1 00:00:00,800 --> 00:00:04,939 S1: Unsupervised Learning is a podcast about trends and ideas in cybersecurity, 2 00:00:04,970 --> 00:00:10,010 S1: national security, AI, technology and society, and how best to 3 00:00:10,039 --> 00:00:17,810 S1: upgrade ourselves to be ready for what's coming. All right, 4 00:00:17,810 --> 00:00:20,690 S1: welcome to Unsupervised Learning. This is Daniel Miessler, and we 5 00:00:20,690 --> 00:00:25,520 S1: have with us today Slava Konstantinov from Threatlocker. 6 00:00:25,550 --> 00:00:26,540 S2: Thanks for having me. 7 00:00:26,900 --> 00:00:31,190 S1: Yeah, yeah, yeah. Great to have you here. So, um, 8 00:00:31,700 --> 00:00:34,370 S1: wanted to just jump right into it. Um, can you 9 00:00:34,370 --> 00:00:38,750 S1: start off by telling us what's going on with Threatlocker overall? 10 00:00:38,780 --> 00:00:42,080 S1: Like what? What does it address? What is the, um, 11 00:00:42,080 --> 00:00:44,390 S1: the main the main product and what it does? 12 00:00:44,780 --> 00:00:50,510 S2: Yeah. So Threatlocker were a cybersecurity company and we're protecting endpoints. 13 00:00:50,870 --> 00:00:56,300 S2: And our main approach is a zero trust. Zero trust 14 00:00:56,300 --> 00:01:02,010 S2: means that that we don't trust anyone Except what we trust. 15 00:01:02,040 --> 00:01:04,050 S2: I mean, we have a lot of policies. We can 16 00:01:04,050 --> 00:01:06,990 S2: talk about this like deep dive a little bit later. 17 00:01:06,990 --> 00:01:11,639 S2: But yeah, in general we're working on a zero trust 18 00:01:11,760 --> 00:01:13,890 S2: with zero trust approach. 19 00:01:14,760 --> 00:01:19,650 S1: Yeah. So and that means by default nothing is allowed 20 00:01:19,650 --> 00:01:22,560 S1: in general. Right. And then you poke poke little holes 21 00:01:22,560 --> 00:01:23,610 S1: for what's allowed. 22 00:01:23,640 --> 00:01:28,140 S2: Yes we we have multiple different products in thread locker. 23 00:01:28,140 --> 00:01:33,149 S2: So basically we have one big thread locker machine as 24 00:01:33,150 --> 00:01:36,089 S2: if I can say that. And also we have like 25 00:01:36,120 --> 00:01:39,690 S2: different products. First of all like we have an application control. 26 00:01:39,690 --> 00:01:43,740 S2: It's this basically is allow listing. Allow listing that we 27 00:01:43,740 --> 00:01:50,370 S2: only allow to run specific software that it's basically in 28 00:01:50,370 --> 00:01:55,260 S2: our list. Everything else, everything else gets denied. So what 29 00:01:55,260 --> 00:01:59,660 S2: does it mean for for the enterprise it means that 30 00:02:00,200 --> 00:02:04,280 S2: every company they have set of software they use. Everything 31 00:02:04,280 --> 00:02:07,910 S2: else should not be allowed. And there is a lot 32 00:02:07,940 --> 00:02:12,410 S2: of examples out there on the internet and in real life. Basically, 33 00:02:12,410 --> 00:02:16,190 S2: when people are losing their jobs or company got hacked 34 00:02:16,190 --> 00:02:20,389 S2: because someone installed something that was not supposed to be there. 35 00:02:21,080 --> 00:02:25,070 S1: Yeah, yeah, that makes sense. And so how was the 36 00:02:25,070 --> 00:02:27,740 S1: what's the process look like for. And I believe we 37 00:02:27,740 --> 00:02:29,840 S1: talked to someone else from your company as well. So 38 00:02:29,870 --> 00:02:34,130 S1: I heard about this before, and I remember being impressed 39 00:02:34,130 --> 00:02:36,080 S1: with the way that you handled it. But how do 40 00:02:36,080 --> 00:02:37,700 S1: you handle that allow list. 41 00:02:38,180 --> 00:02:41,720 S2: So we have a set of rules. And rule can 42 00:02:41,720 --> 00:02:45,800 S2: be like you can put like a path to the rule. 43 00:02:45,800 --> 00:02:50,030 S2: You can. But mostly we use hashes. So basically we 44 00:02:50,030 --> 00:02:57,440 S2: know what every executable in your system, every executable hash 45 00:02:57,440 --> 00:02:59,880 S2: in your system. So we know that we have big 46 00:02:59,880 --> 00:03:03,390 S2: database of these hashes. We also know the hashes of 47 00:03:03,389 --> 00:03:06,900 S2: the apps and how we do that. If if there 48 00:03:06,930 --> 00:03:10,830 S2: is unknown hash trying to execute on your computer, which 49 00:03:10,830 --> 00:03:14,760 S2: is basically block it. So it's pretty straightforward and it's 50 00:03:14,760 --> 00:03:19,500 S2: pretty easy, sometimes you need to maintain it because there's 51 00:03:19,530 --> 00:03:23,220 S2: a we have two sets of applications we have built 52 00:03:23,220 --> 00:03:27,389 S2: in applications. So basically we maintain them. We also check 53 00:03:27,389 --> 00:03:30,960 S2: for updates for that applications. We update hashes. But there 54 00:03:30,960 --> 00:03:34,470 S2: are sometimes specific requests from the customers. So they need 55 00:03:34,470 --> 00:03:37,650 S2: to maintain it themselves. But it's not super hard. It's 56 00:03:37,650 --> 00:03:42,810 S2: just it's just small inconvenience for as I would say, 57 00:03:42,810 --> 00:03:44,220 S2: better security. 58 00:03:44,550 --> 00:03:47,850 S1: Sure. And then like you were saying something for like 59 00:03:47,880 --> 00:03:52,980 S1: a windows environment, like a very big, uh, software operating system, 60 00:03:52,980 --> 00:03:56,160 S1: lots of updates coming out, lots of application updates coming 61 00:03:56,160 --> 00:03:59,290 S1: out When those updates come out, I assume they come 62 00:03:59,290 --> 00:04:02,110 S1: to you and you do. Hashes for those. And then 63 00:04:02,110 --> 00:04:04,900 S1: you give the hashes to the customers so that. They 64 00:04:04,900 --> 00:04:06,820 S1: can ensure that they can install them or. 65 00:04:06,850 --> 00:04:10,000 S2: No, no. Basically what we do. We have a portal. 