Andrew: Hey everyone. My name is Andrew Warner. I’m the founder of Mixergy where I interview entrepreneurs about how they built their businesses. And I know one thing happens all the time. Whenever I interview an entrepreneur from an enterprise company people just tune out. But I got to tell you, you should not be tuning out for this one and here’s why. Today’s guest is a guy who escaped from Iran, ended up in Australia, somehow started a company, bootstrapped it, sold it for, I’ve got the reported numbers in front of me. I’m going to ask him to talk about it. Then he started another company which is what he’s running now. The guy is on vacation right now in Bali and still, he set up Zoom to record this interview with me so that he could get the word out about his new business because he’s still somehow, and I know how well you’ve done Carlo, somehow still in hustle mode. So this is an entrepreneur that I’m really excited to talk about, to talk with, to learn from, to hear how he built up his business.
The man who I’m talking about is none other than Carlo Minassian. He is the founder of a couple of companies. The first one that we’ll talk about in this interview is Earthwave. They did and do managing and monitoring of cyber-security. We’ll talk about what that means in a moment and how he protected companies. Especially I want to hear the McDonalds story in this interview. He built it up, sold it, and then started another company called LMNTRIX. It is an adaptive threat response platform that goes after attackers from the inside. We’re going to get some concrete examples here because I want you to see how he’s protecting businesses. Actually, and I like bad guy stories too, so we’re going to get some of those in this interview.
All right. This whole interview is sponsored by two phenomenal companies. You guys probably already know them. Every time I talk you probably think that I’m going to mention them because they bought some of the ads here. The first is a company that will host your website right. It’s called HostGator. And the second will help you hire phenomenal developers. It’s called Toptal.
All right. Carlo, good to have you here.
Carlo: Great to be here, Andrew. Thank you for having me.
Andrew: Your wife and family they’re okay that you’re in Bali and instead of hanging out you’re here with me?
Carlo: Not really, but they do . . . Having to live with me for many years, they do realize the sacrifices they need to make. I had them up at 7:00 a.m. and out of the villa.
Andrew: But, Carlo, you did just so you and I could record.
Andrew: Carlo, sacrifice for what? If I’m going to my wife and I say, “You have to sacrifice. This is important that I do it.” What’s the reason why you do? You still have to give her a reason why you’re doing this.
Carlo: Well, those Gucci bags don’t grow out on trees.
Andrew: That’s what it is. It’s like, look, the good life that we enjoy comes from the hard work that I put in. Go out and the world will be better for us because of this. That’s it.
Carlo: That’s it. And if you want to stay at Bali a bit longer, then I need to do this interview and if you want to go again next year, then I need to do this interview.
Andrew: What’s an example of like the good life that you are able to afford now as a guy who started out with zero dollars and now here you are actually with a couple of successes under your belt? What’s an example of one thing you’re able to buy? Give me a sense of what’s possible?
Carlo: Well, look, I think the whole concept of good life is not about assets or things or material things because once you have them, it’s like anything in life, once you’ve got it if they don’t mean much after a while, in my case, I have a $10 million house, but it’s just another house. It’s a roof over my head. After the first few weeks, it just becomes the norm.
Carlo: Having expensive cars and being able to travel and all of those things are material things. What really I think is important is for me to be able to not think about money or my family not to ever think about money again and to be able to do what I want whenever I want. I can retire at any time. I can choose to work or not to work. And having that freedom is what gives me, empowers me to be who I am and to do what I want.
Andrew: Did I get it right? Did you escape Iran, or did your grandparents escape Iran?
Carlo: My grandparents escaped originally Armenia from the Turkish genocide.
Andrew: Oh, I got it. They escaped Armenia, and they went to where?
Carlo: To Iran.
Carlo: Yeah. My grandpa got a couple of bullets in his arm. His friend died in the channel, the water that they swam to Iran. He made it, and he remarried, had my dad and set up life in Iran. That’s where I was born. And then my parents got me and my brother out of Iran during the Iran-Iraq war before we hit the age of 12 because once you turn 12, they wouldn’t let you leave the country, and at the age of 15 they would send you to the army to go to war because there was short of soldiers.
So we ran away with a lot of hardship and luckily went to Australia. I started . . . I was in Year 5. I did Year 5, Year 6, then went to high school, and then I went to uni and the rest is history. I got started my own business. And I think that background is what . . . and watching my parents go through that and then do that and start again from zero is what gave me the initial foundation and drive to build the business.
Andrew: Was it racism towards you? I know in the U.S. the fact that the U.S. was like basically a war with Iran, not physical but it was a lot of hostility, Persians were not well liked even in New York, and there were a lot of [inaudible 00:05:39]
Carlo: No. I’m actually Christian Armenian although I was born in Iran, but that’s not where the racism came from. I think back then, we’re talking 30 years ago, Australia wasn’t so multicultural. So there was quite a bit of racism.
Andrew: It was foreign racism not necessarily Iranian. It was anything foreign is . . . Got it.
Carlo: Yeah, exactly. Yeah. Well, we didn’t have any pie restaurants and kebab shops. Now they’re everywhere. It’s accepted. It’s the norm. Back then it wasn’t. And we were a bit different, you had dark hair, and you were not one of them, so there was a level of racism, but it’s completely different now. It’s changed over here. There’s a lot more acceptance, and it’s the norm.
Andrew: You were a contractor before you started Earthwave. Am I right?
Carlo: Yeah. I learned very quickly in my career that if you contract you can minimize paying tax. So, after my first job, I stopped working as a permanent employee ever again.
Andrew: Because as a contractor you can write off your phone bill, you can write off the computer you by, etc. Even if it’s in your house, the fact that it’s a work tool, you can write it off. That’s what you’re talking about?
Carlo: Yeah, exactly. You could marry and right off your wedding as IT conference.
Carlo: Travel to your honeymoon and if you can, you can get away. I’m not saying that I did, but you could.
Andrew: Got it. I knew that you’d be an interesting person to talk to. And I like the way we’re talking here. What I’m curious about is what’s the work that you did as a contractor?
Carlo: I was an all-around [that 00:07:18], to be honest. I did . . . At very early on out of uni, I realized that uni only gives you the basic foundations, then you need to use that to build on it and to specialize in something especially in IT because it’s so broad. And in my case, I was deemed a solution architect. I was across many aspects of IT, everything from system administration to IBM Systems, Microsoft System, Cisco Systems, networking, security, etc. So, and then quickly at the very early age, I became a solutions architect where I would go into a major enterprise and be able to pull together complex solutions, hundreds of thousands if not millions of dollars in value and pull them together and architect it and document it and then get the team to deliver it or sell it to the client.
