WEBVTT - A Conversation with Alastair Paterson from Harmonic Security 0:00:00.920 --> 0:00:05.040 Unsupervised Learning is a podcast about trends and ideas in cybersecurity, 0:00:05.160 --> 0:00:10.000 national security, AI, technology and society, and how best to 0:00:10.039 --> 0:00:19.119 upgrade ourselves to be ready for what's coming. All right. Well, Alastair, 0:00:19.120 --> 0:00:20.759 welcome to Unsupervised Learning. 0:00:21.079 --> 0:00:24.400 Yeah, thanks for having me, Daniel. Long time fan of 0:00:24.400 --> 0:00:26.320 yourself in the show. So good to be on here. 0:00:27.640 --> 0:00:32.520 Awesome. Yeah. So can you tell me about yourself and and, uh, 0:00:32.560 --> 0:00:33.600 harmonic security? 0:00:34.320 --> 0:00:36.200 Yeah. Quick bit of bit of background, as you can 0:00:36.200 --> 0:00:40.159 tell from the accent. Originally from the UK here. So my, 0:00:40.159 --> 0:00:42.800 my previous company to harmonic was Digital Shadows which I 0:00:42.840 --> 0:00:46.200 set up in London and the threat Intel space and 0:00:46.200 --> 0:00:48.400 we were we were really good at spotting all the 0:00:48.400 --> 0:00:52.120 sensitive data that had already leaked out of businesses across 0:00:52.120 --> 0:00:55.680 the open, deep and dark web. I did the series 0:00:55.720 --> 0:00:58.279 A in Silicon Valley, moved here in 2015, so I'm 0:00:58.280 --> 0:01:01.600 now ten years into the US in a dual national 0:01:01.600 --> 0:01:04.600 and so on. So pretty bedded into the the. Bay 0:01:04.600 --> 0:01:09.160 Area digital shadows was acquired in July of 22 and 0:01:09.160 --> 0:01:12.319 as you'll remember well November of 22 ChatGPT comes out 0:01:12.360 --> 0:01:15.360 and you know the world changes and I you know, 0:01:15.360 --> 0:01:18.000 I started just, you know, exploring that and talking to 0:01:18.000 --> 0:01:21.440 a lot of smart people in the space and seeing 0:01:21.440 --> 0:01:24.200 what I could learn. And, and actually, you were one 0:01:24.200 --> 0:01:26.039 of the first people who was writing a lot about it. 0:01:26.040 --> 0:01:28.680 I started, you know, picking up your, your newsletter, I 0:01:28.680 --> 0:01:32.080 think in, um, early 23 as you were really getting 0:01:32.080 --> 0:01:36.480 going on the topic. And so that's ultimately led to 0:01:36.680 --> 0:01:40.200 me founding Harmonic Security in August of 23. So about 0:01:40.200 --> 0:01:44.040 18 months old now. Um, we are we're really building 0:01:44.040 --> 0:01:46.840 a new data protection technology. We're calling what we're doing 0:01:46.880 --> 0:01:50.960 zero touch data protection. And we're harnessing the power of 0:01:50.960 --> 0:01:54.120 generative AI to build this. It's it's it's our own 0:01:54.120 --> 0:01:57.280 set of specially trained small language models that we're using 0:01:57.280 --> 0:01:59.840 for data protection. That allows us to do some very 0:01:59.840 --> 0:02:03.040 different things that I'll talk about. But use case one 0:02:03.120 --> 0:02:06.840 for us is very much, ironically enough, it's generative AI 0:02:06.880 --> 0:02:10.799 adoption from the enterprise. Right. And the challenges, particularly in 0:02:10.800 --> 0:02:15.400 sensitive data leaking into these different AI applications and models. 0:02:15.680 --> 0:02:18.040 We see that as like the number one barrier to 0:02:18.080 --> 0:02:21.840 to adoption in the enterprise, and we're helping them with that. 0:02:21.880 --> 0:02:24.760 And so that's really what harmonics about today is we're 0:02:24.760 --> 0:02:27.880 building out a pretty unique approach here to data protection. 0:02:29.120 --> 0:02:32.760 Okay. Interesting. So there's like an old space I don't 0:02:32.760 --> 0:02:36.160 know if it's been renamed, but it used to be DLP. Yeah. 0:02:36.200 --> 0:02:41.560 For like for like outbound, you know, sensitive data going out. Um, 0:02:41.600 --> 0:02:43.600 it sounds like it's something like that. But at the 0:02:43.600 --> 0:02:47.640 same time it's like AI readiness. Um, and then like 0:02:47.639 --> 0:02:50.640 the leakage issue. So, like, how do you see those 0:02:50.639 --> 0:02:51.880 and differentiate them? 0:02:52.560 --> 0:02:55.840 Yeah. It's a great point. I think there's there's been 0:02:55.880 --> 0:02:57.960 as you mentioned, there's a few categories that we, we 0:02:58.080 --> 0:02:59.880 can collide with a little bit, and we're trying to 0:02:59.880 --> 0:03:02.520 not think so much about the existing categories, is just 0:03:02.520 --> 0:03:04.840 focusing on what the problem is that the enterprise is 0:03:04.840 --> 0:03:08.280 trying to solve today. And that naturally leads us to 0:03:08.320 --> 0:03:12.080 overlap into into some of these categories, for sure. I mean, 0:03:12.080 --> 0:03:15.040 I think if you think about, as I'm doing about 0:03:15.040 --> 0:03:18.840 the problem space today around AI, that's it's kind of 0:03:18.880 --> 0:03:21.440 a top three for everybody we talk to is, okay, 0:03:21.480 --> 0:03:22.960 you've got you're in a position of having to go 0:03:22.960 --> 0:03:26.000 and try and adopt this technology. Um, the business is 0:03:26.000 --> 0:03:28.040 pushing for it in most cases. Right. We don't want 0:03:28.040 --> 0:03:30.320 to be left behind. We need to go and get 0:03:30.360 --> 0:03:35.040 on this. Um, but the obviously, there's, uh, there's a 0:03:35.040 --> 0:03:36.960 bunch of people that are worrying about the risks attached 0:03:36.960 --> 0:03:40.160 to that. Principally, where does the sensitive data go? And 0:03:40.160 --> 0:03:42.680 the start of that journey is visibility, where you need 0:03:42.680 --> 0:03:46.040 to understand effectively what's going on today in the enterprise, 0:03:46.040 --> 0:03:48.880 because whether you like it or not, employees have already 0:03:48.880 --> 0:03:51.600 jumped in and have started using a bunch of these 0:03:51.600 --> 0:03:55.320 tools and technologies. And, and so, so you sort of 0:03:55.320 --> 0:03:57.360 look at what enterprises have have to deal with their 0:03:57.360 --> 0:04:00.880 and often the the approach has been, well, um, let's 0:04:00.880 --> 0:04:03.040 just sit, block and wait. Right. Try and block all 0:04:03.080 --> 0:04:06.840 this stuff. Pretend it's not happening. Put a policy in place. 