Slaying Dragons Together: Multidisciplinary Solutions to Security Issues

Hello everybody again. Great to be here with all of you. So uh if you guys want to have any uh questions by the end, you should take this uh picture here. We are going to start now with a panel slaying dragons together multi-disiplinary solutions to security issues with Stanley Bar, Mary Yang and Leslie Anderson. Thank you every very much and uh by the end if you have any other questions please take those upstairs at the city view and you can ask them. Thank you very much. Right. Thank you. Um so I'm Mary Yang. I'm going to kick off our chat today. Um it's really going to be a little bit fluid. Uh but we did

talk talking points. Um so hopefully you guys find this exciting. Um this is just a little bit of a bio on each of us. I'm not going to read through most of this. I will say um that Stan is an incredible MITER researcher. Um he'll be talking a little bit about some of the stuff he's done today. And Leslie Anderson um is also with the MITER Corporation um is an incredible strategist, broader u maker of things and and person who gets things to move um in uh places that uh sometimes don't want to move. Um I'm Mary Yang. I uh run marketing for a variety of um startups and organizations. And um that's kind of our

bio for today. Uh we're going to jump into the program agenda slide. Uh we figured we'd give you a little bit of a map of the conversation today. Um, one of the things when we were talking about um, the work that uh, we've done together is just sort of how isolating and um, difficult it can sometimes be as a security practitioner. Um, and it can feel like, you know, you're kind of in the trenches by yourself sometimes. Um uh but one of the things that uh Stan has found and that Leslie and I have found is that uh there's a much broader community and a bigger community um besides being one of them that really

can enable you to um think more broadly and uh leverage that community to solve some of your challenges that you're having. And so that's a little bit about what we wanted to talk about today. Um, and really coming from that perspective of like how do you break out of um moments where it feels like you're in it all by yourself. Um, okay. So, uh, the sort of power of community. Before we dive in, I think we wanted to talk a little bit about the experiences that we've seen in um, uh, in community and how that's been helpful for us. And so Stan, I was going to have you talk a little bit about, you know, these are um some broad benefits

we would say of community. Um and you had a couple of thoughts on some specific ones. Um leveraging community to help with your problems. Yeah, I mean um this whole thing I I think hopefully we're each going to take a little bit of one of these things. Um I think that part of what we what I found working with community is that you really do need people who have a different viewpoint than than you right as a technologist. So I think what we're the way we've broken this sort of down is uh I built some technology in some of these areas and uh Mary did helped us a lot with our marketing and our market

analysis and looking at what we needed to do outside of our corporate environment and how we reach out to to other people. And Leslie was our strategist and Leslie understood, you know, how to speak officer. And as a uh as a technologist, you don't always know how to speak executive, right? And we call it officer where I'm from, but it's really like I have a cool idea and sometimes I get wrapped around that axle. And so the idea uh and the power of a multidisiplinary team is that like I can have a good idea and Leslie goes, "Okay, okay, we just got to we got to fix this. We got to be able to say it

this way. we got to talk about that market need right what is it what is it going to do for them so I think that for me you know the idea of having uh a multiddisciplinary team in ideiation and idea generation is sort of like sometimes I'll have a a big idea about a technology or an innovation but I need some people to help me ground that in uh what we need to do to actually go to market or how why does anyone care about your idea right and that sometimes that's a struggle for us we have a really cool technology, but we don't know how to apply it. And that's why you need other people to help you connect it

to a corporate vision, especially if you're in a in a company. And not only a corporate vision to get that buy in, but also um just because it's important to you and your company, doesn't mean it's important to anyone else. And that's where you need someone who can read a Gartner uh report and explain to you what is going on in the world. So, I think that that's one of the things that I'll just talk about there. I love that, Leslie. Um, sure. So, I think um I was telling these guys earlier that I'm always going to default to sort of people as um the primary driver of of all things that we do. Um people's needs

