Curious how the threat landscape is changing in the new year? Hear about the email attacks you need to protect against from guest Mick Leach, a seasoned cybersecurity professional who has led SOC teams at F500 companies and startups alike. In our latest episode, we'll chat with Mick about consistently popular attacks like brand impersonation and credential phishing, as well as new and emerging attacks like payloadless malware and QR code phishing (or "quishing") attacks that are likely coming your way in 2024.
#podcast #ai #2024 #cybersecurity #hacker
Abnormal Security: https://abnormalsecurity.com/unfiltered
Abnormal Security provides the leading behavioral AI-based email security platform
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today
Speaker 1: How's it going, everyone?
00:00:01
This is another security unfiltered podcast episode where
00:00:07
today we actually talk with Mick Leach from abnormal
00:00:11
security.
00:00:12
Abnormal security actually sponsored this podcast and again
00:00:17
, you know, just to remind you guys, they didn't determine any
00:00:20
questions that I can ask them or anything like that.
00:00:23
You know, they just believe in what we're doing here at the
00:00:26
podcast and they wanted to support the podcast, and so
00:00:29
that's how it all kind of happened, right.
00:00:31
So, you know, with that, let's go ahead and dive into the
00:00:36
episode.
00:00:36
I think you guys are going to love it.
00:00:37
All right, see you guys, how's it going?
00:00:41
Mick, it's really good to have you back on the podcast, and I
00:00:45
want to start off with saying you know, if anyone listening
00:00:48
hasn't already heard part one of this conversation, essentially
00:00:54
I will link it down below.
00:00:55
You definitely want to hear about Mick's background and how
00:00:58
he got into security, his journey and everything like that
00:01:01
, but this is part two where we're picking it up.
00:01:04
We're going to be talking about what's coming in 2024.
00:01:08
So how's it going, mick?
00:01:10
Speaker 2: It's going great, joe .
00:01:10
Thanks so much.
00:01:11
I appreciate it, boy.
00:01:12
We had so much fun in the last one and we just had so much to
00:01:16
cover, we had to do a part two.
00:01:19
Speaker 1: Yeah, absolutely.
00:01:19
I mean I assume we'll probably be doing like parts three and
00:01:24
four in 2024 at some point, but you know it's always a good
00:01:30
conversation and you know, I think you also appreciate the
00:01:34
style of podcasts that this is.
00:01:37
Speaker 2: I do.
00:01:38
I do Absolutely, yeah, and just the way this one's run.
00:01:41
It's so genuine.
00:01:43
I love that, you know there aren't questions prepared ahead
00:01:47
of time.
00:01:47
I love that it's off the cuff and it's natural and genuine.
00:01:51
You know that much.
00:01:52
I absolutely appreciate.
00:01:55
Speaker 1: Yeah, it's.
00:01:55
You know it's interesting.
00:01:56
When I go on other podcasts, they always like send me a bunch
00:01:59
of questions ahead of time, like guys, I really don't care
00:02:03
about your questions, right, like you know, just ask me
00:02:06
whatever you want to ask me and we'll go from there.
00:02:08
Yeah, but, mick, you know we're coming to the end of 2023 here,
00:02:14
2024, right around the corner and you know I always try to
00:02:21
prepare my audience for the year ahead, right, because you know
00:02:26
really to have a successful year , you have to be planning it out
00:02:31
.
00:02:31
You know ahead of time For sure , you have to be planning for it
00:02:36
, you have to be adjusting.
00:02:38
You know your goals, your expectations and whatnot.
00:02:41
So what are a few of the top attacks that you see becoming
00:02:46
more prevalent or more widely used in 2024?
00:02:49
Speaker 2: Yeah, yeah, you're right.
00:02:50
I mean, for us to adequately defend our organizations, we
00:02:56
really need to understand the threats that are coming at us.
00:02:59
You know, especially as many of us are in purchase cycles here
00:03:04
at the end of the year, sometimes money becomes
00:03:07
available and you've got to use or lose that.
00:03:09
I know that was certainly the way things were when I was in,
00:03:13
you know, the military and with the government.
00:03:15
So you're looking to, you know, elevate your tech stack,
00:03:21
elevate your capabilities there at the end of the year in
00:03:24
preparation for the next year.
00:03:26
And so it's so critically important to look back and
00:03:30
understand what you've seen over the last year, but also use
00:03:34
that information to sort of forecast what you see coming up.
00:03:38
And so, as I look back over what we have seen at abnormal
00:03:42
over the last year or two, I think it becomes clear, kind of
00:03:48
where the trending is headed towards 2024.
00:03:50
And I think it comes down to five major issues that we've got
00:03:54
to.
00:03:54
We've really got to keep a bead on these ideas.
00:03:57
So first, in my opinion, we've got brand impersonation,
00:04:02
credential fishing, and we'll kind of unpack these a little
00:04:06
bit, but I want to put them up front for you.
00:04:09
Number two payload this malware, right, and so when we say that
00:04:14
we're generally talking about, like social engineering attacks,
00:04:18
text only social engineering attacks.
00:04:20
Number three QR code attacks.
00:04:23
They have been on the rise.
00:04:25
I anticipate we'll continue to see these as time goes by.
00:04:30
Number four VEC or vendor email compromise and invoice fishing,
00:04:36
invoice fraud.
00:04:38
This is a massive one, continues to be incredibly
00:04:41
lucrative and I fear we'll continue to see it.
00:04:45
And then the last one, not without leaving it out here
00:04:50
generative AI based attacks.
00:04:51
Right, you can't hardly have a podcast or conversation,
00:04:56
presentation of any kind without mentoring, chat, gbt or
00:05:00
generative AI.
00:05:00
This one will be no different, and so we'll talk.
00:05:03
We'll talk a little bit about that as well.
00:05:05
So I think those are the five things that we need to kind of
00:05:09
keep an eye on, and willing to certainly unpack those, but,
00:05:12
like, pause there and see if you've got any questions.
00:05:16
Speaker 1: Yeah, of course, you know, with the, with the text
00:05:21
based attacks, I've actually seen, you know, a good amount of
00:05:28
that already coming through my work email, my personal email,
00:05:33
and it's interesting, you know, I literally had one last week
00:05:38
where you know they were saying like, oh, you know, I'm a new
00:05:41
hire, they told me to reach out to you to resolve some payroll
00:05:46
issue.
00:05:46
Like, one, I'm a security guy, so you're going to the wrong
00:05:50
person.
