0:03 Okay. I think we're going. 0:06 Alright. 0:07 Well, good morning, everyone. 0:09 Thank you for joining us, today for Deep Hat v2, 0:13 a panel on the future of cybersecurity AI. 0:16 If you don't know us already, we're Kindo. 0:18 Kindo is an agent AI platform tailored for the DevSecOps 0:22 cybersecurity space. 0:24 And today, we're talking about a particularly exciting component 0:27 of Kindo, and that is Deep Hat, 0:30 our proprietary uncensored red team cybersecurity model, 0:35 formerly known to the community as Whiterabbit Neo, and, 0:40 something we developed in house. 0:42 So my name is Amanda Seikin. I'm moderating today. 0:45 I'm a senior engineer at Kindo, 0:47 and this is a particularly meaningful topic to me because 0:50 I'm one of three researchers, 0:52 responsible for the development and delivering DPAT v two. 0:58 And we have a couple great panelists here, 1:01 so I'll let them introduce themselves, 1:03 and then we'll start to get into things. 1:05 Let's start with James. 1:08 Yeah. I'm James. 1:09 I'm the head of applied AI research here at Kindle, 1:12 and I'm overall responsible for the development of DPAD. 1:17 Awesome. Brian. 1:20 Hi. Brian Van. 1:21 I'm the cofounder and CTO of Kindle, 1:24 responsible for everything engineering. 1:27 Okay. And our very special guest, Pete. 1:31 Hi. I'm Pete Clay. 1:32 I'm the chief information security officer for Aireon and 1:36 a power user of DPAT, and prior to that, Whiterabbit Neo. 1:41 We are really excited to have Pete here with us, 1:43 and he's gonna tell us a little bit about what Aireon does 1:45 later on and how he uses Kindle. 1:49 So as we go, I will be asking some questions to our panelists. 1:53 And for the participants, 1:54 you can put your questions in the q and a, 1:57 and then we'll save some time at the very end, 1:59 like the last fifteen minutes, 2:00 and get to the audience questions. 2:03 But feel free to put them as we discuss. 2:06 Okay. 2:06 So before we get into everything that you can do with 2:09 Kindle and with DPAT, specifically in Kindle, 2:14 let's discuss some of the technical details of the model itself. 2:18 So we'll start with some questions to James to give us 2:21 a, like, look under the hood 2:24 about what DPAD actually is, how we developed it, 2:27 and things like that. 2:29 So I think the first thing to discuss is the biggest 2:33 difference between DPAT version one and DPAT version two is 2:37 the model architecture itself. 2:40 So v one was a dense model. 2:42 V two is a mixture of experts or MOE model. 2:46 James, for those of us who aren't familiar, 2:48 can you speak a little bit about to what that is and what that means? 2:52 Yeah. Happy to speak on that. 2:55 So 2:56 what underlies all of modern trans- 3:00 all of modern AI slash large language models is this 3:04 architecture called transformers. 3:07 Within these transformers, there's actually two 3:11 major sets of operations that happen over and over again 3:15 within the layers of the transformers, 3:18 which kind of transform your representations of 3:22 your input tokens into output tokens. 3:25 Right? 3:26 So these two operations are one is the attention mechanism, 3:30 which is kind of the more famous operation, I guess, 3:33 inside transformers. 3:34 This is a mechanism that 3:36 attends between tokens and across tokens to figure out, 3:40 like, for a given generation, 3:42 what are the tokens that are in my inputs and my contacts that 3:45 are actually important to me? 3:48 But it's just as important or sometimes possibly even more 3:52 important than the attention mechanism is this kind of dense 3:55 feed forward layer that processes tokens one at a time 4:01 in terms of, like, the entire input sequence. 4:04 Right? 4:05 So this is a set of operations that take an 4:09 input token and just for that input token transforms its 4:13 representation to a different space. 4:16 And it's found that, you know, 4:17 by training these transformers and using these two operations over and over, 4:21 we get all of the intelligence that we kind of see today. 4:26 It's really within that kind of feed forward layer that we 4:30 get this difference between a mixture of experts model and a dense model. 4:35 So within a typical dense model, 4:37 that feed forward layer basically fully activates for 4:41 every single token that comes into that layer. 4:45 And that means, like, 4:46 every single weight within that feed forward layer 4:49 is being used is part of the calculations. 4:53 For a mixture of experts model, 4:56 only a fixed subset of experts are activated for any given token. 5:01 The choice of which experts get activated is also learned 5:05 during the training procedure by what are called expert gates. 5:10 So you get a gating mechanism that says, okay. 5:12 I have a input token here. 5:14 What are the, say, four experts that I really want to activate 5:18 for this given model? 5:21 The upshot of this is if you look at a transformer and where 5:24 all of the weights live, 5:26 a vast majority of the weights are actually in this kind of 5:30 per token processing feed forward layer. 5:33 And so, for example, if you had a transformer that's two 5:37 hundred billion parameters, 5:40 you know, maybe a hundred and forty billion of 5:44 them are within these kind of token layers or a hundred and 5:48 fifty billion of them. 5:49 A large majority of it are in these feed forward layers. 5:53 And so if you're only activating a small subset for 5:56 every token, you can actually have a very, 5:59 very large model that has a lot of weights that's able to 6:03 remember a lot of information, 6:05 that's able to recall 6:08 all these things, 6:09 but only a very small subset of the weights are active for any given token. 6:13 And so the upshot is I have a model. 6:16 Maybe it's two hundred billion parameters in total size, 6:19 but at any given time, 6:20 maybe only twenty billion parameters are active or thirty 6:23 billion parameters are active. 6:24 So you can kind of treat that model as a much smaller model 6:27 when it comes to, like, inference. 6:29 But that model has, like, 6:31 the capabilities of that two hundred billion parameters baked within it. 6:35 So that's the major upshot. 6:38 Yeah. It's really it's really cool. 6:40 It's really interesting because so many people, we use AI. 6:44 We use the language models through our day to day lives, 6:47 but most of us have almost no idea how they actually work. 6:52 And you hear about these updates coming out. 6:54 And for the average user, it's just, like, 6:58 a lot of technical jargon. 6:59 So hearing a bit of the explanation is 7:03 pretty insightful. 7:04 It's actually pretty similar to, like, 7:07 how our brains work because our brains are also not densely activated. 7:10 Right? 7:10 For any given input that we receive in our brains, 7:13 we don't fire all of our neurons at once. 7:15 We only fire the neurons that are actually important for that 7:19 particular input. 7:20 Yeah. 7:21 Yeah. 7:21 That's an interesting 7:23 yeah. 7:23 I didn't realize that parallel, 7:25 or it's just not something I think about. 7:28 Okay. 7:28 So it's really cool hearing about the architecture and 7:33 how it enables certain capabilities of the model. 7:36 I think as you were describing it intuitively, 7:39 one could understand this sounds like more efficient a 7:43 more efficient model. 7:44 MOE can act more efficiently. 7:46 So when it comes to those 7:50 greater efficiencies within MOE, 7:54 how do those manifest, like, for the actual user? 7:57 Yeah. 7:58 I think for an actual end user, 7:59 it's gonna you're gonna see kind of two effects. 