and people's motivations. And so for me, the the two elements on the bottom here, improved communication and building trusted relationships have always been paramount to um the power of community. And I don't know how much you know about the MITER Corporation, but um we're a we're a big nonprofit full of technical experts like Stan and we operate these things called federally funded research and development centers. Um because of our status as an operator of these FFRDC's and um our nonprofit posture uh we don't um have much conflict um of in the community. Um, we're generally trusted by our government sponsors, our government customers, federal agencies mostly, um, and also by industry to sort of be a good mediator, um, of ideas,

sharer of information, um, with no profit motive. And so, um, it's a privilege to work at a place like MITER because you get to be the connector across all of these communities. Um, and paramount to that is building these trusted relationships with other practitioners inside the community. um and being able to communicate with um clarity and um perspective expertise uh the perspective of expertise across in our case government and industry. Um, and I think that, um, our ability to have those trusted relationships is what allows us to really innovate as part of the community and give back to the community um, in the way that we have and the way we'll get into um, in the frameworks

we're going to discuss in in subsequent slides. Yeah. So, we're going to uh give you guys a couple of examples of what we're talking about when we say collaborative frameworks um and talk a little bit about how they got built um firsthand knowledge from the team here and then we'll talk a little bit about how you can do it yourself. So, the first one up is MITER attack. Um I feel like every security practitioner knows about MITER attack, but I think a little bit of the um sort of origin story might be helpful. Um so, Leslie, can you tell us a little bit about how it all got started? I would be happy to. Um, attack

is something that probably everybody in the room and online is familiar with. Um, attack was one of those very first frameworks that MITER released into the public domain um with the intent of uh raising the cyber security posture of the community. Um, it was created from a need to understand and um categorize threats in a systematic way. It was not our intent or the team's intent. I wasn't around at MITER whenever attack was created back in 2013, but it actually started um at Fort me at a project called the the Fortme experiment. And the idea was about uh the team wanted to improve detections of APS and document um the tactics and techniques and get away from just

relying on um IOC's. And so Blake, Stum and team began this project and kind of the light bulb came on, you know, Stan was Stan was around at that point um during the during the research that they were conducting that this would be actually a really great thing to release to the community. And so at the time um our chief security officer Gary Gagnan um was very bold in his decision to release the first attack matrix um publicly. Um and now we we have a full knowledge base that is the attack that um you know and love and in fact a new version was just released a few days ago and so I encourage you all to go online

and check it out. Um attack as you probably know is now a communitydriven framework. So while MITER um manages and operates attack, it really is um completely dependent on uh AP I'm sorry on TTPs that we see in the wild that are reported by you all analyzed by the attack team um brought into the knowledge base and then and then shared globally. Um and I think also another point worth noting about attack before we move on to um the next uh framework is that it really I think marked um a milestone in MITER's advocating for threatinformed defense for this idea that we're going to take a look out at what um the intentions and techniques of

our adversaries are and plan our defenses accordingly. Um so yeah um do you want to say anything before we move on? Uh Dan uh no I'll wait till the next slide. Do you have anything you want to add to that one? So I think maybe the only thing I would add on the attack side is you know before it feels for folks who um uh have you know just kind of gotten into security in the last 10 years or so it might feel like attack has been around forever. Um but the uh idea I think the idea to release it um is something that was very bold at the time. That's not the kind of stuff that

was being shared publicly, right? There might have been IoC's being shared inside a place like the FSISAC or something like that, but for the most part, a lot of that um knowledge and information was kept very closed inside of the organizations um inside of, you know, businesses that might have been um compromised or attacked. Uh a lot of that stuff was just very secret. And so this idea to share it out broadly with the community was very revolutionary at the time. Yeah. So we're going to talk about miter engage, right? So miter engage here. Let me just see if uh we're on that slide. Just making sure that we are. Um so miter engage actually started from our