Andrew: And the team was your team?
Carlo: No, no. This is companies that I work for like system integrators or outsourcers, yeah.
Andrew: Got it. How did you know that . . . How did you know the security was going to be the thing that you’re going to spend your time on?
Carlo: I think if I look back at all of the things that I did, security was one area that I was passionate about. I liked out of all the things that I learned that I did. And back then it was really early days. I was one of the first seven or eight people that became checkpoint certified in Australia. And then I was one of the first few to download the beta version of IBM’s ISS. It used to be called ISS, Intrusion Detection System and Scanner. So these early exposures to these tool sets made me feel like I was passionate about this.
And I felt that security would be needed across the board across all aspects of IT doesn’t matter what you did. It was then a matter of finding a niche within security because you can’t just say, “I’ll do security.” But that’s too broad still. You need to say, “I’ll do security and in this particular level of focus.” And for me, it was about finding that niche and doing something that was different, that was new, and effectively, I was selected to go down what is now referred to as managed security services. And that’s what Earthwave was, a managed security service provider.
Andrew: You told our producer, Brian Benson, that you had a few criteria. First of all, you said, “I did a bunch of research,” and then you said, “I want to make sure whatever I get into has, among other things, global reach and was $100 million company.” How did you know what could potentially be $100 million company?
Carlo: Well, I didn’t. I just knew that it has to have global relevance. It had to have a one-to-many business model that wasn’t easy to replicate. It had to be something that was scalable. So, I build it once, I sell it many times, and I didn’t have to keep going back for more . . . I didn’t have to ever go back for venture funding because the profits would run the company itself. And my thinking, the whole time, even with a new business is if I shoot for $1 billion business, even if I fail, that may mean I get 100 million or 10 million. It’s still not bad. And so that’s kind of my thinking. Choose something that isn’t a chicken shop down the road or something that you’re restricted to by location or by scope, but something that has global relevance. So I would rather any day to set up shop on Amazon than to go and open a shop anywhere because the shop only has so much scope.
Andrew: Okay. All right. And had to be international especially if you’re in Australia which has what? Twenty, 25 million people, right?
Andrew: So you are a much bigger market than that. Okay. You made this whole list. You founded the business with $30,000. Thirty thousand dollars I’m guessing came from you saving up money from the work that you were doing?
Carlo: Yeah, exactly. It was just the initial funding the money that I put in and didn’t put another cent into it. Like, startup really cheap going to auctions, buying, paying $300 for a PBX system with 15 handsets and buying cheap desks and chairs just to get the company off the ground and then building it organically. That was it. That was the only funding I put in, and I didn’t put another cent in. The rest was really just a lot of heart and soul and grant and . . .
Andrew: You know what? So I saw some YouTube video of you at some conference. I don’t even know what the conference was, but it was a conference for basically what you’d expect IT people to look like. And then you, Carlo . . . The reason I’m bringing this up is, you look like a little cool for the space over there. Even as we’re talking now, you’re more entrepreneurial than the guy who’s going to sit and do the actual work, do the . . . How do I say this? How does a guy like you end up in such a geeky software world, a guy like you who’s good on camera with me, who’s good chatting with me before, who’s created an online persona for yourself? How do you sit down and do all this work and get all this certification and not hang out?
Carlo: Yeah. Look, I . . . I mean, good question. I think that is my . . . Everything that makes me who I am is a combination of my upbringing and the hardship I’ve gone through and having to work at everything, like, paying myself through uni and just thinking outside the box, being more of a . . . I’m not your typical developer or IT geek. I would say I’m more of a business guy with a passion for IT or security. I get the tech. But from day one when I started both companies I didn’t do a single configuration, a single code, a single customer consulting or anything like that. I was in the background building the business. And that’s what I think one of the biggest differences for me is that I’m able to go and find really good people, get them committed to the company, and then get them to do the right thing.
Andrew: And that’s the part that I do see in you. In fact, what happened with the interns, I think, I see that in you. The person who sits down and does the work to get certified. I can’t reconcile it with the guy who’s going to motivate interns to work for free, who shows them what . . . We’ll talk about that in a moment. Why don’t I take a moment to quickly to talk about my first sponsor? It’s a company called HostGator. My sense is you probably don’t know HostGator, right?
Carlo: No. I don’t know. Yeah.
Andrew: I’m about to blow your mind here. Actually, I’m not going to blow your mind because the truth is all they do is host websites. Yeah. Will they host a website as it gets bigger? Absolutely. Do they have lots of different hosting packages? Yep. Basically, we’re talking about hosting websites. So why should anyone care about HostGator? Because they’ve been around forever. They are a company that you can rely on. I’ve interviewed several people here who came on and said, “You know what? I had a company, then HostGator, they out hustled us, they beat us. This is why we’re no longer doing hosting. HostGator won.” And so they won.
And so if you’re out there and you’re looking for a hosting company to host your WordPress, WordPress or frankly any other platform, just go to hostgator.com/mixergy, hit that Sign Up button, and as soon as you do you’re going to get one click installs of WordPress and other platforms. You’re going to get unmetered disk space, unmetered bandwidth, unlimited email . . . Guys, I’ve said this a million times. Go to hostgator.com/mixergy, hostgator.com/mixergy. And if you hate your hosting company, just switch. They’ll even help you switch over to HostGator. HostGator.com/mixergy. Carlo’s mind is not blown, but it is a really good tool for all of us to know. The interns. Where did you end up with the interns, and what was the plan with them?
Carlo: The interns was away for me really within first business to just get people in the company to do the work I needed. And for me, it was also an opportunity where, again, thinking outside the box, how do you start a company without any money. And for me, it was about giving them an opportunity to get in the industry and giving them the time to learn while I build time to get my act together, get some customers on board and so on. And the early days was challenging. It took us many months to get our first client and we had to do consulting work to make ends meet. I myself didn’t pay myself for three years.
Andrew: But you also said, “Look, I’m not . . . ” And this is another distinction that you said to Brian, our producer. You said, “I wanted to be clear. I’m not going to be like other entrepreneurs. I’m not going to get sucked into doing the work in the business. I’m only going to work on the business.” And you said that here. With a bunch of interns doing the work, what was the work that they did, and what was it that you did?
