.gif)
Unspoken Security
Unspoken Security is a raw and gritty podcast for security professionals who are looking to understand the most important issues related to making the world a safer place, including intelligence-driven security, risks and threats in the digital and physical world, and discussions related to corporate culture, leadership, and how world events impact all of us on and off our keyboards.
In each episode, host AJ Nash engages with a range of industry experts to dissect current trends, share practical insights, and address the blunt truths surrounding all aspects of the security industry.
Unspoken Security
The Growing Movement of Digital Investigations
In this episode of Unspoken Security, host A.J. Nash sits down with Ramesh Rajagopal, Co-Founder and CEO of Authentic8, to discuss the evolving landscape of digital investigations. They explore how modern intelligence teams navigate the deep and dark web, conduct secure open-source research, and protect themselves from exposure. Ramesh shares how his platform, Silo, empowers analysts by providing anonymity, obfuscation, and productivity tools to streamline investigations without compromising security.
The conversation dives into the challenges of direct engagement with cybercriminal environments, the risks analysts face when conducting investigations, and how organizations are shifting towards more proactive intelligence programs. A.J. and Ramesh also discuss the growing adoption of digital investigation tools in the commercial sector, spanning industries from financial services to corporate security and brand protection.
AI’s role in intelligence work also takes center stage, with insights on how automation can assist analysts without replacing human expertise. The episode closes with practical recommendations for organizations looking to strengthen their intelligence operations while balancing security, efficiency, and long-term strategic growth.
Unspoken Security Ep 31: The Growing Movement of Digital Investigations
Ramesh Rajagopal: [00:00:00] The general point I was trying to make is that now when we wake up in the morning and think, when you when you thinkk about the world that we're selling into, we think about that user, what are they looking for, what are they looking to do and what more could we do for them? And yes, we always intrinsically have security and anonymity as a core part of our platform. But fundamentally we think about ourselves as a productivity app for that analyst.
[00:01:00]
A.J. Nash: Hello, and welcome to another episode of Unspoken Security. I'm your host, AJ Nash. I spent 19 years in the intelligence community, mostly at NSA, and I've been building and maturing intelligence programs in the private sector for about nine years now. I'm passionate about intelligence, security, public speaking, mentoring, and teaching.
I also have a master's degree in organizational leadership from Gonzaga University, go Zags, and I continue to be deeply committed to servant leadership. Now, this podcast brings all of these elements together with some incredible guests to have authentic, unfiltered conversations on a wide range of challenging topics.
This is not going to be your typical polished podcast. My dog makes occasional appearances, although the dogs are both out of the house today. Uh, people argue and debate. They even swear here. I certainly do. Uh, and that's all okay. I want you to think of this podcast as a conversation that you'd overhear at a bar after a long day at one of the larger cybersecurity conferences we all go to.
[00:02:00] These are the conversations we usually have when nobody's listening. Now today, I'm joined by Ramesh Rajagopal, the co founder and president of Authenticate. It's a platform that isolates and obfuscates internet access while integrating all the tools and capabilities an analyst or investigator needs to conduct digital investigations safely and securely.
Before founding Authenticate, Ramesh held impactful positions at Google, Microsoft, and Postini, just to name a few places. He has a master's in economics from Cambridge and an MBA from University of Chicago. Amazing credentials, and honestly, he's a damn nice guy too. Uh, anything you want to add to that, Ramesh?
Ramesh: Well, thank you for having me, AJ. It's a real pleasure to be on and look forward to having a good chat here.
A.J. : Yeah, absolutely, man. Thanks for being here. Now, before we jump into the show, I have to admit that I'm actually biased towards authenticate. So I've been using silo. Uh, it's one of authenticates flagship platforms. I've been using that for about nine years. So long time now, it's one of a handful of tools.
I openly brag about to everybody. I've done it in pitches around the world with different companies. So people are familiar with this. [00:03:00] Ramesh recently asked me, or he actually invited me to join the team. And now that I've been able to see things from the inside, I'm even more excited. This, that's not the point of today's show.
