Future-Proof Your Career: Evolving in the Age of AI

Welcome to Bsides. How's everybody doing today? Yeah, not bad. It's a for those watching at home and abroad uh or on the recordings, it is the after lunch. We're in that slumber mode, but that's fine. Don't worry about it. I'm Dana Togerson, VP of product marketing for Armor Code. But today, I have the privilege of being the MC for this theater for these different talks, uh especially this particular talk here, uh which is I think pretty apppropo. We were just leaving the last uh podcast. This one is on future proof your career evolving in the age of AI. I've got Jay Sarwati right here. I'd like to hand it over to Jay. And if you have any questions,

please use the Slido app. You can go to uh bsidesf.org. QN as in Nancy A as in Apple QA. And that'll open up the app for you. You'll be able to log in to theater13 and ask any questions or cue them up and Jay will be able to take them uh as he right now. Jay, take it away and introduce the panel and thank you folks for attending. All right, thank you Dana. So, I have some exciting news. I just got my driver's license and I thought it'd be fitting to start with some car analogy. When the Ford Model T first rolled off the assembly line in 1908, it wasn't just a car. It was the beginning

of a revolution. Tailorism and scientific management turned factory work into something faster, more efficient, and more optimized. The world shifted, jobs changed, and entire industries had to learn how to adapt. Today, we're standing at the edge of a new revolution. AI, like the assembly line, it's transforming the way we work, especially in cyber security. Threats move faster, defenses have to be smarter, and the human machine dynamic is being redefined. My name is Jay. I'm a junior at Prospect High School. And to help us make sense of this transformation, we brought together these three wonderful panelists and leaders who are shaping the future of AI and cyber security. Pra, do you want to introduce yourself? Hey everyone. Um,

I'm Pra Parrick. Um, I lead security at Coher. Um I have a very um interesting um sort of introduction. Um I moved here about 20 years back. Um not sure um what to specialize my career in. Robotics and AI was my uh first option. Cyber security the other almost a coin toss moment. I picked cyber security. Ended up uh spending the next 15 years building cyber security products and then here I am at the intersection of AI um now working on AI security. So as they say life comes a full circle. Um and excited to be on the panel. Alok. Okay. Thanks Bruta. Hi everyone. Thank you for joining us uh in this session after lunch. I know it's not easy. Uh my

name is Aloc Tonga. Uh for the past couple of years I've been leading the genai initiatives that for cloud security at Palo Alto Networks. Prior to that, I had been leading data science teams building cyber security analytics for uh companies like Boeing, Semantic and Redlock, which is a uh which was a startup that was acquired by Palo Alto Networks. And like Pruta, I'm also I have always been interested in AI, machine learning and uh security. Fortunately, I got a chance to combine my interest and work in a field where I'm applying AI and machine learning to cyber security. I'm really excited to be here. Thanks. Look, uh, good afternoon everyone. Uh, my name is Ketan

Nilangikaker. I am the co-founder and CEO of Threat Works. Um, we're trying to build a platform for universal scanning. Um, the one that can replace probably all the scanners uh that we have today. Um but apart from that I mean well I mean who's uh we we're hard to miss the uh the changes that the AI uh revolution is bringing uh to the security landscape. And so uh part of my job today is also to you know sort of shepherd uh the product and our customers into uh this uh new brave new world of uh AI. So that's uh that's what I do and I'm happy to be here today and uh share my experiences uh on this

panel. Thank you. Awesome. Thank you guys. So to start off, let's let's look let's take a broad view of AI. So AI is used as a catchall term. It's made of many different technologies. Can you walk us through the main categories of AI and how they differ in application and cyber security? Specifically, how has the introduction of AI changed your day-to-day work? Going forward, do you think that the nature of cyber security work will evolve? Yeah, I can go first for this one. So uh generally we can think about the use of AI in cyber security as with everything else as pre-Chat GPD and post chat GPT right and prior to CH GPT being released

a lot of focus on using AI was on using machine learning techniques for anomaly detection or classification within cyber security. Post charge GBT now there is a lot of uh focus on using generative AI for a lot of different use cases for automating workflows for uh getting understanding about the explanation about what is happening security issues and also for exploring data using APIs and the domain specific query languages that are present in a lot of the security applications right so um I'd like to add a few things here too So uh two things one from a product uh perspective uh I think the there is an event uh you know sort of inevitability to uh the adoption of AI

