Text transcript

Product Demo: Enhancing Automated Penetration Testing with AI: Deeper Insights, Faster Resolutions

Held February 11–13
Disclaimer: This transcript was created using AI
  • 1344
    03:53:01.620 –> 03:53:12.829
    Julia Nimchinski: This is amazing. I wish we could prolong this conversation, but it’s about time to transition to the next one. Daniel Badley. Welcome to the show cyber security simplified.

    1345
    03:53:13.480 –> 03:53:14.789
    Julia Nimchinski: What a transition.

    1346
    03:53:15.990 –> 03:53:17.350
    Daniel Baddeley: How are you doing?

    1347
    03:53:18.020 –> 03:53:20.540
    Daniel Baddeley: I’m doing alright. How’s everybody else you’re doing today?

    1348
    03:53:21.310 –> 03:53:24.399
    Julia Nimchinski: We’re super excited to talk about cyber threat.

    1349
    03:53:25.100 –> 03:53:27.720
    Daniel Baddeley: Alright! Let me let me share my screen.

    1350
    03:53:27.950 –> 03:53:31.999
    Daniel Baddeley: Oh, see if I can do that!

    1351
    03:53:32.410 –> 03:53:37.570
    Daniel Baddeley: Alright perfect just giving everybody a heads up here today. It’s gonna be hard to

    1352
    03:53:38.030 –> 03:53:52.239
    Daniel Baddeley: get everything in here into a 15 min window. So I would highly encourage anybody that’s interested to reach out to our website at best Defenseio, to be able to schedule a demo, to be able to speak with our sales engineers, to be able to get some further insights into the platform.

    1353
    03:53:52.350 –> 03:54:20.920
    Daniel Baddeley: Today, we’re going to be focusing on AI from a productivity standpoint for cybersecurity. Be able to help you understand and ensure that your roadmaps are in place, as well as making sure that you’re maintaining your Federal compliance and things like that. So here, at best defense, you know, we are a cybersecurity company, Sas platform designed around chaos engineering principles which really just means that our system was designed to be able to give you confidence in your production environments under turbulent conditions.

    1354
    03:54:21.350 –> 03:54:36.789
    Daniel Baddeley: The whole point of the system is is catered around 3 main verticals that we have with AI woven into all of the different layers. And that is chaos, infrastructure, network application resiliency testing so distributed load testing at global scales.

    1355
    03:54:37.050 –> 03:55:02.510
    Daniel Baddeley: automated red team capabilities so proactive penetration assessments that can be merged directly into your change control processes, to be able to give you faster insights into any vulnerabilities that might be emerging through your Sdlc process or through your code pipelines to be able to push the responsibility back to the development teams, making those changes in the 1st place before they make it actually out into the wild right? So being able to actually stop that stuff further upstream.

    1356
    03:55:02.888 –> 03:55:12.299
    Daniel Baddeley: You know, before even Qa gets involved. And we also have advanced network monitoring capabilities. So the idea is that through our novel, non-invasive approach.

    1357
    03:55:12.380 –> 03:55:29.260
    Daniel Baddeley: unlike traditional situations where you might have to install agents on endpoints and things like that that don’t also really provide you with ot capabilities. Because of that, our system using network mirroring techniques is actually able to analyze and do deepak and analysis on everything, going over your network

    1358
    03:55:29.260 –> 03:55:55.850
    Daniel Baddeley: without wasting compute resources on existing machines, or wasting too much of your network bandwidth. And then the idea with the AI solution Ciso, that we developed trend on over 9 billion data points for cybersecurity is that through all the different layers of your stack, whether it’s for infrastructural resiliency, scalability, whether it’s for your security or whether it’s just the monitoring for your business to ensure what’s going on with bad actors that you can get actionable insights in real time

    1359
    03:55:55.940 –> 03:56:03.890
    Daniel Baddeley: to be able to actually have your remediation teams be as informed as possible as well as your 1st response teams. If an event happens for your business.

    1360
    03:56:05.522 –> 03:56:06.547
    Daniel Baddeley: the biggest

    1361
    03:56:07.160 –> 03:56:18.259
    Daniel Baddeley: problems that we’ve seen from talking to our clients today, honestly, really, just come down to 3 main things. It’s the fact that cybersecurity generally is a fractured marketplace. The high barrier to entry is mostly around costs.

    1362
    03:56:18.380 –> 03:56:27.500
    Daniel Baddeley: and the fact that most of the applications and systems that exist out there aren’t really that easy to integrate, especially not in an automated way. And most of them.

