Reston cybersecurity startup trackd aims to take the anxiety out of software updates

[This article has been re-printed here and was originally published in the Washington Business Journal]

By Donte Kirby – Staff Reporter

A local cybersecurity startup wants to take the anxiety out of running updates to computer software.

Trackd, a Reston company founded last year by a former National Security Agency network engineer, has emerged from stealth mode with a software of its own that helps companies identify if an update, or patch, will cause disruptions to their networks. While the answer is likely “no” — 98% of automated updates are considered to be safe — Trackd founder Mike Starr is well aware that many businesses, like consumers, routinely ignore update messages for fear of breaking some software that worked perfectly fine before. 

“Trackd is really focusing on what are the human conditions that cause laggard patching and how can we reverse that,” Starr said. “How can we address the trauma or the fear that was caused when patches were really scary back in the early 2000s versus now, where less than 2% of patches have to be rolled back?”

Trackd has so far received $3.35 million in seed funding to perfect its software and bring its product to market. The seed round was led by Flybridge, based in New York and Boston, with participation from New York’s Lerer Hippeau, Bethesda’s SaaS Ventures and Expa, the venture firm run by Uber Technologies Inc. co-founder Garrett Camp.

Trackd’s software is like an Angie’s list or Google reviews for security software. It tracks past performance of security software updates by users, helping operators identify which patches might be disruptive when applied in their environment, and which are safe to designate for auto-patching.

Not updating software, especially cybersecurity software, leaves vulnerabilities that hackers exploit. In 2021, the FBI received 847,376 complaints regarding cyberattacks and malicious cyber activity with nearly $7 billion in losses, with a majority of the target being small businesses, according to the FBI’s Internet Crime Complaint Center annual internet crime report.

Starr said he intends to use the seed funds he has raised to develop the software so it works for multiple operating systems. So far the product only works with Amazon Linux, the operating system from Amazon Web Services.

He added that while he intends “to be aggressive” in growing his nascent company, he also needs to “be mindful of cash flow.”

“The more money raised, the more difficult it is to spend every dollar wisely,” Starr said. “Finding the right people on the first try is key as well. We can’t afford to hire three people and hope that one works out.”

Trackd currently has 10 employees, all of whom work remotely. At some point Starr will shop around for office space in Northern Virginia or D.C. but, for now, he’s comfortable flying the team to a city for team building two or three times a year. 

Starr said the biggest challenge trackd faces is trying to stand out in a crowded cybersecurity market “characterized by endless cold calls, emails, texts, and buzzwords of the day.” He used to work for the National Security Agency as a network engineer and as a team lead developing for Herndon networking and security cloud company OPĀQ, so he’s been on both sides of those vendor cold calls.

Still, Starr believes that his software-as-a-service company is fundamentally different.

“There is no shortage of cybersecurity SaaS companies in the market and we compete with each and every one of them for attention,” he said. The difference, he added, is that “we offer a critical capability that no one else [offers], a capability that we believe can change the way remediation teams think about patching.”