0:04:06.880 --> 0:04:09.000 You know, maybe we'll start to build, you know, by 0:04:09.000 --> 0:04:11.800 one of the an enterprise version of something, right? It's 0:04:11.800 --> 0:04:14.920 co-pilot or it's it's ChatGPT. And we'll try to point 0:04:14.920 --> 0:04:18.240 everybody at that. Um, but inevitably, you know, there's this, 0:04:18.240 --> 0:04:21.839 this sort of Cambrian explosion of other AI applications and 0:04:21.839 --> 0:04:24.320 uses out of the core apps that often get blocked. 0:04:24.360 --> 0:04:26.359 And and you don't want to frustrate that either. You 0:04:26.360 --> 0:04:28.760 want you want to be adopting the majority of the 0:04:28.760 --> 0:04:31.400 the technology where you can. So the question comes back to, 0:04:31.600 --> 0:04:34.080 you know, how do you do that safely? And and 0:04:34.080 --> 0:04:36.400 I think getting getting visibility into it is the first part. 0:04:36.400 --> 0:04:39.440 And then the second part is, well what about the controls. 0:04:39.480 --> 0:04:41.479 And you mentioned DLP, I think that's kind of the 0:04:41.480 --> 0:04:46.080 classic one where where organizations start to look at their existing, uh, options, 0:04:46.080 --> 0:04:48.679 whether it's DLP or trying to label all the data 0:04:48.720 --> 0:04:50.600 in it in a company. Right. Those have been the 0:04:50.600 --> 0:04:53.200 two things we've tried to do for 20 years. Uh, 0:04:53.200 --> 0:04:55.240 hasn't really worked that well over the last 20 years. 0:04:55.240 --> 0:04:58.120 I mean, it's it's just such a challenge for most 0:04:58.120 --> 0:04:59.200 security teams, right? 0:04:59.240 --> 0:05:01.520 Yeah, it sounds great, but when you try to implement it, 0:05:01.560 --> 0:05:03.359 it turns to garbage really quickly. 0:05:03.480 --> 0:05:06.120 Yeah. I mean, it really does. I'm yet to find 0:05:06.120 --> 0:05:10.359 somebody who who loves their, their DLP or really enjoyed 0:05:10.360 --> 0:05:12.160 the process of trying to label all the data in 0:05:12.160 --> 0:05:15.440 the business. Um, you know, and usually it's, it's often 0:05:15.440 --> 0:05:17.560 just a compliance tick box. Right. It's kind of there 0:05:17.560 --> 0:05:20.320 if the regulator asks, but is it really doing anything 0:05:20.320 --> 0:05:23.920 very useful for you? Well, probably not right. It's right. 0:05:23.960 --> 0:05:26.479 It's like a yeah, yeah. 0:05:26.480 --> 0:05:29.480 So so let me let's do this. This should be fun. 0:05:29.480 --> 0:05:31.360 So I'm just going to give you a scenario that 0:05:31.360 --> 0:05:34.159 I think is happening quite a bit. And then let's 0:05:34.160 --> 0:05:38.880 talk about where harmonic security would fit into this. So 0:05:38.880 --> 0:05:40.960 a big part of the use case is simply the 0:05:40.960 --> 0:05:46.280 business says, Holy crap, we need to have AI immediately, right? 0:05:46.279 --> 0:05:48.760 We need marketing to be moving on this. We need 0:05:48.760 --> 0:05:52.200 some sort of product that says something about AI. So 0:05:52.200 --> 0:05:56.279 we were thinking it would be something related to like, um, 0:05:56.320 --> 0:06:00.160 our CRM lookup. Uh, you can ask questions about your 0:06:00.160 --> 0:06:02.680 current account or whatever. So obviously we want to hit 0:06:02.680 --> 0:06:06.599 that API. Here's the API internally for that. Um, also 0:06:06.640 --> 0:06:09.880 we want to do some external lookups, uh, to combine 0:06:09.880 --> 0:06:11.919 it with some web search or whatever. So I guess 0:06:11.920 --> 0:06:15.719 we'll need that API. And then like the business kind 0:06:15.720 --> 0:06:18.360 of sends over this hunk of garbage over to like 0:06:18.360 --> 0:06:22.810 the product team which has like three or 4 or 0:06:22.810 --> 0:06:26.960 10 internal APIs plus some other agent functionality or whatever. 0:06:26.960 --> 0:06:30.720 And then you have like this, uh, combiner, uh, sort 0:06:30.720 --> 0:06:34.360 of agent that actually formulates this stuff from the API's 0:06:34.360 --> 0:06:36.599 and hands it back to the user through this chatbot. 0:06:38.040 --> 0:06:42.280 And that's like 20 different nightmares combined. So where is 0:06:42.279 --> 0:06:43.839 harmonic security on this? 0:06:44.640 --> 0:06:47.720 Yeah, I, I think for, for the reasons that you 0:06:47.720 --> 0:06:52.160 just outlined really we're not trying to solve that problem today. Uh, 0:06:52.160 --> 0:06:57.240 and I'll talk about why I think. I think the, uh. Yeah. 0:06:57.279 --> 0:07:02.080 November 22nd, ChatGPT comes out. I think 2023 and into 0:07:02.080 --> 0:07:05.720 24 companies were were having to say that they were 0:07:05.760 --> 0:07:08.599 AI forward. And, you know, every CEO is talking about 0:07:08.640 --> 0:07:11.280 AI and telling the board and the market about it. 0:07:11.280 --> 0:07:13.640 And and what happened in reality was, I think a 0:07:13.640 --> 0:07:16.760 lot of people, you know, spun up some sandboxes in 0:07:16.760 --> 0:07:19.520 usually open AI related. They tested out some use cases, 0:07:19.520 --> 0:07:22.440 mostly around, as you say, you know, sales or customer 0:07:22.440 --> 0:07:26.840 success activities. Very few of those have entered production. And 0:07:26.840 --> 0:07:29.640 I think what's happened and continues to happen is that 0:07:29.640 --> 0:07:31.760 the the percentage of companies that are really trying to 0:07:31.800 --> 0:07:35.840 build out their own AI to solve these problems, particularly 0:07:35.840 --> 0:07:39.600 the common business problems, is just going away. It's diminishing 0:07:39.760 --> 0:07:42.720 to to be the really sophisticated orgs only. And what 0:07:42.720 --> 0:07:44.880 the vast majority of companies are doing is ending up 0:07:44.880 --> 0:07:47.880 adopting third party SaaS that has already thought