    1363
    03:56:27.600 –> 03:56:42.140
    Daniel Baddeley: even if they do have those capabilities don’t like really communicating with each other. So you’re having to build these custom solutions around that to aggregate that telemetry, to be able to actually do something with that. We are here to eliminate all of those problems, to be able to provide high quality services. The lowest landed cost

    1364
    03:56:42.610 –> 03:56:44.770
    Daniel Baddeley: so, moving directly into our system.

    1365
    03:56:45.293 –> 03:57:14.969
    Daniel Baddeley: From a high level overview. When you come in you’ll be able to onboard as many different devices as you want. We connect to your remote cloud environments. Azure aws, Gcp, all of your lands you can onboard domains. If you want to do web application, testing and bridge your networks, you’ll monitor your remote servers, your local desktops. You’ll see dashboards similar to this right? It’s meant to be an easy report card for you to understand what you’re looking at. And you’ll see what you know your risk levels are and how they are over time

    1366
    03:57:15.360 –> 03:57:42.310
    Daniel Baddeley: jumping straight into. How would you actually go about, you know, adding devices. Well, it’s fairly simple. So once you come to, you know your network screens, or you can go do through simple Dns text record verification. You can actually come in and we give you everything you need to generate, you know. IM roles. If you’re doing a bridge to like an Aws account to be able to create those Vpc connections so that you can automatically index and catalog all the different servers

    1367
    03:57:42.310 –> 03:57:54.330
    Daniel Baddeley: in your remote environments, right? Which may even be ephemeral, right? So you don’t have to constantly reload and re add things over and over again. You just kind of want a 1 click solution to be able to start monitoring and running assessments on all of those different devices.

    1368
    03:57:54.610 –> 03:58:01.149
    Daniel Baddeley: Once you’ve created that network bridge you’ll be able to immediately start seeing different solutions.

    1369
    03:58:01.430 –> 03:58:26.339
    Daniel Baddeley: I’m sorry different telemetry going over your network for different events that might have happened. You’ll be able to see per region breakdowns. You’ll be able to see what Cbes bad actors are actively trying to do to exploit your systems where they’re coming from, who they are. And the idea is that you can integrate this platform into any of your existing scenes to be able to let your 1st response team know that events happening, because generally, obviously.

    1370
    03:58:26.550 –> 03:58:35.857
    Daniel Baddeley: you only really have 5, maybe 10 min to be able to actually do something to close that loop before you know a serious data breach actually occurs.

    1371
    03:58:36.770 –> 03:59:04.479
    Daniel Baddeley: once, you’ve also bridged your network, you’ll also have some essential basic network topography information. We’re not doing too much with trying to compete against other providers in this area. It’s more of a byproduct for what we’re doing to be able to integrate all of the different environments. But we’ll be able to show you all the different devices on your network what their status and health checks are. From a security standpoint. We’ll be able to show you if there’s any devices that are connected to multiple

    1372
    03:59:04.590 –> 03:59:27.869
    Daniel Baddeley: networks right? Which maybe wasn’t intended. You got Bobby over here in it that had his laptop left in a closet, and he didn’t realize that he was still VPN. To one of your error, gapped networks. And for whatever reason, the device that he’s currently got stuff in the closet is public, you know, that could be obviously a huge problem. So this is going to be able to show you exactly what’s going on inside your network.

    1373
    03:59:28.218 –> 03:59:36.819
    Daniel Baddeley: You’ll be able to see basic device information of all your different systems to be able to run reports directly from the devices itself. You can run reports for your whole network.

    1374
    03:59:37.231 –> 03:59:43.509
    Daniel Baddeley: And it’s meant to just be a simple way to be able to say, Hey, we need to run an assessment. Give us back everything

    1375
    03:59:43.760 –> 03:59:48.249
    Daniel Baddeley: once you’ve run an assessment. Essentially, what you’ll see is the following.

    1376
    03:59:49.063 –> 04:00:06.100
    Daniel Baddeley: the idea is that you, if you’re running a load test on your VPN. Or if you’re running a load test on your web application or anything behind that you’ll be able to run as many synthetics as you want. We can go up to billions of different virtual users. Like most solutions out there like

    1377
    04:00:06.100 –> 04:00:30.280
    Daniel Baddeley: Microsoft azure solution. I think it’s caps out about a thousand concurrent connections per region, and they’re starting about 50 cents an hour, which is ridiculous and not really that helpful. We can actually get up into the billions right? So if you need to be able to protect critical infrastructure, right like, say, your defense department or your large scale financial institution. You need to be able to make sure that a State level actor can’t just take your systems completely offline. And that’s exactly what we’ve designed here.