idea of doing justice. So uh we started with MITER in deception. Uh Adam and I were on the on the team that that did started doing the first deception research at MITER. And the goal with it was is if for those who have been around for a long time, who here was doing defense in uh the 2000 as anyone out here like there you go. And I think everyone who was doing uh defensive work in two in the in the as the mids, you know, there was uh patch Tuesday, right? And every time patch Tuesday came out, we knew that some things were going to be really good and some things were going to be really bad, right? Because

uh the ones that didn't get patched were going to be uh you know, we're going to see those the next day. So when we were looking at this, there was no unclassified reporting like now, right? Every every time I've been here a couple times, uh seen a couple talks even even this weekend where people are like here's how these on tax unfolded. So for a DIB company that a defense industry-based company like MITER, we were attacked by nation state actors. Um and the only type of intelligence that was available was from the government. It was classified. It wasn't useful to us. It wasn't useful to the defense of the company because you know it was it

was sort of like what they had seen. So what we had decided to do was focus it on what we could see at the MITER Corporation. And my boss came to me and he's like, "Hey, can we is there any way we can look inside these encrypted channels? Is there anything way we can see what's going on in the host?" I'm like, "Yeah, no problem." We So, we built a whole bunch of tools for being able to look inside uh of the encrypted communications that were going on. We built tools to do forensic analysis of, you know, what happened on those hosts. And we were suddenly able to understand not only the emails, the spear fishes

that came in, but what came next, right? And um so a lot of times the only thing that people in the community would have is maybe the spearfish and whatever vulnerability and whatever was the initial call back. But um that didn't that didn't give everyone a lot of information about what would happen next if they even if just one of those things had changed. Right? So by us running malware we started to understand those TTPs. We started to understand how uh how our actors were operating when they got there. And so we're able to learn so much about that. And so you know engage started out uh for a number of years being uh stuff we did and we didn't talk

about right. So attack really came not this is not saying that attack came out of all this work but we fed into things that they that they used and uh there was a lot of other things that came that allowed attack to bloom and flourish and and a lot more important things than than what I what I was working on but you know it all came together in this in this whole thing of MITER and and this whole enterprise of looking at what was going on and that was really exciting and and I'll just say that right so we spent uh about 10 years working in silence until we came to RSA and I think

2018 I think that's that's was it and that's when we decided to open this up and our our CEO our our siso said I want to open this up I want to talk about it I want MITER to do what they've done with attack in deception and start talking about things and I'd love to have you guys jump in here do you guys you want to jump in the only thing I was going to add at this point is that um you know the timeline as we're presenting it is in order of publication. It is not in order of the the work and the research that was being done. A lot of what the team decided to

publish around attack came out of the work that was um grounded in in those early deception operations. Right, Stan? And so this engage matrix came out years after attack um because we started to think about okay well how can we teach organizations to do what we do and um to identify um the threats that are specific to their to their own entities. Is that I think that I think that is true. Yeah. Um I think the only thing I would add is you know so um if I'm thinking about this in this multi-disiplinary approach Stan and technical team are in the trenches they're doing these deception operations they're capturing all of this information they're documenting it

they're um putting a bit of I think structure around what they're seeing uh categorizing things so that they understand kind of where things are what kind of um activities might be used and And then um one day I got a call from Stan and he was like, "Hey, you know, you you've like talked to a bunch of people in the industry. Do you think anyone would be interested in talking to us about all of this data that we've uh basically amassed um from our deception operations?" And um I I said, "Sure." You know, there's nothing like reaching out and trying. So, I emailed every deception vendor on the market and asked them if they wanted to come to a closed

workshop um to talk to Stan um and uh get a better understanding of what they're seeing in the market and what they might need um and what their customers were seeing or their prospects were seeing from a deception technology perspective. Um that's what we did at RSA in 2018 um in a small little room not far from here. Um, and we had some really good conversations that came out of that. And I think that sort of kicked off um, a deeper dive and a little bit more of a process in creating what you're seeing above us, which is the actual engage matrix. Um, and I think we could I mean we could go on to the next