8:02 The first effect is just in terms of at inference time, 8:05 things will just be faster. 8:07 So if you have a given prompt, 8:10 a given set of output tokens that the model has to generate, 8:13 and then you have the same hardware, 8:16 you're gonna see just quicker responses from the model. 8:19 The model will generate tokens faster. 8:21 It'll have a higher tokens per second throughput. 8:25 And this is also seen in production where we see average 8:29 end to end response times of the models, 8:32 dropping by as much as half, 8:35 when we switch from the dense model to the mixture of experts model. 8:39 The second effect that you see, 8:42 which I think is maybe not as obvious, 8:45 is that mixture of experts actually does so it is a more 8:49 efficient model, and it is more efficient even, 8:52 within the usage of memory, 8:55 and specifically within the KV cache. 8:57 And so inside the keys and values, 9:01 typically, you're able to get away with using smaller key 9:05 values in terms of that internal dimension, 9:08 and you're also able to get away with using fewer key and values. 9:12 Even though the mixture of experts itself is operating 9:14 within that kind of feed forward layer, 9:17 that's after the attention mechanism. 9:19 The attention mechanism is the one that has keys and values. 9:22 But because of your architecture design, 9:25 when you're kind of designing a mixture of experts model, 9:27 you can get away with smaller key value pairs. 9:30 You can get away with, like, 9:32 shallower models and just put more of the weight and more 9:36 literally more weights inside your mixture of experts layer. 9:40 And because of this, freed up memory 9:43 and also in, you also free up memory in terms of, like, the activations. 9:48 Right? 9:49 So at any given time, because you're only activating 9:52 a subset of neurons, you don't need to, like, 9:53 keep a lot of peak memory around to, like, 9:57 process those activations. 9:59 So because of all these memory savings, 10:01 you're actually able to serve much, 10:03 much longer context given the same 10:08 hardware and the same kind of maximum size of the model. 10:11 Right? 10:12 So between v one and v two, 10:14 we actually go eight times longer context windows, 10:18 and the model is actually able to process eight times longer 10:21 context windows going from thirty two thousand tokens to 10:24 two hundred and fifty six thousand tokens, 10:27 and it's all served on the same hardware. 10:29 It's not requiring us to, you know, 10:32 double our GPUs or quadruple our GPUs to kind of do this. 10:37 So I think that just powers a lot within the platform. Yeah. 10:41 Yeah. 10:41 That's a huge leap, especially considering, like you said, 10:45 you don't have to literally scale your hardware. 10:48 It can stay the same. 10:51 So with that being such a large increase in terms of the 10:54 context window between v one and v two, 10:58 in a practical application, like, 11:00 what kind of things start to become possible as it relates 11:03 to Kindle because now it can serve or have this larger 11:06 memory, so to speak. 11:07 Yeah. 11:08 So one of the main focus that we wanted to do between v one 11:11 and v two is to focus on the tool calling and agentic 11:14 capabilities of DPAT, and a lot of that is powered 11:19 by this large context window. 11:20 I think what people may not easily realize is that when you 11:24 get to an agentic world and the model is able to call tools, 11:28 you don't always know what those tools are returning. 11:32 You don't always know, like, 11:33 how much context those tools are returning. 11:36 So for example, if you're calling a search tool, 11:39 that search tool might return five or ten searches, 11:42 and then it might return the entire content of those five or ten websites. 11:46 And so that's going to be a very large context that those 11:49 tools are returning. 11:51 You can do work to kind of customize the tool 11:55 returns to or customize kind of what your model ingests 11:59 at production time. 12:00 But if you're trying to integrate quickly with many, 12:02 many different tools, 12:04 you're probably not going to be able to customize each and every tool. 12:08 And because of that, 12:11 I think it's basically the difference between I can use 12:13 tools from a from a user perspective to I can't use tools. 12:17 Right? 12:17 Like, before, you would very easily run out of context. 12:21 Even you have thirty two thousand tokens, 12:23 you would get a lot of context exceeded errors. 12:25 Now you can actually, 12:28 you know, process all of the stuff that the tools are coming back and 12:31 and accomplish the user tasks. 12:33 Yeah. 12:34 Yeah. It really it really unlocks a whole new world. 12:38 So okay. 12:40 Thank you so much for sharing some of those insights into the model. 12:44 Let's talk a little bit about the process, 12:48 the process of model development itself. 12:50 So I know we've been working a lot over the past couple months. 12:55 And one of the biggest differences between v one and v 12:58 two is actually the data we put into the model. 13:01 So what kinds of fine tuning data made the biggest 13:05 difference for this release? 13:07 Yeah. 13:07 So as I mentioned in my previous response, like, 13:09 one of the main focuses for this release is that tool 13:12 calling capability. 13:14 And what you find, 13:16 especially you're in the open source world and you're looking 13:19 at different open source models, 13:23 that you can build your model on top of open source 13:25 foundation models, 13:26 is each of the foundation models tends to have relatively 13:30 fragmented tool parsing. 13:32 Each of the foundation models tend to have, like, 13:35 slightly different formats in which the model's process and 13:39 output tool calls. 13:41 And it's really up to kind of, like, 13:43 the training procedure to align all of that. 13:46 And so the biggest change within the training procedure 13:50 this time around is really within those tool calling 13:53 datasets, which actually you contributed significantly to. 13:57 Right? 13:58 And we take our existing tool calling datasets, 14:01 and we have to make sure that they are uniform to the 14:05 base foundation model. 14:08 And then we source new tool calling datasets and then make 14:11 sure that those new tool calling datasets are uniform to 14:14 the base foundation model. 14:15 And what we found is, you know, 14:17 by doing this procedure where we make the output formats uniform, 14:24 we really significantly improve the tool calling capability of the model. 14:28 It really previously, you know, 14:32 the model may have output weird tokens during tool calls 14:35 or sometimes it wouldn't output the right tool call tags 14:38 or things like that, and the tool parser would just fail. 14:41 Right. Now all of those issues are kind of resolved. 14:44 So yeah. 14:46 Yes. 14:47 Like you said, I am intimately familiar 14:52 with the tool calling for better, for worse, 14:54 but it has been a great experience. 14:54 Well, thank you, James. 14:57 I could ask questions. 14:57 We could discuss this all day long because, again, 15:00 the model details are kind of a black box to most people. 15:03 So getting some light shed there, 15:07 I think, helps us all kind of understand the tool we're actually using. 15:10 We'll move on to Brian in a second to tell us more about 15:13 how this fits into Kindle, the system as a whole. 15:17 But, I guess, just to wrap up, James, briefly, you know, 15:21 we're a small team, but we really work together to, 15:25 like, push things forward. 