Cybersecurity Deep Tech: In-Depth Interview with Anter Virk on Shepherd & Subconscious Compute

Delve into an exclusive conversation with Anter Virk, CEO and Co-founder of Subconscious Compute, as we explore how Shepherd is transforming endpoint security in real time. Gain insights into Anter's career journey, from Proctor and Gamble to entrepreneurship, and his unique perspective on cybersecurity. Discover the future of Subconscious Compute and its potential industry impact, and stay ahead in cybersecurity with actionable insights from a thought leader.

Cybersecurity Deep Tech: In-Depth Interview with Anter Virk on Shepherd & Subconscious Compute
Do not index
Do not index
Ofofo Studio
Video preview
Mohan Gandhi: Hello and welcome to Ofofo Studio. I have with me Anterpreet Virk, CEO and Co-Founder of Subconscious Compute. I met Anter when I was in TiE in 2014 for the first time. Subconscious Compute is his second startup, the first in cybersecurity. Welcome to the Studio, Anter.
Anter Virk: Thank you so much. Thank you for having me. Pleasure being here.
Mohan Gandhi: So, Anter, I know you from your first startup, Shotang, but not many of us know what you have done before. How did you start your career? How did you end up being in Cybersecurity now?
Anter Virk: I mean, it’s a little tricky journey, to be honest. So I started my career with P&G Singapore. I was briefly with them, and while I was there, I kind of made this bold decision to come back to India very soon. Primarily for two reasons, the first was that it was my first time out of the country, and I think it’s fair to say that I didn’t take it well. The second is that India was turning out to be a great story. So what I could kind of foresee was that the economy that India will have in a few decades and the opportunity that India will have in the coming future will far exceed being anywhere else in the world. So I made the bold decision to come back to India and join Nokia out of campus through my college placements. Then I was with them for about 4 and a half years. I covered the length and breadth of the country with them, first in my sales stint and later in the marketing stint. By then I was interested in my marketing stint, and I realized that there was a lot of merit in starting my own thing. Back in Ahmedabad itself, that itch was already there, but I thought that it would be too early to start right out of college. So in late 2012, I had a few colleagues who were kind of working toward the same thing. So I guess one thing led to another, and in early 2013, we quit our jobs and started what was then called Channels, which later became Shotang. So then obviously we started as a platform for connecting distributors to brands. More like a channel partner search platform, which later turned into a full-blown B2B commerce engine. So it kind of moved from one thing to another. Later in 2019, or early 2020, I was looking to create another startup. One of the biggest learnings we picked up from Shotang was that I don’t enjoy operationally intensive projects, especially for me considering my leadership style. So for me, it becomes a bit challenging to manage teams beyond 300 to 400 people. So one of the primary drivers for when I was picking the next idea was how can I make sure that we create a ton of value by assembling and combining only a handful of people. That was the primary criteria. So one of the things that kind of fit this beautifully was that can you do something deep tech. So while we were researching, I met my co-founder during that time in 2020 who was doing very fundamental research into brain and computer architecture. So cybersecurity kind of came into existence because it was a good use case for that kind of tech.
Mohan Gandhi: So how exactly did you meet your co-founder Dilawar Singh?
Anter Virk: So when I was starting my next venture, one of my investors in my earlier ventures kind of pointed me to this incubator called Entrepreneur First. So when I had a conversation with them, they got me into this cohort that we were about to run, my Co-Founder Dilawar was also a part of that cohort. The design of the cohort was largely that it kind of facilitated conversations between the people that kind of came in, and they kind of ensure that there are people from the business background and there are people from the technical background. So when I met Dilawar, the conversation was mainly around the research that he was doing, and as I said, he was working on the brain and architecture kind of problems, I found that very fascinating. So when we kind of dug deeper, we kind of realized that there were a lot of potential use cases that could be born out of this kind of technology. So we decided to team up. It was not an easy journey to even kind of stumble onto the right use case. We took I think more than 9 to 12 months, that was the horizon in which we figured out exactly where we want to put this tech and how we really want to utilize this tech. The good thing was that while we were kind of doing that, there was, unlike other ways in which you kind of find a co-founder first and then delve into an idea, by then you’re already kind of joined at the hip because you started together, you have to kind of stay together. With us it was kind of the opposite. We started off with an idea and then over the journey we realized that this is something that can be good as a business and that we’re actually pretty good as a team. Then we decided to team up and put forth the plan to the Entrepreneur First team and say that this is kind of what we want to do. The program was that they kind of fund you right at the ideation stage. They give you some money to build on the idea. By the time we were kind of ready for the next fundraise, we had already solved many of the questions like what use cases to go after, what to solve first, what to solve later.