00:05:50
You know if you are real right.
00:05:53
And two, I'm a security guy so I don't trust you, so I'm going
00:05:56
to delete this email.
00:05:57
You know, like, I hope, if you're real, you know you get
00:06:03
your payroll figured out, but I don't care.
00:06:05
Speaker 2: Right, yeah, no, I'm with you.
00:06:07
It always cracks me up how we in security end up getting kind
00:06:12
of the end of being the dumping ground where a lot of different
00:06:15
kinds of attacks end up landing on our plate.
00:06:17
And I laugh, I think, really, did you think that I, insecurity
00:06:22
, was going to have access to change your payroll?
00:06:24
You know, come on, that's, don't be silly.
00:06:26
But but nevertheless, we do inevitably get targeted for
00:06:30
these kinds of things, and gone are the days are, you know and
00:06:33
we touched a little bit about this in our last one but gone
00:06:36
are the days when attackers are sending you know malicious
00:06:42
attachments and malicious links as the primary way to compromise
00:06:47
you.
00:06:47
They know that.
00:06:48
You know everybody's got a security email gateway, or you
00:06:51
know Microsoft's native 365 controls are really sound, and
00:06:55
so they're great at catching that kind of overt malicious
00:06:59
activity.
00:07:00
So now what we're seeing is this shift to where threat actors
00:07:05
are simply trying to start a conversation with you.
00:07:09
If they can simply get you to reply, then they can go a little
00:07:14
bit further, right?
00:07:15
We've seen ones where a pretty common one is where they purport
00:07:20
to be from.
00:07:21
You know the.
00:07:22
You know we've seen the best buy genius ones, genius bar or
00:07:26
whatever you know a geek squad excuse me, where they send that
00:07:31
and say, oh, you've been charged for this.
00:07:32
If you have any questions or if you feel there's this was done
00:07:36
in error, please reach out to our contacts.
00:07:39
You know our support center at the phone number below right,
00:07:44
and so if they can just get you to start that conversation,
00:07:47
that's usually where they can take it.
00:07:49
You know three or four more steps.
00:07:54
Speaker 1: Yeah, I wonder if they're evolving their attack
00:07:58
pattern based on the technologies that are out in the
00:08:02
field.
00:08:02
Right, because you know in the military that's what you do and
00:08:08
you know this is no different.
00:08:09
Right, where you have solutions that are saying, oh, you've
00:08:13
never talked to this person before and they're asking for
00:08:16
this information.
00:08:17
You know it's probably a bad idea to respond to them.
00:08:21
Well, they're trying I guess they're trying to even just
00:08:24
start that conversation, build that rapport with your solution
00:08:28
in the background, right, and bypass all of that.
00:08:32
How does so?
00:08:34
How does abnormal fit into that ?
00:08:36
This isn't like a softball question or anything like that
00:08:42
that I was pitched ahead of time .
00:08:43
Right, like I'm genuinely wondering you know, how do you,
00:08:47
how do you guys stack up against something like that?
00:08:50
Speaker 2: Yeah, Well, and that's what makes us, I think,
00:08:52
unique or at least the next gen generation of email security
00:08:56
solutions, right, Ones that are using artificial intelligence at
00:09:01
their core.
00:09:01
It's not something has been bolted on, it's actually at the
00:09:05
core of the way the solution works, in that it is consuming
00:09:10
so many signals, right.
00:09:12
And it's beyond just taking in the headers of each email, right
00:09:17
.
00:09:17
Traditional security mail gateways do a great job of
00:09:20
pulling that in.
00:09:21
Microsoft, Google's native security controls.
00:09:25
They do a great job of evaluating those headers.
00:09:29
But there's so much more.
00:09:31
There's so much more signal to to those messages than just that
00:09:35
.
00:09:36
Unfortunately, in the past, security solutions just really
00:09:40
didn't have a way to consume the message body.
00:09:44
But with the advent of natural language processing, computer
00:09:48
vision, deep learning, you know algorithms for machine learning,
00:09:54
we've been able to really dive into the message body, teach our
00:09:58
systems how to read it and understand it, kind of parse all
00:10:02
of the parts of the message body, understand what's being
00:10:06
communicated and then say wait a second.
00:10:09
This is unusual behavior, right ?
00:10:11
This is something I've never seen before.
00:10:14
It's a person you've never spoken with, or at least an
00:10:17
address, an email address that you've never corresponded with
00:10:20
in the past, Even if it's someone that you'd know and
00:10:23
speak with often, maybe the tone has changed, Maybe it's more
00:10:27
formal or less formal than it's ever been before.
00:10:30
You know, it's those signals that abnormal security is able
00:10:34
to pin in on and really understand and then say, okay,
00:10:38
this, this is not normal, right, this is abnormal activity, and
00:10:44
so that's when we can flag it and and move forward from there.
00:10:49
Speaker 1: And is it able to also, you know, look at other
00:10:55
other customers of yours, right, and say like, oh, I saw this at
00:10:59
10 other customers and you know it was the same situation, so
00:11:03
we're going to block it or filter it out, right?
00:11:06
Sure Does it?
00:11:07
Does it have that capability as well?
00:11:09
Speaker 2: Absolutely yeah, and that's what was so powerful when
00:11:12
I think it was CrowdStrike was one of the first to kind of
00:11:16
start using crowdsourced information and say, well, if
00:11:21
I've learned this and this and this from these other customers,
00:11:24
maybe I can retrain my models to look for those kinds of
00:11:29
behaviors across all organizations, and abnormal
00:11:32
absolutely does the same thing in that.
00:11:34
In that regard, now, each to be clear and this is what makes us,
00:11:38
I think, unique is that the models are trained for each
00:11:43
company specifically.
00:11:44
Each one is different because a large financial services
00:11:49
institution would be very different than, like a large
00:11:53
university, right, a large public university.
00:11:55
The kinds of communications that you see, the kinds of
00:11:59
emails that you see, back and forth, are very different, the
00:12:02
users and their level of awareness and training very
00:12:06
different between a college and like a bank.
00:12:08
So it's important that each model is trained for each
00:12:13
company.
00:12:14
But then you can use some overall guidance, overall
00:12:17
understanding about what anomalous behavior looks like in
00:12:21
general across all customers, and that's where you see that
00:12:25
crowdsourced information really benefit the university or the
00:12:31
bank.