Carlo: So, look, my role was exclusively on finding clients, the strategy for the company, finding new employees, promoting the business doing sales and marketing and really all of the things that goes in supporting those interns. And it wasn’t just interns. I had people working for me that were working for major vendors but on the side working for me because that was my network. So . . .
Andrew: And what’s the vision that you sold them? Because the thing that stands out for me about those early days for you is, you needed money so you guys are willing to take on anything. A company that could take on anything doesn’t stand for anything, so with all these people looking to you, what was it that you said to them that got them fired up to come in every day to care about it beyond, “I’m going to pay you at some point”?
Carlo: It was just really that opportunity to get in the industry.
Andrew: That’s it. It’s, “Tech is big. Security is going to be huge. You want to get in, I’m the guy who’s going to get you in right now. You’re actually going to get to do the work.”
Carlo: Yeah. I mean, right now I have the same challenge with the same new company, right? It’s about, I’m competing with major brands who will pay two, three times more than I pay, and I’ll have to find a way to convince those employees to work for me instead. And that is a major challenge not just faced by me but every company. And so part of the way I do it is I make the environment and the work they do really exciting and challenging. I don’t micromanage them. I give them plenty of space, give them access to the latest tech and look after them to a point of I take them and their families away on vacation or once or twice a year, create these bonding opportunities, do all the things that are necessary. And in return what I found is I didn’t have to sit on top and micromanage them and expect them to come to work and work 8 hours a day, but they willingly work 12 hours a day, 14 hours a day without asking for any extra pay in return.
Andrew: Because you were getting them into the space.
Carlo: Getting them into the space if they were entrepreneurs, or if they’re working for someone else, it’s an easy opportunity for them to earn extra cash. Like, if you look at what I do today, I have a lot of that. I have probably about 15, 20 people right now working for me that aren’t working for me. They are commissioned based. I entice them to . . . It’s an opportunity for them to pay off their home loan earlier. They find opportunities for me for referral fees. That’s how I sell. I have referrals everywhere. Referral I have everywhere.
Andrew: They give referrals to you and then you pay them every time they do, so they’re on complete commissions.
Carlo: Complete commission. Some of them a one-off bank payment, $50,000, $100,000, all of a sudden pays off their mortgage done and everyone . . .
Andrew: You get $50,000 for who do you?
Carlo: These are, like, if there is an opportunity, let’s say for $1 million annual contract, that’s $50,000 a year over three years, for example.
Andrew: But how do you get somebody to work on that kind of a deal? That’s a deal that takes a long time, that may not have a payoff. It sounds like what you’re doing is you’re hiring people who work for the clients that you want to get.
Carlo: In that scenario where I work off the referral model, my thinking is that everyone knows someone and they have a trusted relationship. And many of the major vendors that these folks work, I approached the ones that are non-conflicting to what I do but they’re still talking to the CIO or the Chief Information Security Officer. So they have their ear. So if you’re smart, you’ve got to get to that guy to tell the other guy, “Hey, check out this company. They’re amazing.” That’s all I need them to do, and that’s all they knew to do. They don’t have to manage the opportunity. They don’t have to do anything else. Once the call comes through, I manage the whole thing through. And that’s, again . . .
Andrew: They just need to make the intro and then you give them a commission.
Andrew: And it’s a friend . . . Give me an example of like, who would know someone? Is it someone like me? Who would I need to know to get $50,000?
Carlo: You would probably know people through your work in the industry who are working for major corporates who are in that position.
Andrew: What’s an example of a major company and somebody who would be in that position?
Carlo: Someone in finance or in a government agency or . . .
Andrew: Got it. So I would need to know someone in finance and their IT department who makes decisions about security, and if I just say, “Hey, look. You know what? I know this one guy. I’ll make an introduction to Carlo. They could chat with Carlo. Carlo can tell them some stories.” And then if they connect and they work . . . Got it.
Carlo: Well, more or less. You don’t even have to make an introduction. You just have to say, “Check out this company,” and in the back end, you tell me that you referred me to someone. That’s all it takes.
Andrew: Oh, tell them. So I say to you, “Hey, Carlo. I just told Steve about you. He might or may not call you,” and then you’re going to find a way to contact Steve and say, “Hey, Andrew . . . ”
Carlo: Yeah, I ended up selling for summer that they don’t even know they’ve installed through because customers hate being cold called and hard sell. So what I do is, if I said to you, “Andrew, go down the road. This shop sells the most amazing jeans,” instead of you walking past and them trying to pull you into the shop, but because I’ve told you they’ve got the best jeans, you walk in with your own recommendation for me.
Andrew: Got it. Yes.
Carlo: You see the effect I have?
Andrew: Oh, you know what? How about this? Imagine this. Imagine if I start another podcast one geared towards who? Who’s the ideal customer right now for you? What’s the job title?
Carlo: A job title would be a CIO or [inaudible 00:22:18]
Andrew: CIO. Okay. Imagine a podcast for CIOs and at the end of the podcast episode, after I finished recording with them, I say, “You know, by the way, this guy who I know, Carlo, he’s got this new business. You should see what . . . I don’t know what’s happening in your security but you should see what he’s doing. If you ever want I can make an intro, but it’s amazing what’s being done right now in security.” And I put into . . . This is not the way I would do it. Then I come back to you and I say, “Hey, Carlo.” I text you, I say, “Carlo, where are you? Bali? Get this. I told this guy, the CIO, he might contact you.” That’s it. You take it from there.
Carlo: That’s it. That’s all it takes.
Andrew: And then you might even contact the CIO at some point in the future and say we have mutual friend in Andrew.
Carlo: No, we would not do that because then that . . .
Andrew: You wouldn’t even do that?
Carlo: No. That then jeopardizes that whole approach. I talk to . . .
Andrew: Do you ever reach out to them, or do you wait for the CIO to reach you?
Carlo: Well, in that scenario, once I know I would never go to them direct. Sure, I approach CIOs directly to promote my value proposition or to get them to talk to me, but in that scenario, no, I’ll never do that. I mean, you can see how your mind started thinking with just this concept about your own personal wealth about how you can make money out of this. I use that same because everybody works for the same reason, is for better of their life and their family. So, if you can tap into that out of people’s need or want, then you have a potential . . . you have an opportunity to have a friend that is actively working for you [inaudible 00:23:53]
Andrew: Thinking about it. You’re saying, “Look, I, Carlo, am not the person who’s going to come up with the exact scenario but once I put this out there, notice how Andrew starts to come up with these different ideas including creating a new podcast. Everyone who I work with has that kind of a brain. They’re going to come up with some way, and I can’t predict.” That’s what you’re saying.