while you know uh while building the product as well as um in the product as as features. So that's uh that's coming in uh in almost all the um software that we have today. Um and then there's also the business aspect of it where uh we have to now make sure that the uh enterprise or who whoever our customers are they understand what the capabilities or the limitations of AI might be and how we can best transform these ideas into you know the the the solutions that the market needs. Uh so that's that's those are the two areas that I think um need attention. That's the place where uh I'm uh paying attention uh is how best to bring in uh

these uh these uh these new tools that we have at our disposal. This new uh technology that we have at our disposal to um improve the way we build our products uh improve the the the quality and the features that that we that we ship. uh uh and you know uh obviously the value that that they bring to our customers and also make our customers aware of what uh these uh you know these these things can do for them now and and both of them are both these pro problems are very interesting and um are a lot of value uh to to us in in this day and age nature thank you yeah I I want to um

double down on what u you know my co-panelist here said right AI is in cyber security is not new um it has been around for for a very long time. Um and there have been a lot of advances that have been made in things like machine learning, deep learning. Um what is relatively new is generative AI. Um in terms of how things are being done differently um I'll use a couple of examples. Um in particular um I feel that this new wave uh is truly more of right democratizing AI. So for example I heavily use it. I don't have a traditional AI and ML background. Uh but I use generative AI to for example write

parse out complex AI and ML research papers on archive right that was not something that I had access to earlier. So I think that is the big shift um that that has happened and right where everyone is uh is sort of focused on of course to what um Kathan said on the business side of things um you know there are like assistance so I'm sure everyone uh right in this space um um you're evolving the way you're working evolving um especially for security practitioners um you can now have the option we use it heavily within our teams um know whether it is like go to market sales enablement um all those things. So I think there's there's definitely that

shift um and then yeah be very interesting to see where that goes. Awesome. Thank you guys. And okay so moving on are AI powered cyber security products living up to ex expectations? Can you guys assess the hype around these products? Yeah, let me take a stab at this. Uh yes there is there is a fair bit of uh the hype train going around. uh and um eventually I think the market will sort itself out on this but right now what we're seeing is that there is u a definite uh set of problems that can be solved very very well using using AI um and and I mean they're just extensions of the previous problems that we have

been you know trying to solve is you know this some from as simple as document summarization to you know to to these conversational uh sort of um applications uh the chats of the world and the chat bots and whatnot. Um I think uh you know I think there's there's um a fair bit of confidence that even uh the customers have now shown in those applications and that's that's a good thing and that's coming from a you know pretty large sample uh size of customers now who have been using uh you know uh the likes of perplexity and chat GPT and whatnot for for a while now. So we know it it's it's there. Um on the

enterprise side though I think uh there is a lot of ground to be covered in terms of uh the effective the the margins there are very uh thin in terms of how accurate uh uh the the products or the these uh AI results need to be. So there is some there is a lot of work that needs to be done in terms of uh uh you know hallucinations and and uh you know the precise nature of of uh the answers that might be um required. uh but I think again there's enough research and there's enough work going on all over the place uh in the foundational models in uh in the next generation um you know derivatives of

those models uh that that give me enough confidence that yeah we we'll eventually get there uh again and the other side again like I mentioned before is um are the are the enterprises really ready and again those questions need to be addressed through you know real world products, real world solutions that have to prove themselves uh in solving the bigger problems uh in the enterprise uh using AI and I I think we'll just wait for the the story to unravel itself as as we go go along. Yeah. And I I agree with you Kan like I've seen this having had a front row seat to seeing how the technology has evolved over the last two

years. Initially there was a lot of expectation, lot of hype around the technology. Everyone expected uh AI gen AI to solve the pro problems magically. Then there was sort of a lot of disappointment because people realized that it's not that easy to get these uh technologies to work for all possible use cases. But now you are seeing people applying genai to specific use cases where they excel like uh converting accessing data and converting getting insights from documentation or information which is available in out there. Also I think one thing that gives me a lot of hope in how this will evolve and how genai will be used in uh cyber security is what put mentioned in the