about this. 0:07:47.920 --> 0:07:50.160 It's what they do as their bread and butter. So 0:07:50.560 --> 0:07:52.720 are you going to build a better CRM than Salesforce 0:07:52.870 --> 0:07:55.870 and and all the other players? Probably not. Right? Salesforce 0:07:55.870 --> 0:07:59.750 is busy spending all day long figuring that that scenario out. 0:07:59.790 --> 0:08:01.710 And I think that's true for most of the common 0:08:01.710 --> 0:08:05.590 business use cases right around stuff like customer success, technical support, 0:08:06.230 --> 0:08:08.150 the way you're going about your marketing, it's going to 0:08:08.150 --> 0:08:10.190 be more, you know, are you going to you're going 0:08:10.190 --> 0:08:12.550 to be using the latest tools, though, whether it's, let's 0:08:12.550 --> 0:08:15.870 say like gamma for writing presentations now or, you know, 0:08:16.030 --> 0:08:19.430 granola for your note taking and all these types of things. Right. 0:08:19.430 --> 0:08:21.590 And then some of those get built in ultimately to 0:08:21.630 --> 0:08:24.510 Microsoft and Google suites, like big announcements this week from 0:08:24.510 --> 0:08:27.470 Microsoft and Google. And so if you've got a bunch 0:08:27.470 --> 0:08:29.990 of employees, maybe you're on the Microsoft Suite. Sure. But 0:08:29.990 --> 0:08:32.709 your employees want to use notebook LM, right. They want 0:08:32.710 --> 0:08:35.710 to be there's that Project Mariner spinning up about how 0:08:35.710 --> 0:08:38.510 do you get agents in the browser through Google. But 0:08:38.510 --> 0:08:41.750 I think that that's really the direction that most enterprises 0:08:41.750 --> 0:08:43.870 end up in. And then there's a bunch that have 0:08:43.870 --> 0:08:45.790 failed projects around trying to build their own. There's a 0:08:45.790 --> 0:08:47.790 bunch that will have successful projects building their own. But 0:08:47.790 --> 0:08:50.190 I think that's for me, that's got a lot of 0:08:50.190 --> 0:08:53.110 the attention right now. And, you know, obviously this stuff 0:08:53.110 --> 0:08:57.429 like we talk about the, um, you've got the, um, 0:08:57.429 --> 0:09:00.030 the top ten, the OWASp top ten, and uh, which 0:09:00.070 --> 0:09:02.110 is smart. Like, I think it's a good set if 0:09:02.110 --> 0:09:04.470 you're building your own. But I don't see I don't 0:09:04.470 --> 0:09:06.589 see these types of, of issues as the ones that 0:09:06.590 --> 0:09:09.470 almost the majority of CSO that we talk to are 0:09:09.470 --> 0:09:12.870 struggling with. Right? It's it's more, hey, we need a 0:09:12.910 --> 0:09:14.830 business wants to use all these tools. We don't know 0:09:14.830 --> 0:09:18.230 what we're using today. Who knows what's going on in 0:09:18.230 --> 0:09:21.310 marketing right now? Because these people are adopting these tools. 0:09:21.309 --> 0:09:23.430 They're firing our corporate data in because they want to 0:09:23.429 --> 0:09:26.710 get productivity out. I think that's going to be step 0:09:26.710 --> 0:09:28.830 one for the vast majority of companies. And that's our 0:09:28.830 --> 0:09:29.630 immediate focus. 0:09:29.630 --> 0:09:32.870 You're right. You're right. And that started first. It started immediately. 0:09:32.870 --> 0:09:36.150 It started in basically November of 22. Yeah. Because people 0:09:36.150 --> 0:09:39.870 were like just dragging and dropping like everything into their 0:09:39.870 --> 0:09:42.469 um okay. So what does that look like? What does 0:09:42.470 --> 0:09:48.030 that look like in terms of like bringing over sensitive documentation? Um, 0:09:48.070 --> 0:09:51.230 PRD documents, like all sorts of stuff that's like, should 0:09:51.230 --> 0:09:55.390 not be shared. What does the interface look like for 0:09:55.390 --> 0:09:59.030 harmonic security to be able to see it. And is 0:09:59.030 --> 0:10:02.670 it monitoring. Is it monitoring and blocking or some combination thereof. 0:10:02.830 --> 0:10:05.590 Yeah. No. Great. Great question. So yeah harmonic. What we 0:10:05.590 --> 0:10:07.750 are at the core is a browser extension that we 0:10:07.750 --> 0:10:11.310 can roll out in 30 minutes across all of the 0:10:11.309 --> 0:10:15.350 enterprise browsers. At that point, within the 30 minutes, we're 0:10:15.350 --> 0:10:19.870 starting to get visibility into all of the AI adoption 0:10:19.910 --> 0:10:23.430 of all of these third party tools and services across 0:10:23.429 --> 0:10:26.470 the company. And we can start to show show businesses, right. 0:10:26.470 --> 0:10:28.990 These are the ones that you know, that shadow AI 0:10:29.030 --> 0:10:32.030 challenge effectively. But the sanction versus unsanctioned as well. So 0:10:32.030 --> 0:10:35.150 you may know that you've approved certain coding assistance, but 0:10:35.150 --> 0:10:37.230 it turns out your engineering team is pumping your IP 0:10:37.230 --> 0:10:39.670 into a bunch of others. It may be that you've 0:10:39.670 --> 0:10:44.590 approved an enterprise version of Copilot, and yes, your employees 0:10:44.590 --> 0:10:50.150 are adopting that, but they're also creating spreadsheets in, you know, CSV, 0:10:50.190 --> 0:10:52.430 for example. They're putting data into that, which is a, 0:10:52.470 --> 0:10:54.910 you know, a free tool that is not absolutely not 0:10:54.910 --> 0:10:57.589 covered by your enterprise agreements. And, you know, the question 0:10:57.590 --> 0:10:59.350 marks around where the data is hosted, how is it 0:10:59.350 --> 0:11:02.950 being stored and secured? Um, you know, maybe it's gamma, 0:11:02.950 --> 0:11:05.830 which is an awesome product, but you probably if your 0:11:05.830 --> 0:11:09.790 employees are firing your data and generating presentations in it, 0:11:09.790 --> 0:11:11.470 you probably want to know that you've got the enterprise 0:11:11.470 --> 0:11:13.709 plan right and you want to standardize on these things. 