This isn't a big old sales pitch, but I like to be transparent. I want everybody to know I, this is a great company that I just happen to like, and I've had a long relationship with. So, uh, getting back to the show itself, the title today. Is, uh, the growing movement of digital investigations. So, uh, when we talk about digital investigations for MASH, what are we talking about?
What do we mean here?
Ramesh: Yeah, thanks AJ. It's a great question. And, you know, even as recently as 5 to 6 years ago, when we were out in the marketplace. You know, and talking about this use case and the need for our platform, it wasn't necessarily kind of mainstream understanding, but that's shifted massively I would say in the last five years.
So when we talk about digital investigations or digital intelligence, there's a bunch of tools and vendors that sell into that space. But the place where we really enter what we call that kind of lifecycle of intelligence is when an [00:04:00] investigator of some description. needs to go out and do primary analysis.
They need to directly engage with threats and threat actors in the wild and they need to go
into their environment. Now it could be just to passively surveil what's going on and collect information all the way up to and including actively interacting with. Counterparties, uh, potential adversaries, what have you, whatever, wherever they are in that spectrum doesn't really matter because they need to basically get out of the boat and get into the water and interact with threats and threat actors in situ or at the source, if you will. And
that's what
A.J. : Well, and it's interesting,
Ramesh: about our platform. That's how we think of kind of direct engagement and digital investigations.
A.J. : it's interesting you talk about get out of the boat and get into the water. So, uh, the water is, like, infested. Like, that's, that's the big challenge, right? Is, you know, I, uh, a lot of people want to get into those waters. They want to, when we talk about the water, you know, we're talking like the deep web, the deep [00:05:00] web, the dark web, you know, cybercriminal, uh, marketplaces, uh, could be, uh, Covert communication channels, like your discord, you know, groups, things like that, telegram, those kinds of things.
And, and those are not friendly waters, you know, anybody who's done this for a period of time knows that, uh, generally speaking, I warn people all the time in Intel, if you're building programs, if we're working on that, I say the thing you don't want to do yourself, unless you really know what you're doing is the deep and dark web is the criminal enterprise.
Right. And because a lot of organizations want to fumble around there. So they end up funneling that work to others. But for those who have the skill set to do it, or at least want to double check on their vendors, it's nice to be able to go to these places. safely, right? Uh, and, and it's not easy. You know, I've, I've been in places, you know, when I first joined the private sector at a bank, it was like, Oh, we had to set up this big dirty network and it was, you know, VPNs on top of VPNs.
And it was all this obfuscation. It was super expensive and time consuming and, and irritant. And I didn't own an engineering team and I couldn't run, understand most of the crap. Um, which was actually when I got introduced to silo originally, because now suddenly I just had something on my desktop and I was, boom, I was right into the And nobody knew who I was or where I [00:06:00] was.
Uh, and I was able to do Some pretty simple things quickly, like, you know, you just want to go in marketplace and see like, what are credit cards being sold for? Um, you know, that was my first exposure, uh, to the platform. And then from there, you know, being able to go deeper. So, you know, when you talk about going into these environments, firsthand access, you know, it's nice to have vendors and.
And we have a lot of them and I still recommend people have them for a lot of cases, but there's something to be said for being able to go there directly firsthand and see what's happening. But you just can't wander in there randomly, right? You can't set up
Ramesh: You cannot. Yep.
A.J. : where you're probably not allowed to,
Ramesh: You
can't
A.J. : you don't want to be just, you know, out there willy nilly, right?
Ramesh: Totally. I
mean, you, you you can't just descend into the water, you know, unprotected, right? Um, but the other thing is, you know, when we first started selling into the market, um, both federal and commercial sectors, we found that teams were actually taking one or two people within their intelligence group and asking them to play IT guy. Right. So as you just said, right, you know, please set me up a [00:07:00] investigative environment because there's some pressing threat that we have to go investigate and get intelligence on. So, uh, IT usually says, Hey, you can't use the corporate network to get out and do this kind of work. And I don't want you using the company machine. So you got actual. Intel analysts who were creating, you know, workspaces on Amazon or setting up a VDI or even kind of setting aside laptop machines as burner devices and then trying to jerry rig a network on the back of it, right? And first of all, that's not what they're paid to do. They probably don't want to do it.
