1344
03:53:01.620 –> 03:53:12.829
Julia Nimchinski: This is amazing. I wish we could prolong this conversation, but it’s about time to transition to the next one. Daniel Badley. Welcome to the show cyber security simplified.

1345
03:53:13.480 –> 03:53:14.789
Julia Nimchinski: What a transition.

1346
03:53:15.990 –> 03:53:17.350
Daniel Baddeley: How are you doing?

1347
03:53:18.020 –> 03:53:20.540
Daniel Baddeley: I’m doing alright. How’s everybody else you’re doing today?

1348
03:53:21.310 –> 03:53:24.399
Julia Nimchinski: We’re super excited to talk about cyber threat.

1349
03:53:25.100 –> 03:53:27.720
Daniel Baddeley: Alright! Let me let me share my screen.

1350
03:53:27.950 –> 03:53:31.999
Daniel Baddeley: Oh, see if I can do that!

1351
03:53:32.410 –> 03:53:37.570
Daniel Baddeley: Alright perfect just giving everybody a heads up here today. It’s gonna be hard to

1352
03:53:38.030 –> 03:53:52.239
Daniel Baddeley: get everything in here into a 15 min window. So I would highly encourage anybody that’s interested to reach out to our website at best Defenseio, to be able to schedule a demo, to be able to speak with our sales engineers, to be able to get some further insights into the platform.

1353
03:53:52.350 –> 03:54:20.920
Daniel Baddeley: Today, we’re going to be focusing on AI from a productivity standpoint for cybersecurity. Be able to help you understand and ensure that your roadmaps are in place, as well as making sure that you’re maintaining your Federal compliance and things like that. So here, at best defense, you know, we are a cybersecurity company, Sas platform designed around chaos engineering principles which really just means that our system was designed to be able to give you confidence in your production environments under turbulent conditions.

1354
03:54:21.350 –> 03:54:36.789
Daniel Baddeley: The whole point of the system is is catered around 3 main verticals that we have with AI woven into all of the different layers. And that is chaos, infrastructure, network application resiliency testing so distributed load testing at global scales.

1355
03:54:37.050 –> 03:55:02.510
Daniel Baddeley: automated red team capabilities so proactive penetration assessments that can be merged directly into your change control processes, to be able to give you faster insights into any vulnerabilities that might be emerging through your Sdlc process or through your code pipelines to be able to push the responsibility back to the development teams, making those changes in the 1st place before they make it actually out into the wild right? So being able to actually stop that stuff further upstream.

1356
03:55:02.888 –> 03:55:12.299
Daniel Baddeley: You know, before even Qa gets involved. And we also have advanced network monitoring capabilities. So the idea is that through our novel, non-invasive approach.

1357
03:55:12.380 –> 03:55:29.260
Daniel Baddeley: unlike traditional situations where you might have to install agents on endpoints and things like that that don’t also really provide you with ot capabilities. Because of that, our system using network mirroring techniques is actually able to analyze and do deepak and analysis on everything, going over your network

1358
03:55:29.260 –> 03:55:55.850
Daniel Baddeley: without wasting compute resources on existing machines, or wasting too much of your network bandwidth. And then the idea with the AI solution Ciso, that we developed trend on over 9 billion data points for cybersecurity is that through all the different layers of your stack, whether it’s for infrastructural resiliency, scalability, whether it’s for your security or whether it’s just the monitoring for your business to ensure what’s going on with bad actors that you can get actionable insights in real time

1359
03:55:55.940 –> 03:56:03.890
Daniel Baddeley: to be able to actually have your remediation teams be as informed as possible as well as your 1st response teams. If an event happens for your business.

1360
03:56:05.522 –> 03:56:06.547
Daniel Baddeley: the biggest

1361
03:56:07.160 –> 03:56:18.259
Daniel Baddeley: problems that we’ve seen from talking to our clients today, honestly, really, just come down to 3 main things. It’s the fact that cybersecurity generally is a fractured marketplace. The high barrier to entry is mostly around costs.

1362
03:56:18.380 –> 03:56:27.500
Daniel Baddeley: and the fact that most of the applications and systems that exist out there aren’t really that easy to integrate, especially not in an automated way. And most of them.