0:11:13.750 --> 0:11:16.189 So so I think that's the those are the challenges 0:11:16.190 --> 0:11:18.590 that we solve very quickly. We give you that visibility 0:11:18.590 --> 0:11:21.190 part one. But the visibility is kind of the the 0:11:21.190 --> 0:11:23.550 easy bit. And we give you the risk as well. 0:11:23.550 --> 0:11:26.430 So which ones are training on your data. Which ones 0:11:26.429 --> 0:11:29.350 are hosted in geographies you don't want your customer data 0:11:29.390 --> 0:11:33.150 going into. But the the bigger bit though. So that's 0:11:33.230 --> 0:11:35.430 the kind of the governance, the visibility and often the 0:11:35.429 --> 0:11:37.430 step one. But then we come to the controls. Right. 0:11:37.429 --> 0:11:39.830 Because it's it's great. We can see some of this stuff, 0:11:39.830 --> 0:11:41.950 but what do we do about it. And that's really 0:11:41.950 --> 0:11:45.390 our differentiator. So so harmonica at the core I mentioned 0:11:45.390 --> 0:11:47.870 my last company, Digital Shadows, was looking at sensitive data 0:11:47.870 --> 0:11:50.949 that had already leaked out with harmonic. We're using knowledge 0:11:50.950 --> 0:11:54.310 of that to build small language models that understand sensitive 0:11:54.309 --> 0:11:57.910 data really well. Much like a human would. And that 0:11:57.910 --> 0:12:02.110 means that instead of just doing PII and PCI badly, 0:12:02.110 --> 0:12:05.110 which is effectively what the rest of the industry does today, one, 0:12:05.110 --> 0:12:07.829 we could do those things really well. But more importantly, 0:12:07.830 --> 0:12:12.670 we can also spot things like architectural diagrams or legal correspondence, 0:12:12.670 --> 0:12:20.030 or employee financial information, or corporate spreadsheets, insurance claims data, 0:12:20.070 --> 0:12:22.870 things like that you could never spot before because the 0:12:22.870 --> 0:12:25.870 the technology was just doing a regex or some sort 0:12:25.870 --> 0:12:29.070 of basic rule based. Totally. It doesn't work. We know 0:12:29.070 --> 0:12:30.790 it doesn't work, but but we do it because it's 0:12:30.830 --> 0:12:33.150 all we've had and the regulator asks us to. But 0:12:33.150 --> 0:12:35.710 now there's a better way because we can, you know, 0:12:35.710 --> 0:12:39.830 we've got these smart models that have incredibly high accuracy rates, 0:12:39.870 --> 0:12:41.870 takes the load off the security team. So this is 0:12:41.870 --> 0:12:44.750 where the zero touch data protection comes in, because we're 0:12:44.790 --> 0:12:47.670 accurate enough that we're not noisy and annoying for the employees. 0:12:48.110 --> 0:12:50.350 so we can jump in with the employee and resolve 0:12:50.350 --> 0:12:52.949 issues straight away at the end. The end point with 0:12:52.950 --> 0:12:55.710 the end user. And then this load doesn't fall on 0:12:55.710 --> 0:12:58.110 the security team. Now we have the data, the audit. 0:12:58.110 --> 0:12:59.750 They can go and see what who's been doing what 0:12:59.750 --> 0:13:01.550 and what. We've been able to stop getting out. And 0:13:01.550 --> 0:13:04.870 they configure it and manage it. But ultimately we're solving 0:13:04.870 --> 0:13:08.190 the data protection challenge without the load on the security team. 0:13:08.190 --> 0:13:10.750 So why would you go about, you know, rolling out 0:13:10.790 --> 0:13:15.309 classic DLP technology or trying to label all the data or, 0:13:15.350 --> 0:13:19.230 you know, worry about the the types of casb style 0:13:19.230 --> 0:13:21.270 solutions that are that are giving you some sort of 0:13:21.309 --> 0:13:23.829 insight into what's going on, but not fixing the problem. Right. 0:13:23.830 --> 0:13:25.390 We can fix the problem. We can do it in 0:13:25.390 --> 0:13:28.030 30 minutes with this browser based rollout. 0:13:28.790 --> 0:13:31.910 Interesting. And this data could actually be used to power 0:13:32.030 --> 0:13:35.270 a labeling project because you'd be seeing the real stuff. 0:13:35.750 --> 0:13:37.990 That's right. You actually get a real insight into what's 0:13:37.990 --> 0:13:41.510 going on. We released a report earlier this week that 0:13:41.510 --> 0:13:43.990 you can you can download and and so on to 0:13:44.030 --> 0:13:46.709 look at what what is leaking out. And because we've 0:13:46.750 --> 0:13:50.110 gone we've obviously got great visibility now into this, this 0:13:50.110 --> 0:13:53.070 type of data across our client base. And the the 0:13:53.070 --> 0:13:56.790 interesting thing is it's it's 8.5% of the prompt data 0:13:56.790 --> 0:13:59.830 that we see has some sort of sensitive information in 0:13:59.830 --> 0:14:02.189 and of that sensitive information, about half of it is 0:14:02.190 --> 0:14:06.069 customer data related. But there's a significant minority. It's I 0:14:06.070 --> 0:14:08.990 think it's about 15% that is things like legal and 0:14:08.990 --> 0:14:13.630 financial information. And then you have obviously IP and employee 0:14:13.630 --> 0:14:15.470 data and all kinds of things like that. But it's 0:14:15.470 --> 0:14:17.830 not really been possible to have that visibility before. We 0:14:17.870 --> 0:14:20.350 sort of kidded ourselves by putting some sort of DLP 0:14:20.390 --> 0:14:23.790 that was tuned to spot PII. We've got data protections 0:14:23.790 --> 0:14:26.950 covered and things like that, or the labeling, like the 0:14:26.990 --> 0:14:29.150 sort of myth of labeling all the data when when 0:14:29.150 --> 0:14:31.310 we know the reality is that most, most of that 0:14:31.310 --> 0:14:34.670 is inaccurate and you don't find all the data anyway. So, 0:14:34.670 --> 0:14:37.630 so this we've been able to show what's really happening 0:14:37.670 --> 0:14:40.470 and then put controls around it. 0:14:41.070 --> 0:14:43.270 So do you have um, is there any way you 0:14:43.270 --> 0:14:45.350 can pull up the interface. Do you want to show 0:14:45.350 --> 0:14:46.790 any part of part of it, or do you want 0:14:46.790 --> 0:14:47.670 to just talk through it? 0:14:47.910 --> 0:14:50.510 Yeah. I mean, we absolutely can. Actually, let me just 0:14:50.510 --> 0:14:53.510 check if I can log in. Totally. So. So I've 0:14:53.510 --> 0:14:56.870 just got an example here of, um, we're running Gemini. 