The Front Lines
SubscribeContent Studio
Itzik Alvas.
CEO & Co-Founder · Entro Security
Itzik Alvas is the CEO & Co-Founder of Entro Security, a pioneer in the non-human identity management sector. His cybersecurity journey began 17 years ago with the elite IDF cyber unit. After 5 years, he transitioned to industry roles, including cybersecurity manager, CISO for a major healthcare organization, and Head of Internal Security and SRE at Microsoft. After being breached three times by non-human identities, he founded Entro to address this burning issue.
Guest
Itzik Alvas
CEO & Co-Founder
Company:
Entro Security
Location:
Cambridge, Massachusetts, United States
Funding:
$24M Raised
Loading episode...
Listen onApple PodcastsSpotify

Breaking Into Cybersecurity: How Three Breaches Led to a $24M Company

In a recent episode of Category Visionaries, Itzik Alvas, CEO and Co-Founder of Entro Security, shared how repeated security failures became the foundation for building an entirely new market category. His story offers a masterclass in identifying genuine market pain, creating a category from scratch, and making bold branding choices that defy industry conventions.

The Breaking Point: When Failure Becomes Opportunity

Most founders claim they're solving a problem they've experienced. Itzik lived it three times over. "After being breached for the third time. And after not being able to find solution that will help me resolve the problem, you know, I started to think maybe I should build something," he explains.

The specificity matters here. As a security leader at Microsoft, Itzik was responsible for the internal security of one of the company's three main clouds. "Were breached twice by non human identities over there," he recalls. Before that, as CISO of a healthcare organization, the same vulnerability struck again. This wasn't academic research or casual observation—it was repeated, painful failure at scale.

What's instructive is what happened next. Rather than immediately jumping to build a solution, Itzik first tried to find existing tools. Only after exhausting the market did he consider building something new. This sequence matters for founders evaluating whether their problem is truly unsolved.

Defining the Undefined: Category Creation as Go-to-Market

Non-human identity management didn't exist as a category when Entro started. "That's a very new category. We helped pioneer that," Itzik notes. "Were the first company out there to do that, and now there are a lot of companies."

Here's how Itzik frames the problem: "Non human identities are essentially programmatic access keys, like service accounts, API keys, connection strings, cloud access tokens." The key insight? "Developers, DevOps users are the ones who are creating permissioning. Them, using them are without security oversight and they scatter them around so they, you know, committing them into code, they are sending them over slack and no one is actually managing their lifecycle."

The GTM implication is significant. "We needed to build that category. We needed to drive a lot of market education about why is it a serious problem," Itzik explains. When you're pioneering a category, you're not just competing for market share—you're creating the market itself. This requires a fundamentally different marketing approach than playing in an established space.

The Branding Gamble: Fun in a Serious Industry

Walk through any cybersecurity conference and you'll see what Itzik means: "The usual cybersecurity companies are blue and white and somewhat black and very serious approach." Entro deliberately went the opposite direction.

"I led security for a long while and, you know, I wanted something that looks and feels more, you know, young and fun and that's definitely the approach that we went to," he shares. "The main goal was to make it as fun as B2C, but definitely still B2B company."

This wasn't cosmetic. In a market where category creation is the strategy, being memorable becomes a competitive advantage. When asked if the playful branding cost them deals, Itzik's response is telling: "I don't know if someone came into the website and left because they feel like that's not serious enough for them. Hopefully, you know, the logos out there and the customer acquisitions and the stuff we're doing means more."

The lesson for founders: differentiation through branding works when the substance backs it up. The fun aesthetic gets attention, but customer logos and product performance close deals.

Event Strategy: Knowing What You're Actually Buying

Most B2B companies treat events as a checkbox—attend, set up a booth, collect leads. Itzik's approach is more surgical. "I think that you should force yourself, what is your goal coming into that event?" he asks.

His framework breaks events into distinct categories: "Big boots over there. I'm not sure if they are very helpful in terms of, you know, legion and creating new leads and creating pipelines, but they are great for brand awareness and for positioning and some other, you know, events are the other way around. They are great for pipeline creation but not that great for brand awareness."

The tactical takeaway: "You need to understand what you're trying to get out of that event. And then, you know, you can align the other stuff like the size of the boot on which people to bring in and what to do over there." This clarity prevents the common mistake of measuring the wrong outcomes or making misaligned investments.

Fundraising: The Seed-to-Series A Chasm

Itzik draws a sharp distinction between raising seed and Series A capital. "I think it's very different between the seed and day round," he observes.

At seed: "You need to mainly sell an idea, but that should be somewhat of a calculated risk in terms of you've done your market research, you interviewed your customers, you are getting to repetitive circle with your market around the questions that you're asking them and the answers you are getting from them."

The Series A bar is different: "You should have customers, you should have reached the $1 million mark. Your customers should use your product, love your product. All of them should use it in the same way, by the way, like if you're, if each customer is using a different portion of the product, that's not, not as good as it can be."

That last point deserves emphasis. Product-market fit isn't just about having customers—it's about having customers who use your product the same way. Scattered use cases suggest you haven't found the repeatable motion yet.

The Path Forward: Leading Identity

Itzik's vision extends beyond non-human identities. "To lead the identity market, for sure," he states. "There are a lot of companies that have done great things with the identity market. Most of them are more often on premise solutions and the cloud is much larger."

This positioning reveals strategic thinking about market evolution. By establishing leadership in non-human identity management first, Entro creates a beachhead to expand into broader identity management as cloud adoption accelerates.

The Entro story demonstrates that category creation, while challenging, follows a pattern: experience the problem deeply, validate that no solution exists, build something genuinely different, invest heavily in market education, and make bold choices that ensure you're remembered. For founders considering whether to pioneer a new category or compete in an existing one, Itzik's journey offers a roadmap—and a reminder that sometimes the best opportunities hide in the problems everyone experiences but nobody has solved.

Five takeaways from this conversation.

Actionable for Cyber security Builders founders

  1. Identify a Critical Market Gap Through Personal Experience
    Itzik’s motivation to create Entro Security came from his firsthand experience dealing with multiple cybersecurity breaches involving non-human identities. Founders should closely analyze pain points they encounter in their own careers to uncover high-impact opportunities that may not be adequately addressed by existing solutions.
  2. Operational Efficiency is Key in the Early Stages
    After their seed raise, Itzik and his team quickly moved into execution mode, addressing operational necessities like office space, hiring, and banking. Having a pre-compiled checklist before raising funds allows founders to hit the ground running, making early progress smoother and more structured.
  3. Secure Early Design Partners for Product Validation
    Itzik highlighted the importance of securing early design partners to validate the product’s direction. Founders should seek out potential customers, even if they aren’t paying at first, to ensure product-market fit and to gather invaluable feedback on how to refine their solution.
  4. Stand Out with Memorable Branding, Even in B2B
    In an industry where many companies blend in, Itzik chose to make Entro’s branding fun and distinct, aligning more with a B2C vibe while maintaining a B2B focus. For founders, this highlights the value of bold and memorable branding to differentiate in competitive markets, even in traditionally serious sectors like cybersecurity.
  5. Tailor Event Participation to Your Goals
    When approaching industry events, Itzik emphasized having a clear objective, whether it’s lead generation or brand awareness. Founders should be strategic with their event investments, focusing resources on aligning with the event's strengths, like pipeline creation or positioning, to maximize ROI.

More episodes

Joni Klippert
Founder / CEO · StackHawk
Mehul Revankar
Co-Founder & CPO · Quantro Security
Idan Bar-Dov
CEO and Co-Founder · Heka Global
Denny LeCompte
CEO · Portnox