WEBVTT - A Conversation with Jason Meller of Kolide/1Password 0:00:21.623 --> 0:00:25.433 In this standalone episode, I speak with Jason Miller. Jason 0:00:25.433 --> 0:00:29.893 is the founder of collide. A company recently acquired by 0:00:29.893 --> 0:00:34.423 One Password. And in this conversation we discuss collides acquisition 0:00:34.423 --> 0:00:38.713 by one password. The synergy between collide and One Password. 0:00:39.703 --> 0:00:43.483 The challenge of password management. The concept of device trust 0:00:43.483 --> 0:00:48.853 and zero trust. The limitations of current MDM solutions. Engaging 0:00:48.853 --> 0:00:53.743 end users and security remediation. The philosophy behind collides approach. 0:00:54.073 --> 0:00:58.123 The importance of human friendly security solutions. Future plans for 0:00:58.123 --> 0:01:03.103 collide and the potential for broader application of collides technology. 0:01:03.463 --> 0:01:11.253 And with that, here's our conversation with Jason Miller. All right, Jason, 0:01:11.253 --> 0:01:12.903 welcome to unsupervised Learning. 0:01:14.103 --> 0:01:15.153 Thanks for having me. 0:01:16.473 --> 0:01:19.203 Yeah. So I understand you've had some big news in 0:01:19.203 --> 0:01:20.253 recent weeks. 0:01:21.903 --> 0:01:26.043 Yeah. Yeah, it's been a whirlwind. Uh, as I think 0:01:26.193 --> 0:01:28.983 some some folks have found out, we've been acquired by 0:01:28.983 --> 0:01:31.743 one password. We announced that a few weeks ago at 0:01:31.743 --> 0:01:34.683 the time of this recording, and, um, it was a 0:01:34.683 --> 0:01:36.873 really big deal. Uh, it's something that we've been working 0:01:36.873 --> 0:01:39.453 on with them for a while and discussions, and it 0:01:39.453 --> 0:01:42.903 was awesome to finally be able to talk about it publicly. 0:01:42.903 --> 0:01:48.183 But I've always loved the one password product. I got 0:01:48.183 --> 0:01:50.883 to meet a lot of the folks who lead the 0:01:50.883 --> 0:01:56.403 company there, including the original founders. And, uh, they're incredible. 0:01:56.403 --> 0:01:58.743 They're just as good as the product that they sell. 0:01:59.013 --> 0:02:01.053 And that was really important to me, because some of 0:02:01.053 --> 0:02:05.883 the foundational elements of collide was around treating end users 0:02:05.883 --> 0:02:09.963 with respect, honesty, getting in front of end users and 0:02:09.963 --> 0:02:14.393 giving them. Under an understanding of what's wrong with their device. 0:02:14.393 --> 0:02:16.673 Will they do the same thing? But they focused on 0:02:16.673 --> 0:02:20.843 probably even the harder problem than we solve is what 0:02:20.843 --> 0:02:22.763 do you do about passwords? How do you keep yourself 0:02:22.763 --> 0:02:26.243 safe with all these different logins to all these different apps? 0:02:26.513 --> 0:02:29.063 They've solved that so well that it's been ubiquitous like 0:02:29.063 --> 0:02:31.733 everybody uses it. And that was always a goal for 0:02:31.733 --> 0:02:34.283 me at Callide is to achieve the same thing. But 0:02:34.283 --> 0:02:36.533 on the in the device trust space and for end 0:02:36.533 --> 0:02:40.013 user driven remediation. And so for us, like culturally the 0:02:40.013 --> 0:02:44.513 fit was perfect. And it's great for me because we 0:02:44.513 --> 0:02:47.873 get a lot of opportunity to still grow and what 0:02:47.873 --> 0:02:49.523 we're doing at Callide. But now we have a lot 0:02:49.523 --> 0:02:52.073 more resources, and that would have had to have come 0:02:52.073 --> 0:02:54.983 through the form of venture capital and a number of 0:02:54.983 --> 0:02:58.703 other things, and the incentives can sometimes get misaligned. Really 0:02:58.703 --> 0:03:01.373 confident that with one password, we're going to be able 0:03:01.373 --> 0:03:04.523 to continue our mission, achieve it at a much faster 0:03:04.523 --> 0:03:08.603 pace and keep what was core about us, our DNA, 0:03:08.603 --> 0:03:10.523 the same because they're that way too. 0:03:11.213 --> 0:03:13.943 Yeah. That's great. So so talk about some of that synergy. 