00:12:33
Speaker 1: Hmm, yeah, it's really interesting.
00:12:36
Can we talk about payload list exploits, right?
00:12:42
So what are those?
00:12:44
Is that just a text email that's trying to start that
00:12:47
conversation?
00:12:48
Speaker 2: Yeah, so in the email world, anytime we talk about
00:12:51
payload list malware, what we're really talking about is social
00:12:56
engineering.
00:12:56
So it's just that note.
00:12:59
Hey, bill, we talked about this last time.
00:13:01
Hey, bill, it's Bob.
00:13:01
Give me a call when you get a minute.
00:13:03
Right, he's really seeking to start a conversation.
00:13:06
Get you to pick up the phone and call someone, because when
00:13:09
you do that, you can sidestep the rest of your tech stack.
00:13:13
Right, you lose a lot of the defenses that you have already
00:13:18
brought to bear in your tech environment.
00:13:21
I think QR code attacks are similar in that regard because,
00:13:27
as you and don't mean to pivot, but I think there's these two
00:13:31
stories are somewhat related in that, like when we see QR code
00:13:35
phishing attacks, there's not a ton of things that can detect
00:13:40
and resolve a DNS entry from a QR code today.
00:13:46
There's just not a lot of tech stacks, there's not a lot of
00:13:49
solutions in our stacks that can do that.
00:13:51
Abnormal, I think, is relatively unique in that we can
00:13:54
and that's a pretty big differentiator for us.
00:13:58
But in either case, the reason that I think we're seeing threat
00:14:02
actors pivot to using QR codes and emails is A there's nothing
00:14:07
that can defend against it, or very few things that can defend
00:14:10
against it.
00:14:10
But B?
00:14:12
How would you scan a QR code on your email, on your corporate
00:14:17
email, on your desktop, right on your laptop, or whatever the
00:14:20
case may be?
00:14:20
How are you going to scan it?
00:14:23
You're going to pick up your phone and you're going to scan
00:14:25
it with your phone, right?
00:14:27
Well, once you've done that, you have sidestepped all of your
00:14:33
corporate email security controls, all of your corporate
00:14:37
security controls, entirely right, unless you've got an MDM
00:14:41
solution on your phone, which is pretty advanced.
00:14:44
Many folks with bring your own device today don't have a ton of
00:14:51
security controls on our user's phones.
00:14:53
So you don't have EDR, you don't have your internet gateway
00:14:59
, you've lost most of your security controls, and now
00:15:04
you've got a user interacting with a potentially malicious
00:15:08
website on their phones, and so that's where you start to see a
00:15:14
lot of credential harvesting those kinds of things there,
00:15:17
because they've tricked you to go someplace you shouldn't on a
00:15:20
device that your company can't protect.
00:15:25
Speaker 1: Yeah, phones are a very interesting threat surface
00:15:30
for any company out there.
00:15:32
Even if you have an MDM solution, you have a company, so
00:15:38
you have a company device and they manage it and whatnot.
00:15:41
Even then, you're still heavily reliant on the architecture of
00:15:48
the phone.
00:15:48
Hopefully the developers didn't create something that is
00:15:54
insecure in their architecture and whatnot.
00:15:56
Not that Android has ever done that right.
00:16:02
Speaker 2: Or Apple or any of them, right, I mean yeah.
00:16:06
Speaker 1: Well, I always bring up Android because when I was
00:16:08
getting my master's in cybersecurity, it was very
00:16:11
hands-on course, or very hands-on degree, and a part of
00:16:16
it there was a mobile security course and in that course there
00:16:21
was a lab that you had to get root on an Android or an iPhone.
00:16:27
You had to choose a vulnerability and choose your
00:16:30
platform right, and so I chose some Bluetooth vulnerability.
00:16:34
The iPhone had been patched for several months so it was never
00:16:41
going to work on that, so I literally spent about 36 hours
00:16:46
trying to get it on an iPhone that I would never get it on.
00:16:48
And then, as soon as I switch to Android, I get root in 20
00:16:56
minutes.
00:16:57
I'm not a very good hacker, I'm very poor, I can spell the word
00:17:03
and that's it.
00:17:03
But I got root on this thing in 20 minutes and I'm like my
00:17:09
reaction was oh, this is really bad.
00:17:13
If I can do this, sure yeah.
00:17:17
Speaker 2: And that's the thing is a lot of what we're seeing in
00:17:22
terms of hackers trying to convince users to leverage their
00:17:26
phones.
00:17:27
They don't even need to compromise the phone itself.
00:17:30
They don't need to hack the phone or its operating system,
00:17:33
they just convince you to go to a URL that you ought not to go
00:17:37
to.
00:17:38
That looks a lot like something that you're used to logging
00:17:41
into every day.
00:17:42
Maybe it's your OctaPortal, maybe it's your Microsoft 365
00:17:46
portal, maybe it's your Facebook account.
00:17:48
We've seen a lot of different brand impersonation attacks
00:17:53
lately that work this way.
00:17:56
No joke.
00:17:58
Last night, my wife gets a phone call talking about brand
00:18:02
impersonation.
00:18:03
My wife got a phone call from USAA.
00:18:05
Having been in the military, that is the bank that we use, as
00:18:14
most veterans do it's a great organization Gets a call
00:18:18
purportedly from USAA.
00:18:20
Here's the thing they spoofed their phone number so it showed
00:18:24
up on her phone as USAA and they said, hey, we see some unusual
00:18:31
charges.
00:18:32
This is not the first time we've gotten these kinds of
00:18:34
calls.
00:18:34
We get them periodically.
00:18:36
I think we probably all have gotten the call from the bank
00:18:39
that says, hey, starting to see some really unusual stuff.
00:18:42
Are you in Miami, florida, right now?
00:18:44
I'm like I wish, but I am not.
00:18:47
I'm in Ohio and it's freezing.
00:18:49
So they said, yeah, we saw somebody charge $2 at
00:18:54
Walmart, $5 at Best Buy.
00:18:58
And my wife was like no, that's definitely not us.
00:19:02
And they said, ok, we're going to send you a text message.
00:19:06
Need you to log in at the link on the text message and file a
00:19:12
report?
00:19:12
And so the text message comes in.
00:19:16
It's not from the numbers we're used to seeing, which may or
00:19:21
may not mean anything, but the URL was telling it was not USAA,
00:19:27
although it did have you as USAAsomethingco.