Otherwise, they'd be in a different job. And most importantly, from the organization standpoint, time's ticking by. You know, you've got somebody out there trying to create a research environment. By the time you actually get behind the wheel and drive that out into the world and try and touch an adversary, who knows if threat has moved on, if it's transient, if it's dynamic, if, you know, a thousand things could have happened by that time. That doesn't mean the [00:08:00] risk has gone away, but you've lost time prosecuting that risk and that risk may have moved to another place. You know, and so that's what we thought we would be for this market, right? We want to be simple, easy, a multi tenant cloud service. You click a button, you configure your research environment just through a GUI, and you hit go. And that gives you the fingerprint, the network attribution, and the tooling to start doing that investigative work in, you know, minute two, as opposed to minute, you know, 102, whatever.
A.J. : Mm hmm. Well, yeah. And so obviously I focused right away on deep and dark web and and the cyber criminal enterprise because that was that was the flashy thing for me, to be honest, like, hey, I've got Internet, but also not know the dark web and I can do these things. But the truth is, there's a lot more to it, right?
So, you know, there's obfuscation. obfuscation And protection just in, uh, any open source research. Open source research isn't harmless and it isn't without risk. People think so sometimes, but depending on the project you're [00:09:00] working on, the target you're working on, uh, you might not want to be out there and have a whole bunch of noise, uh, that ties back to you that says, Hey, this, this particular IP has been hitting these websites and searching for these targets or these topics, right?
So, you know, being able to go in and, and, uh, you know, and use the platform to set up, I can have browsers that show, you know, I'm in four different parts of the world, I could. Hundreds of parts if I have time, but I mean, I can have browsers showing that I'm in Europe or showing them in Asia or showing them, you know, in the Middle East or that I'm in the U.
S. But different parts. I can show different different browsers. I can make it look like I'm using edge or I'm working on chrome. I can show different. I can show mobile if I want, which is great because sometimes websites show up differently if they're mobile, right? Um, and all these different things then give you different time zones that give you the native language.
Mhm. Uh, of that area, which can matter. Anybody who's done open source can tell you, you know, you go to a website in a foreign country in their language versus your own, and maybe a very different experience and a different message, um, and being able to do all that again, from the, from my own position was nice for my own laptop.
My own desktop, um, was great. You mentioned, you know, Even if you have experts, right? The [00:10:00] last, uh, team I, I led, uh, Dark Web team, great group. Uh, but like you said, we all had burner laptops. You had to, and so that's expensive. We had to issue separate laptops to everybody. They'd go buy laptops that weren't tied to the company at all.
They had to use IP space that wasn't tied to the company at all, which means then we didn't really have oversight of everything they were doing, uh, which was a bit challenging. Um, and of course, it's all hardware that's just burnt at that point. Um, so it was a lot easier. Using silos. I mean, like I said, I've told people I'm kind of a fanboy, uh, because it's just a lot easier.
I'm not a real tech expert. Um, you know, but I can, I use it on my personal laptop. I use it for work. Um, and I found it to be, you know, super helpful for all those different investigations. Deep and dark webs. The sexy one. That's one. I think people want to talk about cause I can go show you drugs being sold on the dark web or guns or all these horrible things that are scary and they make for good slides really quick for, for leadership.
But to be honest, it's a lot of that open source stuff I find, uh, to be much safer, especially in a world now where more people are tracking back what somebody is doing and they
want to know who's who's who in the zoo, so to speak. Right.
Ramesh: Yeah. No, look, dark web is a great, uh, use case for us. A ton of our customers use us to go [00:11:00] and, uh, go and engage on the dark web. But, you know, you're right. It's also just general web research. Uh, it's also social media intelligence, right? Way more data is being held
within social media platforms, and you need to enter those things reliably, safely and securely and potentially anonymously in order to get the information you need.