0:03:13.943 --> 0:03:17.513 Like how did this, uh what do you think they 0:03:17.513 --> 0:03:20.453 saw in you? Obviously we think it's a great product, 0:03:20.453 --> 0:03:23.183 but like the different spaces, a lot of people might 0:03:23.183 --> 0:03:25.883 be like, wait a minute, which space is one password? 0:03:25.883 --> 0:03:28.643 Which space is Callide? How do you how do you 0:03:28.643 --> 0:03:31.373 see that merging both when you first heard about it 0:03:31.373 --> 0:03:34.313 and then also now like as you actually implement it? 0:03:35.513 --> 0:03:38.783 Yeah. I think to understand why one password likes collide. 0:03:38.783 --> 0:03:43.703 It's not about necessarily product or feature synergy. We're in 0:03:43.703 --> 0:03:46.973 different areas. And the thing that makes sense to them 0:03:46.973 --> 0:03:49.343 is like the way that one password sees themselves after 0:03:49.343 --> 0:03:53.303 talking with them, they really see themselves as a company 0:03:53.303 --> 0:03:56.843 that is distilling down a really hard topic to, you know, 0:03:56.843 --> 0:03:59.123 a hard problem to solve. And in their case, that's 0:03:59.243 --> 0:04:04.853 password management and making it something that is easily solved 0:04:04.853 --> 0:04:08.453 through software and technology, and distilling it down to a 0:04:08.453 --> 0:04:13.823 level of simplicity that even my mom could figure out, right? 0:04:13.853 --> 0:04:18.083 I mean, before there were password managers, there really weren't. 0:04:18.383 --> 0:04:20.453 There was a lot of recommendations on what you're supposed 0:04:20.453 --> 0:04:23.393 to do to do a good job, to keep yourself safe. 0:04:23.393 --> 0:04:25.883 From a password perspective, you're not supposed to reuse passwords. 0:04:25.883 --> 0:04:28.313 You need to have a certain level of complexity. So 0:04:28.313 --> 0:04:30.623 we're doing a lot of talking as security practitioners and 0:04:30.623 --> 0:04:34.643 telling people what they need to be doing. But we 0:04:34.643 --> 0:04:37.673 weren't giving them any tools to really effectively put those 0:04:37.673 --> 0:04:40.553 things into practice. And that's what one password was able 0:04:40.553 --> 0:04:43.253 to do. On the Callide side, we have a very 0:04:43.253 --> 0:04:45.383 similar challenge in front of us. We have a lot 0:04:45.383 --> 0:04:47.993 of IT and security practitioners to tell end users all 0:04:47.993 --> 0:04:50.783 the time, hey, you got to keep your OS up 0:04:50.783 --> 0:04:53.843 to date. You need to have disk encryption enabled. You 0:04:53.843 --> 0:04:57.443 need to have system integrity protection on the browsers need 0:04:57.443 --> 0:04:58.763 to be up to date. You need to do this. 0:04:58.763 --> 0:05:01.673 You need to do that. And today the tools that 0:05:01.673 --> 0:05:05.693 we have to help users solve those problems don't work 0:05:05.693 --> 0:05:10.223 very well. We have MDM. Most of Clyde's customers use MDM, 0:05:10.553 --> 0:05:12.713 but it has a flaw. And that flaw is it 0:05:12.713 --> 0:05:17.003 only can work on the devices that it's installed on. 0:05:17.243 --> 0:05:21.353 And there's nothing that really stops people from signing into 0:05:21.353 --> 0:05:27.143 your most important apps with their personal devices. Right? You 0:05:27.143 --> 0:05:30.263 need to have something in place that says, hey, these 0:05:30.263 --> 0:05:32.723 are the rules of the road. You're going to either 0:05:32.723 --> 0:05:36.383 have a device that's managed