00:19:30
It was a long string, I think it was retail online, resell
00:19:37
online, 06 or something along those lines.
00:19:40
And I was like whoa.
00:19:42
My wife's like, oh no, this feels weird.
00:19:44
And the guy's like, no, it's OK , just click the link and log
00:19:48
into your account there and you can file the abuse report.
00:19:53
And I was like no, no, and thankfully she refused to do so.
00:19:59
The guy hung up on her.
00:20:00
We had a call in USAA back and it was not them, it was the
00:20:04
bottom line.
00:20:05
So they're getting more and more brazen and they're getting
00:20:10
more and more sophisticated.
00:20:11
I think getting these calls not terribly interesting.
00:20:17
Getting the call plus the text message was a little more
00:20:22
interesting, but getting the call that was spoofed from their
00:20:24
actual, correct phone number, then doing the rest of the
00:20:30
things, made this one particularly interesting.
00:20:34
So, yeah, these are the kinds of things we're up against folks
00:20:37
.
00:20:40
Speaker 1: And it's almost unfair to the 99% of the
00:20:44
population that isn't in cybersecurity.
00:20:46
That's almost unfair even for cybersecurity professionals.
00:20:49
They are taking the basics of an attack.
00:20:56
They're taking four or five basics of an attack.
00:20:59
They're stringing them all together and they're making it
00:21:02
look like a real legitimate thing.
00:21:04
And I'm going to be honest, it's a pretty good chance that I
00:21:12
probably wouldn't even notice anything until I get to the
00:21:16
login page.
00:21:17
If the login page looks weird, then I would be catching it, but
00:21:21
I'd still click on that link probably.
00:21:23
And I'm in security.
00:21:27
We put ourselves into this.
00:21:28
It's terrible predicament where we just spent, you know, two or
00:21:34
three years right Of having everyone at a restaurant scan
00:21:38
the QR code Precisely.
00:21:40
It's very simple, it's very convenient, but there's no way
00:21:44
to know just by looking at a QR code of if it's malicious or not
00:21:49
.
00:21:49
You know, like and this is coming from security
00:21:51
professionals like, until I get to the website, I have no way of
00:21:56
knowing if that's real or not.
00:21:58
You know, and like you, you can so easily, you know, swap out.
00:22:03
A menu has all the same exact stuff, different QR code on
00:22:07
there.
00:22:07
Or, you know, they tape the QR code to the table.
00:22:10
Okay, well, I could just tape one on top of it, like it
00:22:13
doesn't even have to be that creative.
00:22:15
Yeah, it's.
00:22:17
It's a, it's a unfair, it's an unfair situation.
00:22:22
You know.
00:22:22
If I'm saying it's unfair for us, it's like because my wife
00:22:26
would 100% like she'd be messaging me as she's clicking
00:22:31
on it and like logging in.
00:22:33
It's like.
00:22:33
No, like you know, we don't need to be doing that.
00:22:37
Speaker 2: Yeah, yeah, you're right, I mean COVID.
00:22:39
The last three years with COVID has has just been training the
00:22:45
world's population that QR codes are safe to click on.
00:22:49
Speaker 1: Yeah.
00:22:50
Speaker 2: Or safe to take an image of.
00:22:52
And you know I was.
00:22:53
I was in Columbus.
00:22:54
I think I mentioned this in our last one.
00:22:56
If you know, just forgive me, but you know we were in.
00:22:58
I was in Columbus, ohio, not long ago and went to was that an
00:23:02
event?
00:23:03
And parked at a parking parking lot where you have to shoot a
00:23:08
QR code to pay all of the parking meters down there.
00:23:11
They don't accept coins anymore .
00:23:13
The only way you can pay for them is to shoot a QR code.
00:23:17
That's on the parking meter.
00:23:19
And there were bad guys not at this one, but there were bad
00:23:22
guys that were going around and pasting new ones, new QR codes
00:23:27
over those and they had done their research right.
00:23:29
They made a very similar looking domain where you were
00:23:36
able to put in all of your, all of your information and, and and
00:23:40
quote unquote pay, pay your parking.
00:23:43
But they just siphoned that money off, right.
00:23:46
Speaker 1: So it's horrible.
00:23:48
We, we almost need like a you know, an overarching body right
00:23:54
to step in and give what a QR code you know should look like
00:23:59
and whatnot.
00:24:00
Right, because what we really need with the QR code is the URL
00:24:05
under the QR code.
00:24:07
You should be going here, you know.
00:24:08
So if you scan this thing, you know this is where you're going.
00:24:12
If it goes somewhere else, you're not at the right place,
00:24:15
you know.
00:24:15
And if it doesn't have that URL , then you should know oh, I
00:24:19
shouldn't be scanning it, you know like it should be an
00:24:21
approved sort of thing.
00:24:23
Yeah, I, I can see us going that way in like 20 years.
00:24:30
You know, with how slow the government moves with everything
00:24:33
, I mean, they'll probably start talking about QR codes in 15
00:24:37
years.
00:24:38
Speaker 2: Yeah, and the challenge I think there is that
00:24:42
it actually just advocates for more obfuscated URLs, because
00:24:49
then you know you're you're trusting my aunt or uncle or
00:24:53
grandma to look not only at the QR code and understand what to
00:24:58
do with it which, thankfully, covid taught them what to do
00:25:01
with it.
00:25:01
Unfortunately, then, even if we put the expected URL at the
00:25:06
bottom, you know what's to say, that's, even if they match.
00:25:11
I mean, what's to say?
00:25:13
That it's not malicious anyway.
00:25:15
You know, if you, if you have like a high entropy, you know
00:25:20
URL one with lots of zeros and numbers, and they'll just look
00:25:23
at it and go matches is probably fine, it's not fun.
00:25:27
Don't go there, right?
00:25:31
Speaker 1: Yeah, it's, it's an interesting world that we have
00:25:35
now created for ourselves.
00:25:37
We've kind of backed ourselves into this corner, you know, and
00:25:42
I feel like almost the attackers are evolving quicker than than
00:25:47
the population is, you know, and yeah, that's typically, that's
00:25:51
typically what you see right, but they're I mean they're even
00:25:55
evolving faster than most companies, you know, and some,
00:26:00
most of the time, most solutions out there.
00:26:03
They're evolving faster than most solutions can keep up with.
00:26:06
How in the world do we stay on top of this thing?