slide maybe around how to build collaborative frameworks because this I think really is something that Leslie can dive into in terms of the sort of strategy piece and the business piece. Um, I basically worked on doing a bunch of that outreach and gathering people together. Um, and then Leslie worked with Stan on a few other pieces. And so this is kind of that how do you do this yourself and we'll walk you through that. Yeah. Um happy to at least start on the business and strategy piece and then chime in with you know as we do. Um so we've talked a little bit about the impetus of our um of our syso saying hey we really want to make sure that we

teach other organizations how to do this. Um and so we had a business goal that we were driving after. And the first thing you always want to do when you're planning your strategy um around any any business strategy or technology strategy is to line your cyber security goal with your business objectives. And their business objectives are to reduce their risk and protect their IP. And so um our syso thought that that it was imperative that they learn how to do this for themselves. Um it is also important to have the cross crossfunctional collaboration and to build that team from the very beginning. Um I don't uh I wasn't there at the time of um attacks inception but I can tell

you that it was a much more organic process than we used whenever we were um working on engage. uh we had learned over time Mer MITER had also built out its um its uh teams to be much more multiddisciplinary particularly in cyber security and so we were able to connect with each other and leverage each other's skills um much more um naturally and from the beginning of the process and the reason I bring that up is because when we were working on engaged one of the things we did from the very beginning and this may seem like such an like a captain obvious statement but we brought in um a user experience expert and we wanted to make

the design of engage to be truly user centric versus technology ccentric or technologist centric. Um and we brought her in from the very beginning. She met Stan. She heard all of his crazy ideas and we started to kind of organize as a team um the engage matrix as you see it today. and uh she was part of our focus groups that we conducted after our RSA meeting with all of the vendors. Um I think it's fair to say I think we have one of our one of our um attendees from that very first meeting at RSA in the audience today. And uh safe to say they thought we were a little crazy to get a

bunch of competitors together to tell us what they thought was really important about deception technology. Um but but they did. Um and again it gets back to that trusted relationship and when you start building you know the the team from the beginning you get a bunch of um different skill sets and different ways of looking at a problem and you get um people who have different motivations in the room and you build a trusted relationship. You know the the foundation of all of this was that we were going to work together to create something that was going to kind of lift the entire community. Um it kind of just continues to build on itself. Um I think

the other points I wanted to make about you know the the intersection of strategy and business in in this um approach is that um you always need to be thinking about your risk from the very beginning. Um and you want to make sure that what you're building is scalable, adaptable and adaptable. Again, that comes back for us to making it um a user centric matrix that could go um and be that could be adopted um beyond just the hands-on technologist community. Um and of course, you want to make sure that you're considering compliance and legal whenever you're um planning your strategy and your business and you're thinking about your business objectives. Um again underpinning the

trust element was the relationship that our syso had with our general counsel way back in the beginning whenever we started um conducting deception operations. Um they had a very longstanding business relationship um uh as MITER colleagues and like fundamentally she trusted him. some of the things he asked her, the SISO asked the um chief legal counsel to do um were risky. There was no precedent for an organization conducting operations quite the way he wanted to conduct them. and um they came to an agreement about how they were going to approach this um deliberately um I forget the word we were using earlier but um deliberately and and with an eye on risk but um to

not step away from what they thought was going to be a really effective um approach to gathering the information that was necessary. So um I'll hand it over to Stan. Do you want to talk a little bit about technical aspects and Mary for marketing? I'm going to start off with the uh the business leader and and I'm going to just talk a little bit more about our syso for one minute. Right? So I'm a technologist, PhD computer science. I do a lot of technology stuff, right? And um and I didn't work with I didn't know either of of my partners here uh before Gary introduced us, right? And so our siso, our, you know, senior vice president at

the company's like, "Okay, bar, like, you can do technology, but you're not going to be leading this out into the world cuz no one wants to hear you talk crazy like you always do, right?" And so Gary set us up together, right? Gary Gary, this our our siso brought us together. And I think this is one of those things that as a uh if you're out there and you're in the seauite, if you're a senior VP, it's on you to create these teams. And when you enable the technical people and when you enable the marketing people and the strategy people and you tell them and you you teach them how to work together and you