under MDM or in addition 0:05:36.383 --> 0:05:39.473 to that, or alternatively, you're going to meet these basic 0:05:39.473 --> 0:05:43.583 security requirements before you can get on AWS, before you 0:05:43.583 --> 0:05:46.913 can get on GitHub, before you can get on Salesforce, like, 0:05:46.913 --> 0:05:49.373 these are the core apps that we have that sensitive 0:05:49.373 --> 0:05:51.743 data in them. You need to be on a computer 0:05:51.743 --> 0:05:55.103 that's safe. Well, there's no real good answer to that. 0:05:55.103 --> 0:05:59.933 And Callide has found the beginnings of that solution for 0:05:59.933 --> 0:06:04.433 folks who have Okta. And our plan is to make 0:06:04.433 --> 0:06:07.793 that as ubiquitous as the one password password manager is 0:06:07.793 --> 0:06:10.793 for passwords. We want to be that solution for solving 0:06:10.793 --> 0:06:12.563 that problem for devices. 0:06:13.223 --> 0:06:15.413 Yeah, that makes a lot of sense. I heard someone 0:06:15.413 --> 0:06:18.923 describe business strategy in an interesting way before they said, 0:06:18.923 --> 0:06:22.883 look for a really acute problem that's just so annoying 0:06:22.883 --> 0:06:26.813 for people, and just solve it more elegantly and better 0:06:26.813 --> 0:06:30.503 than anyone else. And both of the two problems that 0:06:30.503 --> 0:06:32.813 that you described, they very much fit that. 0:06:33.813 --> 0:06:36.483 That's exactly right. And that's why I think one pastor 0:06:36.483 --> 0:06:39.963 has enjoyed so much success is sound like they have some. 0:06:40.263 --> 0:06:42.993 They have a really great people there. But let's be clear, 0:06:42.993 --> 0:06:45.633 the reason why they're so successful is they've built an 0:06:45.633 --> 0:06:48.933 incredible product that solves a real problem that people have. 0:06:49.703 --> 0:06:54.083 That's hard to do in the security space because first, 0:06:54.083 --> 0:06:56.723 it's really hard to get people to even recognize there 0:06:56.723 --> 0:06:59.423 is a problem. So like in colliders case, the thing 0:06:59.423 --> 0:07:01.613 that we battle all the time, and one of the 0:07:01.613 --> 0:07:04.073 reasons I even come on podcast to talk about it 0:07:04.583 --> 0:07:10.013 is people don't necessarily recognize that it's bad that any 0:07:10.013 --> 0:07:14.873 device can sign in to most of your apps, including 0:07:14.873 --> 0:07:19.583 the devices that are not under management. And that's universally 0:07:19.583 --> 0:07:22.673 true in a lot of organizations today. Device trust and 0:07:22.673 --> 0:07:25.913 zero trust is concepts are new. Yeah, only a few 0:07:25.913 --> 0:07:28.583 years old and the concepts are older. But the products 0:07:28.583 --> 0:07:31.703 that actually create the outcomes people are looking for a 0:07:31.703 --> 0:07:34.973 really new. And so most organizations are in a state 0:07:34.973 --> 0:07:37.763 right now where yes, they have MDM, they have all 0:07:37.763 --> 0:07:43.353 these things, but they're not actually. They haven't created a 0:07:43.353 --> 0:07:47.523 protective layer that actually ensures that devices are in a 0:07:47.523 --> 0:07:52.593 basic state. So a basic state of security. So fundamentally 0:07:52.593 --> 0:07:57.813 we collide. Uh, we're solving that problem, and we're trying 0:07:57.813 --> 0:08:00.153 to solve it in the most elegant way possible. That 0:08:00.153 --> 0:08:03.783 still preserves the cultures of these companies, like a lot 0:08:03.783 --> 0:08:08.613 of companies allow a pretty broad BYoD program, or they 0:08:08.613 --> 0:08:14.163 have contractors that don't use company provision devices, and they 0:08:14.163 --> 0:08:17.793 want to preserve that cultural element of their company, but 0:08:17.793 --> 0:08:21.123 they want to have some semblance of security. Well, what 0:08:21.123 --> 0:08:23.613 is the state of the what can you purchase today 0:08:23.613 --> 0:08:26.853 to ensure that happens? There really isn't a lot out there. 