Introduction
Today, I'm happy to share that Command Zero has been named one of the Top 10 Finalists for the prestigious RSAC 2025 Innovation Sandbox contest (please read RSAC’s press release and Command Zero’s press release). This recognition represents a significant milestone in our journey to revolutionize Security Operations.
The last mile problem in Security Operations
Throughout my career building and leading cybersecurity companies alongside my co-founders, we've consistently observed a fundamental challenge: the last mile of security operations remains the ultimate bottleneck. This is where security teams need to make sense of potentially malicious patterns in complex environments.
Modern enterprise security environments generate 100,000s to millions of security related signals daily. While significant progress has been made in automating tier-1 detection and triage, escalated cases still demand thorough human analysis. Tier-2 and tier-3 analysts—along with incident responders—are highly skilled yet underserved. They too need automation, collaboration tools, and expert content to thrive.
This challenge has only intensified with the increasing complexity of modern environments spanning Cloud, SaaS, and now AI technologies. The central question remains: How do security teams consistently derive meaningful conclusions from this overwhelming array of signals?
Building Command Zero: Taking a different approach
When we founded Command Zero three years ago, we set out to build something truly transformational that could help every enterprise on the planet. Rather than rushing to market, we secured a substantial $21M seed round to develop a usable product with a clear vision: empower tier-2 and tier-3 analysts with AI-assisted investigation capabilities.
We've combined three powerful elements to create our platform:
- Encoded Expert Knowledge: Capturing decades of cybersecurity investigation expertise for all analysts to benefit from and contribute to.
- Advanced LLMs: Leveraging the power of artificial intelligence, delivering speed and precision in a transparent way.
- Intuitive User Experience: Creating the best investigative UI in the industry, helping analysts streamline threat hunts and investigations while enabling collaboration and on-the-job training.
This unique combination enables security operations teams to conduct faster, more accurate investigations across even the most complex environments.
From vision to production reality
Today, I'm proud to report that dozens of enterprises have deployed Command Zero in their production environments. These organizations are experiencing the benefits of our approach:
- Reduced Time to Understand and Respond: All users benefit from abstracted data collection, automated timeline and report generation capabilities. Analysts can reach verdicts for complex investigations in a matter of minutes instead of hours or days.
- Consistent Outcomes: Through user-led, AI-assisted flows or fully autonomous investigations. Best practices can be applied to each flow to save time, predictably deliver consistent outcomes and free up cycles for creative thinking.
- Collaborative Investigations: Users with varying experience levels can work together effectively. This enables coaching, on-the-job training and continuous improvement opportunities.
- Growing Institutional Knowledge: Every investigation becomes auditable, trackable, and part of the company's knowledge base – improving cyber resilience with each step.
Our federated data model probes applications across the environment, going straight to data sources for speed, accuracy, and quality. This Question & Answer method constructs clear narratives that significantly reduce the time to understand and respond to threats.
Demonstrated impact across the security organization
The impact of Command Zero spans across the security organization:
- Tier-3 analysts overcome administrative drag by creating accurate timelines and reports in minutes rather than days or weeks.
- Tier-2 analysts can now confidently investigate beyond a single primary application without becoming an application-specific expert on all data sources.
- All users benefit from autonomous investigations that reduce mean time to understand and respond to known case types.
Looking forward: RSAC 2025 and beyond
Being recognized as a Top 10 Finalist for the 20th annual RSAC Innovation Sandbox contest is both an honor and a validation of our approach. We will present our vision and technology to a panel of renowned industry judges and a live audience on April 28 at the Moscone Center in San Francisco.
While this recognition is significant, it represents just one milestone in our mission. We remain focused on our core purpose: transforming cyber investigations to empower security operations in enterprise environments.
I want to extend my deepest gratitude to our customers, partners, and the RSAC Innovation Sandbox judges for recognizing our novel solution. Most importantly, I want to thank our passionate team of accomplished cyber experts across the US and Canada who have made this vision a reality.
Three years into Command Zero, our journey continues with this important win under our belt. And we're just getting started!
If you are attending RSAC 2025, let’s meet in person!
If not, booking a demo with our team is still the second-best way to learn about Command Zero!