build that trust with them, they will have relationships that that allow them to do great things and that those relationships will span and stand the test of time. Like Mary doesn't work at the company anymore um and she left to go off and do bigger and better things. Um, but you know, we like we look for opportunities to speak together on technical and and and outreach things because it was just because of what uh how we were taught to work together. And I think that sometimes it's hard for for strategists and marketing people and technology people to work together. But uh once you get into that relationship and once you put some effort forth in

trying to understand other people's positions, all things are possible. And I think that's I think that that and I think the technology is important. And by the way, um I'm here on the stage talking about the technology, but it wasn't it wasn't just me. There are people who made many many things that uh were very profound for this. Um I had I say I had my part and there were other people who had many great parts and and some that were much more successful than some of my things. I'm just lucky enough to be the technical guy on stage today. So, I don't want to I don't want this to sound like it was just me. There were

many great people. I'm not going to name names because I didn't get uh permission, but there are a lot of great people who did this work, too. I think that sort of just um reiterates that power of community. I know how many folks were part of um the development of engage including um a lot of those technologists and like technology vendors out there um and others as well. So, I would I would agree with that. I and I just I would say that there's somebody in the audience, we won't call him out. Um but he uh you know when we did our focus groups, right, we we went to these people and like what do you

think? Right? And they're like I like I understand what you technology guys talking about this. I'm a I'm a vendor I need to sell. And we're like we sort of re we thought about this because we wanted a framework that apply uh that where the technologists could use uh but we also needed something that allowed the vendors to help them articulate the message and also something to hold their feet to the fire right so MITER that's what they were all what we were all about there was give them something they can show the value give something that uh that people can ask does it do this can you do this with it and that's you

know both users and the vendor community we're trying to represent I actually think that's a great sort of backdrop to this second step which is around trying to find some of that common ground, right? Um, a lot of I think those conversations were happening. That first one was a little bit crazy. I do think everyone thought we were nuts. Um, but uh afterwards it was about having the one-on-one conversations if I'm understanding it correctly. Um, and trying to document that and find some common ground. Um, can you guys share any anecdotes from sort of the process post that first meeting? Yeah. I mean, so I I'll start and I'll let you continue. I mean, it was so, you know,

we' done a lot of research in this and there was a lot of things that we had to figure out how how all this stuff fit together. Engage. I hope I hope you guys we didn't actually talk about what the the framework is all about, but uh maybe maybe we'll come back next year like everyone tell us we did a great job and they'll invite us back next year. Um but the the important thing was is uh is to when you have all that documentation in any sort of research program or process, you just dump it out on the table and then you sort it and then you try and figure out what makes sense. And as we

went and as we did these focused interviews, like I had no idea what a focus group was because I'm a technology guy. I do science, I do engineering, I I make crazy ideas. But, you know, with with people like uh Leslie and Mary, they were saying, "Okay, if you're gonna talk to companies out there, you got to have a structured message. You've got to show them what you're thinking and you got to be able to willing to take some lumps when they say you're crazy." Um, and you know, help us organize it. And so, what we did is we threw all the stuff out on the table. We gave some ideas about how we thought it would fit

together and what we thought it would work. And then we we talked internally, tried to get something that was at least coherent. And then we went out and one by one we talked with the deception vendors uh every big deception vendor and we said what do you think about this and some of them were like I love this I don't like that I I'd love you to see do some of this and we we looked at that and we said okay well it's really just their one little niche we'll find a little place for that but it can't be the big thing right so we tried to balance all those things to be true to

the vision uh but also make it something that other people could could use do you want to do you want to continue Um yeah I mean I think you know the other example that I have that is that is a a little more distant from MITER frameworks um is that we've also done support um for the national cyber security center of excellence at NIST and uh it's what Stan's describing has been a triedand-rue method over time and so if you're here and you're interested in taking this approach to um other challenges that you um coming down the pike. Um it's uh it's worth looking at some of these other communities and um processes that have been developed by you know not just