0:08:26.883 --> 0:08:29.223 A lot of the zero trust device trust solutions that 0:08:29.223 --> 0:08:33.663 exist on the market today. Implicitly assume that the way 0:08:33.663 --> 0:08:36.123 that you're going to decide whether a device should be 0:08:36.123 --> 0:08:39.513 signing in or not is whether it's enrolled on the MDM. 0:08:39.573 --> 0:08:43.023 But if you have a big BYoD program, end users 0:08:43.023 --> 0:08:45.393 aren't going to want to enroll their devices in the MDM, 0:08:45.393 --> 0:08:47.553 or nor is it really appropriate for them to be 0:08:47.553 --> 0:08:51.333 doing that in some cases. Or contractors, they may be 0:08:51.333 --> 0:08:54.453 on their own MDM and they're not on yours. And 0:08:54.453 --> 0:08:56.403 a lot of the solutions out there just don't work 0:08:56.403 --> 0:08:59.403 in that world. We've sort of distilled it down beyond that. 0:08:59.403 --> 0:09:02.013 The thing, the key insight that Callide has had is 0:09:02.493 --> 0:09:05.553 you can't assume that a device is in a good 0:09:05.553 --> 0:09:08.793 state just because it's on the MDM anyway. So let's 0:09:08.793 --> 0:09:11.913 just start at first principles. Yeah. What is the disk 0:09:11.913 --> 0:09:15.633 encryption story? What is the OS version? How long has 0:09:15.633 --> 0:09:18.753 it been since the the device has been rebooted. So 0:09:18.753 --> 0:09:20.643 on and so forth. And you can run hundreds of 0:09:20.643 --> 0:09:24.483 different checks. Let's just look at those at a baseline level. 0:09:24.483 --> 0:09:27.693 Not even thinking about the MDM. And and if they're 0:09:27.693 --> 0:09:29.973 not in that state then they don't get on. But 0:09:29.973 --> 0:09:34.203 more importantly, we can engage with the end user to 0:09:34.203 --> 0:09:38.163 get them to fix those problems while they are being 0:09:38.163 --> 0:09:41.193 informed that they're blocked from being signing in. And that's 0:09:41.193 --> 0:09:45.033 the key. And that's why this type of solution is 0:09:45.033 --> 0:09:48.033 so important, because it will work on anything. Like we 0:09:48.033 --> 0:09:51.483 support Linux, you have mobile devices. The reason why we 0:09:51.483 --> 0:09:54.423 can do that is we don't need a special API 0:09:54.423 --> 0:09:57.003 to fix the problems. The interface to fix the problems 0:09:57.003 --> 0:09:59.583 is the person sitting behind the computer. Yeah. And if 0:09:59.583 --> 0:10:02.523 you embrace that and you make it so that they 0:10:02.523 --> 0:10:05.013 understand and they have the motivation and the tools to 0:10:05.013 --> 0:10:07.893 do it, they can solve any problem. Even the most 0:10:07.893 --> 0:10:12.543 nuanced security issues your organization is trying to solve today 0:10:12.543 --> 0:10:15.483 and users can fix for you and with perfect efficacy 0:10:15.483 --> 0:10:16.953 if you do this the right way. 0:10:17.853 --> 0:10:18.573 Yeah. 0:10:19.293 --> 0:10:22.323 Yeah, that makes sense. It's actually interesting. I mean, that 0:10:22.323 --> 0:10:26.913 zero trust story really, really does resonate because it's like 0:10:27.633 --> 0:10:30.513 you're falling back and saying, look, this MDM thing, it 0:10:30.513 --> 0:10:33.303 hasn't worked out that perfectly. And you're dealing with the 0:10:33.303 --> 0:10:37.563 reality that is, which is the business hands out laptops 0:10:37.563 --> 0:10:41.133 to people and says go to work like that just happens. 0:10:41.223 --> 0:10:44.193 And then when security is like, well, you don't have 0:10:44.193 --> 0:10:47.343 the MDM, we can't let you on. Like we're literally 0:10:47.343 --> 0:10:48.453 stopping business. 