So, we're back with my friend Lou Manousos, Founder and CEO of cybersecurity firm RiskIQ. So, we learned a little bit about you in a previous video. Now, I want to learn about your technology. Tell us what you guys do and kind of how it helps reduce cyber risk? So RiskIQ is different from the other cyber security companies in that, we look at the threats as they originate out on the internet. So, most cyber security companies have a technology that sits on a firewall or on end point. At RiskIQ, we look at the entire internet and we collect data and analyze that data as the attacks are forming, and we empower investigators which are hunting threats and defenders who are helping to defend against internet attacks. And we give them the tools that they need to respond faster, take their tier one guys and make them more efficient at what they're doing and give you a full picture of the attack surface in the same way the attacker would see it. Now, when you say look out over the internet, are those people, is it technology you're using, is it a combination? How do you do that? So, RiskIQ is a product that comes with internet data. So, we give our customers the tooling that they need to take the outside view of the internet and bring that into their environment. So, it's an analytics capability with a user interface that brings in literally petabytes of internet data and makes that accessible to any analyst on the security team. What are they looking for? Are they looking for signatures of attack? Are they looking for credit cards for sale? Are they looking for brand being abused? What do they find when they look? Well, what normally happens is one of two things. Either they have an incident and there is a ticket that's been created or some threat intelligence, an indicator that the company is trying to learn more about it. So, because most threats begin out on the internet, they have an IP address and a domain name that's associated with that indicator. Our platform will provide visibility into where that domain name resolved, so that's the IP address related to the domain name. What other domain names are connected to that particular domain? What other traffic might have come from that particular attack? So, it's that sort of thing. What do you do then? When you find, let's say, I find some domain hanky-panky going on and I say, "Oh my gosh, I got a big problem". Do I call law enforcement? Do I change some settings on my firewall? What do I do? So, most companies, they're responding to a threat, so there might be a breach that's already occurred. And so they're trying to learn more about that attacker. Is that attacker maintaining access to our network through other command and control? So, what our platform provides is visibility into what we call a digital footprint. It's either related to the company or to the attacker. So, as the attacker moves through the network, they're leaving trails out on the internet, how they're accessing the network. And we provide the defenders, in this instance, an ability to find out all of these other ways that they got into the network. So, the output is a better blocking inside their firewall. In the case of, let's say, spear phishing attack, we will help the defenders take that infrastructure offline which may be communicating with an ISP, it might be actually working with the registrar to get that domain name shut down. And once the domain name is down, then that threat infrastructure cannot be used by the attacker. Are you optimistic that security companies and security teams can maybe catch up to the offense a little bit? You think we'll ever get to that point? Well, it's a cat and a mouse game, and as I said earlier, what I like about security is, it is a game, it's not a problem. So, we as security professionals, need to recognize that you're always going to be responding in some way. So, any program has to have response as part of what you're doing. So, be proactive but at the same time, there will be new exploits, there will be vulnerabilities that your team missed. So, I think you need to plan to respond and that's the unfortunate facts of the game theory that we live in. Interesting. Well, Lou, on behalf of our learning community, I want to thank you for joining us and I hope you had fun chatting. Yeah. Thank you. Thanks for having me. Thanks for coming.
