Over the past year, some of the biggest cyber attacks have been supply chain compromises, a type of cyber attack that targets software vendors or third-party and open source in order to gain access to organizations who purchase the final software products or devices. The Kaseya and SolarWinds attacks are textbook examples. Threats like these are becoming more and more common and can seriously disrupt thousands of businesses at once.
But there’s a startup working hard to protect the supply chain security of connected devices.
Founded in Columbus, Ohio in 2017, Finite State offers a product security platform that takes an inside-out approach to the security of connected devices, including IoT, medical devices, and industrial control systems (ICS). Their teams of engineers work to automate this type of assessment for device manufacturers and asset owners who want to ensure that their products and networks remain secure.
“Fundamentally, there’s a few big gaps in the marketplace for device security risk management. It’s hard to know what’s inside the final device and firmware, and there are large amounts of vulnerabilities and other kinds of risks that are present only when you look at the final product,” said Jeff Martin, VP of Product at Finite State. “The combination of pieces is a more complex problem than the components themselves.”
This is exactly what Finite State is focused on, and not many other tech companies in this space are singularly focused on this problem or offer a product or automated tool.
A Day in the Life at Finite State with Backend Software Engineer Sam
After raising $30 million in Series B funding in early August, 2021, the company is perfectly positioned to scale its data-driven approach to supply chain security and lead the way forward into a whole new category of cybersecurity.
“Connected devices are part of our daily lives,” said Baksheesh Singh, Sr. Director of Product Marketing and Strategy.
Think of all the connected devices just in your home: lights, speakers, locks, phone, watch, TV, etc. And Finite State doesn’t only work with the security of devices connected to the internet. Many devices are simply connected to each other. On top of that, a lot of risk comes at the infrastructure level — electricity and utilities, medical devices, and firmware.
“We’re trying to make not just devices but infrastructure safe, too,” said Stephanie Pasamonte, Brand & Content Marketing Manager at Finite State.
Working at a cutting-edge startup can come with some challenges. For example, the team would ideally love to hire experts who have been in this space for 5+ years. But because this space is so new, no one is an expert. Everyone comes in new, so the team looks for candidates with strong technical foundations, the ability to quickly learn, and who are excited about solving these problems.
Another challenge comes with articulating just how important solutions like these are when many people don’t even understand the problem — or know that there is one. The Finite State team is defining what this category of cybersecurity even is.
But that also presents a real opportunity for those who work at Finite State.
“Startups give you the ability to have an impact on the company, and the industry. At Finite State, you have the ability to influence the entire industry. This is the stuff careers are made out of,” Jeff said. “It’s a hot space, and building industry-first solutions is very rewarding.”
That’s one of the reasons why Baksheesh joined the team back in June, 2021.
“Because we’re early on, creating these industry-first solutions, it’s a really exciting opportunity,” Baksheesh said. “It’s a mission-driven company, to solve problems and safeguard a device that’s critical. That’s a rewarding aspect of being a part of this team. This is not your run-of-the-mill cybersecurity startup.”
If you’re looking to join a startup that’s paving a new path in an uncharted category, learn more about working with the team and apply for open jobs at Finite State in engineering, sales, and more.