Carlo: Yeah, that’s one.
Andrew: Okay. So, in the early days, you were doing just about anything, right? You weren’t sticking with software, you weren’t sticking with the one-to-many ideas, something that’s scalable, you were willing to take on any project?
Carlo: Yeah. So, as I was building the managed security services, as I was building the business, I would do some consulting work to bring some cash in so I could survive effectively. And then at some point, after let’s say about six months, the guys who are working for you for free, they’re not going to work forever for free, so they get pressured by their families that they need something. So I started paying them 500 a month, then 1,000 a month, then slowly increased that over time. And so that keeps them going and that keeps them excited.
Andrew: And meanwhile you’re building up the software and you’re selling it?
Carlo: It’s not software. It was [at-service 00:24:57] that included technology using software.
Andrew: Here’s what I saw it called. I saw in the acquisition document, I saw that it was . . . I actually even saw videos of you doing this. Excuse me. Managed security service provider. That’s what you guys were?
Carlo: Yeah, correct.
Andrew: And category name. “Earthwave specializes in so-called sock in a box or security operations center that can be set up quickly and is compatible with a range of security technologies. It runs security operations centers with analysts who monitor company’s networks, handling attacks for the policies set by the clients.”
Carlo: Yep. That was one of the things we did. We helped clients set up their own security operation centers, or otherwise they outsourced it completely to us.
Andrew: So it’s your people watching it? What’s the part that makes it one-to-many, as you said, a scalable business so you don’t have to . . . Talk to me about that. What would be at the product?
Carlo: So effectively, it’s kind of like you’re outsourcing the monitoring of your home, right? For each home, there isn’t a separate set of eyes monitoring those homes. When it comes to alarm monitoring, the alarm company sets up infrastructure and consoles and screens, single set of eyes working 24/7 monitoring the alarms coming across their customer base, and they may have 1,000 customers they’re monitoring. And it’s the same concept applies to IT security and cybersecurity.
Andrew: You bought the hardware for them. Sorry, I just touched the mic. You bought the hardware for them. You help them set it up and your team manage it?
Carlo: No. They own the infrastructure, the hardware. We effectively just did the monitoring in most cases. Only in small number of cases is where we went and put in our own hardware, which is equivalent of installing our own alarm system effectively.
Andrew: Okay. You know what? I think now’s a good time for us to talk about the McDonald’s example you gave me before we started. This is a guy who worked at a company and then what did he do?
Carlo: Well, that was where we were monitoring the [macros 00:26:55] McDonald’s free Wi-Fi network and in that instance, we received a call from a company that the lawyer from a company that said, “You guys have breached us. You’ve attacked you.”
Andrew: Oh, meaning like, “Hey, you guys, McDonald’s, you are attacking my client.”
Carlo: No. They called us because McDonald’s effectively used our IP addresses.
Andrew: Got it. So they’re calling you and you’re saying, “You, Earthwave, you guys are the ones who are attacking us.” Okay.
Carlo: Yeah, correct.
Andrew:And you said, “Okay. Let me look at . . . ”
Andrew: And we said, “No, we’re just a service provider. Let me look into this.” And they told us exactly the time and the date of the incident. We then tracked that back down to a particular store in McDonald’s, an IP address, and in that instance, we could see the guy log into his office, his company remotely deleted all the entire file system, deleted the web server content, logged off and continued logging on to his Facebook and Twitter accounts.
And little did he know that this free Wi-Fi service is outsourced the security to a professional company that got all the logs and events, and all we had to do is run a quick search and see this . . . make the connection. And so even at that point, we couldn’t tell the customer that this was going on because of privacy concerns and issues. So, the customer said . . . We said, “We know who it is but you need to subpoena this information, go through the process through the police.”
Andrew: You’re saying to them, “Subpoena us and we’ll give you this information because we do know who this person is who logged into McDonald’s thinking he was being anonymous.”
Carlo: Yeah, correct. And then the person said, “Look, this is like one of my employees.” He said, “Look, if you . . . ” Because they kept insisting that the lawyer called three times. My guy said, “If you just guess who it is if you can give me a name, then I will confirm or deny.” And the first name came out of the guy’s mouth was the recent IT manager that they had let go who was obviously disgruntled employee who ended up doing this kind of an act. And that’s just a really basic example of the value that we could add by the continuous monitoring capability that we offered.
Andrew: All right. I got to come back in a moment. I’m going to talk about a sponsor and then I got to come back, and I got to tell you the story of a guy who I met here in San Francisco, incredibly well known. I won’t say who he is, but I got to tell you the story. One sec. I want to write a note here. The second sponsor is a company called Toptal for hiring developers. I’ll tell you what? Instead of me yapping about Toptal, how about I asked you for two tips that you have for hiring good developers. You’ve hired a bunch of them. What are two tips that you suggest anyone who’s listening to me think about when they’re hiring a developer from Toptal or anywhere else?
Carlo: My personal experience is get people to your team, your technical team to conduct a technical interview and test them. I think testing them is super important. They could write anything in their CV, but at the end of the day, unless you have the ability and know how yourself to put them through the ropes, give them a small piece of project to do that might take 20 hours, you may even choose to pay them for that. So offer 10 of the best-shortlisted candidates, a 20-hour project, pay them for it, see the results firsthand before you do your second and third round interviews.
Carlo: I found that to be critical. I find that you could go on hiring based on what’s written on the CV and end up with a mediocre or less than average sort of guy or developer.
Andrew: How about one tip for culture fit to make sure that they’re the right fit to work with you?
Carlo: I mean, that’s a given. Your team automatically will recognize and see if they’re a fit for your business.
Andrew: You could tell?
Carlo: Yeah, you could tell. You have to have a bunch of question relating to that . . . You have to break up your interview into different aspects to test them on culture feed, technology capability. How many times do they take leave? Where do they go for leave? Are they going to be accessible? All of those things are important for me, so I test them on it.
Andrew: And if you’re in Bali taking this call with me, then you want someone who’s willing to be just as committed. All right. You know what? Actually, Toptal does these incredible tests. And I said in the past interview that people will work hard to pass the test. If they fail, they’ll sometimes blog about it and say I’m going to try better next time because the tests are so hard, it brings in people who are competitive and are great developers. And so the guest who I was interviewing at the time said, “I’m a developer. I could totally rock that test.” I said, “All right. I’ll tell you what. If you beat it, I’m going to give, I think it was, $2,000 to your favorite charity, whatever charity it is.” He goes, “It’s on.”