0:10:49.483 --> 0:10:53.533 Right? Yeah. And it's a concern. Well, what's interesting is that. 0:10:54.503 --> 0:10:56.873 The companies don't really have good tools today to measure 0:10:56.873 --> 0:11:02.113 how effective. Their device program. So let's say you don't 0:11:02.113 --> 0:11:06.223 have a zero trust or device trust solution today. And 0:11:06.223 --> 0:11:09.193 you're trying to understand is that even important? Well, the 0:11:09.193 --> 0:11:11.203 first thing that you need to do is you need 0:11:11.203 --> 0:11:13.603 to at least cast a net and understand who, what 0:11:13.603 --> 0:11:17.983 devices are even signing into apps. Yeah. And that is 0:11:17.983 --> 0:11:20.113 that there really isn't an answer to how to solve 0:11:20.113 --> 0:11:21.913 that today. You know, that's one of the things I'm 0:11:21.913 --> 0:11:24.493 working with on the one password side is can we 0:11:24.493 --> 0:11:28.873 actually help capture that? But let's say that report did exist. 0:11:28.873 --> 0:11:31.153 Let's say I could give you a report today for 0:11:31.153 --> 0:11:34.723 your business. That said, here's all the devices that we saw. 0:11:34.723 --> 0:11:38.293 Log in to this app and here's their state. Without 0:11:38.293 --> 0:11:40.183 deploying an agent or anything like that, let's just say 0:11:40.183 --> 0:11:43.813 that report exists. I think the challenge is that you're 0:11:43.813 --> 0:11:45.763 going to see a lot of things. You're going to see, hey, 0:11:45.763 --> 0:11:47.593 a lot of these some of these devices aren't on 0:11:47.593 --> 0:11:51.673 any MDM. Some of these devices don't have any disk encryption. 0:11:51.673 --> 0:11:54.223 Like they just file Vault is off if it's Mac 0:11:54.223 --> 0:11:58.543 or BitLocker is off if it's windows. Here's a bunch 0:11:58.543 --> 0:12:03.463 that have like an OS version that's three years old. 0:12:03.463 --> 0:12:07.663 Four years old. Yeah. Probably exploitable remotely easily by any 0:12:07.663 --> 0:12:10.303 drive by malware that could go to the wrong website 0:12:10.303 --> 0:12:13.573 and you're popped. You would see a report that says that. 0:12:13.573 --> 0:12:18.013 And then the key insight is, after seeing this report, 0:12:18.013 --> 0:12:20.863 what do you want to reach for to solve that problem? 0:12:20.863 --> 0:12:23.803 And I think what a lot of folks naturally reach 0:12:23.803 --> 0:12:27.523 for is, oh, we need more MDM. Well, no, not 0:12:27.523 --> 0:12:31.633 really either. You already have MDM and that's not clearly 0:12:31.633 --> 0:12:35.113 not working. We've captured a bunch of devices here that 0:12:35.113 --> 0:12:36.943 are being used to do real work that aren't on 0:12:36.943 --> 0:12:41.803 the MDM. So now that's not working that program. And 0:12:41.803 --> 0:12:45.763 the other thing is. You don't have any way of 0:12:45.763 --> 0:12:50.653 even effectively measuring the security of these devices outside of 0:12:50.653 --> 0:12:53.143 the MDM. So the right thing to reach for isn't 0:12:53.143 --> 0:12:57.523 an MDM. In that case, it's to reach for device trust. 0:12:57.523 --> 0:13:01.273 It's to say, hey, let's say I have Okta. Let's 0:13:01.273 --> 0:13:05.743 figure out a way during the Okta authentication flow to 0:13:05.743 --> 0:13:08.293 vet a device. Let's figure out what's going on with 0:13:08.293 --> 0:13:12.403 it and then let's. Not let it in if it's 0:13:12.403 --> 0:13:15.613 not in the right state, but not block work. As 0:13:15.613 --> 0:13:18.433 you said, let's actually give that person who is being 0:13:18.433 --> 0:13:21.943 blocked a path to redemption. How do they get their 0:13:21.943 --> 0:13:24.793 device in the right state? And they'll be highly motivated 0:13:24.793 --> 0:13:26.533 to do that because they want to go and get 0:13:26.533 --> 0:13:29.383 to work. And then how do you get the nuances 0:13:29.383 --> 0:13:32.203 of that interaction? Right? Like maybe it doesn't start off 0:13:32.203 --> 0:13:34.213 with a block. It starts off with a warning and 0:13:34.213 --> 0:13:37.333 you have 14 days. Or maybe it's not even a 0:13:37.333 --> 0:13:40.663 warning with a consequences. It's just an FYI like, hey, 0:13:40.663 --> 0:13:43.483 we're gonna, in the future, be rolling out this program. 