Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem
Cloud Security Podcast10 Tammi 2025

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

In this episode our host Ashish Rajan sat down with Ross Haleliuk, author of Cybersecurity for Builders and creator of the Venture in Security blog, to explore the current state and future of the cybersecurity industry. From understanding the challenges of building a cybersecurity startup to the dynamics of security engineering and market trends for 2025. Ross and Ashish explore why the cybersecurity industry isn’t as crowded as it seems and the divide between companies that build in-house security and those that rely on vendors.

Ross also unpacks why sales and marketing aren’t “dirty words” in cybersecurity, why security engineering is “the present,” and how practitioners can balance business needs with technical aspirations.


Guest Socials: ⁠Ross's Linkedin

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast


Questions asked:

(00:00) Introduction

(05:33) How Venture in Security started?

(09:33) Security Engineering in Cybersecurity

(18:18) Cybersecurity markets that will be top of mind in 2025

(24:15) GTM for Defender Tools

(30:09) Vulnerabilities vs Misconfiguration Tools

(37:56) How should product companies think about GTM?

(44:27) How to decide between different security tools?

(56:36) Cybersecurity for Builders book

(01:05:00) The Fun Section


Resources shared during the episode:

Venture in Security Blog

Cyber for Builders Book

Challenges in Security Engineering Programs - Rami McCarthy

Cybersecurity is not a market for lemons. It is a market for silver bullets

The Market for Silver Bullets

Jaksot(345)

What is GOOD COMPANY CULTURE (WITH EXAMPLE ) during COVID19 with remote employees!

What is GOOD COMPANY CULTURE (WITH EXAMPLE ) during COVID19 with remote employees!

In this episode sponsored by Virtual Coffee with Ashish edition, we spoke with Graeme Cantu-Park, CISO of Matilion Host: Ashish Rajan - Twitter @hashishrajan Guest: Graeme Cantu-Park - Linkedin ...

31 Touko 202037min

What is a Connected Car | How to secure api in connected cars? - Virtual Coffee with Ashish - Alissa Knight

What is a Connected Car | How to secure api in connected cars? - Virtual Coffee with Ashish - Alissa Knight

In this episode of the Virtual Coffee with Ashish edition, we spoke with Alissa Knight, Car Hacker, Author, Cybersecurity Influencer and Entrepreneur Host: Ashish Rajan - Twitter @hashishrajan Gues...

24 Touko 20201h 3min

What is SRE? When should i have SRE? - Virtual Coffee with Ashish - Tim Heckman

What is SRE? When should i have SRE? - Virtual Coffee with Ashish - Tim Heckman

In this episode of the Virtual Coffee with Ashish edition, we spoke with Tim Heckman, Sr. SRE Netflix. Host: Ashish Rajan - Twitter @hashishrajan Guest: Tim Heckman What is SRE? Is it helpful t...

17 Touko 202040min

NIST CyberSecurity Metrics for the Board - Taylor Hersom

NIST CyberSecurity Metrics for the Board - Taylor Hersom

In this episode of the Virtual Coffee with Ashish edition, we spoke with @Taylor Hersom about Why do CyberSecurity Professionals need to think about talking Cyber Security to the board? What kind ...

10 Touko 202057min

Virtual Coffee with Ashish - Cloud Security Podcast & Hacker Valley Studio

Virtual Coffee with Ashish - Cloud Security Podcast & Hacker Valley Studio

In this episode, we sit with Chris Cochran & Ronald Eddings from Hacker Valley Studio. Chris Cochran & Ronald Eddings from Hacker Valley Studio & Ashish spoke about How did you get into CyberSecurit...

3 Touko 20201h

Scaling a DevSecOps model | SERVERLESS SECURITY BEST PRACTICES with Abhay Bhargav , CTO , we45

Scaling a DevSecOps model | SERVERLESS SECURITY BEST PRACTICES with Abhay Bhargav , CTO , we45

In this episode, we sit with Abhay Bhargav, CTO, we45. Abhay & Ashish spoke about What is Cloud Security? Is multi-cloud a thing? What is DevSecOps? What is a good maturity in the DevSecOps sp...

26 Huhti 202041min

CORONAVIRUS & CYBERSECURITY | ISOLATION LIFE

CORONAVIRUS & CYBERSECURITY | ISOLATION LIFE

In this episode, we are covering a trending topic CORONAVIRUS OR COVID19 and how it is affecting businesses around me and my friends & colleagues. I also talk about my personal challenge with starting...

19 Huhti 202010min

How to secure and improve cloud environment - Merritt Baer, Principal Security Architect, AWS

How to secure and improve cloud environment - Merritt Baer, Principal Security Architect, AWS

In this episode, we sit with Merritt Baer, Principal Security Architect, AWS. Merritt & Ashish spoke about What is Cloud Security? What does security look like in a mature organisation? How can...

11 Huhti 202052min