00:26:11
Speaker 2: Yeah, well, I think maybe that's where the larger
00:26:15
companies really kind of dig themselves in a hole, because
00:26:20
you and I have both worked at big Fortune 500 companies before
00:26:23
.
00:26:23
And how quickly could you purchase and install a brand new
00:26:27
solution that you've never had before, right, one that's maybe
00:26:30
emerging tech?
00:26:31
You know it takes forever to get through all of the layers of
00:26:36
red tape and analysis and you know and those are good things
00:26:40
right, that's not a bad thing we're doing.
00:26:42
You know lots of vendor, you know vendor risk.
00:26:45
So we're evaluating each of these vendors to ensure that
00:26:50
they're they're doing their own security, so that we don't have
00:26:54
a supply chain compromise.
00:26:55
So those are good, good things.
00:26:57
However, I think that the industry, like the vendor side
00:27:02
of things, are coming up with solutions very quickly.
00:27:05
I think there's lots of very smart people coming up with and
00:27:10
solving very real problems very quickly, and they're getting on
00:27:13
them.
00:27:13
They're getting to market just in time to start solving the
00:27:17
problems as they, as they're hitting scale.
00:27:20
The challenge is, big companies are averse to to hiring, to
00:27:27
buying and using some emerging tech, and so, even though the
00:27:33
solutions exist, there's a reluctance to purchase it right,
00:27:37
either the company's too small, it's you know, oh, it's only a
00:27:40
hundred hundred users, right, a hundred employees.
00:27:43
It's only been around for 18 months.
00:27:45
You know, let's sit and let it bake for a little while and make
00:27:49
sure it's good.
00:27:50
Or maybe maybe the solution is still a little buggy.
00:27:52
Fine, I've seen that I bought buggy solutions before in order
00:27:57
to get in on the front end of a really good idea.
00:27:59
But that's the problem, I think , as we look at big, gargantuan,
00:28:05
monolithic companies, they're risk averse in terms of their
00:28:10
even their new solutions, their new security solutions.
00:28:14
I know that we at abnormal struggled with that early on
00:28:16
because we had a really good idea.
00:28:18
The tech was there, we were confident about it.
00:28:21
Certainly, I bought it and used it for a year before I came
00:28:23
here and and knew that it was good.
00:28:26
But there were still a lot of big companies that were like, ah
00:28:29
, let's just see how this shakes out for a little while longer
00:28:32
first, and you're like, man, we've, we've got the solution to
00:28:37
the.
00:28:37
You know, we've got the cure, you know, to the, the, the
00:28:40
problem that ails you.
00:28:41
But, um, you know, too many folks just are unwilling to try
00:28:45
it.
00:28:47
Speaker 1: Yeah, that's a very real.
00:28:48
It's a very real issue in the security industry.
00:28:53
You know, right now, where, even even fairly recently, right
00:28:58
, the company that I work for, you know they had a super old,
00:29:04
you know, McAfee EDR.
00:29:07
Right, They've had it since it came out, you know and going
00:29:12
with another solution, like Crowd Strike or whatever it
00:29:16
might be Sure, that's a multi-year endeavor, you know,
00:29:22
of convincing them like, hey, this thing works just like
00:29:25
McAfee, it does it better.
00:29:27
You know, this is why it's better.
00:29:29
All these things, you know, and it's repeating that same story
00:29:34
over and over and trying to get some of these companies to like
00:29:38
kind of catch up is is.
00:29:41
It's challenging and I think a part of it is a lot of these,
00:29:45
some of these executives.
00:29:46
They've been burned by new cutting edge tech that only
00:29:51
creates, you know, more headcount.
00:29:54
It only creates more incidents, more issues.
00:29:59
I used to work for a company and they brought in a newer,
00:30:03
privileged access management solution over a tried and true
00:30:10
solution that the industry recognized as the top tier
00:30:14
vendor, and that whole experience was just absolutely
00:30:19
terrible.
00:30:20
Every single day was another hurdle.
00:30:23
I mean literally every single day.
00:30:26
Our solution was on the verge of going down, and the only
00:30:28
reason why it didn't go down was because I grew to identify all
00:30:33
of the early warning systems and I had a very close relationship
00:30:37
with the guys that managed the load balancers and so I could be
00:30:41
like, hey, switch over traffic, here I'm having issues.
00:30:44
I mean, this was every day.
00:30:47
You know like how does that play out to executives minds?
00:30:50
You know because and I think about that, because you know now
00:30:56
that now that see so right, that was dealing with all those
00:31:00
issues saw it firsthand.
00:31:01
He went to another company and the very first thing that he
00:31:05
said was one, we're not hiring anyone that managed that
00:31:08
solution, not hiring anyone that bought that solution at that
00:31:12
other company, and we're also never going to entertain
00:31:16
anything from this company going forward.
00:31:18
It doesn't matter how good their solution gets reviews and
00:31:22
things like that, we're not going with it.
00:31:25
Speaker 2: Yeah, it, sadly that's.
00:31:27
You know, it's a tale as old as time.
00:31:29
Right, you get bit just once.
00:31:31
You know, once bitten, twice shy, I think.
00:31:33
They always say and cybersecurity solutions are no
00:31:37
different.
00:31:38
You know, I think there's stories for both sides, but it
00:31:41
takes you know how many times can you be successful in your
00:31:45
success, but one failure and you've ruined it all.
00:31:47
I think that's the story for CISOs.
00:31:51
You know, there are lots of times the solutions are great,
00:31:55
they're sound, the capabilities are all there.
00:31:57
I remember, you know, even as you know, as a big insurance
00:32:03
company at the time, and we had we were moving, we were at least
00:32:06
considering to move from Cisco, kind of the big upper right
00:32:11
quadrant guy that had been around forever and just handled
00:32:15
all networking.
00:32:16
You know everything.
00:32:17
And there was a small plucky upstart called Palo Alto
00:32:21
networks and had a completely different take on firewalls and
00:32:26
the way they were going to do things and there was even a
00:32:29
concept of layer seven firewalls and we're like, no, that's
00:32:31
impossible, you can't, no, it's, it'll never work, it'll never
00:32:35
take.
00:32:35
And you know, fast forward.
00:32:37
Now you see the pretty, pretty deep market penetration there.
00:32:42
So you know, there there are.
00:32:45
There are good, good news stories on that on one side and
00:32:48
then certainly bad news stories on the other side, but it all it
00:32:51
takes is one time of getting bit to make you go.