0:14:57.910 --> 0:15:00.430 And so you've got an employee coming along. We're imagining 0:15:00.430 --> 0:15:02.950 in this instance we're an insurance company because we're working 0:15:02.950 --> 0:15:05.150 with a few of these. So these are things that 0:15:05.150 --> 0:15:09.430 that we've seen before. Um, I'm putting in some, some 0:15:09.430 --> 0:15:13.630 data here that in this instance is is something we 0:15:13.670 --> 0:15:17.510 don't the company doesn't want getting into something like Gemini. Right. 0:15:17.510 --> 0:15:21.430 It's actual customer claims data that's going in. We have 0:15:21.430 --> 0:15:23.550 seen this. I think it's probably pretty tempting if you 0:15:23.550 --> 0:15:25.910 work in claims right now to be getting something like 0:15:25.910 --> 0:15:29.070 a ChatGPT or Gemini to start automating aspects of your job. 0:15:29.310 --> 0:15:30.990 So we've got an employee saying, hey, you know, can 0:15:30.990 --> 0:15:34.270 you review the following claim, propose next steps to determine 0:15:34.270 --> 0:15:36.270 if it's legitimate or not. And they've punched. 0:15:36.270 --> 0:15:38.590 All this data in. This is worth calling out. You 0:15:38.630 --> 0:15:41.790 are on the actual Gemini site. You are actually connected 0:15:41.790 --> 0:15:45.910 directly to Google and they're just doing their normal thing 0:15:45.910 --> 0:15:48.950 with whatever endpoint. And as long as they're using the 0:15:48.950 --> 0:15:52.950 approved enterprise browser because you're an extension, you can see. 0:15:53.350 --> 0:15:55.910 Exactly, exactly. And we can. We work with all the 0:15:55.910 --> 0:16:00.550 browser types we can install in, in, you know, very 0:16:00.590 --> 0:16:03.630 secure ways such that we appear everywhere and see, see 0:16:03.630 --> 0:16:06.030 everything that's going on, you know, no matter what browser 0:16:06.030 --> 0:16:09.750 is being used, even if the employees are installing their own. Um, 0:16:09.750 --> 0:16:12.030 so so that's that's the start point for us, is 0:16:12.030 --> 0:16:14.310 you've got an employee that's doing something like this. How 0:16:14.310 --> 0:16:17.310 would you spot this with existing technology? You probably wouldn't. 0:16:17.310 --> 0:16:19.510 You could argue you can match on the policy number. 0:16:19.710 --> 0:16:22.950 So I'll even take that out. Right. But from context, 0:16:22.990 --> 0:16:24.950 you and I can see that this is still customer 0:16:24.950 --> 0:16:29.670 insurance claims data. Right. Um, but historically, we'd never be 0:16:29.670 --> 0:16:32.350 able to stop this if I try to submit this 0:16:32.350 --> 0:16:35.150 and I'm running harmonic. We do know that this is 0:16:35.150 --> 0:16:37.390 sensitive data. So we've come up, we see we can 0:16:37.390 --> 0:16:41.390 see this is insurance claims data here. And the reason 0:16:41.390 --> 0:16:44.150 is that this has bounced off our language models. where 0:16:44.150 --> 0:16:46.350 we have a small language model that's been trained just 0:16:46.350 --> 0:16:50.070 to look at insurance claims data, understands it very well, 0:16:50.110 --> 0:16:53.150 doesn't matter to us if it's data from Chubb or 0:16:53.190 --> 0:16:56.230 Beazley or Hiscox or whoever, right. Because because the model 0:16:56.230 --> 0:16:59.670 understands generically what insurance claim data is, just like you 0:16:59.670 --> 0:17:01.590 do and I do. Right. We could recognize claims from 0:17:01.590 --> 0:17:03.750 all those companies because we know what one is. Right. 0:17:03.750 --> 0:17:06.149 So you don't need to do the old world of 0:17:06.150 --> 0:17:09.790 exact matching rejecting on on things goes away. And instead 0:17:09.790 --> 0:17:12.070 we can have these, you know, much more higher order 0:17:12.310 --> 0:17:15.750 approaches to stopping our sensitive data leaking out. So this 0:17:15.750 --> 0:17:16.590 this is completely. 0:17:16.830 --> 0:17:19.350 This this is the real experience here. This is not 0:17:19.350 --> 0:17:21.910 like a demo. Like you actually press enter and then 0:17:21.910 --> 0:17:22.630 this popped up. 0:17:22.670 --> 0:17:25.629 Yeah. And so right now this has not gone to Google. 0:17:25.630 --> 0:17:28.230 This data is is still with us in the browser. 0:17:28.430 --> 0:17:30.790 But I've given in our example here we have the 0:17:30.790 --> 0:17:34.709 option to ignore harmonics. I'm going to ignore. And now 0:17:34.710 --> 0:17:36.870 the data is gone. Right. We've let it go out 0:17:36.869 --> 0:17:40.950 of the door and it's it's sat with Google. Gemini 0:17:40.950 --> 0:17:43.030 is going to do its thing and start to start 0:17:43.030 --> 0:17:45.350 to give us a response here. But if I come 0:17:45.350 --> 0:17:47.669 to the harmonic portal now, and we'll walk through a 0:17:47.670 --> 0:17:49.710 little bit more of this in a minute, but we 0:17:49.710 --> 0:17:53.070 have logged and audited this. So you can see that, 0:17:53.109 --> 0:17:57.629 you know, just a minute ago this was me into Gemini, 0:17:57.670 --> 0:18:01.390 which we consider a high risk the public edition. And 0:18:01.390 --> 0:18:04.270 I ignored the intervention. And you can go and see 0:18:04.270 --> 0:18:07.629 the actual prompt data that was put in in this case. 0:18:07.630 --> 0:18:09.350 And there's a lot more we can we can dig into. 0:18:09.350 --> 0:18:11.270 But that that's like the if you want to like 0:18:11.270 --> 0:18:14.630 the flow is, is is that is the core flow. 0:18:14.630 --> 0:18:16.470 But as I mentioned, the kind of the starting point 0:18:16.470 --> 0:18:18.790 for most organizations, even before they get to that is 0:18:18.790 --> 0:18:21.230 really just trying to understand, you know, what is going 0:18:21.230 --> 0:18:24.150 on in the business today because most of them don't 0:18:24.150 --> 0:18:27.389 have that visibility. And so we start with that. And 0:18:27.390 --> 0:18:30.270 so you've got usage and adoption here where we can 0:18:30.270 --> 0:18:32.390 start to show, you know, the number of apps and 0:18:33.150 --> 0:18:36.149 the categories that they exist in. 0:18:36.190 --> 0:18:41.109 And the apps would be things like Gemini, ChatGPT anthropic 0:18:41.270 --> 0:18:43.510 or what? How do you differentiate an app? 0:18:43.710 --> 0:18:46.670 Yeah. So so we started out at harmonic just looking 0:18:46.670 --> 0:18:50.470 at JNI specific apps, right. Like ChatGPT and Gemini. I 0:18:50.630 --> 0:18:53.310 think very quickly that distinction goes away. Right. Because pretty 0:18:53.310 --> 0:18:56.550 much all SaaS is wrapping JNI features into itself at 0:18:56.550 --> 0:18:57.110 the moment. 