1363
03:56:27.600 –> 03:56:42.140
Daniel Baddeley: even if they do have those capabilities don’t like really communicating with each other. So you’re having to build these custom solutions around that to aggregate that telemetry, to be able to actually do something with that. We are here to eliminate all of those problems, to be able to provide high quality services. The lowest landed cost

1364
03:56:42.610 –> 03:56:44.770
Daniel Baddeley: so, moving directly into our system.

1365
03:56:45.293 –> 03:57:14.969
Daniel Baddeley: From a high level overview. When you come in you’ll be able to onboard as many different devices as you want. We connect to your remote cloud environments. Azure aws, Gcp, all of your lands you can onboard domains. If you want to do web application, testing and bridge your networks, you’ll monitor your remote servers, your local desktops. You’ll see dashboards similar to this right? It’s meant to be an easy report card for you to understand what you’re looking at. And you’ll see what you know your risk levels are and how they are over time

1366
03:57:15.360 –> 03:57:42.310
Daniel Baddeley: jumping straight into. How would you actually go about, you know, adding devices. Well, it’s fairly simple. So once you come to, you know your network screens, or you can go do through simple Dns text record verification. You can actually come in and we give you everything you need to generate, you know. IM roles. If you’re doing a bridge to like an Aws account to be able to create those Vpc connections so that you can automatically index and catalog all the different servers

1367
03:57:42.310 –> 03:57:54.330
Daniel Baddeley: in your remote environments, right? Which may even be ephemeral, right? So you don’t have to constantly reload and re add things over and over again. You just kind of want a 1 click solution to be able to start monitoring and running assessments on all of those different devices.

1368
03:57:54.610 –> 03:58:01.149
Daniel Baddeley: Once you’ve created that network bridge you’ll be able to immediately start seeing different solutions.

1369
03:58:01.430 –> 03:58:26.339
Daniel Baddeley: I’m sorry different telemetry going over your network for different events that might have happened. You’ll be able to see per region breakdowns. You’ll be able to see what Cbes bad actors are actively trying to do to exploit your systems where they’re coming from, who they are. And the idea is that you can integrate this platform into any of your existing scenes to be able to let your 1st response team know that events happening, because generally, obviously.

1370
03:58:26.550 –> 03:58:35.857
Daniel Baddeley: you only really have 5, maybe 10 min to be able to actually do something to close that loop before you know a serious data breach actually occurs.

1371
03:58:36.770 –> 03:59:04.479
Daniel Baddeley: once, you’ve also bridged your network, you’ll also have some essential basic network topography information. We’re not doing too much with trying to compete against other providers in this area. It’s more of a byproduct for what we’re doing to be able to integrate all of the different environments. But we’ll be able to show you all the different devices on your network what their status and health checks are. From a security standpoint. We’ll be able to show you if there’s any devices that are connected to multiple

1372
03:59:04.590 –> 03:59:27.869
Daniel Baddeley: networks right? Which maybe wasn’t intended. You got Bobby over here in it that had his laptop left in a closet, and he didn’t realize that he was still VPN. To one of your error, gapped networks. And for whatever reason, the device that he’s currently got stuff in the closet is public, you know, that could be obviously a huge problem. So this is going to be able to show you exactly what’s going on inside your network.

1373
03:59:28.218 –> 03:59:36.819
Daniel Baddeley: You’ll be able to see basic device information of all your different systems to be able to run reports directly from the devices itself. You can run reports for your whole network.

1374
03:59:37.231 –> 03:59:43.509
Daniel Baddeley: And it’s meant to just be a simple way to be able to say, Hey, we need to run an assessment. Give us back everything

1375
03:59:43.760 –> 03:59:48.249
Daniel Baddeley: once you’ve run an assessment. Essentially, what you’ll see is the following.

1376
03:59:49.063 –> 04:00:06.100
Daniel Baddeley: the idea is that you, if you’re running a load test on your VPN. Or if you’re running a load test on your web application or anything behind that you’ll be able to run as many synthetics as you want. We can go up to billions of different virtual users. Like most solutions out there like

1377
04:00:06.100 –> 04:00:30.280
Daniel Baddeley: Microsoft azure solution. I think it’s caps out about a thousand concurrent connections per region, and they’re starting about 50 cents an hour, which is ridiculous and not really that helpful. We can actually get up into the billions right? So if you need to be able to protect critical infrastructure, right like, say, your defense department or your large scale financial institution. You need to be able to make sure that a State level actor can’t just take your systems completely offline. And that’s exactly what we’ve designed here.