15:26 So where do you wanna push our next release of DPAD, 15:30 DPAD v three? 15:31 Yeah. 15:31 For DPAD v three, I think, like, 15:34 if I had a magic wand and said, like, 15:37 this is the thing I would really want to focus on, 15:39 it really would be, 15:42 bringing the entire agentic loop, 15:45 into our training process, through reinforcement learning. 15:49 Right? 15:49 So currently, our DPAD is trained through a two stage process as provides 15:53 fine tuning and DPO, which is direct reference optimization. 15:58 However, I think if you look at, like, 16:01 what DPAD is really trained to do within Kindle, 16:05 it's to accomplish, you know, very concrete user tasks. 16:08 Right? 16:08 So, like, maybe the user wants to spin up a Kubernetes cluster or 16:12 something like that. 16:13 These are tasks that you can verify 16:16 in a in a actual, like, verifiable way that, like, 16:19 they were accomplished or not. 16:21 Did that Kubernetes cluster actually start up with the 16:23 correct commands or not? 16:25 And so it's really kind of perfect 16:28 for that reinforcement learning with verifiable rewards paradigm. 16:33 That's been, like, very, very popular lately. 16:37 And so that would be the one thing I would kinda really 16:40 focus on for v three if I could. 16:42 Yeah. 16:43 Great. Well, I'm looking forward to doing it with you. 16:47 Okay. Thank you, James. 16:48 So let's get into how DPAT fits into Kindo. 16:52 Now we know Kindo integrates with all the frontier models as 16:56 well, but DPAT plays a special role. 16:58 We've talked about some of its special capabilities 17:01 already, the fact that it's uncensored. 17:03 It's particularly knowledgeable about cybersecurity. 17:07 But from a product standpoint, 17:10 how does DPAT v two change what users can actually do inside 17:14 Kindo or maybe setting some context to what Kindle does as well? 17:19 Yep. 17:20 Yeah. Thanks for the question. 17:21 So, you know, one of the things so even Deepak v one was really 17:25 knowledgeable about, like, the security and DevOps world, 17:28 and that's what kind of was a key differentiator of you know, 17:31 the reason why we built our own internal model was because, 17:35 you know, we're you know, 17:36 Kindo as an agentic platform to solve tasks within the 17:40 DevOps and SecOps space, we wanna have our own internal 17:43 model that's really specialized in those types of tasks. 17:47 But really where v two comes in is that in the period of 17:51 time between v one and v two, 17:52 we also launched a brand new version of the Kindle product 17:55 that has fully agentic tool calling. 17:58 And this really levels up the capabilities of what you can do 18:01 in the Kindle platform. 18:02 Previously, you could get a lot done, 18:04 but now you can actually connect up all of your 18:06 different data sources. 18:09 You know, you can connect you know, 18:10 it actually has connected to a Linux virtual machine, 18:13 a Kali Linux box, 18:15 with a whole suite of tools between web search and any 18:18 different system you wanna connect between, like, 18:20 ServiceNow and, you know, AWS and, you know, 18:24 yes, dozens and dozens of other different integrations. 18:28 And so we wanted to also work on the version the next version 18:31 of DPAT, you know, 18:33 in addition to the longer context that James was 18:35 talking about, which is, you know, 18:37 really important when you start talking about agentic tool 18:39 calling because these are much longer conversations. 18:42 You don't know how big the responses are gonna be from 18:45 from the tool calls. 18:48 But, furthermore, we needed our own model to be adapted 18:51 to to work in concert with these new upgrades to the product. 18:56 And this is really important from really two angles. 18:59 You know? 18:59 One is that, you know, 19:02 this is the new version of the product and, you know, 19:04 to really get the best value out of Kindle is to really, like, 19:09 incorporate this agentic tool calling so it can actually 19:11 accomplish tasks, autonomously. 19:14 Like, it can gather the data. 19:15 It can actually take the actions for you. 19:17 And so we need our own internal model to work in that 19:21 environment to be able to be that internal model that can power that. 19:25 Even though we are agnostic to models, 19:28 we do support other models that are also, 19:31 that also support agentic tool calling. 19:33 But a key differentiator is that 19:37 Deep Hat's been specialized to also have this deep security knowledge. 19:41 And so this gives it we wanted to basically take that 19:45 deep security and DevOps knowledge that it has and then 19:48 apply it into this tool calling framework so we can take 19:52 advantage of all that deep security knowledge, 19:55 applying it to how it would make tool calls within the new, 19:58 Kindle system. So that's, like, one of the key reasons. 20:01 The other key reason is that, you know, 20:03 Kindle is a platform that you can fully self manage in your own environment. 20:06 So you can deploy the entire stack, 20:09 soup to nuts in your own environment. 20:11 And so we wanted to make sure that our customers had a way 20:15 to also run a model that will work well in that environment 20:19 in their own environment. 20:20 So they don't have to rely on third party models. 20:24 They don't have to worry about sending any of their most 20:27 sensitive data to those other model providers. 20:30 So DPAD's a model that can be fully run in that self managed 20:34 environment as well. 20:36 Yeah. That's awesome. Okay. 20:38 I think you mentioned something important too, 20:40 which is since DPAD is uncensored, 20:43 and maybe you can talk a little bit about what that means 20:45 practically speaking in Kindle, 20:48 and it's got access to all these tools. 20:50 So how do we control for giving a model 20:54 that kind of power knowing that it will it's less averse to 20:59 doing things like pen testing. Yep. 21:01 Red team activities. 21:03 Yeah. So, you know, it is it's a powerful model. 21:06 And, you know, with that comes great responsibility, 21:09 which is why you know? 21:10 But the bad guys are out there using, 21:12 you know, various uncensored models themselves. 21:15 So, really, what we see this is, like, 21:17 we need to arm the good guys with the mechanisms to protect 21:20 their own systems from the bad guys that are already using 21:23 those types of tools. 21:25 But, you know, these things are they do they are dangerous. 21:29 And so that's why we have a lot of guardrails and 21:32 administrative controls in place in Kindle. 21:35 And that's kinda from a first principles perspective. 21:37 Like, the entire company and product was built on a foundation of security first. 21:42 You know, Ron, our CEO is a several time CSO 21:44 and really kinda comes from 21:48 that, like, CSO mindset from the get go. 21:51 And so from the very beginning, 21:52 his vision was to have that foundation of security baked in natively. 21:57 So this comes from, you know, 22:00 administrative choice of which models, you know, 22:02 administrator choice of which tools, like, 22:05 where which integrations are allowed in their organization, 22:07 who specifically can access those integrations, 22:11 who how do you even manage, 22:13 who gets access to which credentials, and who doesn't. 22:16 We have comprehensive DLP controls, 22:18 comprehensive audit logging, 22:21 and then it's fine grained as human in the loop for tool calling. 