66 00:04:10,000 --> 00:04:14,860 S2: So it's a web website and everything managed from there. So. 67 00:04:14,890 --> 00:04:18,190 S2: We the customers, they have like admin pages and all 68 00:04:18,220 --> 00:04:20,950 S2: of this so they can set it up. And when 69 00:04:20,950 --> 00:04:25,240 S2: the update come up we have a whole team basically 70 00:04:25,240 --> 00:04:28,870 S2: looking for that updates like running them, learning the new 71 00:04:28,900 --> 00:04:33,730 S2: hashes and after update. So they just basically update the 72 00:04:33,730 --> 00:04:38,170 S2: existing policies when the policy got get updated, they basically 73 00:04:38,170 --> 00:04:43,270 S2: after that what they do is it's automatically updated on 74 00:04:43,270 --> 00:04:49,090 S2: every customer we have. So we'll and there's also new 75 00:04:49,089 --> 00:04:52,780 S2: product coming out that's batch management. So we're gonna basically 76 00:04:52,810 --> 00:04:56,820 S2: we're gonna see if there's an old application not patched 77 00:04:56,820 --> 00:05:00,630 S2: application installed on your computer. And you can install and 78 00:05:00,630 --> 00:05:03,719 S2: you can patch it on the fly basically without even 79 00:05:04,170 --> 00:05:05,850 S2: asking user to do that. 80 00:05:06,720 --> 00:05:09,239 S1: Oh very cool, very cool. Okay, so you have the 81 00:05:09,240 --> 00:05:11,909 S1: application one. You have this new one that's coming out 82 00:05:11,910 --> 00:05:13,169 S1: which is patches. 83 00:05:13,200 --> 00:05:14,640 S2: Patch management. Yep. 84 00:05:14,670 --> 00:05:18,029 S1: Patch management. So what are the other products that you have. 85 00:05:18,060 --> 00:05:19,080 S1: You mentioned other ones. 86 00:05:19,110 --> 00:05:23,160 S2: Yeah. So the one we talked about it was application control. 87 00:05:23,160 --> 00:05:28,410 S2: We also have storage control. So storage control is a 88 00:05:28,410 --> 00:05:32,940 S2: is a product that basically can uh protect your file 89 00:05:32,940 --> 00:05:37,080 S2: system from unwanted access. What I mean by that, you 90 00:05:37,080 --> 00:05:43,320 S2: can stop some application from accessing your, uh, folders that 91 00:05:43,350 --> 00:05:49,830 S2: may that may have some information, like a specific information 92 00:05:49,830 --> 00:05:52,680 S2: that needs to be secured. We also have we can 93 00:05:52,680 --> 00:05:58,180 S2: block USB devices. We also can block network shares, so 94 00:05:58,480 --> 00:06:04,930 S2: this product helps users to protect their data from being 95 00:06:04,960 --> 00:06:09,370 S2: accessed from unknown apps, for example, or even USB drives. 96 00:06:09,370 --> 00:06:14,620 S2: So if your if your company's policy does not allow 97 00:06:14,620 --> 00:06:18,279 S2: to USB drives, which can block USB drives from accessing 98 00:06:18,279 --> 00:06:20,260 S2: your computer at all. 99 00:06:20,770 --> 00:06:25,330 S1: Hmm. Interesting. Okay, so it's controlling like the media that 100 00:06:25,330 --> 00:06:29,680 S1: can come in. It can handle network shares as well. Yes. 101 00:06:29,710 --> 00:06:33,010 S1: You could basically you could block off things that are, uh, 102 00:06:33,160 --> 00:06:35,230 S1: super sensitive. You don't want it to look at it 103 00:06:35,230 --> 00:06:36,070 S1: at all. 104 00:06:36,100 --> 00:06:40,420 S2: Yes, yes. So we have for example like specific uh, 105 00:06:40,420 --> 00:06:44,770 S2: folder with uh, super secret data, your company data, and 106 00:06:44,770 --> 00:06:47,770 S2: you have only 1 or 2 apps that allow to 107 00:06:47,800 --> 00:06:51,159 S2: access that, like for example, like Word or Excel or 108 00:06:51,160 --> 00:06:54,469 S2: something like that. So and you will allow only this 109 00:06:54,470 --> 00:06:58,039 S2: helps to access that folder if some other app like 110 00:06:58,040 --> 00:07:03,260 S2: malicious app for example, like lurking in your system and 111 00:07:03,260 --> 00:07:05,270 S2: it tried to access that folder which is going to 112 00:07:05,300 --> 00:07:08,150 S2: block it. So it means like zero trust, we don't 113 00:07:08,180 --> 00:07:11,600 S2: trust anyone except with the ones we trust. 114 00:07:12,020 --> 00:07:17,780 S1: Gotcha. Okay. So that's application control and storage control. Any others? 115 00:07:17,810 --> 00:07:21,440 S2: Yeah. So we have ring fencing. Ring fencing basically means 116 00:07:21,440 --> 00:07:25,429 S2: if we allow app to run. But we what we 117 00:07:25,430 --> 00:07:29,450 S2: can do is we can say we can put this 118 00:07:29,480 --> 00:07:33,290 S2: app into if we can say that sandbox. So saying 119 00:07:33,290 --> 00:07:37,400 S2: like okay, you're allowed only you're not allowed to run 120 00:07:37,400 --> 00:07:42,410 S2: other applications or you're allowed to run specific applications or 121 00:07:42,410 --> 00:07:46,220 S2: you can you cannot access network or you can access 122 00:07:46,220 --> 00:07:48,860 S2: the network, but some specific websites. 123 00:07:49,520 --> 00:07:52,400 S1: Oh that's right. Yeah. So this is um, same. 124 00:07:52,400 --> 00:07:52,550 S2: For. 125 00:07:52,550 --> 00:07:54,460 S1: The stores are round in application. 126 00:07:54,460 --> 00:07:59,230 S2: Yes, around the specific application. So for example you have 127 00:07:59,260 --> 00:08:04,030 S2: I don't know like a file zilla or I don't 128 00:08:04,060 --> 00:08:07,150 S2: know or something like that. So you will you can 129 00:08:07,150 --> 00:08:10,480 S2: access FTP servers, but you have specific set of FTP 130 00:08:10,480 --> 00:08:14,680 S2: servers that allow that you allow to connect to or 131 00:08:14,680 --> 00:08:18,340 S2: any other app. I'm honestly right now. 132 00:08:18,610 --> 00:08:21,100 S1: Netcat or terminal or something like that. 133 00:08:21,130 --> 00:08:23,739 S2: Oh yeah. Yeah. Terminal for example. So you can ring 134 00:08:23,770 --> 00:08:27,280 S2: fence terminal and say like oh terminal can run this, 135 00:08:27,280 --> 00:08:29,860 S2: this and that and it's not allowed to run curl 136 00:08:29,860 --> 00:08:33,010 S2: for example. So if it yeah, if it can't run 137 00:08:33,010 --> 00:08:36,250 S2: curl if uh, some specific attacks. 