MITER but NIST. Um for at NCCE for example um we we would take very sector focused um approaches to cyber security challenges. we would have large meetings um at the beginning of a project and kind of crowdsource um it was a little more formalized than that but we were more or less crowdsourcing the challenges that organizations were having within an industry. So maybe energy or finance something like that. Um, and then we would sort of over time uh neck down these groups to be smaller and smaller so that we could get into more detailed discussions and really start to um pinpoint what the common ground was that we were all seeing and um be able to identify those problems

that were that were truly communitywide. And then the the project teams at NCCOE would um go off with uh in collaboration with industry but also um with NIST um technologists, computer scientists, etc. um go and try to tackle these problems in lab builds and then publish the results. And so, um, it's worth looking, you know, if you're interested in in doing this, taking on a project like this, spearheading a project like this, I think it's worth looking at, um, resources that MITER has available online, but also places like NCCOE. Um, where, you know, there is, um, a very kind of rigorous, um, system that they use for for publication. Um, I was actually going to ask Mary a question a

little uh that's a little off script, but as we were talking um you know, MITER as a nonprofit that that operates research and development centers isn't really structured to um create products, right? Like we are we're not it we're not profit um we don't have a profit motive. we have a mission focus and so we're trying to create some kind of impact and um generally it's in in the name of national security uh or economic security. Um so I'm wondering you know we sort of have this way of approaching problems that is a little opportunistic maybe I'm not talking out of school hopefully when I say that it's a little opportunistic and um we kind of work

organically within the organization to identify the right people to work on a on a problem. So, if you're looking for a bunch of different people with a bunch of different skill sets, you kind of reach out to your network and figure that out. But, you know, in a in a more structured I I think of it as being a more structured commercial environment. Um, how do you see the relationships that are built across these multi-isip because obviously you're doing it right? You're you're you're following the same um recipe. Um, is it different, I guess, for uh the perspective of someone who's coming from a commercial organization? That's a good question. Um, sorry to just throw No, that's okay. We just like

to, you know, play fast and loose around here. We do, as evidenced by the way we started. um the um so I I think that um if I'm if I'm kind of thinking through the way that I would approach these things, a lot of it ends up being around um the folks that I know I need um input on or expertise from and understanding their motivations and their goals. And um if I'm I was working for a threat intel company a little while back um and um you know I'm in marketing and the goal is I was working for a vendor. They did thread intel. The goal was to sell more thread intel, right? It's not not

rocket science. Um but um the um the thing that I realized um that I was sort of missing was um examples of the research that we were able to provide to customers and uh it took a little bit of sort of working through okay I I'm not developing this stuff myself. There are experts on the team who do this. How do I tap into those folks? Um who are the right people there that can help with this? um what's their objective? What are they being judged by? What does success look like for them? And how do I get that to align with the broader corporate goals? And then let's work together to figure out what does make sense. Right? We may not

be able to do the ca the kind of deep dive um threat intel research that we would give to a customer um but we might be able to produce something interesting enough in the market that would be meaningful but also you know maybe get someone in the door to say hey I want to learn more about what this is and how I could buy it. Um so there is a little bit of that approach. Thanks. All right. Um I think I'm like kind of keeping an eye on time. Okay. Um so next one is um developing these models and Stan I think you you talked a little bit about um with engage all of the stuff

that was gathered over sort of a decade um the conversations that are happening the um the focus groups all of that stuff. Um you're kind of documenting things out. uh walk us through the process of actually kind of putting some structure around engage and getting it to the state that it's now. Yeah. So I mean um there are there are a lot of things that went into it but at at one point you know we just laid down different things and we laid down uh things that we thought that a user um as a de I'll call them a deception operator would need to think about and then we put some things down about uh uh bad

