Let’s rewind to 2003. I was a freelance web developer when I got an entry level infosec consulting job at BearingPoint. That was the beginning of a career in infosec. Eight years later, I still feel lucky to be in a dynamic industry that is always changing and presenting new things to learn.
If you’ve seen MosaicSecurity.com, you probably can guess that I am a fanatic about security tools and the industry. I want to know every company, every tool, what it does, and how it fits into a CISO’s security software portfolio. Where did this drive come from? About two years ago, I was evaluating software for a client in the energy domain. For these larger clients, we would generally look at their existing software, build their business requirements, and then create a shortlist. The results were generally successful, but there were a few things that irked me:
- Many of my clients had already bought enterprise software without mapping their requirements to a vendor evaluation
- The smaller vendors and innovators were not always included in the evaluation
- The industry mergers and acquisitions were happening so frequently that it was hard to keep up with the latest companies and product offerings
- It would take several hours just to create a list of potential vendors to review
“There had to be a better way.” So, we created Mosaic Security Research with the following tenets:
- It should be easy to find the cybersecurity software that would help with your business requirements
- Buyer’s guides should be free to use and only ask for contact information when you’re good and ready to have a vendor contact you
- Comparing software should happen at the product level so users can compare “apples to apples”
- People benefit from an independent and objective buyer’s guide that is always current, accurate, and relevant
Today, Mosaic provides a website that helps thousands of people and businesses find, evaluate, and select cybersecurity software to meet their business requirements. This involves providing people with the information they generally need when evaluating cybersecurity software, including:
- Research reports, Reviews, Awards, Certifications & Compliance, Tools & Templates (e.g., Vendor Shortlist Tools), and relevant news and trends
Mosaic also offers a “montage” series to focus on specific topics in the security software industry. The goal is to compile a quick summary of each topic, key vendors in the workspace, industry news, and noteworthy research that’s being done in the area.
My vision is to make Mosaic the most comprehensive and accurate directory of cybersecurity tools and evaluation resources. I call it a “trusted and unbiased” source because we list all relevant products for free. I know I have a long road ahead, since the directory has over 2000 products that are always changing. So, I need your help. Tell me what works and what doesn’t. Tell me what you like and what you don’t. If you’re motivated, find a way to contribute. Whatever you do, do something!