00:32:53
Man, let's just stay with the upper right quadrant stuff
00:32:56
that's been around for a while, that's been shook out.
00:32:59
Other people trust right, even if it puts us behind the eight
00:33:03
ball or behind behind the the innovation curve.
00:33:09
Speaker 1: Yeah, yeah, that's a good, that's a good point and
00:33:12
it's a.
00:33:13
It's a difficult one to defeat, honestly.
00:33:17
But you know, something that I have found that tends to help is
00:33:21
when I'm doing a POC, when I'm, you know, evaluating a product,
00:33:25
I always like to get other successful deployments with with
00:33:32
other customers, right, current customers on that came from
00:33:36
other solutions.
00:33:37
You know, and I'll specifically ask you know for customers that
00:33:40
migrated from whatever solution we currently have.
00:33:43
Right, that went with this other new solution.
00:33:47
And the reason why I do that, you know, I tell the vendor
00:33:51
straight up hey, don't join that call.
00:33:53
You know you can send the invite but do not join it.
00:33:56
If you have to start it, you know, just transfer host
00:34:00
permissions to me, whatever it might be, because I want to hear
00:34:03
, I want to hear the horror stories, you know.
00:34:06
I want to hear about your bad, bad, bad, bad, bad, bad, bad,
00:34:07
bad, bad, bad, bad, bad experience with that other
00:34:10
solution.
00:34:10
And I want to hear about, you know, if there was any
00:34:13
challenges deploying this other solution.
00:34:15
Right, Because every vendor is going to say, oh, it's a great
00:34:18
solution, it's turnkey.
00:34:19
I've heard that, you know, on every call I've ever been on,
00:34:22
right, and it's, it's, it says a lot when you actually go into
00:34:29
the solution and it actually is turnkey, you know, like it
00:34:32
actually there I think it was actually abnormal solution when
00:34:38
you know, I heard turnkey and I'm like, okay, turnkey in that
00:34:41
industry is, you know, not real right.
00:34:45
And then we went and did it and I was confused.
00:34:48
I was.
00:34:49
I had the, you know, the solutions engineer on the call
00:34:52
and I said, okay, what's next?
00:34:54
It was no, there's nothing else to do, like just let it work.
00:34:57
Like no, what, what am I going to get out of that?
00:35:01
It was no, just wait.
00:35:03
You know, that was like even for someone like myself, like an
00:35:08
experienced security professional that I've, I like
00:35:11
to feel like I'm on the cutting edge of stuff.
00:35:13
You know, I know what's out there.
00:35:15
Even for me it was like, oh, this is weird, this is different
00:35:21
, you know.
00:35:22
Speaker 2: Yeah, no, I know exactly what.
00:35:24
I had a similar experience right Before I came here, you
00:35:29
know, plugged.
00:35:29
I remember that feeling of plugging it in and thinking,
00:35:32
okay, so it's connected, now the integration is complete.
00:35:36
That went faster than I expected.
00:35:38
But now you know when do we start the configuration?
00:35:42
Right, because I come from the world of secure email gateways.
00:35:46
Where it's, there's a heavy configuration.
00:35:48
You've got to start setting up a block list and allow lists and
00:35:52
keyword searches and so that you can start finding evil.
00:35:55
And I remember distinctly him, you know, saying that's it.
00:36:01
Now we just sit and we wait and it learns and tomorrow we'll
00:36:06
find evil.
00:36:06
And I was like, no, now there's got to be more.
00:36:10
And he was like, nope, just trust me, go home and then
00:36:15
tomorrow let's get together in the morning and we'll see what's
00:36:19
what.
00:36:20
All right, the next day I was horrified at what all it had
00:36:24
found, that was slipping through my existing tech stack, that
00:36:28
I'd spent a lot of time and money had never been told.
00:36:31
No, you know it was.
00:36:33
It was a security defenders dream come true.
00:36:36
You know anything, you want anything you think we need, you
00:36:40
tell us and we'll buy it.
00:36:41
And it's been three years, built in that tech stack, only
00:36:44
to have abnormal come in and go.
00:36:46
Yeah, it's really good.
00:36:49
However, here's all the stuff that's slipping through your
00:36:53
current tech stack, that nothing is catching, and these things
00:36:56
are being delivered to your users in boxes.
00:36:59
Today I was like no man.
00:37:02
I was just gutted.
00:37:05
Speaker 1: So yeah, let's let's talk about the, the AI threats,
00:37:13
the LLM, the generative AI.
00:37:16
I mean, I can say the buzzwords , but I don't know what any of
00:37:19
that means.
00:37:20
I couldn't name an LLM if you put a gun to my head, you know,
00:37:27
like I could not do it.
00:37:28
So what?
00:37:29
What are these?
00:37:30
I guess let's start with what they are right.
00:37:33
What's the biggest threats with them and how can organizations
00:37:38
protect themselves against those sorts of threats?
00:37:41
Speaker 2: Yeah, and I'm glad you brought this up right.
00:37:43
That was number five on our list, right?
00:37:45
Generative AI, and?
00:37:46
And it is an emerging threat, to be sure, but at its core,
00:37:53
generative AI is really nothing more than a next word predictor.
00:37:58
You know, at its to oversimplify things, but that's
00:38:02
what it's doing, right.
00:38:03
You feed it information and it produces net new content as a
00:38:08
result of what you, what prompts you gave it.
00:38:11
And so generative AI is being used to create all of the other,
00:38:15
the other types of attacks that I talked about.
00:38:18
The biggest difference is that it's coming in scale A, it's
00:38:23
making it a little more.
00:38:24
I won't necessarily call it more sophisticated, because you
00:38:30
and I, as English speaking security professionals, could
00:38:35
craft.
00:38:35
To give me 20 minutes, give you 20 minutes we could craft a
00:38:39
very realistic looking spearfishing message.
00:38:43
You know we could do our homework using the world's
00:38:46
greatest hacking solution, linkedin, and then you could
00:38:51
cross reference with like Facebook and figure out, you
00:38:55
know, pick a target, see what they're up to, see what they're
00:38:57
into, and you know we could write a very good, very
00:39:01
realistic, very effective fishing message, spearfishing
00:39:05
message.
00:39:05
The difference being so generative AI can do the same
00:39:11
thing, the difference being it can do the same thing for a non
00:39:15
English speaker and it can level that playing field and it can
00:39:20
do it at scale.
