With New Name & Platform, This Engage Portfolio Company Is Making Cybersecurity More User Friendly

‘User-friendly cybersecurity’ isn’t a phrase you’ve likely to run into often.

There’s a reason for that, says otto Chief Product Officer Chad Fowler. “The cybersecurity industry not only tolerates [things that aren’t user friendly], I think it welcomes it,” Fowler told Hypepotamus. “I think there is this sort of industry-wide phenomenon that because cybersecurity is hard and it should be left to the experts, it’s okay that the tools are hard to use.” 

That is the exact reality otto is trying to change. The Memphis-based startup, previously known as DEVCON, got off the ground by helping stop malware attacks that came through the ad ecosystem. 

But the team realized that such attacks, common in the media space, were happening throughout the “third-party supply chain” and impacting all sorts of digital businesses, said co-founder and CEO Maggie Louie

That includes attacks that have become more ubiquitous in the cybersecurity space, be it magecart, formjacking, or other attacks that can come from out-of-date JavaScript libraries.

Otto works as a JavaScript gatekeeper and looks for vulnerabilities, exploits, and malicious code injections. The rebrand is a play on the idea of “automated security,” Maggie told Hypepotamus. And as more developers are tasked with cybersecurity responsibilities at companies, otto is looking to make it “really easy for developers and others to continue testing their third-party scripts” and to monitor them on production sites.

Louie said it is ultimately “extending all of a company’s security perimeter to encompass the browser and all of the supply chain that is getting loaded in the browser.” 

The team most recently launched ottoBOX, which Louie described as a “holistic solution” to JavaScript security. 

“What we’ve found is that almost 90% of sites we looked at had an out-of-date JavaScript library, which gives you a sense of just how brittle and vulnerable the current model is,” she added. “The majority of the security rules today focus on the webserver and your assets…but there’s nothing at the point that it starts to load in the browser that is really creating this transparency.” 

The team targets enterprise customers, but a new Shopify integration and Chrome extension consumer option that makes it easier for small businesses and mom and pop stores who might be vulnerable online but don’t have the capacity or financial resources to have an in-house cybersecurity team. 

Key to otto’s growth is its user-friendly experience, something that is rather rare in the cybersecurity world. 

Leading that effort has been Fowler, who was part of Wunderlist and worked across the Microsoft ecosystem before settling back in Memphis and joining Louie’s team. 

Taking inspiration from Gmail’s important and unread label features, Fowler saw a unique opportunity to create an “Inbox Zero” interface experience for the cybersecurity world. 

He told Hypepotamus that the original UX markups for the new ottoBOX product and design relied heavily on the look and feel of Gmail. 

“With most of what you surface in a security app, you need to be able to react quickly and you don’t need to look at a bunch of “stuff,” he added. “The more signal and the less noise you can get the better.”

Fowler is based in Memphis where the startup initially got off the ground, and Louie now spends her time between Memphis, Atlanta, and London, as otto is part of the Engage program and Barclays Accelerator Powered by Techstars.