22:25 So, you know, getting back to, like, 22:27 the tool calling that we're talking about, 22:29 it's really important for the administrator to be able to 22:32 decide which ones are allowed at all or not in their 22:36 organization because some might be seen as too risky. 22:39 If there's a right to a system that you do not wanna allow, 22:42 you could block that completely. 22:43 But a middle ground there is human in the loop where you may 22:47 still expose the AI to that tool and allow it to call it, 22:52 but it won't actually execute that tool call until the human's approved it. 22:56 And so that's just like those are just several of the many 22:59 different controls that we put in place into Kindle in order 23:04 to allow both the end user as well as the administrator to 23:07 ensure that the outcomes are they put the guardrails around 23:11 that so that they can ensure that nothing destructive 23:14 happens or at least 23:14 they have control over what the agent is doing. 23:20 Okay. Well, that's reassuring to hear. 23:23 And when we hear from Pete in a second, 23:25 I'm really curious to understand how that functions 23:28 within your organization, 23:29 the human and the loop and things of that nature. 23:33 I guess before we move on from Brian, 23:37 we've described Kindle and 23:41 these models as turning the terminal into a cyberware 23:45 control plane. 23:47 What does that mean in day to day work? 23:50 Yeah. 23:51 Well, it really just means that you can accomplish a lot more 23:54 work with a higher level objective all through natural 23:57 language than you're able to accomplish before. 24:00 So, you know, let's say AI, 24:03 where it was a couple years ago, you know, 24:05 you had these powerful AI models that had a lot of 24:08 knowledge and ability to like, 24:10 how to how to synthesize information, how to, 24:15 structure code, things like that, 24:17 but they didn't have access to the underlying data. 24:19 They couldn't take action on your behalf. 24:21 So you'd have to go gather that data from the different 24:23 sources, which can be tedious and laborious, 24:26 and you have to be there driving it manually yourself. 24:29 And, similarly, you it's only able to give 24:34 you recommendations on what actions to take. 24:34 Whereas where we've come today with autonomous agents, 24:38 these are agents that can run in the background. 24:39 You could have hundreds of these running in the background 24:42 whether on whether they're scheduled triggered from 24:44 webhooks or on, you know, 24:46 on a schedule doing work on your behalf. 24:49 And that's, why the guardrails are so important because, you know, 24:53 it's really a matter of the amount of trust that you put in 24:55 to the agent that you built. 24:57 And so you gotta we wanna make sure that you have all the 24:59 guardrails to gain that confidence. 25:03 But but really where the magic happens is where you can 25:05 actually offload some of those tasks completely autonomously 25:09 or maybe just like touch points where you want the human in the 25:12 loop rather than having to just manually drive each of the 25:15 pieces, a lot of copy and pasting. 25:17 So that's kinda really the big unlock in terms of, like, 25:20 daily driving it, 25:21 and it allows you to kinda go from using something like our 25:24 chat interface to kind of do the ad hoc, you know, 25:27 types of analysis that you might wanna still daily drive 25:30 manually yourself and still have access to all those suite 25:34 of tools and automatically pulling in information from 25:36 many different sources to compile reports. 25:39 But then you can also promote those into an agent, 25:42 in which case you might say, okay. 25:44 Great. 25:44 This is actually a great pattern that I wanna then 25:47 follow again in the future. 25:49 So let me now create an agent out of that that I could either 25:51 run manually in the future, 25:52 or I could now set it up on a schedule, 25:55 depending or a triggering event. 25:57 Like, if there's a new alert, 25:59 maybe I wanna run that investigation agent in the future. 26:04 Awesome. Okay. 26:05 I think we're definitely gonna come back to some of the 26:07 concepts you've brought up, 26:08 but I wanna give Pete a chance to talk. 26:11 So, Pete, before I start diving into my questions for you, 26:14 can you tell us a little bit about yourself and and Aireon? 26:18 Sure. 26:19 Myself, I'm a thirty year cybersecurity practitioner. 26:23 This is my third go around as a chief information security 26:26 officer typically for large global companies. 26:29 When that gets boring, I run off and do consulting for great 26:33 big organizations that really need cybersecurity, 26:36 either in national security or large global financials. 26:41 And when all of that gets boring, 26:43 I run off and do cybersecurity start ups. 26:46 So my relationship with Kindo kinda lets me intersect two of those. 26:50 I get to be the CISO, 26:52 but I get to go play with the interesting start up stuff too. 26:56 Aireon's a really interesting company. 26:58 It's unique in the world. 27:00 What we do is we gather information from every 27:04 commercial airline flying, anywhere in the world today, globally. 27:09 We capture that information. 27:11 We get it up to a satellite constellation, 27:13 down to a ground station, 27:15 and out to air traffic control for airflow management. 27:19 And that whole trip takes between four and six seconds. 27:22 Right? 27:22 So our information has high degrees of integrity 27:26 and high requirements for availability. 27:31 Right? 27:31 Because people are using this to manage aircraft over oceans 27:35 and things where, you know, it used to be once you left the, 27:38 you know, Gander, Newfoundland, it was kinda like, we 27:41 hope we see you in Ireland in a couple hours. 27:44 Now we can track those flights all the way across, 27:46 thanks to what Aireon does. 27:48 So Aireon is a data company, 27:51 is a really critical part, 27:53 a critical infrastructure for several different countries. 27:57 Wow. That is a big responsibility, I'm sure. 28:01 And it's kind of amazing hearing about 28:04 such a critical company like Aireon and you, 28:07 the CISO of Aireon, being one of Kindle's earliest customers 28:10 and, you know, one of our biggest supporters, 28:13 as we've gone along. 28:16 Yeah. 28:16 It's my path to Kindle actually came from 28:20 Whiterabbit Neo. 28:21 Right? 28:22 It's, you know, like everybody else, you know, 28:27 my problem isn't finding people that have graduated with a 28:29 degree in in cybersecurity. 28:32 It's finding people with the skills that can do the job. 28:35 Right? It's two different things. 28:37 And so I discovered Whiterabbit Neo because we do a 28:41 lot of work and a lot of testing around advanced 28:43 persistent threats. 28:45 Nation state level threats, looking at our data, our systems, 28:49 and that takes a lot of coordination and being able to 28:52 pull data from different sources and do kind of on the 28:55 fly analytics and really figure that stuff out. 28:59 It used to take us about three to four days to spin up 29:03 a team to go a new APT just came out. 29:06 Let's check. Let's do a hunt routine against it. 29:09 We found White Rabbit Neo. 29:10 Now this is an ancient version according to AI time. 29:13 This is eighteen months ago. Right? 29:15 And we found an ancient version of White Rabbit Neo. 29:19 And we were able to do that whole process in about forty 29:22 five minutes from inception 29:27 to now we're gonna run this hunt routine across our 29:31 logs and across our systems. 29:31 So I got invited. I didn't know the name Kindo. 