So. So that's exactly right, A. J. And, you know, we started out when we first started talking to this market, we, we talked to them through the lens of our platform and our platform really had a cybersecurity protection oriented message around it, right? You know, don't expect, uh, expose your corporate environment or your, or your personal laptop to these toxic places online, potentially toxic places online and also manage your identity, right?
So it had a very kind of defensive
feel to it, but as time's gone by, And we've really understood who kind of our hero user is in the organization. We realize, you know, we're actually enabling a workflow for a particular [00:12:00] type of person. Right? And that person is an intelligence
analyst with a little I and a little a, right?
Like they're called different things. CTI guy, you know, KYC, AML, uh, uh, trust and safety. It doesn't matter what label they have. So when I say intelligence analyst, I'm using it in a very general way, right? To talk about these people. But we thought about that user and what their day job is and how stressful it is. And now. When you look at our platform and you see the things that we've added that go beyond Security and anonymity. There's a
lot of what we just think of as productivity tooling that's baked into the product to help that user in the pursuit of getting intelligence or responding to a threat, right?
You know, simple things like, well, how do, where do I store some of this collected content? I can't bring it locally. I need to put it someplace. Well, We have a cloud storage layer. How do I mark up and annotate some of that content so that I can build case intelligence out of it? Well, we have tooling for that [00:13:00] around a case manager. How do I interact with foreign language content, which might be audio or, you know, video or text, and how do I translate and transcribe that to something I speak? You know, how do I set up maybe an automated collection routine? Cause I have a persistent need to go and look at what's happening in a certain part of the world, right? And I could go on with features and I'm not going to do that. The general point I was trying to make is that now when we wake up in the morning and think, when you when you thinkk about the world that we're selling into, we think about that user, what are they looking for, what are they looking to do and what more could we do for them? And yes, we always intrinsically have security and anonymity as a core part of our platform. But fundamentally we think about ourselves as a productivity app for that analyst.
A.J. : Yeah, well, it's an excellent point. And listen, I said at the open, I've been using silo for like nine years. I'm going to confess. I don't know if I've told you this yet, but I'm gonna now, apparently, uh, there were a lot of features I didn't actually realize silo had until I joined the [00:14:00] team and started playing more like there's an automated collection feature I've actually never used until now.
Now I use it. It's fun. Um, and I can set up to have persistent collection on. You know, a website, for instance. So if somebody's, you know, got a website, they've bought the, they bought the URL and it's dead right now, but it's, it's, you know, a typo squatting, right? A lot of times you'd have to go back and check over and over again.
If I worked for say a bank and somebody had one, you'd have to have somebody go back and check to see how they changed this site. Have they added. You know, content to it. Are they turning it into a phishing site? Somebody has got to do that. You either give a vendor that responsibility and they charge you whatever they charge for it, or you have to go do it yourself, et cetera.
I just have it set up automated. Now I can just say, okay, we're going to check this, this website every hour, every day, whatever I want. And it'll go check it for me. And then I've got this available and I can look, no, nothing's changed. So I've got this automated, you know, uh, monitoring, which is a pretty cool feature.
I can, I can go out and do all sorts of research. Now, if I got a topic in mind and have the system go pull things for me, you know, the ability to pull in video. Um, and have it transcribed and translated. Um, you know, there's other ways to do that, but they're a hell of a lot more cumbersome, quite frankly, um, than to have it all in there.[00:15:00]
And, and the big one that I, I, this one, I did know I don't play with it much, but every once in a while is because of the containerized system you said for, for your, uh, the drive, right? This, this isolated drive, I can play with malware, which is something you just. would never do on your own system. I never would.
But now I can pull in malware samples if I want, and I don't worry about compromising myself. I actually go to websites. Now, if there's a Intel report of a website, that's like a, uh, watering hole website, right? I want to go there now. I wouldn't before now I actually do, cause I've got a browser. I go in and I can see the code and I can see what it's trying to do.
It can infect me. Uh, if it tries to, you know, uh, download virus for me, it goes into the storage. And then I've got this, you know, this malware sample that I can play with. Um, and again, for somebody who's not, An engineer, which I'm not, uh, it's actually a pretty cool thing. And these are some features. I honestly never played with from being truthful.