0:18:57.150 --> 0:18:57.630 Yes. 0:18:57.750 --> 0:19:00.710 So we're essentially expanding and have expanded harmonic to look 0:19:00.710 --> 0:19:05.590 across the whole stack of your enterprise apps because and 0:19:05.590 --> 0:19:07.669 so all of these are AI enabled apps. On the 0:19:07.670 --> 0:19:11.510 right hand side that we see is is being active here. 0:19:11.510 --> 0:19:14.070 And then you've got newly discovered, we can start to 0:19:14.070 --> 0:19:17.910 show outliers, break it out by the category of application 0:19:17.910 --> 0:19:21.030 that we're seeing. So this is broader than just the 0:19:21.030 --> 0:19:21.750 core apps. 0:19:22.550 --> 0:19:26.110 That makes more sense right. Like you said AI is 0:19:26.109 --> 0:19:31.150 just an instance. Yeah. It's like it's like saying, hey, um, 0:19:31.150 --> 0:19:35.510 are you a database company? Right. Um, and it's like, uh, 0:19:35.510 --> 0:19:38.030 what do you mean? We use a database? It doesn't 0:19:38.030 --> 0:19:40.990 mean doesn't mean we are a database company. So I 0:19:41.190 --> 0:19:43.710 just blends into everything it does. So at that point 0:19:43.710 --> 0:19:47.389 it's not it's it's protection from I if you're using 0:19:47.390 --> 0:19:51.109 an AI app specifically, but really it's all the same stuff. 0:19:51.310 --> 0:19:53.790 You're pasting something that shouldn't be going into a form. 0:19:53.910 --> 0:19:56.670 Yes. Exactly. Right. And so for us, ultimately, the difference 0:19:56.670 --> 0:19:59.990 between this data going into a Dropbox public folder or 0:20:00.030 --> 0:20:03.909 going into Gemini is like, what's the difference really? There is, 0:20:03.910 --> 0:20:05.070 there is I think there is a little bit of 0:20:05.070 --> 0:20:07.470 a difference because some of these there's something a little, 0:20:07.470 --> 0:20:09.310 little insidious about how some of them are collecting and 0:20:09.310 --> 0:20:11.590 training on the data that's going in. And there's obviously 0:20:11.590 --> 0:20:14.630 this explosion in AI apps that wasn't like no one 0:20:14.630 --> 0:20:17.830 was campaigning to get workday installed as an employee. But 0:20:17.830 --> 0:20:20.830 but they are campaigning to jump into tools that automate 0:20:20.869 --> 0:20:22.430 bits of their job. Right. So I think I think 0:20:22.430 --> 0:20:25.590 there is a distinction in kind of in one aspect, 0:20:25.590 --> 0:20:28.390 but but for the most part, it's all the same, right? 0:20:28.430 --> 0:20:30.470 It's data leaking out of the business and whether it's 0:20:30.470 --> 0:20:33.310 going into AI or elsewhere, then harmonics going to help. 0:20:33.910 --> 0:20:36.310 But our focus for use case one has been all 0:20:36.310 --> 0:20:39.150 about AI adoption. And and so it's sort of giving 0:20:39.150 --> 0:20:41.310 that visibility and then allowing you to put the right 0:20:41.310 --> 0:20:44.030 controls in place. And and just to show you one 0:20:44.030 --> 0:20:46.310 more kind of cool thing that, you know, we have 0:20:46.310 --> 0:20:49.629 this whole detection catalog, we're continuing to expand, but you 0:20:49.630 --> 0:20:51.790 can see the types of things we can spot, right. 0:20:51.830 --> 0:20:56.150 M&A data is obviously absolutely critical. How would you spot 0:20:56.150 --> 0:20:59.510 that leaking out historically really difficult. But we've got models 0:20:59.510 --> 0:21:03.189 that understand what that looks like. And so instead of 0:21:03.190 --> 0:21:06.750 it being a rules based approach, we have these human 0:21:06.750 --> 0:21:11.030 readable data definitions that explain to the model like what 0:21:11.030 --> 0:21:14.630 is what is that right? What is M&A data? Why 0:21:14.630 --> 0:21:16.590 is it important. So we can interact with the end 0:21:16.590 --> 0:21:19.389 user and coach them and nudge them appropriately. 0:21:19.390 --> 0:21:22.510 That makes sense. Prompts rule the world. I mean ultimately 0:21:22.510 --> 0:21:25.190 those are prompts. And prompts are the intelligence. 0:21:25.270 --> 0:21:27.070 That's right. And then but then to back it up, 0:21:27.070 --> 0:21:28.790 you need a model that's got the right set of 0:21:28.790 --> 0:21:32.110 training data and is fast enough to sit in line. Right. 0:21:32.109 --> 0:21:34.149 And that's kind of the core of our tech is 0:21:34.190 --> 0:21:37.110 is having built that, that data set, train these specific 0:21:37.109 --> 0:21:41.630 models and made them really fast. Um, so yeah, that's um, 0:21:41.630 --> 0:21:44.550 that's what harmonics doing essentially. So, so the goal with, 0:21:44.550 --> 0:21:46.510 with this of course, is you can, you can much 0:21:46.510 --> 0:21:49.830 more safely adopt generative AI. You've got some nice reporting 0:21:49.830 --> 0:21:52.670 that you can show your AI committee about who's doing 0:21:52.670 --> 0:21:54.830 what with the data, the fact that we're able to 0:21:54.830 --> 0:21:58.950 protect and intervene and coach the, the employees. Um, but 0:21:58.950 --> 0:22:01.270 but then, of course, the beauty is that we don't 0:22:01.270 --> 0:22:03.670 need to load up the security team with a bunch 0:22:03.670 --> 0:22:06.350 more work here because we're handling this automatically with the 0:22:06.350 --> 0:22:06.910 end users. 0:22:06.950 --> 0:22:10.110 Yeah, it's being outsourced to the user directly. 