0:13:43.483 --> 0:13:47.863 If it were to have been implemented today, you probably 0:13:47.863 --> 0:13:50.503 wouldn't have met the bar. You may want to start 0:13:50.503 --> 0:13:53.353 thinking about that and then graduate to an explicit warning 0:13:53.353 --> 0:13:56.863 with a time deadline to then eventually to a block. 0:13:56.863 --> 0:13:59.743 And maybe even when they're blocked, you don't. You give 0:13:59.743 --> 0:14:03.403 them one more snooze, right? And then they can still 0:14:03.403 --> 0:14:05.143 get it if it's an emergency. So those are like 0:14:05.143 --> 0:14:08.053 the types of human elements that we've built into the 0:14:08.053 --> 0:14:11.233 collide platform, because now we've been running this app, we've 0:14:11.233 --> 0:14:12.883 been selling this product for about a year. We're going 0:14:12.883 --> 0:14:15.493 to continue to sell it at one password. And we've 0:14:15.493 --> 0:14:17.923 learned a lot about how end users react to these 0:14:17.923 --> 0:14:21.463 types of screens. And it's been incredibly effective, like all 0:14:21.463 --> 0:14:25.753 of our customers today have essentially been able to achieve 0:14:25.753 --> 0:14:29.953 perfect compliance and anything that they want by utilizing this mechanism, 0:14:29.953 --> 0:14:32.293 which has been fantastic to see. 0:14:32.773 --> 0:14:36.343 Yeah, I love the fact that it's enabling business to happen. 0:14:36.463 --> 0:14:39.763 I also love the fact that you're using the best 0:14:39.763 --> 0:14:44.083 possible resource for remediation, which everyone has been hesitant to do, 0:14:44.083 --> 0:14:46.963 which is the person actually using the computer, and you're 0:14:46.963 --> 0:14:50.443 sort of guiding them. And it's like, you know what 0:14:50.443 --> 0:14:53.323 this reminds me of? And hopefully this isn't offensive in 0:14:53.323 --> 0:14:57.823 any way. But, um, I've been like kind of marveling 0:14:57.823 --> 0:15:02.833 at calendly. Yes. So it's like, okay, wait a minute. 0:15:02.833 --> 0:15:06.343 What are you doing exactly? Like, how bad was this 0:15:06.343 --> 0:15:12.253 problem before? Billions of people probably suffering from a problem that, 0:15:12.253 --> 0:15:16.123 like the big tech scene has not solved, and someone 0:15:16.123 --> 0:15:22.153 comes in and cleanly and, like, elegantly solves this one thing. 0:15:22.393 --> 0:15:25.543 It's like what? In their case, it's like, how do 0:15:25.543 --> 0:15:28.423 you share calendars? Okay, they make this one thing. It 0:15:28.423 --> 0:15:32.143 doesn't do that much and it's amazing. And now everyone 0:15:32.143 --> 0:15:35.143 uses it. And guess what? When the bigger people try 0:15:35.143 --> 0:15:39.313 to compete, they cram all this extra stuff. They actually 0:15:39.313 --> 0:15:42.433 miss the point of the app and end up making 0:15:42.433 --> 0:15:45.283 something inferior. Even though they have a much larger team, 0:15:45.733 --> 0:15:48.613 it's because they miss the philosophy of it, and I 0:15:48.613 --> 0:15:52.723 feel like the collide product basically really understood the problem 0:15:52.723 --> 0:15:56.533 and really understood not to over engineer the solution and 0:15:56.533 --> 0:15:59.983 to kind of just make it as as clean as 0:15:59.983 --> 0:16:01.003 it needed to be. 0:16:02.193 --> 0:16:04.983 