1378
04:00:30.725 –> 04:00:34.820
Daniel Baddeley: It will be able to tell you, per region, what your health checks are looking like.

1379
04:00:34.840 –> 04:01:01.839
Daniel Baddeley: and how your systems were able to scale and actually respond to those assessments. When you get over to penetration tests and the actual vulnerability metric reports, you’ll see something similar to this where once you get that report back for a specific device or for an endpoint, we’ll be able to show you all of the different vulnerabilities that were found, which obviously, hopefully. You see, none. But let’s say, vulnerabilities are found. You’ll be able to see

1380
04:01:02.227 –> 04:01:23.130
Daniel Baddeley: as much actionable intelligence about it. What endpoint was hit? What the attack vector was, we’ll give you the evidence for that attack so that you can actually go back and reproduce it as well as general information. You know, back to like the Mitre framework website back to Owas to be able to learn more information about the specific Cwe or Cdes that are associated with that.

1381
04:01:23.510 –> 04:01:32.559
Daniel Baddeley: And then where AI gets involved is the fact that we have our aic so integrated into these responses so that it can actually give you, step by step breakdowns

1382
04:01:32.750 –> 04:01:44.159
Daniel Baddeley: into how to actually go about remediating that problem right? Because most of the time, what you’ll get from people is well, this report is great. But what do I do with it? You know? Who do I give this to? And what do we even do to get started?

1383
04:01:44.260 –> 04:01:53.419
Daniel Baddeley: The idea is that the system is actually able to generate out problem overview solutions for you, based off of the context of your environment, of your system, what languages you’re using.

1384
04:01:53.590 –> 04:02:07.440
Daniel Baddeley: And it’s meant to be able to help you get started. Now let’s say that the the solution here that is provided is not enough right, and for whatever that’s here that doesn’t already have a solution built into it, you know. You can always just say I need some additional help.

1385
04:02:07.983 –> 04:02:23.289
Daniel Baddeley: It will send it back out to the server. We don’t have Webrtc connections yet. So what you’re basically just waiting for is for it to fully generate out the whole response. So it’s not just writing it per character to your screen, and we do a whole flush paint to the browser as you saw.

1386
04:02:23.560 –> 04:02:37.739
Daniel Baddeley: and you’ll be able to see some additional information about that vulnerability and what to do. But let’s say, Okay, okay, that’s great. But I need to talk about this. I don’t really understand this, even with the solution that it’s giving me, I need some more help.

1387
04:02:38.400 –> 04:02:53.534
Daniel Baddeley: That’s where you can engage with the aic. So so once you’ve clicked on a specific target item, whether it’s a report, whether it’s network monitoring info, whether it’s specific vulnerability. You want to come over here to the screen. And you want to be able to ask you questions while you’re like, well, hey?

1388
04:02:54.505 –> 04:03:03.379
Daniel Baddeley: you know, currently, in the process of ensuring points.

1389
04:03:03.970 –> 04:03:11.520
Daniel Baddeley: How would this ability? I don’t know no different.

1390
04:03:14.040 –> 04:03:21.920
Daniel Baddeley: And you could say something like, I don’t know. Like, you know, Fedramp, cmmc, stock 2, etcetera.

1391
04:03:22.410 –> 04:03:23.070
Daniel Baddeley: Okay.

1392
04:03:23.550 –> 04:03:27.600
Daniel Baddeley: so let’s say you’re like, Hey, you know, I need to be able to know more about the solution.

1393
04:03:27.930 –> 04:03:37.360
Daniel Baddeley: What? What additional information can you give me about this? And you can speak to pretty much everything that we’ve gathered from all the different telemetry inside the system.

1394
04:03:37.580 –> 04:03:52.919
Daniel Baddeley: and we’re going to be doing some additional things here in the future very soon, where, as these objects are created, we’re just going to go out and immediately start fetching all of that different telemetry and just start embedding it directly on the on the screen, so that you don’t have to actually go out and ask these questions in the 1st place.

1395
04:03:53.410 –> 04:04:07.759
Daniel Baddeley: But it’s here for you. Right? So you can engage with this, as you would expect a normal person to be able to say like, Hey, I need some more additional information about this. I need some additional context. Please help me how to resolve. Please help me.