Mohan Gandhi: So what use cases do you solve at the moment? What does SubCom do and what are some of the other prominent use cases you are looking forward to solving?
Anter Virk: At the heart of it all, Subconscious Compute is an Edge Tech company. What we do is we have built a neural net, which we internally call a habituation neural fabric, and this fabric is very revolutionary in the sense that when you look at edge use cases, what are the primary challenges? From an AI perspective, edges are where the data is getting created or consumed, right? So we have a flood of data that comes your way. Now principally if you look at it right, the cost of computing the pixel or the cost of processing a pixel is much lower than the cost of transporting a pixel. So the challenge is with all the cloud architecture as the main architecture, what you end up doing is that you pick up the data from the edge and take it to the cloud. Now this adds 2 problems, the first is that the cost of moving the pixel is anyways higher so the compute is lost, and second is that every time you move a pixel is that you have this delta time which gets added, a latency that builds up. So when you do this, you can have very powerful models in the cloud but you are killed by the latency or you are killed by the cost that the model basically comes at. The thing is the cost you can still may manage but there will be a lot of sensitive use cases on the edge which will not be able to bear that latency. So for example if you have a connected car tomorrow that is autonomous, you can’t even afford the asset being compromised even for 5 minutes. So what we realized is that you need something very powerful on the edge. So this is why we built the neural fabric where now essentially if you’re building the fabric on the edge, this fabric should be able to take all the data in instantaneously, we can’t store the data anywhere because you would start running into the same problems that I mentioned earlier, but you don’t really want to compress it or sample the data because then you would lose the essence of the data. Second is that this fabric kind of helps us process a lot of data in real time but don’t waste a ton of compute on it because edges don’t have those kind of resources. The thing is this, that anyone can take in a lot of data, but how do you know and how do you quickly take a look at the anomalies in that data. So that is what this fabric is really adapted to do. Then once you have picked up an anomaly from that data, all that remains is basically how you would process that anomaly. So you can run a little bit of AI on the edge itself, let’s say something like Tiny ML where you can put this against some patterns and see what kind of information you get from those patterns. So essentially we have this AI which can run on very limited resources and it can very quickly tell you need to pay attention. A very good analogy could be that if you have a haystack, you don’t know where the needle is, so SubCom has essentially created a fabric which can very quickly point out that this is the section where the needle is likely to be. So once you have that, and you have not wasted a ton of resources in doing that, everything else is not that big a compute. So that is the essence of the underlying technology that SubCom has created. Now what kind of use cases can you build on top of this? Any use case where there is a lot of data where should you look? This question can be solved by this. Now the problem could be that you have a data lake and you need to build a search engine on top of this. Now using our technology, you can build this. Or essentially problems where there is a flood of data that you have to deal with but the meaningful data is limited. Think cybersecurity, now you will have events that happen every instant, but not every event is meaningful. So you have you pick up only those events that are meaningful. Now these events may not be threats themselves, but when analyzed, you may realize that they may lead to threats. What you don’t want to do is miss any threats. So essentially, you will do that if you sample data. So right now, the use case that we are building is that we are focusing on cybersecurity right now and because it’s an edge model, we are focusing on devices. What has happened in the last decade or so, because we wanted quick rollouts, what has happened is that the world has moved to this agentless architecture a lot. So it was good as long let’s say you were protecting laptops and mobile phones, but when I look at the use cases of tomorrow, autonomous vehicles, autonomous drones, robotics, you will not be able to live on second-hand telemetry where your analysis is happening on the cloud but you don’t have any information on device states. For example, if you look at let’s say, zero trust, you can’t really live on the fact that you authenticated the device right at the start of the session and throughout the session the device trust is unknown. And you can’t check the device trust until and unless you have something on the device. So we are kind of bridging that gap. We’re saying that at every instant, the device state will be known.
Mohan Gandhi: There are a lot of technical terms there. I understood this, but can I say the edge is the toughest thing, and you are giving eyes and the ability to provide utility to process cyber data processes? The challenge I see is that the majority of edge security is either EDRs or XDRs, which predominantly work on computers with at least 4 GB of RAM. Even if you go to any vendor who is selling EDR, they ask you about the specifications of the devices. The moment you say they are laptops with 1GB or 2GB of RAM, they will tell you that maybe it’s not good enough for protection. From there, you are talking about an extreme case where you have edges as IoT devices such as cars, etc., where the computing power is extremely low. And then on top of the existing computing power, you’re providing a fabric that allows you to see what’s going on in the data and helping them find the needle in the haystack. That’s super interesting.