Yeah. And I think ultimately the reason why we were 0:16:04.983 --> 0:16:08.793 able to see that problem isn't because, like, we're clairvoyant 0:16:08.793 --> 0:16:12.243 or we understand it. I think we started off looking 0:16:12.243 --> 0:16:17.103 to solve like fundamentally, I don't think that the existing 0:16:17.103 --> 0:16:21.483 security solutions on the market are very human being friendly. Yeah. 0:16:21.483 --> 0:16:24.933 And I wanted to build a security company that had 0:16:24.933 --> 0:16:27.243 that as a core principle. So we were sort of 0:16:27.243 --> 0:16:29.493 we knew that was an immutable part of collide. How 0:16:29.493 --> 0:16:32.193 do we build something on top of that? The second 0:16:32.193 --> 0:16:34.803 thing that is part of my DNA that sort of 0:16:34.803 --> 0:16:39.213 informed this was I worked in manufacturing as a couple 0:16:39.213 --> 0:16:41.943 of first jobs that I had and like, you know, 0:16:41.943 --> 0:16:44.523 actually on the machine shop floor. And a big part 0:16:44.523 --> 0:16:48.873 of that experience was safety training. And I remember, like 0:16:48.873 --> 0:16:53.013 sitting down, you're getting the orientation. It's like making sure 0:16:53.013 --> 0:16:56.043 that you're being aware of your surroundings and like, but 0:16:56.043 --> 0:16:58.053 you learn about some of these systems that were put 0:16:58.053 --> 0:17:02.253 in place and every single. Safety law and process is 0:17:02.253 --> 0:17:05.673 written in blood, right? Like people died. And then they 0:17:05.673 --> 0:17:07.713 figured out a way to stop that from happening. And 0:17:07.713 --> 0:17:09.693 the one that really stuck out to me was this 0:17:09.693 --> 0:17:13.983 concept of lock out tag out. So for the folks 0:17:13.983 --> 0:17:16.413 who are not familiar with this, let's say you have 0:17:16.413 --> 0:17:20.043 a really dangerous piece of equipment on the shop floor. 0:17:20.683 --> 0:17:24.793 And someone needs to repair it. Well, previously before lock 0:17:24.793 --> 0:17:27.313 out tag out, what would happen is that person would 0:17:27.313 --> 0:17:29.203 climb and they would turn off the machine. They would 0:17:29.203 --> 0:17:32.023 climb into it, and they'd probably tell everybody, hey, don't 0:17:32.023 --> 0:17:34.213 use this machine because I'm going to be fixing it. 0:17:34.303 --> 0:17:36.673 And then they'd repair it. And then what would happen 0:17:36.673 --> 0:17:39.403 every once in a while is someone wouldn't realize someone 0:17:39.403 --> 0:17:42.193 was in the machine. They would turn it on, and 0:17:42.193 --> 0:17:45.613 then that person inside the machine would die. So that 0:17:45.613 --> 0:17:49.543 was really bad outcome, obviously. And the problem was, is like, 0:17:49.543 --> 0:17:53.023 no matter how much training you gave to be like, 0:17:53.023 --> 0:17:55.153 always check inside the machine. 0:17:55.153 --> 0:17:55.603 Yeah. 0:17:55.783 --> 0:18:00.313 People were still dying. So the right solution wasn't more training. 0:18:00.313 --> 0:18:03.523 And to give them more PowerPoints or more manuals or 0:18:03.523 --> 0:18:08.713 scary videos, it was to actually engineer a system that 0:18:08.713 --> 0:18:12.313 would hack around the fallibility of human beings and actually 0:18:12.313 --> 0:18:14.833 solve it for good. Yeah. So the way lockout tag 0:18:14.953 --> 0:18:17.113 works is when that same person is going to decide 0:18:17.113 --> 0:18:20.983 to repair the machine, they actually go up to the 0:18:20.983 --> 0:18:23.893 control panel and they lock out the controls, and they 0:18:23.893 --> 0:18:26.593 take the key that is used to lock out the 0:18:26.593 --> 0:18:29.743 controls with them, so that if anyone even tries to 0:18:29.743 --> 0:18:32.623 turn on the machine, they can't do it because