29:34 I got invited, to a Kindo dinner, 29:38 and got into a really interesting conversation 29:41 because the CISO community is still really split. 29:46 Right? This is a horrible new thing. 29:48 You're making my life terrible. Chat GPT is awful. 29:52 You're making me miserable. 29:53 I have to block it, and my users all hate me. Right? 29:58 Or wait a minute. 30:00 I now have in Dpad something that allows 30:05 me to move as fast or faster than a potential attacker. 30:10 Right? Right. 30:12 And the difference between the original version of 30:15 Whiterabbit neo, 30:16 and I've been really fortunate to be able to play with v 30:19 two of DPAD, is night and day. 30:24 I really didn't think it was the same 30:28 process or the same tool. 30:30 Right? 30:32 Because now we've gone from being able to create a hunt 30:35 routine really quickly, and speed kills problems. 30:38 The faster I find something and fix it, 30:40 the better off it's gonna be for Aireon. 30:42 Right? 30:44 Right. 30:44 Well, now based on the eight x increase that James talked about, 30:49 the agentic integration and the tooling integration that Brian talked about, 30:54 I can run full red team and blue team 30:58 exercises using AI. 31:02 We always keep human in the loop because that's you know, 31:05 humans the way you build trust with AI is AI can gather 31:09 the information and do the analytics, 31:12 but human beings still have to have the trust and judgment. 31:15 Right? 31:15 And that gives you a winning combination for using this stuff. 31:19 But my team of five, right, 31:22 does the work of probably twenty five or thirty people now. 31:27 So it's not amazing. 31:30 It's not so much AI is taking jobs away. 31:35 It's making the people that you have more effective. 31:41 Yes. I think that's a great point. 31:43 And just because we've been talking about White Rabbit Neo 31:45 and DPAD, just to set some context. 31:49 So, yes, the model did used to be called Whiterabbit neo. 31:52 We did take that. 31:53 Honestly, a lot of things to James. 31:56 Once James joined, we really increased our velocity and 32:00 refined our process. 32:02 So we took White Rabbit Neo. We developed on top of that. 32:05 That's what became DPAT v one. 32:07 And then, of course, now we have DPAT v two with even more capabilities. 32:12 So you've already touched on a couple things of of the early 32:16 days of using White Rabbit Neo. 32:18 Now you're all the way over here on DPAT v two. 32:21 It's certainly gratifying to hear your experience as, 32:24 you know, someone who's worked on it and touched DPAT 32:28 and to hear that the improvements are having a 32:32 tangible effect in your actual company. 32:36 I would love to know can you tell us a little bit more 32:40 about the time when you found Whiterabbit Neo, again, 32:42 now DPAT, because there were other AI 32:46 models at that time, 32:47 but they weren't quite fitting the niche of what you needed them to do. 32:51 And so that's originally what led you kind of to kindle. 32:55 But then even now, what is Deepak 32:59 what is Deepak specifically kind of more, 33:04 appropriate for in your company as compared to using something else? 33:09 There there's two sides to that answer that are really 33:13 important to understand. 33:15 Is DPAT as a specially trained cybersecurity model 33:19 allows us to do things that we're simply not able to do. 33:23 Right? 33:23 So, effectively, we're able to train it to run an 33:27 APT, right, an advanced persistent threat. 33:31 We're able to do it at scale if we want to, 33:35 and we're able to really work our systems out to 33:39 understand, can we hold up to these events? 33:42 Right? 33:43 With the advanced logic and reasoning, 33:45 now we have set up agents to find zero day faults in things. 33:50 Right? They become predictive. 33:52 You're able to actually take the inputs and say, 33:55 I want to look at these, you know, 33:58 past capabilities and these past patterns of of zero day faults. 34:02 Now we're able to kind of understand those things, right, 34:05 and be able to test for those things. 34:08 The the challenge has always been and and for the entire 34:12 time I've been in cybersecurity, 34:14 you know, the statement has always been, you know, 34:17 the CISO has to be right ninety nine times. 34:20 The attacker only has to be right once and all of the rest of those things. 34:24 And so with the capabilities of DPAT, 34:27 particularly v two 34:29 It's not even so much a level playing field anymore as it's 34:33 tilted in favor of the defender. 34:36 Right? 34:36 And so that's a very, very different conversation. 34:41 Right? 34:41 And that allows you to do some very different things 34:44 in terms of risk management and in terms of spend because 34:49 it's also rearranged. 34:51 You know, it was part of a study several years ago, 34:54 taking a look at what's the return on investment 34:58 for things that you can do in cybersecurity in terms of 35:01 reducing risk. 35:03 Right? 35:04 It turns out that writing documentation 35:07 doesn't really give you a great return on investment. 35:10 Right? 35:11 The great big cybersecurity plans that sit in 35:15 three ring binders that you have to blow dust off of, 35:18 right, and only show up when the auditors come. 35:21 One of the the fastest ways that we have found 35:25 for a return on investment is now we're able to turn 35:29 those documents into almost living documents that are fed 35:32 by systems that are actually up to date, 35:36 and we're actually able to report on risk instead of doing 35:39 an annual risk assessment. 35:41 We do our risk assessments based on every couple hours now. 35:45 What has changed in the environment that we need to be 35:48 able to adjust and we need to be able to manage? 35:51 Right? 35:52 Instead of doing a pen test as a bespoke process every quarter 35:56 or or every six months or whatever, 35:59 we literally can do them every twenty four hours. 36:02 Wow. 36:04 So suddenly, the attackers don't have the same 36:07 advantages because just from a resource 36:11 perspective, I don't have staff that are so tied up. 36:15 You know, we recently produced a document that used to take us between 36:18 six to eight months to produce from beginning to end. 36:23 And using DPAD and one of the other models within Kindle, 36:27 we were able to do it in about thirty six hours. 36:31 That's I can't do the math because it's too much of an improvement. 36:35 So the staff right? 36:37 So the resource perspective and that's one of the things that's 36:41 been really frustrating to watch is, oh, 36:43 AI is gonna cost jobs. AI is gonna cost jobs. 36:47 I think you could also talk to the folks that I work with, 36:50 and they say, no. 36:51 We kinda like our job better because we're not writing 36:53 manual about something that may or may not ever happen. 36:56 Right? 36:58 So it's a very, very different perspective. 37:02 We've also tied you know, using Kindle, 37:05 we do our risk reporting, like I said, you know, 37:08 every couple hours, and we feed that up to the executives. 37:13 It's a much simpler conversation to go have with 37:16 the executives to to say, 37:18 I'm gonna move resources from here to here 37:21 based on the Bayesian risk stuff that you're seeing 37:24 because our chances of having a breach just increased 37:28 due to this particular threat level changing. 37:33 Those are different conversations that don't 37:36 require thirty two PowerPoint slides and arguments with 37:40 legal and everything else. 37:41 Right? 37:42 Suddenly, your leadership and your management is now looped into 37:46 the cybersecurity decision making. 