I did open source research with the platform and I did a lot of deep and dark web with it. Uh, but all the other features, you know, I was thinking this is really cool. And then the obfuscation you're talking about, you know, I'm thinking of myself, you know, uh, journalism comes to mind, right? Journalists have a, an increasingly challenging and sadly dangerous job.
I think Yeah. Um, and sometimes [00:16:00] being able to do the work they do is, is, is going to require having people maybe not know exactly where they are or where they're coming from or what research you're looking at. And there aren't a lot of platforms that are available to my knowledge that do that and are easy again.
You don't have to be an engineer. You don't have to be a cyber expert. Listen, journalists are journalists. They're not cyber experts. Just like a lot of Intel folks are not IT people. Right. Um, I. It's not really a question I was planning on, but I don't know if you've seen anything in that space, you know, if journalism has been kind of an uptake for you, or if you've seen that people have interest in that, or is it something people should know more about?
Ramesh: Yeah, totally. Both, you know, citizen journalists, you know, uh, as well as professional. Right. But, uh, these are people who can be very exposed. Right. And they're not thinking about it through the lens of working for an organization necessarily. Right. And they're not thinking about it through the lens of cyber security.
They're just worried about actual threats against. Them the individual like the human being doing this work, right? Um, it's, it's very, very valuable work, but you know, you expose yourself when you do that kind of work, right? And so, yeah, we have seen journalists groups or [00:17:00] human rights groups or nonprofits and people like that pick up the platform. Um, potentially these are users sitting in hostile territories as well, right? And so,
um, there's all the network security and misattribution around it, but there's also the need to then try and, you know, make sure that, you know, the watcher is not being watched by, by, by a hostile environment, right? So, so yeah,
it's a, it's a it's a great use case for us.
It gives us a lot of satisfaction to know that we can. Help, uh, people like that. We've also done a few programs actually where for those types of communities. We've offered our platform at, uh, at no cost or, you know, giving them a full year's access to get their job done. So it's definitely something that we want to invest in. Um, and it's a, it's a growing need globally, just given, you know, geopolitical
A.J. : Yeah, exactly. Well, that's good to know. Like, I know the company. I know leadership. I know you. It's good to know that you guys are good people, right? I mean, the idea of saying, Hey, listen, there's a need, um, you know, a real need, not a business need, but like a life or death need. And it's not, well, let me see how I can profit on [00:18:00] that.
It's how do we help these folks? You know, there's, there's an opportunity to give people access. Um, you know, to give anybody an example, a quick story, right? Um, of, of how obfuscation can, can help or how bad it could be if you don't have it. So years and years ago, uh, I, I have a child, my kid's 15 now, but my kid was a baby and I'm an Intel guy.
So I don't have Facebook and I don't have all those things. And, but my family wanted to see baby pictures and all that kind of stuff. And I didn't live close to home. So I had set up a home server cause I'm just enough of a geek to do that. And I had a home server and I had a home webpage, but it was very limited access.
And, uh, and one day somebody tried to get into my website and I didn't know who they were. It didn't take much to go track them down. Uh, I had an IP address. I had a couple of little bits of information and I was, you know, not using government systems since I was still in the intelligence community. Uh, but all just using open source.
I spent, I don't know, six or eight hours. Cause I'm that kind of guy. I had a dossier and I mean, I. Thick dossier. I've got this guy's name, address, phone number. I've got his resume. I've got his travel schedule, his calendar, his home. Uh, I've got satellite pictures. I've got his car. I've got, I got, you know, license plates.
I got pictures of his, of a significant other. I was [00:19:00] able to tell you that this guy was at like 4 a. m. in San Diego on his iPhone, you know, pinging my, my home, uh, server, probably cause you know, he was drunk and bored on vacation. Well, not on vacation, drunk and bored on a business trip actually. Um, anyway, I went through all of that.