they 0:18:32.623 --> 0:18:34.903 don't have the key to unlock the controls. It's with 0:18:34.903 --> 0:18:38.743 the person. Yeah, who's physically repairing the machine. And that 0:18:38.743 --> 0:18:44.783 one simple trick. Effectively eliminated that whole class of deaths 0:18:44.783 --> 0:18:48.653 in on a machine shop floor. Well, I feel that 0:18:48.653 --> 0:18:51.653 the problems that we face in the security space about 0:18:51.653 --> 0:18:53.813 getting human beings to do things we're still stuck in, 0:18:53.813 --> 0:18:58.433 like the old. 1920s and 1930s Industrial Revolution phase of 0:18:58.433 --> 0:19:00.503 it where we're trying to we know that we need 0:19:00.503 --> 0:19:02.873 to get end users to know how to do things. 0:19:02.873 --> 0:19:06.023 But the the instruments that we're wielding today are all 0:19:06.023 --> 0:19:10.193 training videos, you know, yelling at people when they're not 0:19:10.193 --> 0:19:14.753 doing things right, adding MDM. But we really need human 0:19:14.753 --> 0:19:18.653 based systems that understand human psychology. They understand how people operate. 0:19:18.653 --> 0:19:23.743 They understand that. People need systems that will prevent the 0:19:23.743 --> 0:19:26.293 thing from happening entirely. And that's what Callide is. I 0:19:26.293 --> 0:19:29.143 think it's the first product on the market that takes 0:19:29.143 --> 0:19:33.253 lessons learned from those safety industries, and then brings them 0:19:33.253 --> 0:19:36.973 in to the world of cyber security and gets end 0:19:36.973 --> 0:19:41.953 users at scale with almost perfect efficacy to solve problems. 0:19:41.953 --> 0:19:44.743 And that's what we've built. And that's why one password 0:19:44.743 --> 0:19:47.773 was really excited about what we're doing, because they see 0:19:47.773 --> 0:19:51.463 their systems. And the way that they arrived with their 0:19:51.463 --> 0:19:54.013 answers is very similar methodology. 0:19:55.003 --> 0:19:59.593 Yeah, absolutely. That's, uh, that's really interesting. And I like 0:19:59.593 --> 0:20:01.513 that story a lot. I've done a bunch of work 0:20:01.513 --> 0:20:03.823 in the safety space as well, and they take it 0:20:03.823 --> 0:20:06.403 very seriously. And like you said, when you care, you 0:20:06.403 --> 0:20:10.453 engineer a solution that solves that problem. And, uh, yeah, 0:20:10.453 --> 0:20:14.593 I really like that analogy. Well, where can everyone, uh, 0:20:15.103 --> 0:20:17.233 find find out about the product. 0:20:18.353 --> 0:20:20.993 Yeah. So you could still find us at Callide. Com. 0:20:20.993 --> 0:20:23.993 And today we still sell to folks who have Okta 0:20:23.993 --> 0:20:26.513 so that none of that's changing. We're still open for business, 0:20:26.513 --> 0:20:30.203 we're still selling our product. And in fact, we're starting 0:20:30.233 --> 0:20:32.873 to reach out now to folks who don't have Okta. 0:20:32.873 --> 0:20:36.803 So if you have Google Workspace or use Microsoft Entra, 0:20:36.803 --> 0:20:38.933 we have something in the works that we're going to 0:20:38.933 --> 0:20:40.913 be launching later this year. And we want to start 0:20:40.913 --> 0:20:43.583 talking to folks to get their insights on what we're 0:20:43.583 --> 0:20:46.433 building and to get them in a place where they 0:20:46.433 --> 0:20:50.063 get even beta test it. So if you have Okta 0:20:50.063 --> 0:20:52.943 today and you want to use something like collide, go 0:20:52.943 --> 0:20:58.043 to collide comm, collide comm. And if you have something 0:20:58.043 --> 0:21:00.953 different that you use for single sign on, hit us 0:21:00.953 --> 0:21:02.753 up as well and we'll have a chat. 0:21:03.663 --> 0:21:05.403 Awesome. Great talking to you. 0:21:06.483 --> 0:21:07.893 Thank you so much for having me.