Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem
Cloud Security Podcast10 Tammi 2025

Cybersecurity Isn’t Crowded: Security Engineering and the 5,000 Vendor Problem

In this episode our host Ashish Rajan sat down with Ross Haleliuk, author of Cybersecurity for Builders and creator of the Venture in Security blog, to explore the current state and future of the cybersecurity industry. From understanding the challenges of building a cybersecurity startup to the dynamics of security engineering and market trends for 2025. Ross and Ashish explore why the cybersecurity industry isn’t as crowded as it seems and the divide between companies that build in-house security and those that rely on vendors.

Ross also unpacks why sales and marketing aren’t “dirty words” in cybersecurity, why security engineering is “the present,” and how practitioners can balance business needs with technical aspirations.


Guest Socials: ⁠Ross's Linkedin

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp

If you are interested in AI Cybersecurity, you can check out our sister podcast - AI Cybersecurity Podcast


Questions asked:

(00:00) Introduction

(05:33) How Venture in Security started?

(09:33) Security Engineering in Cybersecurity

(18:18) Cybersecurity markets that will be top of mind in 2025

(24:15) GTM for Defender Tools

(30:09) Vulnerabilities vs Misconfiguration Tools

(37:56) How should product companies think about GTM?

(44:27) How to decide between different security tools?

(56:36) Cybersecurity for Builders book

(01:05:00) The Fun Section


Resources shared during the episode:

Venture in Security Blog

Cyber for Builders Book

Challenges in Security Engineering Programs - Rami McCarthy

Cybersecurity is not a market for lemons. It is a market for silver bullets

The Market for Silver Bullets

Jaksot(345)

Navigating NIST CSF 2.0: Guide to Frameworks and Governance

Navigating NIST CSF 2.0: Guide to Frameworks and Governance

In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukas...

22 Loka 202436min

Building a SOC Team in 2024 - Automation & AI

Building a SOC Team in 2024 - Automation & AI

What is the future of SOC? In this episode Ashish sat down with Allie Mellen, Principal Analyst at Forrester, to explore the current state of security operations and the evolving role of AI in cyberse...

15 Loka 202456min

Cloud Identity Lifecycle Management Explained!

Cloud Identity Lifecycle Management Explained!

In this episode Ashish Rajan sits down with Shashwat Sehgal, co-founder and CEO of P0 Security, to talk about the complexities of cloud identity lifecycle management. Shashwat spoke to us about why tr...

8 Loka 202433min

Traditional PAM vs Cloud CPAM for a cloud first world

Traditional PAM vs Cloud CPAM for a cloud first world

In this episode of the Cloud Security Podcast, Ashish sat down with Art Poghosyan, CEO and co-founder of Britive, to explore the changing world of identity and access management (IAM) in the cloud era...

4 Loka 202434min

The Role of Cloud Security Research in 2024

The Role of Cloud Security Research in 2024

Why does Cloud Security Research matter in 2024? At fwd:cloudsec EU in Brussels, we sat down with Scott Piper, a renowned cloud security researcher at Wiz, to discuss the growing importance of cloud s...

2 Loka 202435min

Edge Security is the Key to Cloud Protection

Edge Security is the Key to Cloud Protection

How does Edge Security fit into the future of Cloud Protection ? In this episode, we sat down with Brian McHenry, Global Head of Cloud Security Engineering at Check Point at BlackHat USA, to chat abou...

20 Syys 202426min

Is your CI/CD Pipeline your Biggest Security Risk?

Is your CI/CD Pipeline your Biggest Security Risk?

How CI/CD Tools can expose your Code to Security Risks? In this episode, we’re joined by Mike Ruth, Senior Staff Security Engineer at Rippling and returning guest, live from BlackHat 2024. Mike dives ...

13 Syys 202429min

State of Cloud Security - Practitioner Edition

State of Cloud Security - Practitioner Edition

In this episode of the Cloud Security Podcast, we bring together an incredible panel of experts to explore the evolving landscape of cloud security in 2024. Hosted by Ashish Rajan, the discussion dive...

4 Syys 202456min