previous question like uh AI is getting democratized previously it was AI was like sort of the domain of data scientists data scientists would work in a silo they did not have many of the data scientists didn't have security context so they would have to pair up with security folks now you have lot of security folks starting to use AI experimenting with it and thinking about how AI can be used to solve their problems. So I think this is a very positive uh development and also geni makes it very easy to experiment with stuff. So previously data scientists would spend a lot of time getting access to data was a big problem. They would have to set up the experiments do the

experiments and then try to convince the exact sponsors about the validity of the results and how why it was important to build those kind of product features. Now there is a lot of backing from the execs themselves because of all the um sort of popularity that Genai has received over the last couple of years. There is a lot of backing from execs and also it's a much easier to prototype and build and lot of new frameworks are there which make it very easy to for non-data scientists also to build uh genai applications. Yeah. Yeah. Totally. Um I will add that um in addition to uh what you both said um to really tap on to um right harness

and realize gains um what is also going to be important um is access um to the right data and then training models on that right data sets um because I you know that will be the differentiator because you'll be focusing on a specific um use case right so if it is a cyber security product meant to solve XY YZ um data around that has to be you have to have models that are training um based on on that data and then um you know evolve uh based on that but um they definitely u see the transformative potential here and very good point about the data part and I think one of the things that we are seeing now in

enterprises especially because a lot of the data has been uh generated or built for the systems for these collecting this data has been built for non or pre-Genai sort of world. Now people are realizing the importance of how how important it is to have clean data and have it all uh properly stored in a place where it is accessible for the AI tools. So lot of changes are happening in that area as well and I think progressively this will result in better products being built uh using AI. Yeah. So now that we've seen the and talked about the grow in growth of AI in many sectors, what ethical concerns do you have this about this growth in AI

like bias and algorithms, privacy privacy issues? Yeah, I can I can take that. Um so I think it's uh definitely going to be um very imperative um that um the technology as we advance through um you know technological advances um we are using um representative and diverse data sets um the algorithms are transparent um they are explainable so especially if you're using genai um tools and technology um you know is that tool providing citations um you know do you know where the answers are coming from right tying it back to um the reasoning um where it is deriving a certain um answer to a certain question I think that's that's going to be important so

the entire data cycle um from development um to use of AI systems should be done such that it helps promote trust and confidence in the technology um and that brings me to talk a little bit about data privacy um I think it's very very important important especially for enterprises um and enterprises um in the regulated space. So if you are a security practitioner um you want to consider um solutions that offer right private deployments where the models are in your own environment that way you have control over your data you could secure that data right if you are um someone who's building these AI systems which at this point uh is is everyone um you want

to be um again you know um embed privacy um right from the design process and then offer individuals as as well as your customers um the option um to have control of their data, right? Whether it is zero data retention or opting out of um storing um individual data. Um so build those within your applications um to give uh folks more control. Uh yeah, excellent points and I think this is a very good question which highlights the difference between what genai has brought to the forefront. Right? Prior to genai data scientists would build their systems ML systems which would be running in the background but most consumers wouldn't even know that they are running there. They wouldn't be

concerned about it. Now you have a lot of concern around how AI is being used. So even while building u enterprise solutions I am seeing this every day that when we are talking to our customers more than the features that we are building they are concerned about how their data is getting used how the models are behaving whether they are giving they they are giving biased answers right so for me personally one of the things that is going to be really critical in this uh uh space for AI to develop and enterprises to adopt AI solutions is going to be who's responsible ible for the outcomes that AI is providing right like especially in security for example in terms of

remediations a lot of people are starting to experiment with using Gen AI for remediation or for prevent protective uh measures right so if geni acts on behalf and as this agentic AI starts becoming more and more popular if the agents are taking action on your behalf who's responsible is it the user is it the AI is it the company which is building the application is it the company which is model models like coher who is responsible for that right I think these are kind of important questions that we will have to resolve over the coming years for really the enterprise adoption to pick up yeah and yeah I agree this is a very important and a and a very big