0:22:10.270 --> 0:22:12.950 Yeah, but at low enough volume and friction that they 0:22:12.950 --> 0:22:15.869 don't they don't feel it, which is. Yeah. You know, 0:22:15.910 --> 0:22:17.149 we only get in the way when they're going to 0:22:17.190 --> 0:22:19.949 expose the company to real risk. It's not just pinging 0:22:19.950 --> 0:22:23.189 on a, on a regex match. That's innocuous because they're 0:22:23.190 --> 0:22:25.190 doing something. That's fine. Right. 0:22:25.190 --> 0:22:28.869 This is really wonderful. I wonder, um, you're probably already 0:22:28.869 --> 0:22:31.189 thinking of this, but in the insights tab, do you 0:22:31.190 --> 0:22:35.870 have anything around known providers that they've just clearly said 0:22:35.869 --> 0:22:38.220 that they train on the data? So it's like an 0:22:38.220 --> 0:22:39.139 even higher risk. 0:22:39.260 --> 0:22:41.820 Absolutely. Yeah. I mean, and we can do the breakdown 0:22:41.820 --> 0:22:45.260 here between the public editions, the free editions and the 0:22:45.260 --> 0:22:47.820 ones you have an enterprise license for. So just because 0:22:47.820 --> 0:22:50.180 you have an enterprise license from ChatGPT doesn't mean that 0:22:50.180 --> 0:22:52.979 people are using that versus their home edition. Right. And 0:22:52.980 --> 0:22:56.180 they're logging in with their personal account. So we have a, 0:22:56.220 --> 0:22:59.740 you know, we consider the free edition higher risk precisely 0:22:59.740 --> 0:23:02.740 because of the training declaration that it that it has. 0:23:02.780 --> 0:23:04.220 And we can we can start. 0:23:04.220 --> 0:23:06.580 There you go. Training declaration. Hi. 0:23:06.619 --> 0:23:09.380 Yeah. So if we want to drill into that, uh, 0:23:09.380 --> 0:23:12.540 you know, here's where we've picked it up from. Um, 0:23:12.540 --> 0:23:16.020 and yeah, so, so OpenAI state that, uh, they may 0:23:16.020 --> 0:23:18.700 use your data to train and improve their models in 0:23:18.740 --> 0:23:22.020 that free edition. So, yeah, that's the visibility that we're 0:23:22.020 --> 0:23:24.180 giving the enterprise. And then you can put appropriate controls 0:23:24.180 --> 0:23:24.820 around it. 0:23:25.940 --> 0:23:28.740 Yeah. That's wonderful. And then you define a policy somewhere 0:23:28.820 --> 0:23:31.820 I imagine. Um, and that's what gets implemented. 0:23:31.940 --> 0:23:34.820 Yeah, exactly. There's a ton of, um, a ton of 0:23:34.820 --> 0:23:36.540 things that you can do to configure this, but we 0:23:36.540 --> 0:23:40.500 have a have a whole config designer we've taken instead 0:23:40.500 --> 0:23:44.340 of just having these these horrendously complex screens with 1000 controls, 0:23:44.340 --> 0:23:47.580 we've taken a more visual approach to building the config 0:23:47.580 --> 0:23:50.899 out and inspired by some of the great work that 0:23:50.900 --> 0:23:53.060 companies like Tynes and others have done recently, to make 0:23:53.060 --> 0:23:54.900 things much more user friendly in how you set this 0:23:54.900 --> 0:23:58.580 stuff up. And so there's there's a range of ways 0:23:58.580 --> 0:24:00.900 you can set up and configure it. And beyond that, 0:24:00.900 --> 0:24:04.420 you can also do a massive amount of customization around 0:24:04.420 --> 0:24:08.740 the intervention itself. So maybe you want your own logo 0:24:08.740 --> 0:24:11.660 and color scheme. You want to put your own security 0:24:11.660 --> 0:24:14.220 policy here. You've got an AI policy. You can link 0:24:14.220 --> 0:24:18.740 to it in in here and apply, you know, different 0:24:18.740 --> 0:24:23.940 controls to redirect employees to secure secure options and things 0:24:23.940 --> 0:24:26.140 like that. So depending on how you want to set 0:24:26.140 --> 0:24:29.020 it up, some some companies are much more draconian than others, 0:24:29.060 --> 0:24:31.380 of course, because they, you know, they're dealing with very 0:24:31.380 --> 0:24:35.179 sensitive data or they're highly regulated. Others are a little more, hey, 0:24:35.180 --> 0:24:37.460 we want to want to just trust the employees, but 0:24:37.460 --> 0:24:40.380 we are auditing and logging this stuff, so if they're 0:24:40.380 --> 0:24:42.820 really starting to push our data places, it shouldn't go. 0:24:42.859 --> 0:24:44.180 We can we can see that. 0:24:45.340 --> 0:24:48.460 Sure. And it allows for both of those situations. It's 0:24:48.460 --> 0:24:50.060 more strict or more open. 0:24:50.100 --> 0:24:51.940 Yeah that's right. Yeah. 0:24:51.980 --> 0:24:54.900 Yeah. This is really great. Um, what what are you 0:24:54.940 --> 0:24:57.580 working on next that you can talk about? Like, what 0:24:57.580 --> 0:25:01.380 are you excited about? Uh, new threats or new situations 0:25:01.380 --> 0:25:02.419 you're trying to address? 0:25:02.820 --> 0:25:07.619 Yeah, we're continuing to build out our coverage to, you know, cover. 0:25:07.619 --> 0:25:10.820 You know, as I mentioned, beyond the kind of core 0:25:10.859 --> 0:25:15.020 gen AI sites and gen AI enabled SAS, we're going 0:25:15.020 --> 0:25:17.420 to build harmonic out over time to cover essentially everything 0:25:17.420 --> 0:25:20.659 going through the browser. Uh, so it's, you know, you 0:25:20.660 --> 0:25:23.300 can see the movement of the enterprise towards browser based 0:25:23.300 --> 0:25:27.020 access to most of their services and applications, and we 0:25:27.020 --> 0:25:29.660 want to be the essentially the data protection layer for 0:25:29.660 --> 0:25:32.300 everything that goes through there. Uh, so that's that's kind 0:25:32.300 --> 0:25:34.820 of directionally where we're headed and we're busy building out 0:25:34.820 --> 0:25:37.300 a out a bunch of integrations as well at the moment. We. 0:25:37.460 --> 0:25:41.419 Next week we're rolling out Okta Integrations. We have entra 0:25:41.460 --> 0:25:44.619 ID as standard at the moment, so we're continuing to 0:25:44.619 --> 0:25:48.700 add to things like that and building out more insights 0:25:48.700 --> 0:25:51.220 is kind of next so that you can start to see, well, 0:25:51.260 --> 0:25:53.740 what are the types of prompts that are getting used 0:25:53.740 --> 0:25:56.620 by different teams in the company? You know what, what 0:25:56.619 --> 0:25:59.580 are our use cases as a business here and and 0:25:59.580 --> 0:26:02.140 where are the risks within that. But but the goal 0:26:02.140 --> 0:26:05.179 is that this is really more of an enablement tool for, 0:26:05.180 --> 0:26:07.540 for gen AI than, than just a data protection tool, 0:26:07.580 --> 0:26:11.380 because companies obviously want to be adopting this technology and 0:26:11.380 --> 0:26:13.300 we can let them do it safely instead of just 0:26:13.300 --> 0:26:15.820 blocking everything where a lot of them sit today. 