I introduced him to Toptal. He was totally on with them. I checked in a few weeks later, I said, “So how are you doing?” He said, “Are you kidding me? This test is insanely long. I have no time for this.” I said, “That is why Toptal gets such great people. They want to make sure that they’re fully committed. If you’re not committed to taking the test, you’re not committed enough to take on the job afterwards.”
All right. So the whole idea behind Toptal, they test their people. They have them in a network. When you Carlo or anyone else who’s listening to me once to higher, they will talk to you, they’ll understand your needs, and then they’ll introduce you to someone from their network. If you’re listening to the sound of my voice, you have an exclusive offer that I used to say, “Guys, pass the word around.” They say now, “Don’t. Just keep it to make Mixergy listeners.”
So here’s the offer. You’re going to get 80 hours of Toptal developer credit when you pay for your first 80 hours in addition to a no-risk trial period of up to two weeks. Just to be clear, if at the end of the trial period you are not 100% satisfied, you will not be billed. That’s how sure they are that they’re going to put you together with the right developer. The best developers out there are on Toptal. That’s Top as in top of your head, tal as in talent. Toptal.com/mixergy.
All right. So here’s the deal. This guy created one of the top payment companies, sold it, happened to like fly his personal jet here to San Francisco. We go out to dinner, a few of our friends. He doesn’t pay, which I think is good, right? He’s not there to be our sugar daddy. We all pay, but he . . . I forget what it was. We had to like pay one person than he was going to pay. He had cash. He takes cash out of his wallet. He’s a payment processing CEO. Why do you have hundreds of dollars in your pocket? He says, “I was at the other side before I sold my company. I was at the other side of the payment processing world. I see how much these guys know about me. There’s no way that I’m going to like leak all that information. I’d rather carry cash.”
So, for you I’m going to ask you this. I was just at a Peet’s Coffee and I said, “Do I log in, or do I hotspot off my phone? I decided hotspot off my phone because it was easier. What kind of danger do I have when I go into these hotspots at McDonald’s or Starbucks or whoever? What am I leaking?
Carlo: Look, the main danger there is that you’re sitting on open Wi-Fi without security. Two, as you log in, because it’s an open network, anybody could effectively sniff that network or see the traffic or the communication and grab . . . If it’s not encrypted, then grab . . .
Andrew: But wouldn’t email be encrypted, my web history be encrypted? Right? They can’t see that, can they?
Carlo: Well, email actually include text, so it’s not. Depends if it’s a web-based solution you’re using, then the communication is encrypted, but many email solutions use a protocol called SMTP and that’s not encrypted.
Andrew: So SMTP is not encrypted. Anything that comes to my phone, they could see it as it comes in.
Carlo: Yeah, that’s right.
Andrew: Of course. You know what? All right. So, that’s basic stuff.
Carlo: Yeah. It’s basic stuff and this is what happens when we go into most organizations, we see credit cards being emailed everywhere, especially they’re processing, like, if they are a finance company or if they are booking company of some sort like thing, you know, accommodation booking or travel booking. Just ridiculous amount of a clear text credit card details that fly around all over the internet, and it’s so easy to grab, right? Whether you’re a service provider sitting in between or you’re an attacker sitting somewhere capturing that data, it is all in clear text and a lot of people don’t realize that.
Andrew: So you’re saying even your clients would have data passing that they shouldn’t in clear text. They don’t realize that that’s part of the thing that you did for them.
Andrew: So you had people who are selling on commission. You were doing some sales. The other thing that I heard that you did was you said . . . Actually, here let me see. “First $100,000 it was . . . The first $100,000 that you did it was channel partners that did the trick that got you there.” What’s a channel partner that you work with, and how did you work with them to get to 100,000 a year?
Carlo: Look, when you are in security and specifically people buy from trusted brands and trusted relationships. So for me to go out and try and sell security to a major brand, it’s almost an impossibility because I don’t have that run rate, I don’t have that brand, I don’t have that trust. And so buying and selling security is all about trust. And so if I want to sell someone with a major brand a complex cyber security solution, then the only way for me to sell it is if I find someone, an intermediary, who will front up that sale and who will say to the buyer, to the client, “I trust Earthwave, I trust LMNTRIX, so then you may trust me because I’ve done my due diligence, I’ve done my validation.” And so that concept is one of the key elements or ways that I’ve built businesses through partners, through channel partners. A channel partner is a system integrator, an outsourcer, as a reseller, a carrier, an ISP, anybody who has a trusted relationship with a customer who is already selling them other technical or [inaudible 00:37:12]
Andrew: Who was the first one that you got that led to a client?
Carlo: I can’t recall the name but it would have been some form of an integrator or someone like that and they would have . . .
Andrew: They’re putting in the hardware, in and then they say, “Do you want someone to manage it? We know a guy.”
Carlo: Yeah. They say, “If you’ve got a problem, I’ve got a guy who can help you. I’ve got a company who can help you,” and then next introduction, it’s a warm introduction. You hope that they don’t ask for any references, and then you do your thing, make sure that you look after those first 10, 50 clients, like, love them and look after them and cherish them.
Andrew: And they become your case studies.
Carlo: Yeah. Case studies and then do PR around them and get the word out of what you’re doing. And so that’s how I build. Just that snowball effect happens after a while.
Andrew: So first $100,000 in revenue took you about a year. That’s how you did it. Networking through channel partners. Getting to $1 million in sales took you three years and there you said that you started to develop this reputation as the hacker catcher. Am I right about that?
Carlo: Not a hacker catcher, but a company that specializes in cybersecurity or managed security services. It’s that people . . . If you become the go-to in your industry effectively or in your country or your . . .
Andrew: Oh, so you’re saying it was going more niche, being just the person who focuses on this.
Carlo: Yeah, that’s right. And when you do it for a long time, like, in my case, 20 years, people already automatically refer me or talk to me. When you’re doing it for five years, it’s still good because five is more than anybody else. And in my case, I was an early adopter. I started doing it back in 2000, and this was area concept that was foreign to most people, outsourcing cybersecurity or monitoring security. Many people didn’t even have security back then, not alone having someone monitor it.