question um the ethics behind uh AI as we go along has been for some for some time uh I think we've been grappling it in different um uh areas of technology um in a in a completely different domain but uh for example in uh uh in the area of genetics uh we've now seen ironically or un unironically uh geni has been able to solve one of the uh one of the foundational problems of protein folding and that is now you know uh giving researchers a lot of hope in solving um you know u very complex uh genetic uh questions. that we've had. Um and and so that's in my opinion is also going to be

like a dual use uh kind of a situation where it can be obviously put to very good use but um the sort of the unfettered use of that that level of technology um can go can go um you know in a completely dark u side for us. So uh yes we we are aware of all the good and bad and again uh these are uh at the end of the day as somebody has famously uh called them out and I love that term uh these are all stochastic parrots these uh these models. So um so the the it's garbage in garbage out at the end of the day. So uh if you have a lot of

bad data that that you've used in and uh in training them then obviously there's there's going to be uh bad results coming out of it um and then who's who's the who's the decision maker to to figure out what what data is good and bad. So again I I I believe the market forces will eventually uh you know come into play here and uh the democratization will uh eventually land us in a place where we we have these sort of agreed mutually agreed uh sort of rules around uh what what uh the governance of of these models the data that is used uh to train them uh has to be and um like I said I'm I'm hopeful of

the future but uh right now this is a big question uh which you you know sort of has to um unravel itself to us and one of the things that you mentioned Kathan that's very interesting is about how AI is being used dual use of AI right and this is very fascinating because as we are trying to figure out how to use AI for securing our systems bad guys are also figure trying to use AI to attack these systems so how it's going to be an interesting play this is a good time for cyber security professionals because they they can use the jai tools to build protection mechanisms but also it's going to be a race against attackers who

are going to be using them for lowering the bar to attack systems right yeah and to the point of I mean this the conversation that we are having this is an area that is rife with opportunities right I mean uh in terms of uh how do we secure our future how do we you know uh have these opportunities I mean there's there's there's a lot of work that needs to be done in this space um in order at at various levels uh at at the government level at the at the individual uh you know organizations that are building these models. Um there's a there's plenty of opportunities uh not just for technical uh expertise but also for this you know

sort of uh governance and uh control of of these models. Yeah. All right. So transitioning from ethics what skills should cyber security professionals focus on to say stay relevant? Do you have any technical or any soft skills that you would recommend? So I can start with one thing like uh everyone is focusing on the AI technology itself right like uh people are thinking about prompt engineering zeros few uh using fine-tuning or using retrival augmented generation agentic AI but one thing which uh coming back to what kan was mentioning and to the previous question right like it's very important that now we start security professionals or people working on the AI stuff have to learn not just the

technology but also other stuff. So for me personally over the last couple of years have had to interact with a lot of infosc uh legal teams within our organization which in the past was very limited. We as a as a data scientist in a product organization we didn't have to interact as much with the legal or understand the consequences. Now it was a separate team which would handle it. Now because AI is so new to everyone for all these functional teams as well for legal for infosc we have have to collaborate work understand what their challenges are and try to explain what we are trying to do and work together to come up with sort of explanation of what

we are doing so that we can put our customers minds at ease because they are worried about how AI is getting used within the products right so yeah yeah so um I I totally agree agree to Um I will say that um in terms of skills um nothing better than using the technology on a regular basis um you know it sort of helps you build perspectives um whether you're trying to secure it whether you're trying to exploit it or whether you're just getting started and right um you want to learn it. I think that's that's number one right the more that you use it the more um that you will understand um on the various

aspects of right how it interacts um what are the various things um I do believe that having a good um good foundation especially um you know for um even if you're not building models um that that does help um Coher does have a LLM university that's um freely available um I'm sure there are plenty of other resources uh but it helped me um quite a bit and then even um you know there are so many newsletters podcasts this stuff is moving so fast that it's very very difficult for anyone to keep up right so I think you know um I use right tlddrs of like all the tlddr summaries that I've signed up with right

so and then know that's something that you could do um as you're trying to do that have a list of right things that you want to do plenty of I think applied gen AI and security is a great newsletter. There's TLDDRI. I'm sure a lot of people have used it. Um, and then plenty of podcast. Our friends here um also had had some uh this morning. But, you know, stay up to date. Um, and that helps you uh quite a bit as well. Yeah, I agree. I mean, there's I think there's um nothing uh scary about adopting uh these new uh technology. I'm sure many of us are already doing that. um you know all our Zoom meetings are