138 00:08:36,520 --> 00:08:39,880 S1: Or something like yeah, a way to download additional malware or. 139 00:08:39,940 --> 00:08:41,469 S2: Yes, yes. 140 00:08:41,500 --> 00:08:43,929 S1: Or outbound SSH or something. 141 00:08:43,929 --> 00:08:47,530 S2: Yeah. Or you downloaded some app and you're not sure 142 00:08:47,530 --> 00:08:50,200 S2: you need this app, but you're not sure what it's doing. 143 00:08:50,200 --> 00:08:52,950 S2: And you can basically put it into that sandbox and 144 00:08:52,950 --> 00:08:56,250 S2: saying like, oh, you're not allowed to access internet. So 145 00:08:56,250 --> 00:08:59,370 S2: even if it it will try malicious software, it will 146 00:08:59,370 --> 00:09:03,360 S2: try to download some like payload from the internet like 147 00:09:03,390 --> 00:09:08,520 S2: obfuscated executable and run it. First of all, even if 148 00:09:08,520 --> 00:09:10,800 S2: it's downloaded, we're not going to allow it to run 149 00:09:10,800 --> 00:09:14,850 S2: it because of default deny application control. But at the 150 00:09:14,850 --> 00:09:18,750 S2: same time, it's even if it stole something from your computer, 151 00:09:18,750 --> 00:09:22,170 S2: it will now don't have access to internet to send 152 00:09:22,170 --> 00:09:23,130 S2: it over. 153 00:09:23,490 --> 00:09:24,420 S1: Right. 154 00:09:24,630 --> 00:09:29,880 S2: Yeah. Same. Same for the. I'm sorry. Same for the storage. Uh, storage. 155 00:09:29,880 --> 00:09:34,290 S2: Because we can reinvent storage access to specific apps. So 156 00:09:34,320 --> 00:09:39,630 S2: storage control, we can control whole system, whole computer, different applications. 157 00:09:39,630 --> 00:09:44,250 S2: But ring fencing, we can specifically say this application allowed 158 00:09:44,250 --> 00:09:48,210 S2: to access that folder, that folder, that folder. Okay, so. 159 00:09:48,510 --> 00:09:51,420 S1: And then can you define all these different policies in 160 00:09:51,440 --> 00:09:54,439 S1: one place, or are they defined in the separate products? 161 00:09:54,830 --> 00:09:58,220 S2: Yeah. So it's a separate product. So application control is 162 00:09:58,220 --> 00:10:02,209 S2: one product storage control. And it's all different products. But 163 00:10:02,240 --> 00:10:07,609 S2: it doesn't mean you're not allowed to reuse them between products. 164 00:10:07,730 --> 00:10:11,809 S1: Okay. Yeah that makes sense. So a lot of this 165 00:10:11,809 --> 00:10:14,690 S1: has been very windows focused. Is that right. 166 00:10:14,720 --> 00:10:18,740 S2: Yeah yeah windows. But we also have Mac agent now 167 00:10:18,740 --> 00:10:23,540 S2: for for a couple of years. And Linux we have 168 00:10:23,540 --> 00:10:27,770 S2: version 1.4 I guess Linux right now. So it's pretty 169 00:10:27,800 --> 00:10:29,510 S2: early stage. 170 00:10:29,690 --> 00:10:32,059 S1: Okay. So tell me tell me about the Mac agent. 171 00:10:32,090 --> 00:10:36,320 S2: Yeah. So I'm a mac lead architect. So, um, yeah, 172 00:10:36,800 --> 00:10:41,090 S2: I'm basically I've been there since day one of Mac 173 00:10:41,090 --> 00:10:47,210 S2: agents starting POC, and now we have version 4.2 coming 174 00:10:47,210 --> 00:10:51,410 S2: out soon. So it's been quite a journey. We don't 175 00:10:51,410 --> 00:10:55,400 S2: have all of the products windows has for now, but 176 00:10:55,400 --> 00:10:59,390 S2: we're trying to keep up. So we don't have we 177 00:10:59,390 --> 00:11:03,650 S2: don't have detect. I mean, we haven't talked about that yet, 178 00:11:03,679 --> 00:11:04,280 S2: but yeah. 179 00:11:04,309 --> 00:11:05,540 S1: Tell me about detect. 180 00:11:05,840 --> 00:11:10,220 S2: Okay. So there's also multiple there's a couple more products 181 00:11:10,520 --> 00:11:11,690 S2: that we haven't talked about. 182 00:11:11,720 --> 00:11:12,140 S1: Yeah yeah. 183 00:11:12,140 --> 00:11:16,970 S2: Yeah. So first oh not first. So one of the 184 00:11:16,970 --> 00:11:23,030 S2: products is elevation control. Basically it's it's in some way 185 00:11:23,030 --> 00:11:26,570 S2: it's a little bit different from zero trust because we 186 00:11:26,570 --> 00:11:31,520 S2: can what we can do is we can allow applications 187 00:11:31,520 --> 00:11:39,140 S2: or user to elevate uh specific actions in the system. Uh, 188 00:11:39,140 --> 00:11:46,280 S2: as a, as an admin user. So without asking actual 189 00:11:46,280 --> 00:11:49,709 S2: admin permissions. So basically you have a standard user on 190 00:11:49,710 --> 00:11:54,000 S2: your computer that is not allowed to elevate anything, but 191 00:11:54,000 --> 00:11:57,420 S2: your admin wants you to install some update, and for 192 00:11:57,450 --> 00:12:00,930 S2: that update you need elevation or to access some folder. 193 00:12:00,929 --> 00:12:03,929 S2: That's if we're talking about Macs that protected by root, 194 00:12:03,929 --> 00:12:08,490 S2: for example. And what we can do, we can set 195 00:12:08,520 --> 00:12:14,700 S2: up specific rules for that application. So if application tries to, uh, 196 00:12:14,790 --> 00:12:19,860 S2: install update for itself and it requires root so users 197 00:12:19,860 --> 00:12:26,730 S2: user is not, uh, basically user does not enter any password. 198 00:12:27,300 --> 00:12:32,489 S2: So it would just automatically elevate user for admin privileges 199 00:12:32,490 --> 00:12:38,580 S2: for for that specific request not whole system. Some specific requests. 