00:39:21
Whereas it would take us maybe 1520, maybe 30 minutes to do a
00:39:25
really good job, generative AI can do this thousands per minute
00:39:31
, and that's the real danger there.
00:39:34
So that that's the first big thing.
00:39:36
But the second big thing that generative AI is enabling is not
00:39:42
only is it doing that at scale, but it can do it with a unique
00:39:47
sender address every time, a unique recipient address, a
00:39:51
unique subject and a unique message body each and every time
00:39:57
that it runs.
00:39:58
That would take us forever to do manually, but generative AI
00:40:03
can do that trivially, in moments.
00:40:06
And now, if you think about how most of our security solutions
00:40:10
work, right, they're looking for similar senders, similar
00:40:15
recipients, message bodies or subjects, some sort of thread to
00:40:20
tie all of the attacks together as part of one campaign, and
00:40:26
none of those things are present .
00:40:27
So that that's terrifying in terms of scale.
00:40:33
It just means that what you, what you've been facing is, is
00:40:38
only we're only going to see it's it's the tip of the iceberg
00:40:41
in 2024.
00:40:42
We're going to see that the scale of that those attacks just
00:40:47
quit, you know, quintuple over the next year.
00:40:50
It's crazy to think about.
00:40:55
Speaker 1: Yeah, it's interesting.
00:40:55
You bring up, you know, linkedin and it's a good
00:41:04
platform for professional networking and whatnot right.
00:41:08
But I feel like the professional side of it almost
00:41:16
gives the illusion that you can be a little bit more open with
00:41:20
where you work and what your title is, what your job
00:41:23
description is, all those sorts of things I noticed when
00:41:29
security were bombarded with job opportunities everything that
00:41:34
you could think of.
00:41:35
Ever since I took my employer names off of my LinkedIn I left
00:41:43
the titles, but I took most of the descriptions.
00:41:47
I took the company names off.
00:41:48
As soon as I did that, it decreased by 90, 95%.
00:41:54
I don't think people can put it together.
00:41:57
He took it off because he has a podcast and he doesn't want it
00:42:02
to conflict or anything like that.
00:42:03
It's interesting the amount of information that you can gain
00:42:09
just from platforms that people have willingly put out there and
00:42:15
opened up.
00:42:15
I've been pretty tempted and I think I actually have disabled
00:42:21
Facebook before because there's just too much out there and I
00:42:26
need to control the information a little bit better.
00:42:28
It's coming to a phase where all of that's coming to fruition
00:42:36
to be combined together with this generative AI to craft the
00:42:42
perfect thing for each person, because we're giving them all
00:42:45
the information that they need.
00:42:47
Speaker 2: Absolutely, yeah, absolutely.
00:42:48
In fact, the internet is forever.
00:42:52
If you don't think so, use the Wayback Machine, because you
00:42:58
talked about updating your LinkedIn and removing things.
00:43:02
I know lots of folks that are wisely doing the same thing.
00:43:06
The challenge is the internet is forever and with the Wayback
00:43:10
Machine, I can still go back and see what it looked like three
00:43:13
years ago, two years ago, last week, prior to when folks
00:43:18
started scrubbing and being at least aware of that that was
00:43:22
even necessary.
00:43:23
I can go back to your Instagram account and I can see the
00:43:29
pictures prior to when we all started going.
00:43:32
Maybe I shouldn't be posting all of this here and I'll start
00:43:36
scrubbing this and you can still go back in time.
00:43:39
That's what makes the internet such an interesting and
00:43:42
terrifying place at the same time.
00:43:47
Speaker 1: Yeah, it's an interesting world that we live
00:43:52
in.
00:43:52
If you had to maybe give guidance to someone that's
00:44:01
trying to either get into IT or security or maybe they're
00:44:04
already in security and they're trying to augment their career,
00:44:11
make themselves more valuable in the field and whatnot Based on
00:44:15
the five items that you mentioned previously, what would
00:44:20
you recommend that they focus on to become more proficient in
00:44:23
those areas?
00:44:24
Speaker 2: Yeah, so great question.
00:44:26
So let me answer it in two parts.
00:44:29
Number one as an individual, how can we level up and become?
00:44:34
A add the skills we need to be successful?
00:44:37
And B, how can we continue to keep them sharp once you do have
00:44:42
those skills?
00:44:43
I think the answer is the same to both of those, which is
00:44:50
you've got to build your own personal testing environment.
00:44:56
You've got to have some sort of testing environment at home.
00:45:00
It can be virtual.
00:45:02
Build your own lab, spin up some VMs so that you can start
00:45:08
testing things.
00:45:09
You can start because that's how you're going to learn best.
00:45:13
I've been doing this a long time and the folks for me that I've
00:45:17
hired that ended up being wildly successful all had a couple of
00:45:21
things in common.
00:45:22
Number one they were insatiably curious like potentially to a
00:45:27
fault, but they were insatiably curious.
00:45:30
They just had to understand how something worked.
00:45:34
We can do a lot with that in the security world.
00:45:37
The second thing is that they're tinkers.
00:45:41
Every person that has been wildly successful for me is the
00:45:45
same kind of person that goes home and goes.
00:45:47
Not only do I want to understand how it works, but I
00:45:50
have to see it, I have to try it .
00:45:52
I have to fire off these exploits at a vulnerable system
00:45:57
while I collect the logs and a packet capture.
00:46:00
Then I want to take a look at the packet capture with wire
00:46:04
shark or T-shark.
00:46:05
I really want to dig in and understand.
00:46:07
How did it work?
00:46:08
What does it look like on the wire?
00:46:11
How can I write rules and alerts that can detect this kind
00:46:14
of activity?
00:46:15
Those kinds of people are incredibly successful.
00:46:19
That is, I think, the number one thing.
00:46:23
Build a home lab, figure out what that looks like.
00:46:26
There's lots of really good tutorials on YouTube.
00:46:29
John Strand, I think, has done a couple of really good ones
00:46:33
from Black Hills Information Security.
00:46:35
One of my mentors the people that I look up to Mick Douglas
00:46:41
is another.
00:46:42
There's some folks that are doing some really interesting
00:46:45
things.
00:46:45
They all say the same thing You've got to roll up your
00:46:48
sleeves and you've got to get in there.
00:46:51
On an individual perspective, that's how we can do that, I
00:46:55
think.