    1378
    04:00:30.725 –> 04:00:34.820
    Daniel Baddeley: It will be able to tell you, per region, what your health checks are looking like.

    1379
    04:00:34.840 –> 04:01:01.839
    Daniel Baddeley: and how your systems were able to scale and actually respond to those assessments. When you get over to penetration tests and the actual vulnerability metric reports, you’ll see something similar to this where once you get that report back for a specific device or for an endpoint, we’ll be able to show you all of the different vulnerabilities that were found, which obviously, hopefully. You see, none. But let’s say, vulnerabilities are found. You’ll be able to see

    1380
    04:01:02.227 –> 04:01:23.130
    Daniel Baddeley: as much actionable intelligence about it. What endpoint was hit? What the attack vector was, we’ll give you the evidence for that attack so that you can actually go back and reproduce it as well as general information. You know, back to like the Mitre framework website back to Owas to be able to learn more information about the specific Cwe or Cdes that are associated with that.

    1381
    04:01:23.510 –> 04:01:32.559
    Daniel Baddeley: And then where AI gets involved is the fact that we have our aic so integrated into these responses so that it can actually give you, step by step breakdowns

    1382
    04:01:32.750 –> 04:01:44.159
    Daniel Baddeley: into how to actually go about remediating that problem right? Because most of the time, what you’ll get from people is well, this report is great. But what do I do with it? You know? Who do I give this to? And what do we even do to get started?

    1383
    04:01:44.260 –> 04:01:53.419
    Daniel Baddeley: The idea is that the system is actually able to generate out problem overview solutions for you, based off of the context of your environment, of your system, what languages you’re using.

    1384
    04:01:53.590 –> 04:02:07.440
    Daniel Baddeley: And it’s meant to be able to help you get started. Now let’s say that the the solution here that is provided is not enough right, and for whatever that’s here that doesn’t already have a solution built into it, you know. You can always just say I need some additional help.

    1385
    04:02:07.983 –> 04:02:23.289
    Daniel Baddeley: It will send it back out to the server. We don’t have Webrtc connections yet. So what you’re basically just waiting for is for it to fully generate out the whole response. So it’s not just writing it per character to your screen, and we do a whole flush paint to the browser as you saw.

    1386
    04:02:23.560 –> 04:02:37.739
    Daniel Baddeley: and you’ll be able to see some additional information about that vulnerability and what to do. But let’s say, Okay, okay, that’s great. But I need to talk about this. I don’t really understand this, even with the solution that it’s giving me, I need some more help.

    1387
    04:02:38.400 –> 04:02:53.534
    Daniel Baddeley: That’s where you can engage with the aic. So so once you’ve clicked on a specific target item, whether it’s a report, whether it’s network monitoring info, whether it’s specific vulnerability. You want to come over here to the screen. And you want to be able to ask you questions while you’re like, well, hey?

    1388
    04:02:54.505 –> 04:03:03.379
    Daniel Baddeley: you know, currently, in the process of ensuring points.

    1389
    04:03:03.970 –> 04:03:11.520
    Daniel Baddeley: How would this ability? I don’t know no different.

    1390
    04:03:14.040 –> 04:03:21.920
    Daniel Baddeley: And you could say something like, I don’t know. Like, you know, Fedramp, cmmc, stock 2, etcetera.

    1391
    04:03:22.410 –> 04:03:23.070
    Daniel Baddeley: Okay.

    1392
    04:03:23.550 –> 04:03:27.600
    Daniel Baddeley: so let’s say you’re like, Hey, you know, I need to be able to know more about the solution.

    1393
    04:03:27.930 –> 04:03:37.360
    Daniel Baddeley: What? What additional information can you give me about this? And you can speak to pretty much everything that we’ve gathered from all the different telemetry inside the system.

    1394
    04:03:37.580 –> 04:03:52.919
    Daniel Baddeley: and we’re going to be doing some additional things here in the future very soon, where, as these objects are created, we’re just going to go out and immediately start fetching all of that different telemetry and just start embedding it directly on the on the screen, so that you don’t have to actually go out and ask these questions in the 1st place.

    1395
    04:03:53.410 –> 04:04:07.759
    Daniel Baddeley: But it’s here for you. Right? So you can engage with this, as you would expect a normal person to be able to say like, Hey, I need some more additional information about this. I need some additional context. Please help me how to resolve. Please help me.