37:48 Making. 37:49 That is pretty significant because I know shifting left on 37:53 security has has been proven to really improve, you know, 37:57 the infrastructure of companies. 37:59 Right. Right. 38:00 And so, know, the other the other thing, though, 38:02 and I do wanna come back to this, 38:05 is Kindle itself being able to use 38:10 different models even within an agent to get the best 38:14 of each of them. 38:15 Yes. 38:16 My group lives in We write reports in Dpad. 38:19 We do everything. 38:21 Ninety five percent of our time has been in Dpad. Right? 38:25 But the other program that we've launched within Aireon 38:28 because we we Kindle is not just for the cybersecurity team 38:31 or or for the IT group. 38:33 Right? I run both. 38:35 We also while we've been on the webinar, 38:39 a really cool email has just come out. 38:42 So our marketing team is now using an AI 38:46 agent to do, you know, 38:49 brand awareness and brand investigations to make sure 38:52 that our brand isn't being negatively impacted by news 38:55 events because, again, we're global. 38:57 So we have, you know, 38:58 people who are looking at things in different languages 39:01 and everything else. 39:02 Well, now that's turned into AI is producing an Aireon 39:06 newsletter, right, once a week, language neutral, 39:11 will speak to you in your own language. 39:13 Right? 39:13 You don't have to be English to understand, 39:16 and we'll be able to do that stuff. 39:18 The cost on doing that commercially is forty to fifty 39:21 thousand dollars. 39:23 The cost to build that agent out took one of the folks that 39:26 I work with couple days. 39:30 That's that's pretty incredible. 39:32 And, you know, I guess on that topic, 39:35 what type of so it might have taken your 39:39 your teammate a couple of days to build out. 39:41 How long did it take them to even learn how to build an 39:44 agent or work with DPAD? 39:46 So one of the programs we we see 39:50 AI as the ability to unleash creativity 39:54 with a group of really, really smart people that work at Aireon. 39:58 Right? 39:59 But not everybody has and, you know, as as Brian talked about, 40:02 you know, AI skills are are still pretty nascent. 40:06 Right. 40:06 So we designed now we just came up using AI with a better 40:11 way to do this. 40:12 But we designed a program called minimum viable developer. 40:16 Everybody that's ever worked in a start up, you know, 40:18 what's your minimum viable product? 40:20 Right? 40:21 So we wanted to have people that had the minimum viable 40:24 skills to go feel comfortable to go build an agent and have 40:28 it do something for them because that's where the 40:32 creativity comes from. 40:34 Yes. 40:34 Right? Yeah. 40:35 I'm a cybersecurity guy, and I've done different things. 40:38 That's all really interesting. 40:40 But when you suddenly enable the marketing team and the 40:43 facilities management team, right, and, you know, 40:46 the the contracting team and, you know, 40:49 the operations team to start building agents that help them 40:54 do their jobs and unleash those capabilities, 40:57 that becomes something pretty special. 41:01 And so that's what we've done. Right? 41:04 But now we're able to take it a step further because of DPAD, 41:08 something we started playing with. 41:10 You know, one of the the earliest adopters that we had 41:13 built a a learning model. 41:16 Right? 41:17 So it takes it's able to take our tomes and tomes and tomes 41:20 of information and turn it into training that is adjusted 41:25 to, I'm a system administrator. 41:27 This is what I need to know about this system. Right? 41:30 Again, takes days and weeks and months to develop that with people. 41:35 AI can get you a ninety percent complete product in a couple of minutes. 41:39 Right? 41:40 Yes. 41:41 But now he's taken it a step further, 41:44 and this is where it gets really cool. 41:47 So he built the the learning module out there. 41:51 That's neat. There's lots of learning modules out there. 41:53 But he did a little bit more research, and he goes, alright. 41:56 There's really twelve different teaching methods, 42:00 and all of us have a different teaching method that we adjust to. 42:05 Right? 42:05 If you want me to remember something, tell a joke, 42:08 give me a video, and make it funny. 42:10 Right? That's the way to get me to remember something. 42:14 If for other people, that's the worst thing in the world. 42:17 They don't get it. They don't wanna do it. Right? 42:19 I don't understand those people. 42:21 They're obviously psychotic, but, you know, 42:23 they have to exist somewhere. 42:25 But 42:26 then let's take the same content and have AI serve it 42:30 up to them in the way that they will learn best. 42:34 Right? 42:35 So what he did was he built on top of this learning module. 42:39 He built a system so they could somebody anybody can answer a 42:42 couple of questions. 42:44 And then for whatever learning you have to do, 42:47 it'll generate the content in the way that fits with your 42:50 personal learning style the best. 42:53 Interesting. Okay. 42:55 So he's taken this tool and made it 42:59 adaptable so it can be applied in in all these different situations. 43:04 Right. 43:05 So the interesting part is I I got it, 43:08 and I can see Brian's face. 43:09 Yes. I'm supposed to talk about DevOps and SecOps. 43:11 And, yes, it is wonderful and amazing for those things. 43:16 But where we've we are with Aireon 43:20 is people are moving towards it 43:25 because it solves problems in their jobs. 43:29 And by the way, the awesome security benefit is since we do 43:33 self hosted and the SaaS version, 43:36 is allows us to control the data, 43:38 which is the lifeblood of Aireon. 43:41 Right? Right. So now I'm not telling users no. 43:44 I'm enabling users to do their jobs better, faster, smarter, cheaper, 43:49 and I'm achieving risk reduction and security outcome 43:52 all at the same time. 43:55 Exactly. Okay. 43:58 Well, thank you for sharing all of that. 43:58 Again, it's it's really cool to to hear your kind of day to 44:02 day life with the product that we work on 44:06 and certainly very exciting to hear that it is providing real value. 44:10 And I did wanna ask James a question if I could really quick. 44:14 Yeah. Absolutely. 44:16 So, James, v three will be out, what, next Tuesday? 44:21 We'll, we'll try to make it as fast as possible. Next Tuesday. 44:25 It might be a little aggressive. 44:26 Well, 44:29 okay. 44:30 Again, thank you, Pete, James, Brian. 44:33 We have at least one question coming in from the q and a. 44:37 I also did wanna give you guys a chance to ask questions to 44:40 one another, but we'll start with this question 44:45 from one of our attendees. 44:47 So 44:49 I feel like this is a very, understandable question that we can relate to. 44:53 And it is when conducting a tool search and return, 44:56 how does DPAT ensure that it's calling the correct tools for the purpose? 45:00 I've had problems with AI calling the wrong tools, 45:03 and I think he's kind of getting at hallucination or 45:06 confusion in the model. 45:09 Brian or James, would you like to address it? 45:13 I I can go in terms of on the training and eval side. Right? 45:16 So the reason the way that we ensure, you know, 45:20 the model is performing well across any axis is with our set 45:24 of our suite of evals. 45:27 So within DPAD eval harness, 45:31 we have ten or fifteen different kinds of evals that 45:35 make sure the model can perform across all different kinds of tasks. 