0:26:17.660 --> 0:26:20.980 Yeah. Interesting. You mentioned about the use cases like that 0:26:20.980 --> 0:26:24.500 could be a really cool, like you said, a business insight. 0:26:24.500 --> 0:26:27.260 It's like everyone's trying to get help with these architecture 0:26:27.260 --> 0:26:30.620 diagrams or whatever. It's like, okay, well let's go solve that. 0:26:30.660 --> 0:26:31.260 Exactly. 0:26:31.340 --> 0:26:33.700 That's pressure that needs to be relieved. 0:26:33.700 --> 0:26:36.379 What we found in a couple of instances is the, 0:26:36.420 --> 0:26:39.300 you know, the CSO is part of the AI committee, 0:26:39.380 --> 0:26:42.500 and they get given kind of the the tools, responsibility 0:26:42.500 --> 0:26:45.580 to implement some controls around this, and we give them 0:26:45.580 --> 0:26:47.340 the ability to come back to the business and say, hey, 0:26:47.340 --> 0:26:49.460 did you know, here's the set of things that we're 0:26:49.460 --> 0:26:52.460 using today. What do we think about this? It's a 0:26:52.460 --> 0:26:55.500 good starting point for the conversation of which, you know, 0:26:55.540 --> 0:26:58.060 we've got obviously teams that want to use these types 0:26:58.060 --> 0:27:00.020 of tools in these use cases. Are we going to 0:27:00.020 --> 0:27:02.100 standardize on some of them. Are we going to block 0:27:02.140 --> 0:27:04.500 like what's our policy. Right. And and I think it's, 0:27:04.500 --> 0:27:06.860 it's I think where the security teams often go wrong 0:27:06.859 --> 0:27:09.899 historically has been, you know, we get seen as the 0:27:09.900 --> 0:27:13.060 Department of No. And it's it's kind of a blocker. 0:27:13.060 --> 0:27:15.220 And I think this is an opportunity to say, well, hey, 0:27:15.220 --> 0:27:17.500 look we understand you need to do A, B and 0:27:17.500 --> 0:27:19.699 C because we can see it. Here's a secure way 0:27:19.700 --> 0:27:21.100 to do that. Right. And you go and talk to 0:27:21.100 --> 0:27:24.260 your colleagues, talk to the departments and enable them to 0:27:24.260 --> 0:27:27.419 be successful. And I think those conversations go pretty well. 0:27:28.940 --> 0:27:34.780 Yeah. Well absolutely love it. It's the best implementation I've seen. 0:27:35.140 --> 0:27:40.820 I feel like you're really, really in touch with the problem. And, um. Yeah, 0:27:40.859 --> 0:27:43.820 I think your history with the previous company, uh, gives 0:27:43.820 --> 0:27:46.060 you a lot of, uh, advantage there. 0:27:46.100 --> 0:27:48.379 Yeah, yeah. No, it's. I learned a lot of lessons 0:27:48.380 --> 0:27:50.899 on that journey. And this time around, being based in 0:27:50.900 --> 0:27:52.700 the Bay area always helps when you get. You get 0:27:52.700 --> 0:27:54.939 started as well. It's just such a great place. 0:27:55.140 --> 0:27:57.700 Ground zero. When? When everything is blowing up. Right? 0:27:57.740 --> 0:28:00.659 Yeah. Yeah. Yeah. It does feel like a kind of 0:28:00.660 --> 0:28:03.060 a new industrial revolution. And this is the heart of it. 0:28:03.100 --> 0:28:05.260 So great to be here for it. 0:28:05.940 --> 0:28:09.260 Well, awesome. Well, how can people find more about the company? 0:28:09.660 --> 0:28:12.740 Yeah. I mean, harmonic security is is the starting point 0:28:12.740 --> 0:28:13.500 on the web. 0:28:13.540 --> 0:28:14.220 Great domain. 0:28:14.580 --> 0:28:18.540 Domain? Yeah. It's, uh, pretty pretty good for that. Um, but, yeah, 0:28:18.540 --> 0:28:22.420 I would say we we love jumping into demos straight away. Uh, 0:28:22.420 --> 0:28:24.700 we can roll out, as I said, in 30 minutes. 0:28:24.700 --> 0:28:26.820 So a pack is really easy for us to spin up, 0:28:26.820 --> 0:28:29.780 and we start to give you those insights in the pack, 0:28:29.820 --> 0:28:32.980 which then helps to inform what happens next. So if 0:28:33.020 --> 0:28:35.300 you've got companies that are starting to think about that 0:28:35.300 --> 0:28:38.340 as their step one inventorying what's happening with Gen I 0:28:38.340 --> 0:28:41.700 in the business and thoughts about UI act and things 0:28:41.700 --> 0:28:43.660 like that coming down the line. Right. We're a great 0:28:43.660 --> 0:28:45.620 first step for that. But then we also have the 0:28:45.620 --> 0:28:48.700 controls that come next. So if anyone's interested in that, 0:28:48.700 --> 0:28:50.580 we'd love to speak to them. Happy. Happy to jump 0:28:50.580 --> 0:28:53.500 on a call personally with anyone that's excited about what 0:28:53.500 --> 0:28:54.020 we're doing. 0:28:55.260 --> 0:28:59.700 Very cool. Well, thanks for the conversation. I really enjoyed it. And, um, yeah, 0:28:59.700 --> 0:29:01.459 I'm sure you're going to get some interest from this. 0:29:01.500 --> 0:29:03.740 Yeah. Thanks, Daniel. Been a been a pleasure, as always. 0:29:04.380 --> 0:29:09.420 All right. Take care. Thank you. Unsupervised learning is produced 0:29:09.420 --> 0:29:13.740 on Hindenburg Pro using an SM seven B microphone. A 0:29:13.740 --> 0:29:16.620 video version of the podcast is available on the Unsupervised 0:29:16.620 --> 0:29:19.940 Learning YouTube channel, and the text version with full links 0:29:19.940 --> 0:29:25.220 and notes is available at Daniel Miessler newsletter. We'll see 0:29:25.220 --> 0:29:28.100 you next time.