Anter Virk: To give you some numbers, for example, if you’re running an antivirus scan on your system, that agent will take anywhere between 20 to 25 percent of your CPU per scan, and all that they’re doing is looking up certain files against a certain footprint or pattern. Whereas when you run Shepherd, you’re running a fabric, and the resource cost that it has is 2 to 3 percent of the CPU power max. So it’s fundamentally a very different ball game. What we are essentially saying is that even if you talk about EDRs and XDRs, you’re essentially combining a lot of data from different resources, and then you’re coming to an intelligence that is cloud-based. So we’re saying that’s fine if you have that kind of luxury to have those kinds of resources on your devices and then you have the maturity or size of that state where you can have a big security team onsite, and you can also have multiple numbers of tools on your devices and the cloud to kind of triangulate the data and then bring it to a certain point, that’s great. But for everyone else who has time-sensitive, mission-critical use cases where you can’t afford latency or even one second of delay, then you need to have something on the device. Or for enterprise use cases where you don’t have a security team inside or you don’t have the luxury to put 4 different tools on your laptop, then essentially you can have this one platform that will take care of your devices security-wise as well as management-wise.
Mohan Gandhi: You also talked about being agentless and the world coming back to the agent-based workflows for edges, especially edges that are low computing in nature. So what’s Shepherd and what kind of cybersecurity problems are you solving using this fabric?
Anter Virk: So Shepherd is essentially our endpoint security tool or platform. What it essentially consists of is basically an agent that rests on the device. The good thing about Shepherd is that it’s very lightweight when it comes to its resource footprint. The kind of RAM it consumes, the kind of CPU power it consumes. We are running it on ESP32, which is like the bare minimum you need to do any control or computation. So that is the agent, that is kind of coupled to a platform where you can see everything and manage everything. Now what this agent does is basically it takes very deep observability into the machine. So because it’s sitting on the kernel, it’s pretty much privy to every process that's running on the machine. It gives you an observability which is way deeper than any agentless infra can take. Once you have this observability, you have control over every device state at every instant. Then what we do is basically, the other benefit of having an agent is that you can not only observe, but you can also enforce the desired states. So from the observability, if you notice, let’s say that there is something off from a particular machine, so your objective of securing the machine is basically twofold. The first is that you want your machine to be in a state or a posture that is actually the recommended posture for that machine. So what Shepherd does is that it first gives you the observability in terms of what your posture is. Second is that it gives you the flexibility to enforce policies which will bring it into the desired state. So that piece Shepherd solves. The second piece is basically when you are under attack, how is your posture faring? What are the things that Shepherd can tell you which will help you mitigate that attack? So that is the piece where the fabric comes into play, where we detect something which is out of the ordinary, and then Shepherd kind of picks it up and then analyzes. If it is a known threat which we already know, then Shepherd can terminate it right there, but if it something that we don’t know, a threat that we haven’t seen before, basically a zero-day case, then we send an alert back asking you what you really want to do with this process. So essentially, it solves both these problems as far as machines are concerned.
Mohan Gandhi: So you’re bringing in observability and controls and patch management in a simple format?
Anter Virk: Right, so the idea is not only to give you observability and policy enforcement, we want to build compliances on top of it. One of the problems with compliance is that people can tell you that this device is in this state, but how do you enforce that state? So because Shepherd is a kernel agent, we can not only tell you how compliant your device is, but we can also enforce that compliance on the device. Then the other tricky topic is vulnerability management. So you pick up vulnerabilities and see what applications are installed and how vulnerable they are, but the other challenge is how do you sort them, how do you patch them? So Shepherd will not only be able to pick vulnerabilities on these machines, but we will also know what kind of permissions those applications have on these machines, and then we will be able to sort these vulnerabilities in the order in which they need to be patched, and then Shepherd will also be able to run the patches on these machines. So what we’re saying is that a complex process will hopefully be broken down into one-click enforcements.
Mohan Gandhi: So basically you’re launching an edge that can do all things cybersecurity with the help of observability?
Anter Virk: Right, so the mission is basically to give you one product that can solve all your endpoint management and security goals.
