[oatmeal_croc]

There's a ton of companies doing CSPM products these days, and now it looks like the trick they're trying to achieve is integrating their detections into their ecosystem (notifications, automated remediations, custom policies, infrastructure-as-code scans, endpoint agent integration etc). Wondering what your roadmap is and how you'll take these big guys on?

[david_obrien]

Great question. First, I feel most of the integrations (aside from Slack) are really asked for by Enterprises. Smaller orgs don't really ask for those. Roadmap is absolutely around context, even more context. We want to get to the point where we're almost a cloud security lake (can't come up with a better word) where we know about everything that happens in the environment and allow you to make decisions almost on the spot based on what we show you. (Lateral movement possibilities by an attacker, what is actually running on those workloads and in what versions, who/what has access to them, etc) We're also looking to make our remediation engine more intelligent (not AI), but potentially allow you to give us a script we should execute to remediate, or trigger some other SOAR engine even. Right now remediation is whatever we think is a good remediation (and rollback) for an issue, but that's not always what you might want. Does that give you a view into my mind for a roadmap?