So it was being an early adopter helped get me those early wins. And then once you start scaling, more word of mouth takes its effect and then you start growing like that. When now it’s become a norm. It’s what everybody does. MSS or Managed Security Service providers are everywhere. And for me when the going was going really well, I got out when the time was right. And now I’ve got back in with a new proposition that everybody will be doing in 5 to 10 years’ time. So I’m, again, a few years ahead of the game.
Andrew: I’ll tell you what? Let’s close out this one company, Earthwave, and then move into LMNTRIX. Why did you . . . So you told us why you decided to sell. Why did you decide that you were going to sell it yourself? And what did that mean that you were going to sell the business yourself?
Carlo: Selling the business myself means being . . . It’s part of, again, being that entrepreneurship that I’ve got within me not having to rely on other people for everything, doing a lot myself. I think that is key for success to think outside the box. And so in my case, I didn’t actively go out to sell Earthwave. I was getting 10 to 20 acquisition offers or interesting inquiries from VCs, etc. from all over the world, and I was effectively rejecting them. I wasn’t even pursuing them because I wasn’t interested in selling the company.
But what ended up happening is within a six-week window, I had five major vendors approached me back in 2011 timeframe or 2012 . . . Yeah, late 2011. And I thought I might not get this opportunity. Things are heating up. It’s becoming a commodity. Everyone’s trying to do it. And these are major defense contractors and major global vendors and carriers and they had deep pockets, and I thought, “If I don’t get at now when the timing is going is good, then I may lose the opportunity, and I might start losing clients.”
And I think it was a really great opportunity for me at the time to take some money off the table and look after my family for bearing with me and putting up with me for so many years, and I ended up really taking the five or six companies down a close bidding opportunity to buy the company, and then I shortlisted two of them, put them through the due diligence process, and I ended up selling the company to one of them.
Andrew: Why not hire an investment banker? Because you didn’t want to give them the fees? They would have managed this for you. They would have made sure that people stuck to the deal process.
Carlo: Yeah. I mean, that’s the thing. If you sell something 400 million and you build it yourself and you think, “Okay, I’ve got to pay someone 5 million,” because that’s what their fee is, anywhere between 2 and 5%. Do I really want to do that, or can I do this myself? And I just googled it, downloaded a template of how to sell a company, did that information pack, send that out to . . . And I paid my lawyers $10,000 to come up with a sale agreement. Paid my accountant another $10,000 to come up with all the technical financial projections, etc. that the buyer expects.
And all of this wasn’t rocket science, and I didn’t have to do much of it. It was already there in our system. All I had to do is get the right people to work on it and do most of the . . . It took me three months to build out this information pack and then use that to socialize it with the potential buyers. And then I got the outcome that I was after.
I mean, one of the important things is as a seller, firstly, I wasn’t looking at selling, so I had the upper hand. So I could just reject these major vendors very easily because there weren’t hitting the mark for me. And in my case, there was no complex calculation [IS 00:43:34] so many times profit or so many times revenue. I just knew how much money I need in the bank so that I don’t need to ever have to work again, and I can live comfortably. So, when they asked me, “How did you come up with this calculation? It doesn’t make sense. It’s just exponentially more than what companies sell for of your kind.” My answer was, “I didn’t use a calculation. This is how much I need to live.” If you want to calculate how much you have to pay.
Andrew: The rumor that I read is over $90 million or somewhere around $90 million.
Carlo: Well, it’s not something that I can actually confirm, but contractually, I wasn’t allowed to expose it.
Andrew: Is it over 50 million? Can we say that?
Carlo: It’s 10s of millions, you could say that.
Andrew: That’s what actually that exact phrase I’ve seen you say in lots of different articles, “Tens of millions of dollars.” No outside investors. You’re the only person. You close it out. Here’s the weird thing that I noticed. I went back and I found the old press release on this. The bottom of the press release is usually where you see the PR contact. In this case, the bottom of the press release is you, your name, your personal email address at the company. It’s email@example.com. I can say that because it’s gone. And your phone number.
Andrew: Why? Were you still doing your own PR the time?
Carlo: No, I wasn’t, but in that case, I was a point of call for all inquiries relating to the sale or any media inquiries, so I purposely had made that happen. But no, I wasn’t doing my own PR at the time.
Andrew: It was just you saying, “Look, this is an important part of the business’ history. I’m going to make sure that I manage it.” All right. Let me jump into then the new business. I got to tell people, it’s L-M-N-T-N-R-I-X. I asked you how you pronounce it. You are a PR person in this space. You’re good at PR. Why did you come up with a name like LMNTRIX where we have to know to pronounce of each letter to combine it? There’s a reason for that. Or maybe it was a mistake. Tell me.
Carlo: No, it wasn’t a mistake. Look, I like things that are edgy. I didn’t want to have the word “security” or “cyber” or something corny. And I wanted something that I liked, I can do whatever I want, this is what I like. I’ll just go with what I like. And I had a bunch of . . .
Andrew: You liked that this is a mind puzzle, that there are a few people who are going to get it and a bunch of people who aren’t, and the people who get it are in your world. It seems like you like that.
Carlo: That plus now I’ll say, I use LMNTRIX techniques to trick hackers.
Andrew: Got it.
Carlo: That’s the excuse I use, but really that’s not how I came up with it.
Andrew: That’s kind of what I thought you meant with that, but you’re saying that’s not at all.
Carlo: No. No, I had a bunch of names, a bunch of . . . And I wanted it to be a dot com. The first one the guy wanted 70K USD for the domain. That wasn’t going to go. This one was, believe it or not, the dot com was taken and I ended up buying it for $500 from a guy who had registered in South Africa. So that was affordable, so I went and bought it.
Andrew: It drives me nuts that I can’t find one piece of my research on you, but I can do it from memory. I saw somewhere, I can’t remember where it is, that you said, “I’m going to go and talk to as many people as I can to understand their problem and that’s what’s going to lead to this new business.” And one of the things you discovered was that they were getting too many alerts. They didn’t know what to do with it. Can you tell me about this whole ideation process for LMNTRIX?
Carlo: Yeah, sure. Look, when I decided to do it again, start again and I figured, “I’m going to spend a few million dollars building it.” I wanted to make sure that I wasn’t going to blow it on a venture that wasn’t going to be successful. And I wanted to make sure that what I was going to build, there was a real business case for it, customers would pay for it, and I wanted to know how much they would pay for it.
And so with that in mind, I interviewed 25 information security managers in Australia across three states, Sydney, Melbourne, and Brisbane. I then took that data. There was about 100 questions. It took over two hours to do the interviews. I then took those questions, gave it to a research firm, and I asked them to go and get me the same data and conduct the same interviews and research outside Australia.