45:40 For tool calling in particular, 45:42 we actually for this particular round, 45:45 we created something we call the chat actions eval, 45:48 which is an eval specifically directed towards our product. 45:53 And this eval basically looks at prompts 45:57 of things that users might want to do within our 46:01 chat actions that require tool calling, 46:04 and it asks the model, 46:07 what tool would you call and how would you call that tool? 46:11 And then the model is then judged based on its output. 46:13 Right? 46:14 And so from a training and eval perspective, 46:17 this exact question of, like, 46:19 how do we make sure the model is calling the right tool for 46:22 the task, this is baked into our development process. 46:26 It's one of the main evals that we focused on this iteration cycle. 46:33 We wanted to make sure that, you know, 46:35 through our base model selection of, like, 46:38 which mount foundation model we're gonna use through our 46:41 checkpoint selection of, like, 46:43 after we've done all of these training data tweaks 46:46 and we've added the different tool calling datasets and things like that 46:52 and then reweighted all our datasets to make sure that the, 46:56 you know, the capabilities are peaking at the right time, 47:00 which of these checkpoints is actually performing best 47:04 on top of that eval to make sure that we serve the right 47:08 DPAT that has the best kind of tool calling capability. 47:13 I think the other side of this, 47:14 and maybe Brian can talk to this a little bit more, 47:16 is more on, like, 47:17 what context you bring into the model so that it has 47:22 access to the right tools. 47:24 Like, which MCP servers does the model actually see while 47:28 you're executing particular tasks. 47:30 So I'll give that to Brian. 47:33 Yeah. So, I mean, there's a number of strategies. 47:35 Like, especially as our set of tools grows, you know, 47:38 one of the challenges is that you don't wanna necessarily 47:40 flood your context with, you know, 47:43 thousands of tool definitions. 47:45 Right? 47:45 You're gonna blow up your context that way. 47:47 So we actually go through a two step process where given the 47:51 context in the question, we first have an LLM actually 47:54 review the context. 47:56 And from the total list of tools, 47:59 we actually select a subset of the tools to present to the 48:03 LLM for actual tool calls. 48:05 So that that filters down the list. 48:08 And so there's kind of a two step process there because when 48:10 you try to give it all to the agent all at 48:14 once, it can get confused and, 48:16 or even just exceed the context window. 48:19 So that's, like, one thing that we do. 48:20 The other thing that, you know, 48:21 is worth calling out too is this is kind of the beauty of 48:24 an agentic framework. 48:27 You know, even if the the wrong tool you're never gonna get to perfection. 48:30 Like, you're never gonna get the perfect tool call every single time. 48:35 And so at least being in a agentic loop, 48:39 the AI agent is able to adapt when it did something wrong. 48:44 Right? 48:44 Like, let's say, hallucinated a tool call or passed the wrong parameter and 48:48 then got an error, it can adapt to that. 48:51 So it can say, oh, okay. Here's a response that I got. 48:54 I've got reached some error. Well, let me take another look. 48:58 And nine times, maybe ninety nine times out of a hundred, 49:03 they're able to actually adapt in that situation and pick the 49:06 right tool the next time and passing the right 49:08 parameter the next time once it's seen the error. 49:11 Or maybe it takes a few times. 49:13 It's a few trial and error until it gets it right. 49:15 But that's the the beauty of having a agentic pattern where 49:19 it's able to, like, 49:19 iterate on it until it's able to get the right answer. 49:25 Yeah. That's that's great context. 49:28 And I like how you guys kinda described there's there's what 49:32 you do around the model, the training that you mentioned, James, 49:35 the evaluation you do to make sure your training and research 49:39 is on the right track. 49:41 And then, Brian, the system components that enrich the model's behavior, 49:45 and so it's that intersection that brings it all together. 49:49 And I think it's very cool to have this opportunity to 49:52 develop a model within a company like Kindo because 49:56 we can really optimize for that integration between the two. 50:00 Okay. 50:02 So we have another question. 50:06 Pete, actually, I would I would love to hear 50:10 your perspective on this first, perhaps. 50:10 So the question is, do you envision Kindo eventually 50:13 replacing or deeply augmenting 50:17 I think SIM, s i e m, 50:23 is the right SIM, c SIM slash SOAR tools or at 50:26 least using Kindle to replace certain functionality in 50:29 those tools to find anomalous behavior and generate alerts? 50:32 So as one of the many start ups that I did was 50:36 to work on the team that built one of the very, 50:39 very first security orchestration automation 50:41 engines, right, sore tools. 50:44 And what we found out was it really isn't very hard to 50:49 build an automation engine. 50:51 It's really hard to have good data to take automated 50:55 actions with because Because it turns out that when you 50:58 automate stupid, you get faster stupid, 51:01 which doesn't tend to work out well for for pretty much anybody. 51:05 We have spent a ton of time with Kindle, 51:08 and and it's been one of the problems that we really 51:12 aggressively attacked is 51:17 making sure that we were not responsible for hallucinations. 51:23 These are very, very smart tools. 51:25 And the journey that we did at Aireon 51:30 was we went through and started really looking at our 51:33 data and understanding what data are we going to expose 51:37 into this and what data is it gonna consume. 51:40 And when you found the forty seventh different org chart, 51:44 forty six of which are right, 51:46 and there's no context for an AI to tell you which one is the right one. 51:50 Right? 51:51 If you feed them all in, 51:52 it's not gonna get you the right answer. 51:54 Right? 51:55 And suddenly, if you're gonna automate actions, 51:57 you're gonna be misdirecting stuff to the wrong people. 52:03 I think with a little bit more trust, 52:06 the tool is capable of doing everything a soar engine can 52:10 do today already. 52:12 It's been able to do that for the last couple years. 52:15 That's not the question. 52:17 The question is going to be how does an organization 52:22 create clean enough data so that the AI 52:26 takes correct action on an ongoing basis. 52:31 Right? 52:32 As far as the SIM goes, 52:35 from the story from the very beginning, 52:38 you know, that was our very first use case, 52:41 was doing hunts against our, you know, 52:43 security event monitoring tools. 52:45 Right? 52:46 You know, we we capture about a hundred and forty million events a day, 52:51 and being able to search across those things is not trivial. 52:55 And having AI be able to run those search routines was amazing. 52:59 Right? 52:59 It gave us the ability to find things and fix things quickly. 53:02 Again, we gotta be able to do it at speed. 53:06 Do I think they'll replace sims? 53:08 I think they already could. 53:10 I think the challenge I think the thing that's slowing down 53:14 adoption for AI in a lot of companies is when you 53:18 start adopting AI, 53:20 you start realizing 53:23 how many other tools you don't need. 53:27 Yes. That's I that's exactly right. 