00:46:56
At a corporate level, how can we defend against the kinds of
00:47:01
things we're seeing today, those five example attacks that I
00:47:04
have seen trending up over the last year, which is indicative
00:47:10
of them continuing to just explode in 2024.
00:47:14
I think it comes back to this, especially when we talked about
00:47:17
scale in terms of generative AI.
00:47:20
It's using good AI to fight bad AI.
00:47:24
That's what it's going to come down to, because the volume is
00:47:29
too great, the number of signals is too great for us as humans
00:47:34
to parse and analyze and connect all of these dots together.
00:47:38
As we're searching for new security solutions as you go
00:47:44
through 2024, as you're looking to renew or buy new solutions,
00:47:49
replace old things, look for the plucky upstarts.
00:47:54
Look for the small guys that are disrupting the industry, the
00:47:58
ones that are using generative AI, that are using AI or ML at
00:48:03
their core Not something they bolted on, but they're actually
00:48:08
using machine learning algorithms to process vast
00:48:13
amounts of data and understand anomalous activity and spot that
00:48:17
.
00:48:17
Those are the solutions that you need to be evaluating.
00:48:22
Yes, they may not have been around a long time.
00:48:26
Yes, you might be taking a small chance.
00:48:30
Do talk to other people.
00:48:32
Do talk to ask the vendor for a reference.
00:48:35
I've been on both sides of that conversation.
00:48:38
Joe, you were talking about it a moment ago.
00:48:39
I've been on both sides.
00:48:41
I've been the one requesting that conversation and digging in
00:48:44
saying, really, what was the like?
00:48:45
The vendor's not here.
00:48:47
Tell me the truth.
00:48:47
Was it really as smooth as they say you can get to the bottom
00:48:51
of that.
00:48:51
I've also been on the other side where I've been saying, hey
00:48:54
guys, this actually works.
00:48:56
I've been very happy with it.
00:48:57
Now I'll tell you, because they're not here.
00:48:59
These are the things that you'll have to overcome, or
00:49:03
maybe they were a little clunky, but it's a good solution.
00:49:07
I have no reservations.
00:49:08
I've been on both sides that use those as you evaluate new
00:49:13
emerging technologies.
00:49:16
Speaker 1: Yes, that's a good point.
00:49:17
The curiosity is maybe the biggest thing in security.
00:49:24
That you need to be successful Right, because you always need
00:49:28
to be learning.
00:49:29
I was actually talking to someone not too long ago.
00:49:35
They wanted to get into cybersecurity and they were
00:49:40
asking for the best way to do it .
00:49:43
I said well, look, the first thing that you have to
00:49:46
understand is that you're always going to be learning.
00:49:49
You always need to be in a mentality of, hey, I'm always
00:49:53
working towards a certification, I'm always working towards
00:49:59
learning more about a topic or whatever it might be.
00:50:03
And that stopped them right there in their tracks and they
00:50:08
said well, that's not what I wanna do.
00:50:10
I kinda wanna just like, learn everything and then be done with
00:50:14
it.
00:50:14
You know I'm like, well, that's not really how the world works.
00:50:17
You know, like Certainly this world, yeah, like you know, I
00:50:22
guess maybe school teaches us.
00:50:24
You know in some way like, hey, you learn all these things and
00:50:28
you're done.
00:50:28
You know you in school.
00:50:31
You know you get your PhD right , if you go all the way through,
00:50:35
you get your PhD and that's considered to be done.
00:50:38
It would be dumb for you to get another PhD If it didn't relate
00:50:43
in some way, you know.
00:50:45
But even then it's a stretch.
00:50:49
But in security especially, you know, there is no end to this
00:50:55
thing.
00:50:55
Like I've spun up, you know, so many labs at home and destroyed
00:51:01
so many domain servers Like it's insane, right, I got a
00:51:06
really good backup process that I learned from trial and error,
00:51:11
oh yeah, and then, you know, when I wanted to specialize in
00:51:14
the cloud, first thing I did I opened up a free tier AWS
00:51:18
account, you know, and Azure and GCP, and went through it right
00:51:23
and after enough, you know random three, four $500 bills of
00:51:29
things that I thought that I had spun down when I didn't.
00:51:32
I have learned to go with other services so that they can
00:51:36
handle all of that and I'm not worried about it, you know.
00:51:39
But it's always.
00:51:42
It's always a journey, you know , and it's that's what it is.
00:51:48
Speaker 2: Yeah, you've never in cybersecurity, I think, in life
00:51:50
.
00:51:50
You know you've never arrived, you've.
00:51:54
It's the point is the journey, and so you know.
00:51:59
I think cybersecurity is no different.
00:52:00
You've got to learn to embrace the fact that you won't know it
00:52:06
all.
00:52:06
You'll never know it all, but you should continue to strive to
00:52:09
learn more every day.
00:52:10
I love that, the YouTuber smarter every day and just his
00:52:14
approach to learning and trying new things, sometimes failing
00:52:18
miserably along the way before learning and mastering something
00:52:21
new.
00:52:22
You know, we just all need to adopt that approach.
00:52:27
Speaker 1: Yeah, yeah, absolutely.
00:52:29
Well, mick, you know I really enjoyed our conversation.
00:52:32
I'm definitely gonna have to have you back on in the future,
00:52:36
but we're at the top of our time here, so before I let you go,
00:52:40
how about you tell my audience you know where they can find
00:52:42
abnormal, where they can find you if they want to learn more?
00:52:46
Speaker 2: Yeah, absolutely.
00:52:47
You can hit me up at Mick at abnormalsecuritycom.
00:52:50
That email will get to me.
00:52:51
You can find out more.
00:52:53
You can go to abnormalsecuritycom slash demo.
00:52:56
You can see a short recording of what our UI looks like, how
00:53:01
the product works.
00:53:02
If you go to abnormalsecuritycom slash risk,
00:53:06
you can sign up for a free risk assessment and we can integrate
00:53:09
with your environment.
00:53:10
Test outs how things are going in your environment.
00:53:12
Again, that's read only We'll sit and learn for a week and
00:53:17
then give you a report of all the things that are slipping
00:53:19
through your current tech stack and at that point buy us, don't
00:53:23
buy us, right?
00:53:24
It's up to you.
00:53:25
Figure out what makes sense for you at that time.
00:53:29
Speaker 1: Awesome.
00:53:29
Well, thanks, mick, and I hope everyone listening enjoyed this
00:53:32
episode.
00:53:33
Bye, everyone.
00:53:34
Thanks.