200 00:12:38,580 --> 00:12:42,600 S2: We can allow for application for user interaction with a 201 00:12:42,600 --> 00:12:46,949 S2: system and a windows. It's UAC in a mac world 202 00:12:46,950 --> 00:12:50,540 S2: or Linux world that you can. It's pseudo or it's 203 00:12:50,540 --> 00:12:52,910 S2: just privilege elevation. 204 00:12:53,929 --> 00:12:59,150 S1: Interesting. Okay. So that's an interesting layer. So it's basically 205 00:12:59,150 --> 00:13:04,760 S1: a layer in between the actual um pseudo or admin capability. 206 00:13:04,760 --> 00:13:06,920 S1: It's it's like a shim in between. 207 00:13:06,950 --> 00:13:12,080 S2: Yes, yes. So basically if you're not allowed to run 208 00:13:12,080 --> 00:13:16,189 S2: pseudo on your computer, for example, on Mac, any standard user. 209 00:13:16,190 --> 00:13:18,770 S2: So we have admin user and a standard user, any 210 00:13:18,800 --> 00:13:24,200 S2: admin standard user doesn't have access to pseudo at all. 211 00:13:24,559 --> 00:13:27,770 S2: But what we can do, we can we can get 212 00:13:27,770 --> 00:13:30,800 S2: this access to standard user, but just for some specific 213 00:13:30,830 --> 00:13:34,610 S2: specific amount of time or a specific amount of actions. 214 00:13:34,610 --> 00:13:39,290 S2: Like if you want to run pseudo uh, Linux apt 215 00:13:39,320 --> 00:13:42,380 S2: get or something to update your packages. 216 00:13:42,770 --> 00:13:46,610 S1: Right. So so it's like a policy based granular control 217 00:13:46,610 --> 00:13:49,530 S1: when that actually doesn't exist with sudo. If you have sudo, 218 00:13:49,559 --> 00:13:50,670 S1: you have everything. 219 00:13:50,700 --> 00:13:51,360 S2: Yeah. Yeah. 220 00:13:51,360 --> 00:13:53,280 S1: If you're taking that away. Yeah. 221 00:13:53,309 --> 00:13:55,559 S2: Yeah. If you're admin it doesn't make sense. You can 222 00:13:55,559 --> 00:13:59,010 S2: just type in a password or click like elevate privileges 223 00:13:59,190 --> 00:14:01,770 S2: or something like that. It's not a problem. But if 224 00:14:01,770 --> 00:14:06,750 S2: we have a yeah if user doesn't have any privileges 225 00:14:06,750 --> 00:14:09,720 S2: on the computer, we allow user to have some of 226 00:14:09,720 --> 00:14:12,480 S2: them if user needs to. 227 00:14:12,960 --> 00:14:18,780 S1: Sure. Okay. So that's elevation. Uh, what's what's the next one. Yeah. 228 00:14:18,809 --> 00:14:19,830 S1: What about detect. 229 00:14:19,860 --> 00:14:23,160 S2: Yeah. So there's a detect. It's not on the Mac. 230 00:14:23,190 --> 00:14:26,220 S2: It's not on Linux yet. It's just windows product for now. 231 00:14:26,220 --> 00:14:31,800 S2: But we're working on getting it into Mac at least. Okay, so, uh, 232 00:14:32,160 --> 00:14:37,560 S2: this is our MDR solution. So we have EDR that's automated, 233 00:14:38,070 --> 00:14:43,350 S2: automatically detect and block something or make any decisions. We 234 00:14:43,350 --> 00:14:46,390 S2: have MDR, we have whole MDR team and Threadlocker Threatlocker 235 00:14:46,390 --> 00:14:51,460 S2: headquarters they basically check for, so you can set up 236 00:14:51,490 --> 00:14:57,250 S2: rules and policies for your organizations to see, like, oh, 237 00:14:57,280 --> 00:15:03,340 S2: someone like scanning my entire network or doing something. So 238 00:15:03,370 --> 00:15:06,790 S2: and we have alerts for that. So our MDR team, 239 00:15:06,790 --> 00:15:10,600 S2: they have alert and so they can lock your computer down. 240 00:15:10,600 --> 00:15:14,170 S2: If there's some suspicious activity they can lock your network 241 00:15:14,170 --> 00:15:18,430 S2: down or they can notify you like call you call 242 00:15:18,430 --> 00:15:21,880 S2: your admin like saying, oh there's some suspicious activity. What 243 00:15:21,910 --> 00:15:24,880 S2: what what do you want it to do with with that. 244 00:15:24,910 --> 00:15:28,270 S2: Because there's a lot of we it happens. There's some 245 00:15:28,270 --> 00:15:32,920 S2: false positives. But and that team, they basically monitor all 246 00:15:32,920 --> 00:15:36,670 S2: of these events from all of our customers. And they 247 00:15:36,700 --> 00:15:39,640 S2: and they make decisions by that okay. 248 00:15:39,730 --> 00:15:43,360 S1: Okay. Great. So so essentially the agent is talking up 249 00:15:43,360 --> 00:15:47,370 S1: to a centralized location. You could see centralized alerts. Like, 250 00:15:47,370 --> 00:15:50,040 S1: for example, someone scanning the entire network or something, and 251 00:15:50,040 --> 00:15:51,900 S1: they can they could choose to respond to that. 252 00:15:51,930 --> 00:15:56,910 S2: Yeah. Yeah, yeah. Uh, also, the customer or our team, 253 00:15:56,910 --> 00:16:00,390 S2: we can help customers with that to set up specific 254 00:16:00,390 --> 00:16:05,760 S2: policies because every organization may have different policies. So we 255 00:16:05,760 --> 00:16:09,600 S2: can set up their policies like in the way they want. 256 00:16:09,630 --> 00:16:14,310 S2: So we can check something. We can skip something, something else. 257 00:16:14,880 --> 00:16:17,280 S1: Makes sense is that, um, is that all the products 258 00:16:17,310 --> 00:16:18,030 S1: you still got? 259 00:16:18,150 --> 00:16:21,480 S2: Yeah. We have one more. Okay. One more old ones. 260 00:16:21,480 --> 00:16:23,430 S2: We have three more new ones. 261 00:16:23,670 --> 00:16:24,150 S1: Okay. 262 00:16:24,630 --> 00:16:27,840 S2: So we have, uh, we have network control. Network control 263 00:16:27,840 --> 00:16:31,140 S2: is basically we can, uh, and we also have default 264 00:16:31,140 --> 00:16:34,320 S2: deny on the network if you want this. So basically 265 00:16:34,350 --> 00:16:38,430 S2: we're not allowed and, uh, endpoint is not allowed to 266 00:16:38,460 --> 00:16:42,870 S2: access anything except what you allow to do. Or you 267 