1396
04:04:08.110 –> 04:04:09.180
Daniel Baddeley: Let’s hope.

1397
04:04:13.770 –> 04:04:19.690
Daniel Baddeley: And you can just continue that conversation. We’ll give you direct contacts, links back to again, you know.

1398
04:04:20.233 –> 04:04:36.680
Daniel Baddeley: the the mitre framework, and as much information as we possibly can to help enable your teams to be able to solve these problems, but you know you’ll be able to engage with it, to be able to help you with those step by step, solutions. You can feed it as much context you want as about your information about your systems, about the devices.

1399
04:04:36.790 –> 04:04:40.220
Daniel Baddeley: And basically just get as much context as possible.

1400
04:04:40.681 –> 04:04:47.440
Daniel Baddeley: The productivity side of things is is one of my more favorite sides of this application is okay. Again, you have all this information.

1401
04:04:47.610 –> 04:05:07.129
Daniel Baddeley: What do we do with it? Well, if let’s say you’re connected to some of your favorite ticket management solutions like Jira, right or easy devops, it really just depends on what flavor you like the most. But the idea is that you can easily create tickets. Add them into your product, backlog for your remediation teams to be able to actually go in and do something about that

1402
04:05:07.340 –> 04:05:20.110
Daniel Baddeley: in the near future. We’re actually going to be unveiling here within the next 30 days, which is super awesome, a solution that allows you to essentially have the AI do a holistic overview on the entire report

1403
04:05:20.330 –> 04:05:40.469
Daniel Baddeley: and be able to break it down for you. So like epic level stories, tickets, tasks, subtasks right, and be able to put as much information on all of those tickets as possible, so that you can effectively groom them and add complexity and map all of your security controls to that, and be able to make it just as easy as possible for you to be able to maintain and understand

1404
04:05:40.570 –> 04:06:10.120
Daniel Baddeley: what your current posture is for your business, and don’t forget all of these scans can be going in real time all the time. So any integrations that you have with your scenes existing alert systems, log ingestion tools, maybe using splunk cloudwatch doesn’t matter. We have full api integration, capabilities that you can export all of that telemetry to your to your favorite log ingestion or service tools. But the cool part about this system is that as we’re wrapping this stuff up over the end of this 1st quarter

1405
04:06:10.920 –> 04:06:17.090
Daniel Baddeley: is, we’re gonna be able to get it to the point where, as you’re communicating with the Ciso, you can just simply log in and say, Hey.

1406
04:06:17.360 –> 04:06:45.980
Daniel Baddeley: I need to know what the current state of my posture is for my entire business from a global standpoint. I need a roadmap to be able to get all of our different business locations and all of our different buildings, or all of our different cloud environments to be able to accomplish. XY and Z. Goal. Right? Maybe that’s hyper focusing on Fedramp, right? Because you’re trying to engage with Uncle Sam, and it will be able to lay out all of those different ethics for you on your own Project board specifically around that Federal compliance depending on the size of your organization.

1407
04:06:46.290 –> 04:06:54.489
Daniel Baddeley: and the idea is to be able to again help you with being more proactive for being able to detect vulnerabilities before they get to production.

1408
04:06:55.140 –> 04:07:18.390
Daniel Baddeley: But as they’ve already gotten to production because things exist and you have to go and clean that stuff up, how can we make it as easy as possible for businesses to adopt this technology to be able to work it into their teams so that technical debt and security. Isn’t this afterthought right? It’s just as important and as easy to be able to get accomplished as the shiny features coming out of product roadmap. And that’s essentially what we’re doing here today.
1409
04:07:21.010 –> 04:07:36.689
Julia Nimchinski: Daniel, this is amazing. Just to. We have a lot of questions that our community submitted. I will make sure to address them on slack, since we’re out of time here. Where do our people go? Best defense that

1410
04:07:36.840 –> 04:07:37.360
Julia Nimchinski: are you.

1411
04:07:37.360 –> 04:07:39.699
Daniel Baddeley: Best defense. That’s defense, dot I/O.

1412
04:07:40.280 –> 04:07:41.320
Julia Nimchinski: Amazing.

Table of contents

Opening Remarks & Speaker Introduction
Closing Thoughts & Key Takeaways