Mohan Gandhi: So it’s very common, right? When you’re explaining this, it looks like a newer version of EDR when it comes to laptops and expensive devices. But is it your IP that you built this to work on smaller devices, is it the fabric that can work on any small device? Because whatever you’ve said, be it the compliances of it, patching, vulnerability management, identifying, detecting the vulnerabilities etc. everyone has a particular learning curve and maturity in laptops and high computing devices but everyone has neglected the real edges which are a lot of the IoT devices and smaller devices like that. So you’re saying that the fabric can help tap into those smaller devices and help make the rest of the ocean secure?
Anter Virk: So let me kind of take a step back. So Shepherd, when you look at it, right from the habituation neural fabric, which is the essence, which is what everything is being built around, I’ll tell you why we feel that it’s revolutionary. So when you look at intelligence as a concept, what we kind of are a little saddened by is the way AI has taken up a certain shape, even though we call it intelligence, it’s not intelligent because ultimately, it’s just like data on steroids. So what we felt was that when you’re building an intelligence you have to take your cues from nature and how intelligence is built in nature. Now natural intelligence is built differently. So the first thing that natural intelligence has is that more often than not, your system's perception is not based on a single modality. Your senses or sensory organs, no matter what kind of species you deal with, will more likely be more than one. We as humans have 5. So your intelligence is essentially a lot of sensory data, your sensory organs feeding into your central unit, and the central unit is very effortless in composing all of this. For example, when we decide what we are seeing or what we are hearing or what we make of our physical space, we kind of usher in data from all the senses, whatever senses could be used in that scenario. For example, if I say that what you’re looking at is coffee or not, you will see that is is black but you can also smell the coffee which gives you a decision in kind of 2 computes. So that’s one. Second is natural intelligence is local, you don’t have a cloud, you just have a 20-watt system that does everything, but the good thing about natural intelligence is that it’s scalable. A very rough approximation is that our species' intelligence is directly proportional to the number of neurons. So we are the most intelligent species because we have the most number of neurons. But the interesting thing is that species with 100s of neurons, not even 1000s, are intelligent to a certain extent. Now if you draw this corollary to devices, what we’re essentially saying is that every device that is internet-connected, because non-internet devices barely need any protection, so internet-connected device has some amount of resource, and we can very loosely say that the amount of threat on the device is also proportional to the resources, because the resources will define what the capability of the device is, and that will further define what level of threat it will experience. So what we need to do now is we have a paradigm that can scale up and down based on the resources and lend security to those devices. So that is where this habituation neural fabric gets very interesting. So unlike other AI modules, we don’t have a big model that we need to train and then send to the edge, we train the model on the edge itself. So it doesn’t need any training whatsoever. So basically we deploy this model based on the kind of resources that these devices have and then it learns the patterns in terms of sequences on the machine in some time from there the model is adept at picking whatever is out of the ordinary and from there the entire cycle starts. So it’s very adaptive that way. So now the security is kind of built on which is directly proportional to the amount of threat that these devices will experience. So that way it’s very scalable.
Mohan Gandhi: So Anter, you have raised a couple of rounds already, you said that Entrepreneur First gave you your starting fund. You also raised your first round and you’ve already had your first couple of successes with customers. How was your journey in fundraising? What helped you? What is the game plan? How did you raise money so quickly in India being a Deep Tech Company?
Anter Virk: So I guess, to be honest, I think there is no magic formula to it and you’re right, being a deep tech company in India, it’s very hard to raise. I’m not saying that in any other industry it’s very easy to raise money, it usually takes a ton of effort, and a lot of times it becomes the full-time job of the founder. So what helped in our case is that we were very certain in terms of what kind of company we are building, right out of the box, we were telling everyone that this is a deep tech idea. The reason for doing that is that deep tech is still in gestation, so unlike let’s say an application company, you can’t produce something in 3 months and start testing with the customer. So the base fabric took us more than a year to build and for that one year, we were just dabbling and thinking about what kind of use cases we would build on top of that. Thankfully because use cases did not dictate the baseline fabric, that developed at its own pace. So coming back, basically, one, because you know that there is enough gestation in the idea by being deep tech itself, even though there are a handful of VCs in India who understand deep tech that way, even though that number is rising now, so we knew what kind of VCs to reach out to. The other thing that helped was that we were kind of introduced to a mentor as a part of EF itself, who kind of also introduced us to the right people, those were very warm conversations, and in fundraising, warm conversations are much better than having cold calls and cold emails. So yeah, just knowing what kind of VCs we wanted to talk to and being clear upfront that this is a high gestation idea and the other thing is that we weren’t chasing a ton of cash. A mistake I think company founders do is trying to get the company valued at a certain point way too early in the journey. What I have learned from my experiences is that it doesn’t matter if you’re valued a few million higher or a few million lower, because at this point, nobody’s getting an exit. So during early seed funds, I would readily give an extra 5% to the right VC, rather than getting a higher value and then struggling with the partner. So we kind of zeroed down on certain VCs whom we wanted to have conversations with and thankfully things kind of turned out well. So at least for this organization, we didn’t face a ton of hardship in raising the seed round. We raised it from Your Nest Venture Capital and a clutch of angel investors and syndicates. Entrepreneur First also participated in that with them being our previous VC.