00:16:42,870 --> 00:16:47,140 S2: can just you can allow everything but block specific websites 268 00:16:47,170 --> 00:16:51,640 S2: like even like if we're talking about protection default deny 269 00:16:51,670 --> 00:16:54,280 S2: is better because you can say like, oh, you can 270 00:16:54,280 --> 00:16:59,290 S2: go like to to access Microsoft.com, you can access like 271 00:16:59,320 --> 00:17:04,900 S2: some other Adobe updates or something like that, uh, obviously 272 00:17:04,930 --> 00:17:08,619 S2: like specific websites for your organization. But if we're talking 273 00:17:08,619 --> 00:17:13,510 S2: about even controlling what your user does, like blocking Facebook or, 274 00:17:13,540 --> 00:17:17,350 S2: or something like pretty simple. So we can we can 275 00:17:17,350 --> 00:17:21,220 S2: do all of that with the network control. It's basically, uh, 276 00:17:21,220 --> 00:17:25,930 S2: protecting your environment and your network. We also have a 277 00:17:26,080 --> 00:17:31,359 S2: thing called objects and challenges. So the, uh, the multiple 278 00:17:31,359 --> 00:17:36,970 S2: computers can talk to each other with specific challenges and 279 00:17:37,000 --> 00:17:40,659 S2: objects and saying like, oh, this computer, I know this computer, 280 00:17:40,660 --> 00:17:45,170 S2: it's allowed to access my network. Mhm. Doesn't matter where 281 00:17:45,170 --> 00:17:48,379 S2: you are. So it means like because for firewall you 282 00:17:48,380 --> 00:17:50,900 S2: need to set up your IP like you can, you 283 00:17:50,900 --> 00:17:54,260 S2: need to like or VPN or you have to call 284 00:17:54,290 --> 00:17:56,840 S2: someone like your admin. Can you allow this IP to 285 00:17:56,869 --> 00:18:00,379 S2: access our network. But if you're like on on the 286 00:18:00,410 --> 00:18:06,080 S2: go somewhere like basically traveling, you can your network control 287 00:18:06,080 --> 00:18:10,790 S2: will send specific objects to your to your network and 288 00:18:10,790 --> 00:18:15,230 S2: you will uh, and they will respond. It's, it's a 289 00:18:15,230 --> 00:18:19,190 S2: double check between like if it's legit or not. And 290 00:18:19,190 --> 00:18:22,459 S2: it will allow your computer from any location to access 291 00:18:22,460 --> 00:18:24,620 S2: that network in this rain. 292 00:18:25,850 --> 00:18:30,560 S1: Interesting. Okay. Okay. I have a question before you go 293 00:18:30,560 --> 00:18:34,280 S1: into the new products, is is anyone thinking about I 294 00:18:34,310 --> 00:18:38,209 S1: have to assume the answer is yes. Is anybody thinking 295 00:18:38,210 --> 00:18:42,170 S1: about a single policy editor where you go in as 296 00:18:42,170 --> 00:18:45,790 S1: an organization. And you basically define the policy of like, 297 00:18:45,850 --> 00:18:50,290 S1: here's what we care about for network overall for this 298 00:18:50,290 --> 00:18:56,230 S1: particular host, it's like like a more centralized single policy. Um, 299 00:18:57,310 --> 00:19:01,630 S1: in that single policy, which you like, write in English, 300 00:19:01,660 --> 00:19:05,050 S1: gets translated down to the specific rules that apply to 301 00:19:05,080 --> 00:19:08,229 S1: the specific products. So it's still being implemented inside the 302 00:19:08,230 --> 00:19:12,460 S1: separate products. But really it's like this like abstracted up. 303 00:19:12,670 --> 00:19:13,270 S2: Um, yeah. 304 00:19:13,300 --> 00:19:14,919 S1: So we need policy editor. 305 00:19:15,430 --> 00:19:19,660 S2: So we need to, uh, implement some AI stuff for, 306 00:19:19,690 --> 00:19:21,340 S2: for that obviously. 307 00:19:21,369 --> 00:19:21,790 S1: Yeah. 308 00:19:21,790 --> 00:19:24,760 S2: Yeah. To translate from human language to that one. We 309 00:19:24,760 --> 00:19:27,670 S2: don't have it yet. It could be our next product. 310 00:19:27,670 --> 00:19:28,510 S2: We'll see. 311 00:19:28,810 --> 00:19:31,720 S1: Yeah. Yeah, that makes sense. So what are the new products? 312 00:19:31,750 --> 00:19:36,220 S2: Yeah. So there's, um, at least three new products. Uh, 313 00:19:36,220 --> 00:19:39,310 S2: so there's, uh, if we're talking about agents because there's 314 00:19:39,310 --> 00:19:42,649 S2: one more product called Cloud Detect, It's a little bit 315 00:19:42,650 --> 00:19:45,619 S2: different kind of product. I'm working on the agent side. 316 00:19:45,619 --> 00:19:50,990 S2: So it's it's not agent related products. It basically means 317 00:19:51,020 --> 00:19:56,420 S2: product that can, uh, allow access to your, uh, cloud 318 00:19:56,420 --> 00:20:01,850 S2: services from, like, Microsoft or like AWS or something like that, 319 00:20:01,850 --> 00:20:05,600 S2: with a specific app on your phone. And it connects 320 00:20:05,600 --> 00:20:09,680 S2: to same as, uh, and wherever you go with this app, 321 00:20:09,680 --> 00:20:12,590 S2: it knows your IP address, and it basically can allow 322 00:20:12,590 --> 00:20:18,590 S2: you access from that location to your cloud services. So it, uh, and, uh, 323 00:20:18,590 --> 00:20:25,340 S2: but other three products is, uh, web control. So it's, 324 00:20:25,760 --> 00:20:29,930 S2: it's not. Net so it's similar in some way to 325 00:20:29,960 --> 00:20:34,399 S2: a network control still. Uh, but it only works for browsers. 326 00:20:34,400 --> 00:20:38,120 S2: So if you want your organization to block like all 327 00:20:38,119 --> 00:20:41,970 S2: gambling websites or poor websites or something like that. You 328 00:20:41,970 --> 00:20:46,650 S2: just can choose category that you can block or allow. 