now you know um have these note takers and what what not you know joining in and uh taking notes and they're I mean varying degrees of you know uh good and bad there and they're getting better over time and um uh I mean that that'll be a regular like a like a feature that we take for granted eventually. Um, so there's, you know, there's lots of things that we can easily adapt on a on a day-to-day basis to get yourself um acquainted with what's going on. Like Pa mentioned, this this space is moving really really fast. Uh, so it's it's important for us to, you know, at least keep um keep up with it to to to a

certain level. Um and I again at the beginning of the conversation uh uh Jay mentioned you know the the transition from um you know the sort of the horsedrawn carriage uh mode of transportation to you know the the automotive trans that happened at the beginning of uh the 20th century. Uh and I mean we we probably were not I mean we will not have the full perspective on it but I think we can imagine how that would have been. There were a lot of changes happening in the in the society at that time as the ad as cars became more and more common. Uh a lot of uh older jobs you know going away and newer

uh newer technology, newer jobs uh coming into play. Um I'm sure there was a time when you know uh there was there was a lot of work uh in just cleaning up the streets which were you know which had horses uh you know horserawn carriages on uh going on them uh up and down but those those just went away one day right I mean there there was no horses on the streets anymore so there was no reason to clean them uh in that sense so um so that's that's the kind of you know the transition that we're going it's happening at different levels you know it's not just uh uh not just the low end but also the higher end uh in

terms of um the analyt analytical capabilities of AI the thinking and reasoning capabilities of AI uh I mean those are like uh phenomenal uh in in some ways if you if you start looking at them um but then again they are very specific to enterprises that the enterprises are going to take their time to decide and we as as um uh as participants in this space have also have the time to you know sort of um uh sample uh all of these uh all of these innovations as they come along and we should uh and that will give us and that will you know sort of uh prepare us for what might be uh what might be coming in

our future. Uh I think it's I think it's a brave new world but I think it's it's going to be exciting. I would just like to add one thing like both of you stressed on the part that there is so much innovation happen happening in this space every day right like it's very it can be daunting at times to know what to focus on so I think the key takeaway like pa mentioned also that it's just to get started right like pick a problem pick certain technology pick a framework and start playing around with it as you get more and more familiar with that you don't have to learn everything that is happening but just start with the

problem that you half and start playing around and seeing how you can apply AI to that particular problem and then you can expand to the other technologies. Awesome. So lastly, how do you strike a balance between AI automation and human judgment and what is the best way to make sure humans still have control over critical security decisions? Yeah, I can uh I can start. Um I will say that um the balance here um is really um using AI to augment um workflows right so um you're using AI for um for speed for scale right think of it as um um a partner collaborator for things where it it will be a force multiplier for routine tasks and then

have a human in the loop um for um decision making um and And um you know no matter uh if you could take away one thing um from this entire talk I think you know it's it's that real world problems and challenges are using AI to enhance capabilities right not not replace so um whenever whoever right we're building these systems um it's important that the human in the loop design for validation verification um is present I think that's that's how it's going to um help us u harness the true potential Sure. Yeah. So, um, again, I I don't think it's it's um it's it's it's that scary a scenario. I don't I'm not looking for

I'm not expecting like a doomsday uh kind of a picture here where AI might eventually, you know, sort of take over. I there's there's a lot of conversations going on around that. But, um I mean, we we are we are at the, you know, cutting edge of these uh these some of these technologies. we are uh we're using them uh to build better products. So we very closely working with you know some of the uh very very cutting edge foundational models and augmenting them and and uh you know using them for very specific use cases. Uh I think they really work well for uh like I said specific tasks right now. Uh and they and we we've seen them struggle at at uh

very very ordinary things. Uh there was um and I've tried this myself. There was there was a uh a meme going on some time ago where you some of the even the top uh chat um portals couldn't count the number of hours in the in strawberry for example. I don't know I don't know how many of you have seen that but I I saw that myself and I was like surprised a little bit. Um and um but then I mean it was I mean not to just rate the the the technical abilities there's there's a lot that goes behind uh counting uh you know the words uh the letters in a in a word uh if you look at it and to have an