    1396
    04:04:08.110 –> 04:04:09.180
    Daniel Baddeley: Let’s hope.

    1397
    04:04:13.770 –> 04:04:19.690
    Daniel Baddeley: And you can just continue that conversation. We’ll give you direct contacts, links back to again, you know.

    1398
    04:04:20.233 –> 04:04:36.680
    Daniel Baddeley: the the mitre framework, and as much information as we possibly can to help enable your teams to be able to solve these problems, but you know you’ll be able to engage with it, to be able to help you with those step by step, solutions. You can feed it as much context you want as about your information about your systems, about the devices.

    1399
    04:04:36.790 –> 04:04:40.220
    Daniel Baddeley: And basically just get as much context as possible.

    1400
    04:04:40.681 –> 04:04:47.440
    Daniel Baddeley: The productivity side of things is is one of my more favorite sides of this application is okay. Again, you have all this information.

    1401
    04:04:47.610 –> 04:05:07.129
    Daniel Baddeley: What do we do with it? Well, if let’s say you’re connected to some of your favorite ticket management solutions like Jira, right or easy devops, it really just depends on what flavor you like the most. But the idea is that you can easily create tickets. Add them into your product, backlog for your remediation teams to be able to actually go in and do something about that

    1402
    04:05:07.340 –> 04:05:20.110
    Daniel Baddeley: in the near future. We’re actually going to be unveiling here within the next 30 days, which is super awesome, a solution that allows you to essentially have the AI do a holistic overview on the entire report

    1403
    04:05:20.330 –> 04:05:40.469
    Daniel Baddeley: and be able to break it down for you. So like epic level stories, tickets, tasks, subtasks right, and be able to put as much information on all of those tickets as possible, so that you can effectively groom them and add complexity and map all of your security controls to that, and be able to make it just as easy as possible for you to be able to maintain and understand

    1404
    04:05:40.570 –> 04:06:10.120
    Daniel Baddeley: what your current posture is for your business, and don’t forget all of these scans can be going in real time all the time. So any integrations that you have with your scenes existing alert systems, log ingestion tools, maybe using splunk cloudwatch doesn’t matter. We have full api integration, capabilities that you can export all of that telemetry to your to your favorite log ingestion or service tools. But the cool part about this system is that as we’re wrapping this stuff up over the end of this 1st quarter

    1405
    04:06:10.920 –> 04:06:17.090
    Daniel Baddeley: is, we’re gonna be able to get it to the point where, as you’re communicating with the Ciso, you can just simply log in and say, Hey.

    1406
    04:06:17.360 –> 04:06:45.980
    Daniel Baddeley: I need to know what the current state of my posture is for my entire business from a global standpoint. I need a roadmap to be able to get all of our different business locations and all of our different buildings, or all of our different cloud environments to be able to accomplish. XY and Z. Goal. Right? Maybe that’s hyper focusing on Fedramp, right? Because you’re trying to engage with Uncle Sam, and it will be able to lay out all of those different ethics for you on your own Project board specifically around that Federal compliance depending on the size of your organization.

    1407
    04:06:46.290 –> 04:06:54.489
    Daniel Baddeley: and the idea is to be able to again help you with being more proactive for being able to detect vulnerabilities before they get to production.

    1408
    04:06:55.140 –> 04:07:18.390
    Daniel Baddeley: But as they’ve already gotten to production because things exist and you have to go and clean that stuff up, how can we make it as easy as possible for businesses to adopt this technology to be able to work it into their teams so that technical debt and security. Isn’t this afterthought right? It’s just as important and as easy to be able to get accomplished as the shiny features coming out of product roadmap. And that’s essentially what we’re doing here today.

  • 1409
    04:07:21.010 –> 04:07:36.689
    Julia Nimchinski: Daniel, this is amazing. Just to. We have a lot of questions that our community submitted. I will make sure to address them on slack, since we’re out of time here. Where do our people go? Best defense that

    1410
    04:07:36.840 –> 04:07:37.360
    Julia Nimchinski: are you.

    1411
    04:07:37.360 –> 04:07:39.699
    Daniel Baddeley: Best defense. That’s defense, dot I/O.

    1412
    04:07:40.280 –> 04:07:41.320
    Julia Nimchinski: Amazing.

Table of contents
Watch. Learn. Practice 1:1
Experience personalized coaching with summit speakers on the HSE marketplace.

    Register now

    To attend our exclusive event, please fill out the details below.







    I want to subscribe to all future HSE AI events

    I agree to the HSE’s Privacy Policy
    and Terms of Use *