Mohan Gandhi: I’m assuming that your ideal customer would have a lot of edges or a lot of data on the edges. So if you had to pick an ideal industry or an ideal customer, who would that be to you?
Anter Virk: Essentially, if you look at it, the way that we’re building Shepherd as a platform, the technology is as powerful as the device that it’s installed on. But what we realized is that the fabric is also very powerful irrespective of the device that we’re putting it on. So while we were building for IoT, as I said, there’s a certain amount of gestation before we manifest the technology, so what we realized is that while we're building this, we look at even the enterprise endpoints as a market. Enterprise endpoints are also very interesting. So on one end, you have let’s say the Fortune 500s of the world using let’s say 45 to 50 cybersecurity products, there you have the CrowdStrikes and Palo Altos of the world where you have a team of people who are handling it, there are complicated tools, they are flooded with a ton of alerts every day, and they’re somehow managing it. They have enough resources to manage these kinds of tools and of course, they are expensive. On the other end are these small teams or medium-scale teams who don’t even have cybersecurity teams in the build, let alone anything else. So for the endpoint, there is nothing much to be honest. Either you’re stuck with antiviruses which don’t solve your problem because antivirus is just a file system tool that is about 40% effective. I mean, there’s no way they’re going to thwart sophisticated attacks of today. And then in the middle basically, there are largely mobile device management companies. So what we kind of felt is that there is this big horizon or big bucket of the market that is struggling because there is no comprehensive tool that can solve more than one problem for them and these guys don’t have internal cybersecurity teams that could deal with these tools. Second, let’s be fair, they don’t want to spend a ton of money on different tools because there is a limited budget. The other thing that we realized is that the cybersecurity journey is also very typical. You don’t start the cybersecurity journey by understanding or by realizing that okay I’m under attack, I could be under attack, my reputation could be lost, my business could be lost, and hence I need to protect. Usually, you come into the market or you start your journey because you have to be compliant. So compliance has also become a mainstay or essentially the entry into the market is compliance and then you mature from there. So what we felt was that as far as enterprises are concerned, there is a huge opportunity to build this unified endpoint security/management platform which could essentially be the single platform that could give you everything you need for endpoint security while we are building for IoT. So essentially for us, the markets are 2. One is enterprise security where we are saying that you can have this one tool and we would be able to solve most of your problems with that. Second is IoT space where we are seeing as long as you have small form factor devices or mission-critical use case devices, we will be able to give you the first line of defense. So we are not denying the fact that you would still need cloud intelligence, you would still need a more sophisticated tool in the backend, but what we are saying is that you don’t have to get all your devices infected before you solve. Cybersecurity has a remediation problem, right? You always want to remediate, we are saying why not prevent? So the first line of defense we are building and then everything else can be built by someone else. So now what kind of markets and what kind of customers, markets to be honest, cybersecurity has this one blessing because there are no cultural contexts on demands in cybersecurity, there are no geographical limitations, a device under threat here is the same as a device under threat in the USA. So geographically we are not thinking about limiting ourselves to a particular country or geography. Now as far as use cases are concerned on the enterprise case, we wanted to work with first the companies who as you rightly said have sensitive data on their edges and they need to protect their edge devices or they have a lot of devices which they are finding it hard to manage.
Mohan Gandhi: Considering the new DPDP Act, there is a huge requirement to protect edge devices. For example, if you look at Fintech, if they complete KYC, all the agents have all of our data. So Anter, if someone wants to use Shepherd or Subconscious Compute, how do they reach out to you?
Anter Virk: So you can reach out to me at [email protected] or you can directly log onto
Mohan Gandhi: Great talking to you, thank you for this insightful conversation.

Ready to secure your business?

Join other 2000+ Subscribers now!


Written by

Mohan Gandhi Ponnaganti
Mohan Gandhi Ponnaganti

Co-founder and CEO,