LLM be able to do that is is a different is a different question altogether. uh regardless of the mechanics of the tech techniques behind it uh I think you know there are certain gaps there are certain reasoning gaps that that are going to be solved peace meal uh as we go along so um and I I don't know who who knows may maybe we might reach that you know that singularity in terms of uh you know uh the AI became becoming uh AGI or whatever uh I mean I I would I would hold my breath uh for that so I think we are I think we are uh we are okay to you know sort of uh go with uh

with the the the really specific use cases solving them really well for for the customers and you know you know generally the world um and Alphafold and all these uh these things have opened up a new frontier for us. So those applications are really really uh going to be useful uh uh going forward and I hope that you know we we continue down this path and and better ourselves I guess. Yeah, and I I agree with that that I think the challenge right now, the biggest challenge for AI in enterprises is going from demoare to actual production systems and having the promise of fully autonomous systems, right? And like Prudav also mentioned that there you expect the right now you

want to have the human in the loop helping out with the decision- making. AI is also doing a lot of the decision- making but humans eventually have to supervise the output from the AI. I think the key litmus test for AI especially in security would be whether these systems how well they develop in terms of taking the humans supervision decision making and incorporating that back into the AI systems to make them better. As the AI systems start incorporating that, whether it's at the model level or whether it's at the application level, right? As these systems get better at doing that, then the amount of workload that human beings have to do will progressively start getting smaller and smaller.

Great. I think now's a good time to trans transition over to audience questions. Um, one advantage of Gen AI is its ability to handle unstructured data. How does this enhance our offerings in cyber security? Yeah. So I can answer this like so especially the uh lot of the security products when we were building we would stick to structured data sources because it was just easier to query them easier to get information from that. I think with uh Genai's ability to handle unstructured data it has become it opens up a world of possibilities for security products. There are so many things with Genai. You could uh download all the information about threat intel, about vulnerability and use Genai's abilities

to sort of query for things there. Or you can use that to even generate policies or extract information when you have alerts or other things. Security products previously would just generate the alerts without giving any much explanation about why or what is happening. Now with GNAI's capabilities to handle unstructured data, all of these can be combined with the alerts and you can have much richer context that is provided to the security professionals. So I think definitely uh the Genai's ability to handle unstructured data is improve will continue to improve the security products and make it easier for cyber professionals to use these products. Yeah. and and we have been you know we've been dealing with structured data

for all all our lifetimes essentially and there's still a a lot of that um uh in our systems but uh you know there's the there was this vast untapped resource of this um uh unstructured data that now we we seeing I mean Google search used to be the one that used to provide access to it uh in again a structured way uh I think what LLM have opened up is you know they've brought all this unstructured data the whole worldwide web uh essentially of of uh of information uh to us uh in in a in a conversational kind of a unstructured manner. So um that is a definite um you know plus for us has been a definite

plus for us. Um what it also eventually will do is open up the unstructured content that exists beyond I mean the in the sort of the deep web uh behind behind customer firewalls and the intelligence that exists there or the insights that that that can be extracted out of the out of those um there's there's a lot there right I mean think of you know all the conversations that uh happen uh within a you know a productive team um on a on a daily bas And that's all unstructured. That's all completely, you know, sort of uh and they might be engineering, there might be business decisions, all of those uh that's that's valuable that that can be

drawn upon uh as as a source uh to you know sort of um make decisions uh for an enterprise. So that still remains to be you know um uh you know captured uh and it will I think eventually be and uh those are the ones those are the unstructured you know pieces of information that are going to drive decisions uh for the enterprise in the future. Great. So a look at Palo Alto are we seeing more use of AI tooling or insights from your team being consumed by unit 42 team. So you not particularly just from my team but in general AI is being adopted across different functional units within paral networks whether it's uh unit 42 or it's

marketing HR but specifically for unit 42 and uh other teams as well for sec they are able to generate a lot of lot more insights using genai so they are building out their own AI capabilities now as I mentioned now it's not just product teams which are using genai but also security researchers, threat researchers, everyone is using Genai to automate the workflows that they have to get additional information from the worldwide web, right? So, it's being used extensively within polar auto networks. Awesome. So, in your opinion, how will the AI revolution transform security jobs? Please provide examples if possible. So I'll use um a couple of examples that um our teams are currently um you know