guys apt and what they would think about and then we started thinking about tools and infrastructure that we would need. Um, and so what happens is the the first the first round of all these sort of frameworks, you wind up with a hodgepodge. Some of it's about how you think about it. Somehow it's about the tools that you're going to use. Some of it is about um how other people will see it, either uh vendors or or something else or or uh adversaries or whatever. And then the big thing about a framework and this is one of those things you have to figure out is a single point of view and that when you think about a

framework it can't be my point of view your point of view this other point of view it has to be consistent and so we had to sort of like okay we can't talk about tools right and only tools or my thoughts or the adversar's thought we had to decide what is it and we we decided to put the defender first and that is the defender's vision of everything and so we don't talk about the advers adversary. We talk about how the the defender interacts with the adversary. And that was probably I think the hardest thing is to unify around that one viewpoint, a common viewpoint of the framework. And then once we sort of decided that that was it, we're going

to look at it from the defender's point of view and the defender's goals. And that and that's another piece that we decided to focus on is we decided to focus on um what we could do for goals and then uh approaches, right? How do we take our goals um and then how do we move down to the objectives and then how do we move down to approaches and so we tried to think about it that way and we had um very and once we decide that goal objective and approaches then we were able to uh to go on go on on that. Leslie do you have anything to add? Um I don't think more about developing the

the model. I think you Yeah. Yeah. Um All right. Gosh. Building your own. Um the I think that this is I don't know that we're going to dive too much into this because I think we have a couple more slides that we want to get to, but I do before I go any further and I'm going to apologize in advance because I was supposed to do this um at the beginning of the talk. But there is in the next few slides um I need to do a little bit of a trigger warning. there are um some potentially sensitive uh topics around um uh internet related crimes and so we want to just give folks the option right

now on screen and in this room to opt out. Um we are not going to judge you. Thank you. Sorry I didn't say this at the beginning of the talk. Um okay and I think the main point of building your CL we've talked about this kind of ad nauseium to this point. I think the main thing here is to recognize that you're building your collaborative ecosystem every day throughout your career with every move you make. And so, you know, what we started years ago when in that room with the vendors um continues to this day and um we continue to um leverage that community and build it out and build our relationships with each other. and it is

the way ultimately um you continue to solve problems as as a a community and an ecosystem. I love that. Thank you. Okay. Um some other collaborative uh success stories. These are all from um MITER. Um there's a few of the up here. Uh but I don't know if you want to talk very briefly about defend while we're on this slide. I was going to talk more. Uh I was just going to mention Caldera, right? In some ways a caldera is um not a framework right it is a a tool. So a lot of times MITER talks about both frameworks and tools and Caldera is an actual tool and so this is in this collaboration um Caldera is now an an open-source

thing. It is something that everyone can collaborate on and we're trying to open it up to to share. Yeah. Open it up even further. So um one of the interesting things about creating these communitydriven frameworks is that um they need to be funded somehow. Some somebody needs to pay the technologists and the marketers and the strategists to actually keep the thing to build the thing, launch it and then keep it going. Um and it can be a challenge to to continue the operations and maintenance of these tools over time because um in most cases um with some with some exceptions in most cases the ones that MITER works on are in fact funded by MITER. They're they're launched through

our research and development program and then we kind of find a way to um use MITER's uh overhead indirect funding to to keep these things going. So Caldera um is one such tool and um we're super proud of it. Uh right now Caldera is largely funded through an NSF grant um that is all around moving Caldera more completely into becoming a community-managed resource. Um, so if anybody's interested in getting more involved with Caldera and managing it, I would love to talk to you. Um, you know, after the chat after the talk today or we could chat tomorrow sometime during the conference. Um, but we'd really like to get uh Caldera to a place where MITER

