Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Garrett Hamilton sat down with Todd Graham, Managing Partner at Microsoft’s venture fund, M12, to talk about why M12 invested in Reach and why our mission was a no-brainer for him. Nation-state attacks make the headlines—but most people are getting owned by misconfigured servers, networks, and controls hiding in plain sight. Turns out the problem isn’t what teams don’t own. It’s what they do own that isn’t, in most cases, even turned on.

95 hours back. Every. Single. Month. One of the many outcomes from our ZTA journey with Insurity. They didn’t just deploy Zero Trust — they operationalized it. Reach unified controls, automated remediation, and eliminated the manual effort slowing progress. Results:︎ 81% less manual work︎ 95 hours saved per employee per month︎ Months → days for rollout︎ Zero Trust that sticks.

Partnership over Procurement Why true collaboration between vendors and security teams is still rare — not because the intent isn’t there, but because most engagements stop at feature checklists. The alternative is more interesting: build together, solve together, and create solutions that fit how teams actually work rather than how tools assume they work. This mindset drove our work with Insurity — a real example of what happens when a security team engages deeply instead of treating tooling as a finished product.

Are AI systems replacing security roles? Maybe not the way most people assume. AI isn't eliminating architects — it's augmenting them. Architects sit at the strategic layer: influence, prioritization, long-term posture. AI’s power isn’t replacing that judgment — it’s continuously surfacing what matters, validating configurations, and helping teams scale impact without hiring “more architects.” "If I say something should be done, I need a way to know whether it was done correctly — and continuously.".

The mythical 1+1=3 model in security? It happens when the tools you already own stop working in isolation — and start working as a system. Jay Wilson and Garrett Hamilton dig into why Reach’s platform approach matters: not just enhancing individual controls, but creating compounding value across identity, endpoint, email, and network. When visibility, configuration, and enforcement align, the outcome isn’t incremental — it’s exponential.

Honored to share that Reach Security has been named on the TechRound100, recognizing the most impactful and innovative startups of the year. This milestone reflects the problem we’re focused on solving: most organizations don’t lack tools—they lack visibility into how those tools are actually deployed. By exposing misconfigurations, shallow deployments, and missing protections, Reach helps teams fix the risks that matter most before they become incidents.

Most organizations don’t lack intent; they lack a clear understanding of what’s deployed today, what gaps matter most, and how to turn guidance into enforceable baselines. Reach connects to your existing security tools and automatically maps configurations to established maturity models like CISA’s Zero Trust Maturity Model 2.0 — producing a real-time posture assessment across identity, device, endpoint, email, and network with no surveys or guesswork.

Moderated by Nicole Perlroth, this session at UC Irvine’s Digital Leadership Agenda 2026 surfaces a foundational reality in cybersecurity: Most organizations lack a clear, empirical understanding of how their security is actually deployed. Our Co-founder & CEO Garrett Hamilton outlines: Why proactive security remains difficult — because accuracy depends on conversations, assumptions, and fragmented knowledge across IT and security teams.

One platform to rule them all? Not quite. As Jay Wilson puts it, security stacks behave like a rubber band — always stretching between broad platforms and best-of-breed tools. No enterprise runs on a single vendor. But no one survives seventy, either. The real objective is coherence: a custom platform built from what your business already owns. That’s where Reach fits. ⇢ Unifies disparate controls into one operational view⇢ Bridges gaps as stacks expand or contract⇢ Turns your actual environment into a cohesive, measurable platform.