53:30 And So, yeah, I'm gonna need somewhere to put that data. 53:34 Do I need to have a specially built SIM, 53:36 or am I gonna be better off with an AI agent that's trained 53:40 to process all that log data in specific ways that provide 53:44 value for me? 53:45 Well, the answer, of course, is the latter. 53:48 Right? Humans aren't going anywhere with AI. 53:53 But, yeah, it's we're replacing we cut our 53:57 security spend this year by about seven hundred thousand 54:00 dollars in terms of tools that we aren't buying or we aren't 54:04 paying for anymore because we're able to aggregate 54:09 good information 54:11 and then run it, you know, 54:13 and process it via AI and do something useful with it. 54:17 That's a a different that's a very, 54:19 very different mindset than than the market seen to date. 54:25 Absolutely. Okay. 54:26 It's it's always again, 54:28 it's always very insightful hearing from the customer user perspective. 54:33 Brian, from, I mean, 54:34 from leading product and kind of shaping our technical 54:37 strategy, what is your take on that of of 54:41 Kindle eventually replacing these, SIM or SOAR tools? 54:45 Yeah. 54:45 I mean, I think, I think, 54:48 agree with Pete that they can already. 54:51 And, SOAR in particular, you know, 54:54 one of the things to call out there is that the comparison 54:56 with, like, existing SOAR products. 54:58 Most Soar products are, you know, some form of, like, 55:01 a node builder, you know, like, a sort of you're building, 55:04 like, a static workflow, you know, in some sort of, like, 55:08 visual node builder interface. 55:09 Right? 55:10 And a lot of them have started integrating, you know, 55:13 AI capabilities, which typically look like writing in 55:17 natural language, some description of the workflow you wanna build, 55:20 and then we'll go build it. 55:22 And so that's the part where AI is helping you, 55:24 but you still end up with a static workflow at the end. 55:26 So it's, like, kind of all build time AI, not runtime AI. 55:29 So at runtime, it's all, you know, programmatic static, 55:33 which can have some benefits, 55:34 but then it's not adaptable to different situations. 55:38 And so we've kinda taken the the other angle here, which is, 55:42 you know, it's truly agentic at runtime. 55:44 So you describe a natural language, 55:46 an entire runbook playbook, 55:49 and it's at runtime that you're letting the AI with all 55:52 this suite of powerful tools determine the right course of action. 55:56 And it may not always take the exact same course, 55:59 but the idea is that you can give it the objective and let 56:01 it work the problem as long as it's got the right set of tools 56:04 to achieve the objective. 56:06 And if and if it doesn't quite get it one time, 56:08 you can augment the the the playbook, 56:12 the prompts that you've given it to put additional guidance 56:15 and guardrails on how you want it executed. 56:18 But that allows it to adapt to new situations a lot more 56:22 effortlessly, and it also just is a lot less work to build, 56:26 you know, the initial version of it. 56:28 Right? 56:28 Like, it it can be pretty brittle to build in these existing tools. 56:32 First of all, just the effort that it takes to set them up in the first place. 56:36 Oftentimes, a lot of, like, manual parameter 56:40 configuration and, like, if you're trying to pull data 56:42 in, there's a lot of, like, data field mapping, and 56:45 it's it's pretty tedious. 56:45 And then once you've built it, 56:47 just maintaining it and having it be adaptable to different 56:50 situations is is often also a pain. 56:52 So it ends up becoming a lot bigger management burden, 56:56 and this is why a lot of people have kind of 56:59 in the industry have kinda felt like the promise of SOAR didn't 57:02 quite realize, what it was promising. 57:05 So that's why we're kinda taking a different take on that. 57:08 So it's a bit more of an answer on the SOAR side, but 57:11 That's kinda how we're thinking about it. 57:13 No. That's great. Okay. 57:15 Well, we are coming up to the end of the hour. 57:18 If there's any last minute questions from the attendees, 57:21 feel free to put them in. 57:22 But I did wanna give each of you guys, Pete, Brian, James, 57:26 a chance to add any closing remarks or highlight anything 57:30 we did not, 57:32 we did not get to. 57:34 Also wanna mention, we will have a replay of this up, 57:37 so you can always, review what we discussed here today. 57:41 But before I close this out, yeah, any last words? 57:47 Yeah. 57:47 I can like, before I joined Kindle, I I saw, like, 57:51 in a year, there's how how many trillion? 57:54 I can't even remember. 57:55 Three or ten trillion dollars, like, 57:58 that get wasted 58:02 because of cybersecurity attacks and things like this. 58:05 It is a very, very large field, and I think, you know, 58:10 I'm pretty excited for, like, 58:12 the future of where AI can really take that. 58:15 Because if you can even take, like, 58:16 a very small chunk of that and say, 58:19 instead of wasting five trillion, 58:21 you're wasting four trillion. 58:22 Well, that's a massive amount of value that that you can really hit. 58:26 So, like, that's, I guess, 58:29 the one the one kind of ending thought I had. 58:33 Yeah. 58:34 It's our it it really puts things in perspective, 58:37 especially when we get focused on our day to day task. 58:39 We zoom out and think about, okay. 58:41 This is what's what's possible, with what we're creating. 58:45 It's pretty motivating. Thank you, James. 58:50 I think, really, you know, James, 58:53 I'm gonna be calling you on Tuesday looking for v three. 58:57 You know? 58:58 If it's not there, I'll give you till Wednesday, 59:00 but I'm ready. 59:01 Let's go. 59:04 Just wanna say thanks. 59:06 Because it's also been you know, 59:08 we we've been a Kindle customer now for, like, 59:11 about coming up on fourteen, fifteen months, 59:14 and it's also been just the design partnership all the way through. 59:18 Right? 59:19 Yeah. 59:20 You guys have given my tech lead a heart attack a couple 59:22 times, you know, most notably when you gave me access to 59:26 DPAD v two without giving it to him. 59:29 Thank you for that. 59:31 But 59:33 just realistically, thank you. 59:36 Thank you for the partnership because it's not what you're 59:39 doing isn't easy, and it certainly is groundbreaking. 59:43 But it it it is changing, you know, 59:45 how we do business every day. 59:47 So thank you. 59:49 Pete, we we need to, call you every morning, I think, 59:53 and have you give us a pep talk. 59:55 Happy to do it. 59:59 Thank you so much. Any last words from you, Brian? 1:00:02 No. I mean, I think it's pretty well covered. 1:00:04 I mean, I, you know, 1:00:05 I think anybody on the call that wants to try it out, 1:00:08 you know, I think that seeing it is, you know, 1:00:10 in live and using the product is probably the best way to 1:00:14 kind of experience it and, you know, 1:00:16 really get the the flavor of, like, 1:00:17 agentic behaviors and what it's capable of. 1:00:20 So, you know, yeah, 1:00:21 please reach out to us if you're interested. 1:00:24 Awesome. Okay. 1:00:25 Well, thank you again, everyone, 1:00:26 who joined today to discuss our second release of 1:00:30 DPAT, DPAT version two, our cybersecurity uncensored model. 1:00:35 And like Brian said, if you wanna find out more, 1:00:38 please reach out. 1:00:39 You can follow the Kindle LinkedIn page to also keep up 1:00:41 with news from us. 1:00:43 Alright. Thank you so much. 1:00:45 Have a great day, and thank you to our panelists. 1:00:48 Thank you. Thanks, Amanda. You. Bye.