cybersecurity industry. From understanding the challenges of building a cybersecurity startup to the dynamics of security engineering and market trends for 2025. Ross and Ashish explore why the cybersecurity industry isn’t as crowded as it seems and the divide between companies that build in-house security and those that rely on vendors.

Ross also unpacks why sales and marketing aren’t “dirty words” in cybersecurity, why security engineering is “the present,” and how practitioners can balance business needs with technical aspirations.


Guest Socials: ⁠Ross's Linkedin

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast


Questions asked:

(00:00) Introduction

(05:33) How Venture in Security started?

(09:33) Security Engineering in Cybersecurity

(18:18) Cybersecurity markets that will be top of mind in 2025

(24:15) GTM for Defender Tools

(30:09) Vulnerabilities vs Misconfiguration Tools

(37:56) How should product companies think about GTM?

(44:27) How to decide between different security tools?

(56:36) Cybersecurity for Builders book

(01:05:00) The Fun Section


Resources shared during the episode:

Venture in Security Blog

Cyber for Builders Book

Challenges in Security Engineering Programs - Rami McCarthy

Cybersecurity is not a market for lemons. It is a market for silver bullets

The Market for Silver Bullets

Jaksot(345)

Getting Started with Chaos Engineering - What is it and how can it be used to build Application resiliency? - Aaron Rinehart, Verica

Getting Started with Chaos Engineering - What is it and how can it be used to build Application resiliency? - Aaron Rinehart, Verica

In this episode of the Virtual Coffee with Ashish edition, we spoke with Aaron Rinehart, CTO Co-Founder Verica. This is episode not to miss. Host: Ashish Rajan - Twitter @hashishrajan Guest: Aaron ...

2 Elo 20201h

Cloud Security in Operational Technology vs Information Technology world - Parul Kharub, CISSP

Cloud Security in Operational Technology vs Information Technology world - Parul Kharub, CISSP

In this episode of the Virtual Coffee with Ashish edition, we spoke with Parul Kharub, CISSP, HMM. Parul has spent number of years in the Operational Technology (OT) space building cybersecurity strat...

19 Heinä 202054min

HOW TO BECOME A SUCCESSFUL CISO IN 2020 - Abbas Kudrati, Microsoft

HOW TO BECOME A SUCCESSFUL CISO IN 2020 - Abbas Kudrati, Microsoft

In this episode of the Virtual Coffee with Ashish edition, we spoke with Abbas Kudrati, CyberSecurity Advisor for Microsoft Asia Pacific Region. Abbas has previously worked in various large companies ...

12 Heinä 20201h 3min

How to do Google Cloud Security Well - The 2020 Edition - Darpan Shah

How to do Google Cloud Security Well - The 2020 Edition - Darpan Shah

In this episode of the Virtual Coffee with Ashish edition, we spoke with Darpan Shah, Cloud Security Engineer. Darpan has 8 AWS Certificates, 6 GCP certificates and at his work, he works on both Googl...

5 Heinä 202055min

HOW TO BECOME A CLOUD SECURITY ENGINEER in 2020 | Including Top Certifications

HOW TO BECOME A CLOUD SECURITY ENGINEER in 2020 | Including Top Certifications

In this episode of the Virtual Coffee with Ashish edition, we spoke with Christopher Hughes, CISSP, Cloud Security Engineer. Host: Ashish Rajan - Twitter @hashishrajan Guest: Chris Hughes - Linked...

28 Kesä 202045min

Building an Engineering Security Culture - Failure stories included - Edwin Kwan, Tyro Payments

Building an Engineering Security Culture - Failure stories included - Edwin Kwan, Tyro Payments

In this episode of the Virtual Coffee with Ashish edition, we spoke with Edwin Kwan, Head of Application and Software Security at Tyro payments. Host: Ashish Rajan - Twitter @hashishrajan Guest: Ed...

21 Kesä 202044min

TIPS FOR WOMEN IN INFORMATION SECURITY TO GET A JOB IN CYBER SECURITY - Alannah Goh, 0xCC

TIPS FOR WOMEN IN INFORMATION SECURITY TO GET A JOB IN CYBER SECURITY - Alannah Goh, 0xCC

In this episode of the Virtual Coffee with Ashish edition, we spoke with Alannah Guo, Founder of 0xCC & Pentester. Host: Ashish Rajan - Twitter @hashishrajan Guest: Alannah Guo - Twitter @AlannahGu...

14 Kesä 202058min

Google Cloud Security - How does Google Cloud work?

Google Cloud Security - How does Google Cloud work?

In this episode sponsored by Virtual Coffee with Ashish edition, we spoke with Francesco Cipollone, Chapter Chair (UK), Cloud Security Alliance Host: Ashish Rajan - Twitter @hashishrajan Guest: Fra...

7 Kesä 202054min