329 00:20:47,070 --> 00:20:49,950 S2: And we basically will do that. So this this one 330 00:20:49,950 --> 00:20:53,550 S2: of the newest products, it's it's for someone who doesn't 331 00:20:53,550 --> 00:20:57,300 S2: want to deal with network control. It's much more simpler 332 00:20:57,300 --> 00:21:02,460 S2: and it's much more it's more uh, just uh, it's 333 00:21:02,460 --> 00:21:06,390 S2: more restrictive. Not not protective, I would say. 334 00:21:06,960 --> 00:21:10,650 S1: Gotcha. Okay. And is that is that all of them? 335 00:21:10,680 --> 00:21:11,340 S1: One more. Right. 336 00:21:11,369 --> 00:21:14,160 S2: No, no. Two more. Two more. Yeah. We have a 337 00:21:14,190 --> 00:21:17,310 S2: lot of products. So we all, we all we also 338 00:21:17,310 --> 00:21:21,120 S2: have patch management. It's coming soon. So this this three 339 00:21:21,119 --> 00:21:25,950 S2: products coming soon. So it's in beta now and it's 340 00:21:25,950 --> 00:21:33,600 S2: coming live. Uh, maybe months maybe a couple of weeks. Okay. So, uh, 341 00:21:33,600 --> 00:21:37,830 S2: the patch management. So as we spoke with you about 342 00:21:37,830 --> 00:21:41,540 S2: this a little bit earlier so we can patch. We 343 00:21:41,540 --> 00:21:45,950 S2: can have set of policies and we can check versions 344 00:21:45,950 --> 00:21:49,220 S2: of the apps that that's on your computer. And if 345 00:21:49,220 --> 00:21:53,510 S2: it's if the app is outdated, we can alert your 346 00:21:53,510 --> 00:21:57,050 S2: admin saying like, oh, there's a new there's a new thing, 347 00:21:57,290 --> 00:22:00,230 S2: there's a new update for the app, and you can 348 00:22:00,230 --> 00:22:02,540 S2: basically press the button on the portal and it's going 349 00:22:02,570 --> 00:22:08,810 S2: to automatically patch your, your, your application. So, so it's, 350 00:22:08,810 --> 00:22:14,510 S2: it's much easier way and simpler way of patching, especially 351 00:22:14,510 --> 00:22:17,720 S2: in some cases if you want to allow or uh, 352 00:22:17,720 --> 00:22:20,869 S2: some specific version to run on your computer. 353 00:22:21,470 --> 00:22:22,070 S1: Okay. 354 00:22:23,030 --> 00:22:29,300 S2: There's one more called insights. The insights is basically we have, uh, 355 00:22:29,300 --> 00:22:34,910 S2: a database that stores all of the applications and interactions 356 00:22:34,910 --> 00:22:41,550 S2: with applications, uh, from all of our clients. It's totally anonymous. 357 00:22:41,550 --> 00:22:46,470 S2: So it's it's different. It's different set of data from 358 00:22:46,470 --> 00:22:51,780 S2: our customers data. But what it can do basically see 359 00:22:51,810 --> 00:22:56,490 S2: every app that was allowed or denied or set of rules, 360 00:22:56,490 --> 00:22:59,550 S2: specific set of rules that apply to that app. And 361 00:22:59,550 --> 00:23:03,060 S2: we can show user oh, if some app got blocked 362 00:23:03,090 --> 00:23:06,570 S2: on your computer and you will see the small statistics 363 00:23:06,570 --> 00:23:09,750 S2: like the admin on your organization can look at the 364 00:23:09,750 --> 00:23:13,619 S2: statistics saying, oh, this app got denied or got allowed. 365 00:23:13,619 --> 00:23:16,109 S2: This is how many times this is how many times 366 00:23:16,109 --> 00:23:18,720 S2: this domain was accessed. This how many times it was 367 00:23:18,720 --> 00:23:20,970 S2: denied a lot of times. So it's like it's a 368 00:23:20,970 --> 00:23:24,960 S2: small insight of like what others do. And you can 369 00:23:24,960 --> 00:23:30,510 S2: create interesting set of policies, especially ringfence policies on what app. 370 00:23:30,540 --> 00:23:33,450 S2: Some specific app. Oh, usually this app goes to that 371 00:23:33,450 --> 00:23:37,560 S2: folder or access that website and you can automatically press 372 00:23:37,590 --> 00:23:41,650 S2: like create a ring fence policies for this app so 373 00:23:41,650 --> 00:23:44,920 S2: it makes life of our customers a little bit easier. 374 00:23:45,100 --> 00:23:48,790 S1: Yeah, that's that's smart. That's smart. Because like a ring 375 00:23:48,820 --> 00:23:52,540 S1: fence policy could be like 12 different rules to like 376 00:23:52,570 --> 00:23:53,800 S1: 12 different things. Right? 377 00:23:53,830 --> 00:23:54,460 S2: Yes. 378 00:23:54,460 --> 00:23:57,040 S1: And that might take a little while to figure out. 379 00:23:57,040 --> 00:24:01,149 S1: And each time it's like a manual add versus somebody else. 380 00:24:01,150 --> 00:24:03,970 S1: Or hundreds of other customers already figured that out. So 381 00:24:03,970 --> 00:24:04,930 S1: now there's a template. 382 00:24:04,960 --> 00:24:07,180 S2: Yes. Yeah. Exactly. 383 00:24:07,210 --> 00:24:13,750 S1: Yeah. That makes sense. That makes sense. Um, well, what 384 00:24:13,750 --> 00:24:16,690 S1: can you say more about the, uh, the Mac agent? Um, 385 00:24:16,720 --> 00:24:20,260 S1: how how are things different, like threat wise right now 386 00:24:20,260 --> 00:24:23,290 S1: with Mac versus windows? Are you seeing different threats? Like, 387 00:24:23,320 --> 00:24:27,250 S1: is the installation process different the management of it? Is 388 00:24:27,250 --> 00:24:28,090 S1: it different? 389 00:24:28,119 --> 00:24:31,300 S2: I mean, like the threat, the attack vectors, they pretty 390 00:24:31,300 --> 00:24:34,930 S2: much the same everywhere. Like, yeah, it's the same thing 391 00:24:34,930 --> 00:24:39,540 S2: like Linux, Mac, windows. Most of them are social engineering. 