um using uh using models. Um so um for example right secure code reviews um we have um embedded um use of models um into performing security um code reviews. Right. So um it acts as um sort of right um you know a precursor um and then provides u provides guidance um and then um no there's like verification and then you could extend it further uh to deploy um there is another um use case that uh we've seen a lot of operational efficiency gains is for example I think due diligence questionnaires is something that a lot of um almost all um infosc teams teams have to um go through, right? So, if you have knowledge bases with all the the

information um you know it's um fairly simple to sort of write hook it up to write assistance and then um uh transform that in the way you respond to it. Um so I think those are the two that we are actually um using quite a bit. Um and there's um you know uh plenty of others as well. I think game changer for sock especially around unrip structured data. um you you you will have access to all this data and then right um hooking it up to the right systems um and then um getting that information um could be a gamecher. Yeah, I think J has applications for lot of lot of different areas within security, right? Like even

for say sock just like you mentioned for sock for posture management analogist to detect detection engineering for writing policy rules lot of these geni uh technology can be used for generating policies for different areas whether it is your CSPM or KSPM ASPM right like so I think gen has the capability to transform the workflow of whatever people are doing not just within the product but also their day-to-day activities it is like scaling policy generation or scaling detection rules those kind of things. Yeah. And and yeah, you're right. The scale is the is the key word here. Uh these things take time. I mean uh take remediations for example, right? I mean this is one area

where um I mean there's plenty of solutions that you know can provide that can point to uh issues within uh within your security posture and your your vulnerabilities and whatnot. uh can you can you provide me the actual steps to uh you know fix that and and that's where the you know delays start to come in then then there is you know um uh oh I have to I have to come up with the script and and I have to you know deploy this across uh my cloud or my data center I mean how how badly do I want to do this um you know the prioritization beh so all of that uh can be made pretty simple now we we touched

upon an earlier question of you know um where's human uh oversight into this and frankly I don't I don't have a good answer for that right I mean where where does that stop uh I'd like it to be as automated as possible uh if I ask uh uh a bunch of our customers the CISOs and the CIOS uh they will say the same thing but they also uh want to be cautious about the implications of that right so uh what if you just push a bad patch and and just host the host the whole uh uh enterprise network so those are real uh problems Um I was reading about something where uh hallucinations are causing uh models

to uh give out um bad dependencies uh as as fixes and then attackers are piggybacking on those to uh to sort of inject uh actual malware into into our applications. So that's a real thing that is happening today. So um uh so I I would say you know use with caution is is kind of the is is kind of the key uh suggestion here. Uh but I see again eventually these these problems getting solved uh piece by piece. um unstructured data we talked about that there's there's a lot that we can do in terms of you know uh automating these workflows which you know questionaires that Bruta Bruta talked about uh assessing you know um uh vendor uh uh

you know security posture so we can we can really expand the envelope in terms of the security using using AI and scale uh so that's where I see a lot of these applications in the future awesome thank you so much guys Let's give these panelists a round of a hand. Round of applause. Thank you. Thank you. Thank you. All right, Jay, great job today. Thank you for doing this. Uh folks, what do you think? Was that pretty good? I agree. Yes. Uh so, quick reminder, we still have uh coffee upstairs until 400 p.m. And there's also going to be uh drinks if you haven't already up at the chill bar. Uh, these are all upstairs

above us here in the um, oh my gosh, I forgot the name. Garden view, metran view, city view. Thank you folks. Appreciate that. Uh, also did not know that uh, did you folks know that there is a prayer in mother's rooms uh, tucked away here on site? Good, because I didn't either. So, that's good. Uh, please go upstairs to the info desk. They're going to give you direct uh, directions to where those facilities are on site here. Uh, and again, I keep reminding every show here, we've got head shots. It's really easy. Just, you know, just I don't have to worry about my hair, but just fix your hair, get the shirt the way you want it.

I have for one year now, I've been using my head shot from last year. This year, sponsored by Opal Security. Let's give them a shout out and thanks. And also again to our entire panel. We got some gifts for you. Again, care of our our sponsors. Thank you folks very much. Appreciate it. And thank you, Jay. Have a good day everybody.