is is a manager of its continued um development and man and execution, but we are not necessarily the lead. So, we're looking for for volunteer managers um who would help us uh launch this experiment. It is a bit of an experiment for MITER. A lot of the things that we've um launched to date that are open source continue to be maintained by MITER. Um and we're really trying to, you know, break new ground with Caldera and kind of get it out into the community and have it be managed by the community. So, that's my CalaRaa. If you are interested, um please see us afterwards and we can get you in touch with whoever's running it now. I think

actually maybe you Yeah, I'm I'm one of them. So, um Okay, so the this is the um uh I'm getting a little time warning. Um so, this is not just a um cyberonly type of approach. Um there's also some work that Leslie's been doing uh to build a framework around um um stopping crimes against children. Yeah. Internet enabled crimes against children. So um this particular topic is near and dear to my heart. I I am actually not the the principal investigator um for this work. Her name is Pamela Pedek and her her name is and contact information is on the slide if you're interested in learning more. Um but we are taking a page out of the cyber security playbook

and applying this to another paradigm um which is taking a threatinformed approach to um to uh mitigating crimes internet enabled crimes against children. So I won't get into all the details um of Pamela's work. We're still it's still fairly early stage. Um but she has basically um taken a an open- source approach gathering information from court records and started to think about how to um systematically categorize uh this kind of um adversary attack over time. um to better educate law enforcement prosecutors victim services organizations, families, um um you know, health and human services, any organization that that is dealing with child welfare about how these um exploitations are enabled by um technology. And so I wanted to to to

bring it up just as um uh you know sort of a provocative um thought toward the end of the talk to say it's not just cyber security issues that um can be uh managed through a community approach through an open- source approach. Um it can be things like this as well. Um and we're also just super proud of this work and um it's really important. If you're if you're interested in learning more about that, I'm happy to to share a little more after the talk or you know, you can always reach out to Pamela because she is um very much um in the middle of the research and looking for feedback from across the community, from technology

firms, from nonprofit organizations, from policy experts, you name it, she'd love to hear from you. All right. Okay. We have two minutes, guys. Um take a picture of this. Yeah. Read these books. That's the So, do you want to talk about one and then you can talk about one? Yeah. Pick one. So, the one I will I will recommend for technologists is um to just get you out of your technology focused day. It's this book by Rick Rubin who is a music producer called The Creative Act, a way of being. Um it's an extraordinary book that um encourages you to think about creativity less as of less like a process and more like a um

way of approaching the world. Um so whether you download the audio book or you read this book um highly recommend it. If you're ever stuck um in your problem solving day-to-day, take a few minutes with Rick Rubin and um he'll show you the way. It's a little newagy, but um trust me. All right, stand. I'll just say The Martian. I think everyone needs to read science fiction and have creativity. I think the great thing about The Martian is it talks about problem solving. It's a great read. It's a great story. Talks about problem solving, breaking it down, being that guy alone trying to do things. Remember that there are people out there who care about you and there are people out there

who want to help you. So, um they can't always help you, but you got to reach out. You got to communicate and uh keep working. Keep uh keep striving. I love it. All right. This is our things that you can do. Stan felt rightly and I'm so proud that you were like, "We need a call to action for folks in the audience. This is our call to action. You guys are all at Bides. It's a great community." Um it's, you know, we're here in San Francisco, but obviously um spans the globe. Um join your community, reach out to folks. Um talk to people about some of the challenges you're having. start to build that trust. Um,

and then, you know, if you if you ever have questions along the way, I mean, MITER's definitely here to help with that, 100%. Yeah. And we just got our one minute warning, so I know we were going to take questions. I don't think we have time for questions, but if you do have questions, you know, feel free to come to talk to us after the talk. Um, you can find us all on LinkedIn and, you know, we're we're all about the open source collaboration. So, you know, please reach out. Thank you everyone. Thank you guys. All right. Thank you very much. Please, a round of applause and thank you for sticking around till the last talk. This is awesome. That's

awesome. That's right. Thanks for our wonderful sponsors as well. And uh we have still have the opening remarks and as they said, if you guys have more questions, they're going to be outside and they can take them there. Thank you very much everybody. Okay.