392 00:24:39,540 --> 00:24:42,420 S2: Some of them are like zero day vulnerabilities. Some of 393 00:24:42,450 --> 00:24:47,610 S2: some of them is, uh, supply chain attacks. Right. But like, 394 00:24:47,700 --> 00:24:52,860 S2: it's still the same, like how how Apple and Microsoft 395 00:24:52,859 --> 00:24:56,550 S2: approach this is a little bit differently because Mac they 396 00:24:56,580 --> 00:25:00,869 S2: I mean the windows they have Windows Defender, they have UAC. 397 00:25:00,869 --> 00:25:04,439 S2: So they have their own protections. Apple goes a little 398 00:25:04,470 --> 00:25:07,649 S2: bit further with that because there's a lot of more 399 00:25:07,650 --> 00:25:14,369 S2: protections like uh, uh, TCC. It's uh, I forgot how it's, uh, 400 00:25:14,369 --> 00:25:19,320 S2: consent and something. Consent and control. I was honestly, I forgot, 401 00:25:19,320 --> 00:25:25,169 S2: but basically there's a specific set of rules for each app. 402 00:25:25,200 --> 00:25:30,090 S2: It's what we do. But from from Apple standpoint, it's 403 00:25:30,090 --> 00:25:34,649 S2: a little bit simpler. So they can deny access for 404 00:25:34,650 --> 00:25:39,730 S2: any app to access to file system, for example. So 405 00:25:39,730 --> 00:25:43,450 S2: it runs in its own small sandbox or or user 406 00:25:43,480 --> 00:25:47,350 S2: have to approve if app wants to access your documents 407 00:25:47,350 --> 00:25:49,270 S2: folder for example. Right. 408 00:25:49,300 --> 00:25:49,840 S1: Yep. 409 00:25:50,109 --> 00:25:55,420 S2: And Apple has X protect. It's like Windows Defender X protect. 410 00:25:55,450 --> 00:26:00,700 S2: Their probably it's built in antivirus but it also runs 411 00:26:00,700 --> 00:26:05,200 S2: only for uh known malware. So it works only for 412 00:26:05,230 --> 00:26:08,530 S2: it can block only known malware. It's not like it's 413 00:26:08,530 --> 00:26:10,270 S2: not even reactive. 414 00:26:10,420 --> 00:26:14,890 S1: It's not looking at behavior for all applications. Okay. So 415 00:26:14,890 --> 00:26:17,770 S1: you're hooking into the the Mac functionality and doing your 416 00:26:17,770 --> 00:26:19,030 S1: own functionality or. 417 00:26:19,060 --> 00:26:22,869 S2: Yeah. So what we do Apple restrict us from accessing kernel. 418 00:26:22,869 --> 00:26:25,750 S2: It happened like five years ago I guess or something 419 00:26:25,780 --> 00:26:29,229 S2: around that time. So and we have a lot of 420 00:26:29,230 --> 00:26:33,250 S2: complications because of that. So they, they have their own 421 00:26:33,400 --> 00:26:38,190 S2: driver running in and we basically see what this driver 422 00:26:38,190 --> 00:26:41,430 S2: sends us events and we can apply to that events 423 00:26:41,430 --> 00:26:45,659 S2: like allow or deny. But what driver can do it 424 00:26:45,660 --> 00:26:51,840 S2: can access other processes memory. It can access, uh, other 425 00:26:51,900 --> 00:26:55,860 S2: low level things that we can do to make protection 426 00:26:55,890 --> 00:26:59,010 S2: a little bit better, I would say, but we're not 427 00:26:59,010 --> 00:27:02,280 S2: allowed to do that. And there's also a lot of, uh, 428 00:27:02,880 --> 00:27:08,490 S2: because they tried to make it for everyone. So there 429 00:27:08,490 --> 00:27:11,489 S2: is a trade off between speed and some of the 430 00:27:11,490 --> 00:27:15,600 S2: things they send to, uh, to us. So we need 431 00:27:15,600 --> 00:27:20,970 S2: to approach some things differently, especially hashes. So we need 432 00:27:20,970 --> 00:27:24,030 S2: to have our own cache for hashes and all of 433 00:27:24,030 --> 00:27:26,940 S2: these things, because what Apple sends us is a little 434 00:27:26,970 --> 00:27:30,810 S2: bit different. They call it KD hash. It's called directory. 435 00:27:30,810 --> 00:27:33,870 S2: It's assigning hash. But we need to know hash for 436 00:27:33,869 --> 00:27:37,210 S2: specific executable and it's a little bit different. And we 437 00:27:37,210 --> 00:27:41,890 S2: need to calculate it like basically each time application runs. 438 00:27:41,890 --> 00:27:46,300 S2: And there's some complications with that I would say. But 439 00:27:46,330 --> 00:27:50,919 S2: it's we found workarounds for that. It's for network. The 440 00:27:50,920 --> 00:27:53,709 S2: same thing. We don't have access to kernels so we 441 00:27:53,710 --> 00:27:56,590 S2: don't have access to some low level packets. So we 442 00:27:56,590 --> 00:28:00,399 S2: only work with Apple's gives us and we have complications 443 00:28:00,400 --> 00:28:04,060 S2: with that either. So and also recently I guess it 444 00:28:04,060 --> 00:28:10,270 S2: was 15.1 recent update. They broke third party firewalls. Uh 445 00:28:10,270 --> 00:28:13,450 S2: not just us everyone. Yeah. If you run in built 446 00:28:13,450 --> 00:28:18,699 S2: in firewall, if it's on, uh, we never got any, uh, 447 00:28:18,700 --> 00:28:20,830 S2: events from the system, so it's like. 448 00:28:20,859 --> 00:28:22,390 S1: Little snitch and all those. 449 00:28:22,390 --> 00:28:26,439 S2: Yeah, yeah, yeah, yeah, yeah. Everything was broken. Like, for 450 00:28:26,440 --> 00:28:32,500 S2: one specific Apple update. They broke it. Yeah. So we 451 00:28:32,500 --> 00:28:36,470 S2: get events from the macOS. Everything. Every time someone tries 452 00:28:36,470 --> 00:28:41,390 S2: to connect like a two or packet to send a 453 00:28:41,390 --> 00:28:45,380 S2: packet or something like that, and we never received them 454 00:28:45,380 --> 00:28:50,780 S2: as if built in firewall was on. Right. So this 455 00:28:50,780 --> 00:28:54,500 S2: is a downside about that. So Apple Apple broke something. 456 00:28:54,530 --> 00:28:56,840 S2: We couldn't do anything about that. 457 00:28:57,080 --> 00:29:00,830 S1: Now they fixed that or it's just broken from now on. 458 00:29:00,860 --> 00:29:03,320 S2: No no no it's it's fixed. But I was like 459 00:29:03,350 --> 00:29:07,130 S2: you see everything is in apple hands basically. 460 00:29:07,160 --> 00:29:11,690 S1: Yeah. Yeah that's that's a good point. They do do 461 00:29:11,750 --> 00:29:16,550 S1: hold all the cards there. Yes. Um, okay. So, um, 462 00:29:16,550 --> 00:29:18,890 S1: so the question I have for you is it seems 463 00:29:18,890 --> 00:29:23,540 S1: like the product overall is the zero trust concept, and 464 00:29:23,540 --> 00:29:27,380 S1: you're simply applying it at all these different module stages 465 00:29:27,380 --> 00:29:31,070 S1: because they all need something slightly different. Yeah. So it's 466 00:29:31,100 --> 00:29:33,850 S1: yeah that makes sense. Yeah, that's really interesting. 