And the reason I did that is because I wanted to make sure that the issues were relevant outside Australia, and with that in mind, they took several months and brought back 350 responses from U.S. to Europe and Asian [meet with 00:48:18] enterprise clients. I then took that data and aggregate it, consolidate it, and found that the issues I had faced and I had recognized building Earthwave were consistently repeated across the world. And so on the back of that, I called them the issues are the use cases that are found. Then I went on about building LMNTRIX by reverse engineering those use cases into a company, and that took almost over two years, over 46 developers, millions of dollars without any revenue with the level of commitment and with the level of know-how that at the end of the day on the other end, I’m going to build and come up with something that doesn’t exist today, or it’s going to solve problems that customers are willing to pay for it, and I’m not going to lose my money.
Andrew: And the problem that you identified was you said, “Look, these people who are managing security are getting 2 to 300 . . . ” I’m reading from my notes from our conversation before we started. “Two to 300 alerts per month.” Some of them are real, some of them are not. What do they do with it? Right?
Carlo: Yep. Yeah. So, that was one of the use cases.
Carlo: And that’s what I refer to as a breach validation was missing where they have an internal security operations center or they’ve outsourced to a managed security service provider, they effectively the end result is an alert. That alert then is sent to the IT folks, the systems, the server, the desktop folks, and they’re asked to go and remediate it to fix the problem. And when you send 50 or 100 or 200 or 300, that’s way too many. You should be sending not more than 10 a month, so that’s bearable. So they have the time and the skills to go and validate the breach and then clean it up. And so that was one of the use cases that I found is most organizations don’t have the skills or the time to go and validate all these alerts all these . . .
Andrew: And you in the space and you still didn’t know that this was a problem, or you had a hunch that it was and it was refined through these questions?
Carlo: No, I wasn’t in the space and I knew it was a problem.
Andrew: You knew it was?
Carlo: Yeah. It’s an issue faced by the whole industry.
Andrew: So this research was just validating, “Hey, Carlo, you are right”?
Carlo: Yeah. It was a research about the scale of the problem and how do I go about fixing it and how much customers would pay for me to deliver validated breaches to them so that . . .
Andrew: Can you help to understand how the question . . . Sorry. I’m fascinated by this process. I’m curious about how . . . What were the questions that you asked that led to this? What were the answers that they gave you that led you to understand this?
Carlo: That’s a good question. So one of the questions would have been, “What did you do with alerts today? How many alerts did you get today?” And I remember some of the answers. “Well, I have a rule in my outlook. When alert comes in, it automatically goes into this folder and they show me the folder, and there were like literally hundreds of events or alerts from their software MSP.” They haven’t done anything about it. They’re just sitting there in the inbox because they’re getting inundated with these. Now the industry refers to this as alert fatigue because they’re inundated with these alerts. It’s just sitting there. They’re not action it.
Another bunch of customers with a very funny answer was, “Well, we closed this incidence off very quickly without validating them, without doing anything about it because our CIO gets upset when we’ve got too many incidents opened in the queue, in the helpdesk queue, so we closed them off quickly, so he doesn’t get upset with us.”
Andrew: Without seeing, is there a breach, is there not a . . . Got it. And so what was the next step where you were trying to understand what they would pay for and how much they would pay? How do you get to that?
Carlo: Yeah. So you asked a question for this capability. If I was to introduce it, how much would you pay for me to offer this capability, and how much per annum or per month would you pay for it? And this is one of the use cases that I solved. The more pressing one was the fact that most organizations don’t have a post-breach strategy. What I mean by that is once malware or human adversaries are on the network, they’re on your network, and nobody can detect them today, and that’s the major problem today is that everybody, most organizations rely on their protective controls all of the big walls that they set up within their perimeter while the attacker, the adversary, has now learned to fly. They fly over that wall very easily. They’re on the network, and they stay there for many, many months and their job is not to get detected. So they don’t use any techniques or tools to be detected.
So whether it’s malware or human adversaries, they reside on every company network today, and they don’t even know they’re there because no one’s telling them because they don’t have a post-breach strategy because the perimeter controls have failed, and they put so much reliance on those controls. Once the intruder is in, once the attack or the threat or the malware is in and it stays there for a very long time.
And so it’s not surprising that breaches continue, the scale of breaches, the size and number continue to grow. And this is going to continue growing for the foreseeable future that because most organizations don’t have a post-breach strategy. So, with LMNTRIX, I built a post-breach strategy to detect malware and human adversaries on customer networks. That was the second thing that I did.
The third element of my story, the use case was the fact that, and again, coming back to the questions, we asked the question, “How did they get in?” or we started by saying, “Have you been breached in the past 12 months?” They all said, “Yes, we’ve been breached more than once.” Then we asked the question, “How did they get in? How long were they there? How did they get around? What tools did they use? Did they put any backdoors in? What data did they steal? And what have they done with your data and stealing it?”
And categorically, all clients said, “We don’t have an answer to these questions. We can’t answer it.” And those questions don’t rely on logs or current security solutions. What you actually need is like a record or a memory for your network, like a DVR, like a Minority Report where you can go back in time and recreate that tag and watch their footsteps and how they moved around and what data they stole. So, again, this post-breach forensic capability is what we built into LMNTRIX.
Andrew: And as you ask me these questions, the thing that comes to mind is, people don’t want to admit this stuff. Why are they answering your questions about this? Why are they saying to you, “Yes, we have been breached,” when companies don’t want to admit that publicly?
Carlo: Well, our approach was . . . It’s interesting question. Well, we didn’t start with that question. That was one set of questions within the hundred odd questions. Our approach to them was, “Building a new business, really need your help, your input as a valuable client to help us make sure that what we’re building is relevant to you and for other clients. Are you willing to get involved in this development for a new startup?” And when you approach a customer from that point of view, it’s amazing the response you get, how they want to help. Now you’re not trying to sell to them, but you’re trying to get their help, and they value that. They see themselves being important that one of . . .
Andrew: And you had a relationship with them, so I’m imagining that helped with those conversations.
Carlo: The first 25 I did and the rest, no. It was a standard research from running your standard research . . .
Andrew: Just contacting people and doing it.
Carlo: Correct. Getting the right contacts.
Andrew: I had no idea there were research firms that did that.
Carlo: Yeah, yeah, yeah. There’s tons of those companies that do it.
Andrew: All right. This whole part I’m fascinated by it. How fast is . . . I’m taking a moment to make sure I’m not mispronouncing it now because I know that it’s like a test. How fast is LMNTRIX growing? What’s the revenue now?
Carlo: Again, I don’t disclose revenues. I’m sorry, Andrew. But I can tell you that my first contract three months out was a $2.7 million contract over three years. And that was secured following a proof of concept and delivering outcomes and validated breaches that the other incumbent or the other service providers weren’t able to deliver. That convinced the client, it doesn’t matter . . . They’re young company. The owner has the history, and he’s just proved that with a 30 day proof of concept at free of charge, “I’m going to buy this.” When we saw the results from that that gave me the confidence that what I’ve been working on for three years is actually now working. There’s nothing like you working for two or three years not knowing if it’s going to work on the other end once you’ve developed something.
And so securing that first client, seeing the first results come through that really was heartening, is a fantastic feeling. And then we repeated the same and honed in on our sales process in terms of going on about forcing or pushing clients and convincing clients. Even then they make it by decision to buy it from a competitor or from the traditional model, convincing them to do a pop and put us to the test against the incumbent or their competitor and then that’s where we shine. And we delight them with the outcomes that we deliver.
And at the end of the day, what clients care about is not buying more software or hiring more people and blowing more money on tech, but the smart clients want to invest in something that actually delivers an outcome, a value to the business that . . . And in my case, it’s something that’s difficult to replicate. It provides instant satisfaction in terms of . . . You can imagine, if you outsource the monitoring of your home and you don’t get any alerts for one month, two months, three months, you may go, “Stuff it. I’m going to throw my alarm away.” But what about if someone comes in and detect 10 intruders to your home every month.
Andrew: Right. If they’re not real intruders, you just stop paying attention to it.
Andrew: If you saw me, by the way, look down as we were talking, I do research as we talk, and one of the things that I was trying to figure out what was, all right, he’s not telling me the revenue. I get it. I want to understand according to Crunchbase 20 . . . What is it? Three million dollars, you put into the business, right?
Carlo: Yeah, this business,
Andrew: It’s yours. So then I said, “Let’s go to LinkedIn. Let’s see how many employees. Twenty-five employees, right?
Andrew: But one of them . . . So, I saw the co-founder and we didn’t get into the story of that. One of them is a guy named Vic Mankotia.
Andrew: Mankotia. Thank you. He does sales. He’s a VP of sales for you and for another company called Zimperium, which is also in software threat detection. Well, how does a guy do sales for both companies? What’s the deal here?
Carlo: In that case, he’s a consultant. He’s assisting me. I’ve had a long-term relationship with him. And, again, part of his role is to run strategic alliances for me and that is . . . And you’ll find many of my employees, I have over 50 employees now, they’re not allowed to put their details on LinkedIn, so that they don’t get poached as part of their employment.
Andrew: You know what? I’ve heard that actually, this is the thing. Don’t put it on LinkedIn. What I’m seeing from this, though, is if I’m understanding right, you’re saying, “Look, here’s an example. A guy who’s out there creating relationships for me, I’m okay with him working for other companies. It’s the relationships that I’m looking for.”
Carlo: That’s exactly right.
Andrew: And you’re still doing that to this day.
Carlo: Yeah. And the other thing we do is set up personas. A persona is a fake social media, and within our networks as well, a fake social media and internal identity. This person doesn’t exist. I monitor their activity to see who’s approaching them, who’s trying to attack us, how are the attacks focus because . . .
Andrew: Attack meaning, like, who’s trying to hire your people?
Carlo: No. So imagine your LinkedIn ID, you promote your email address on that.
Carlo: So if you’re a company, if I was going to get into your network, I might use your accounts payable folks or your CEO or the CIO or someone in IT who has full access. I might try and use phishing to get them, send them an email that looks like it’s coming from another employee or from your partner, your spouse. You say, “Hey, Andrew, look at this property. We should go bid for this.” And then you go, “Oh, it’s from my wife.” And you click on it without even looking at the actual source, and they get you like that. It’s that easy to get to your network.
Andrew: Right. That’s what happened to the Democrats in the last presidential election. And so what you’re saying is you create a fake persona online to see who’s sending these phishing emails to them, and that gives you a sense of what threat is coming up against your company.
Carlo: That’s exactly right, yeah. I use it against the attackers that technique. And little did they know that I don’t actually put my real employees on LinkedIn, that nobody knows who works for me.
Andrew: Is that guy who I saw . . . Do you have a co-founder of the business?
Carlo: Yes, I do.
Andrew: That guy is real, Hamlet.
Carlo: Yep. He’s in the U.S. He runs the U.S. operation.
Carlo: And the U.K. guy, Ian Murphy, he runs the U.K. operation as a co-founder.
Andrew: You know what? I’m so glad that we did this. I’m fascinated by you. I have to be honest with you, really, when I first did my research I go, “How am I going to like fully wrap my head around this business? How am I going to tell this story? What am I doing here?” And then I started getting sucked into it, and then I saw your video and so I go, “This is going to be great. We’re going to kill it.” All right. I think we killed it. Anyone who wants to go check out your website, frankly, should just go do a little bit of googling and they could find it or . . . What the hell? Here it is. It’s LMNTRIX, L-M-N and then TRIX like as in the cereal, “Trix are for kids.”
I want to thank my sponsors for making this happen. The first is the hosting company that will host your website right, hostgator.com/mixergy. And the second is the company that will help you hire your next great developer, it’s called Toptal.
And finally, Carlo, I got to tell you, there’s so many people who come to San Francisco to meet great entrepreneurs, great angel investors. They’re not getting real time with them. These people have their lives to live over here. So, there’s a conference called Fireside Conf that they say, “Screw it. We’re going to get a bunch of great investors, a bunch of great entrepreneurs together on a campground where they can go and disappear into their lives, but they can sit around the fire, they could eat, they could hang out, they could go, not fishing, but they can go swimming or boating.”
Anyway, one of the people is going to be there is Jason Calacanis. If you guys are interested in this experience where you really get to know other entrepreneurs and other investors, go check out firesideconf.com, that’s conf as in conference, firesideconf.com/mixergy. You’re going to see me enjoying myself on that landing page. Me shirtless jumping into the water because I loved it. It is the most fun conference I’ve ever been to. Firesideconf.com/mixergy. All right, Carlo. Thanks so much for doing this.
Carlo: My pleasure. Thanks, Andrew.
Andrew: Thanks. Enjoy Bali. Bye, everyone.