467 00:29:33,880 --> 00:29:38,320 S2: Yeah. So, like, your system is not just simple applications. 468 00:29:38,320 --> 00:29:42,040 S2: It's more complicated than that. So. And so we try 469 00:29:42,070 --> 00:29:46,960 S2: to apply this to every single level to, to make 470 00:29:46,960 --> 00:29:48,430 S2: better protection. 471 00:29:49,120 --> 00:29:53,080 S1: Yeah that makes sense. And how different is the Mac 472 00:29:53,080 --> 00:29:55,150 S1: side of it from the windows other than like the 473 00:29:55,150 --> 00:29:59,650 S1: permissions and stuff that we talked about is the installation 474 00:29:59,650 --> 00:30:03,729 S1: is pretty standard Mac installation. What about administration? Is it 475 00:30:03,730 --> 00:30:06,370 S1: all look the same inside of the portal and everything? 476 00:30:06,400 --> 00:30:10,450 S2: Yeah. So basically we're talking about like business logic of things. 477 00:30:10,450 --> 00:30:14,290 S2: It's all the same obviously like paths are different right? 478 00:30:14,320 --> 00:30:18,070 S2: Like windows, Mac, Linux like like we're talking about file 479 00:30:18,100 --> 00:30:22,570 S2: system or something like that. So it's all this network 480 00:30:22,570 --> 00:30:26,230 S2: completely say like for for from the user perspective it's 481 00:30:26,590 --> 00:30:30,610 S2: the same thing like application control ringfencing is all the 482 00:30:30,610 --> 00:30:34,850 S2: same thing. You can. You need to understand Mac OS 483 00:30:34,880 --> 00:30:40,670 S2: to make better policies for in some cases. But in general, 484 00:30:40,670 --> 00:30:45,080 S2: we're trying to make this seamless for all of the users. 485 00:30:45,080 --> 00:30:48,800 S2: So they should not distinguish oh, I have windows, I 486 00:30:48,800 --> 00:30:53,450 S2: have Linux. If they have specific app like Adobe app, right. 487 00:30:53,480 --> 00:30:56,840 S2: They want to install it. We have built in policy 488 00:30:56,840 --> 00:31:00,770 S2: for windows. We have built in policy for Mac, and 489 00:31:01,190 --> 00:31:07,790 S2: there's nothing distinguishing that from user perspective. So they just 490 00:31:07,790 --> 00:31:10,820 S2: can add this policy to their system and it's going 491 00:31:10,850 --> 00:31:11,720 S2: to work. 492 00:31:12,080 --> 00:31:15,739 S1: Yeah. That makes sense. Um, so when are these new 493 00:31:15,740 --> 00:31:16,940 S1: products coming out? 494 00:31:17,060 --> 00:31:19,910 S2: Yeah. So new products they coming out like pretty soon 495 00:31:19,910 --> 00:31:22,790 S2: I hope I hope in a couple of weeks. But 496 00:31:22,790 --> 00:31:25,280 S2: we'll see. Okay. Yeah. It's not it's not up to me. 497 00:31:25,280 --> 00:31:29,750 S2: So there's QA stage. There's also but yeah, uh, I 498 00:31:29,930 --> 00:31:33,960 S2: honestly I don't know. It's not on the Mac. On 499 00:31:33,960 --> 00:31:36,900 S2: the Mac. Web controls coming pretty soon. But we have 500 00:31:36,930 --> 00:31:45,780 S2: a couple of problems with the Chrome to browsers except Safari, Safari, 501 00:31:45,810 --> 00:31:49,050 S2: Safari and Mac works a little bit better, and it's 502 00:31:49,050 --> 00:31:54,450 S2: easier to handle some things from that standpoint. But other browsers, 503 00:31:54,450 --> 00:31:56,850 S2: we we need to figure some things out. 504 00:31:56,910 --> 00:32:00,420 S1: Yeah, browsers are tough because they're always changing their security stuff. 505 00:32:00,420 --> 00:32:02,820 S1: And just it seems like it moves a lot, especially 506 00:32:02,820 --> 00:32:05,970 S1: with like extensions and stuff. So. Yeah, that makes sense. 507 00:32:06,000 --> 00:32:06,420 S2: Yeah. 508 00:32:06,420 --> 00:32:07,710 S1: And so um. 509 00:32:07,710 --> 00:32:11,970 S2: But on the Mac patch management and insights will come 510 00:32:12,000 --> 00:32:16,050 S2: a little bit later. Uh, because we have like Mac, 511 00:32:16,080 --> 00:32:19,440 S2: it's not as huge as windows. So we have a 512 00:32:19,440 --> 00:32:21,930 S2: little bit smaller team, but we're trying to keep up 513 00:32:21,930 --> 00:32:25,530 S2: as fast as we can. So it's gonna come out like, 514 00:32:25,530 --> 00:32:30,050 S2: I hope, until the end of this month. Web control 515 00:32:30,080 --> 00:32:36,110 S2: and insights patch management. I really hope it's gonna come out, uh, 516 00:32:36,470 --> 00:32:38,930 S2: at until the end of the month. 517 00:32:39,470 --> 00:32:43,550 S1: Okay. Well. Very cool. Um, anything else you wanted to share? Uh, 518 00:32:43,550 --> 00:32:47,150 S1: where can we find more information about the products? 519 00:32:47,180 --> 00:32:50,810 S2: Oh, we have we have YouTube, we have LinkedIn, we 520 00:32:50,810 --> 00:32:55,970 S2: have website. So you can go anywhere. We're we're everywhere. 521 00:32:56,720 --> 00:32:59,930 S1: Awesome. Well, it was great to chat with you and, uh, 522 00:32:59,930 --> 00:33:01,130 S1: enjoy the conversation. 523 00:33:01,160 --> 00:33:02,180 S2: Thank you. 524 00:33:02,720 --> 00:33:03,680 S1: All right. Take care. 525 00:33:03,710 --> 00:33:04,640 S2: Take care. 526 00:33:05,630 --> 00:33:09,350 S1: Unsupervised learning is produced on Hindenburg Pro using an SM 527 00:33:09,350 --> 00:33:12,920 S1: seven B microphone. A video version of the podcast is 528 00:33:12,920 --> 00:33:16,670 S1: available on the Unsupervised Learning YouTube channel, and the text 529 00:33:16,670 --> 00:33:19,970 S1: version with full links and notes is available at Daniel 530 00:33:19,970 --> 00:33:23,930 S1: Mysa.com slash newsletter. We'll see you next time.