Now the person was harmless and I let it all go. Um, But I briefly thought about notifying them. Hey, it's, you know, you should be careful what you ping because you never know who's on the other end. I didn't cause it seemed very threatening, but it just tells you how easy it is with very little information to go track somebody back down.
I think people don't realize a lot of times that when you go to a website, like They log your IP address. They log a whole bunch of information on you. Um, and it's not hard to go track people down. And that again, this guy was harmless. No big deal. Uh, we had similar names, and that was what I think attracted him to the site.
But it's not hard to do that. And so when you talk about going out and doing research, you talk about journalism, for instance, and I talked about, you know, some open source research is this is not sci fi. For those who don't know, obfuscation can be the difference between discovery and not. And it could be anything from a very life threatening situation to just having The thing you're researching disappears suddenly, you know, they realize somebody's looking [00:20:00] at them from an IP address that they would prefer didn't.
And suddenly a whole thing, a whole bunch of things disappear. So,
um, there's a lot of real world aspect to this. That was kind of a, you know, interesting moment, but
Ramesh: that's it. That's an interesting anecdote. You know, like we've seen this as well, just to share anecdotes, you know, when we have, we have, I won't
name the company, but we have a large social media platform as one of our customers. And they love the platform, they were evaluating it. But the thing that sealed the deal and got them to sign was, this was during COVID. So they had some analyst on one of their risk teams. And that analyst was working from home. And, uh, The guy was doing his job, right? He was looking for some kind of a risk, some kind of a threat, you know, he's maybe saw some post or some, some, uh, social media, um, uh, uh, notice that suggested he should go do some research and he started doing research on it, but from his home ISP and I'm not sure what machine, but it wasn't a cloaked machine and he starts leaving a digital fingerprint out there, right?
And this gets back to your [00:21:00] point, right? Um, yeah. A lot of people might say, well, you should know better if you're in that field. Well, look. We sell to a very diverse set of Intel analysts. Again, little i, little a, right? Some of them might be in the cyber security, digital risk, you know, area, but others are looking at very different types of crimes and threats, right? Physical risks, you know, risks against executives, you know, uh, Uh, terrorist acts against property, plant and equipment for, for, for their company. They're not necessarily experts in digital and digital risk. Like journalists you were mentioning, right? They're, they're, they're trained to be journalists, not to be, you know, cybersecurity practitioners, um, and, and protecting their identity.
So anyway, back to this story, this guy was sitting in his home trying to do this work and gather intelligence on a function, but Meanwhile, leaving a full kind of breadcrumb trail out there and lo and behold, uh, you know, the Fed showed up at his door and said, look, we've been watching what kind of, uh, sites and traffic you've been doing.
And what are you doing? Now of [00:22:00] course, things were fine. He told him what his job was. He got his boss involved. They cleared it up. You know, this is in service of an investigation against the organization. Everything was fine, but it just goes to show, right, that, um, this is risky work. Uh, it's being done by experts, but they don't necessarily have expertise in the area of protecting themselves and their organization.
Um, and we're in a, we're a global workforce now, and I mean, forget COVID, right? People do work from anywhere, any device. Um,
you're on holiday somewhere and you're in a hotel and your boss says, Hey, there's some, something pretty nasty going on. Can you, can you spare half an hour to take a look at something, you know, what are you going to do? So, so, you know, the portability of the job also plays into this as well. Right. And so this gets back to, you know, when we wake up in life, it's like, you know, we want to be a SaaS platform that puts this kind of at risk user, regardless of their level of expertise, in the driver's seat, protects them and [00:23:00] their organization, and then accelerates the rate and the efficiency of the work they do.
A.J. : Yeah. I mean, and, and, uh, also just, uh, to clarify, listen, I, I'm an Intel, I don't know, somebody might say expert. I don't, I, I hate using that word about myself, but I've been doing this a long time. I'm old. Let's go with that. You know, I've been doing Intel since like 99. I'm not above making mistakes either.
It also happens that sometimes you're just working and you just don't think, It's either late at night or you've been doing a lot of work or you forget which laptop you're on. It doesn't take much. Human error is still reality. It doesn't take much to accidentally expose yourself. Everybody I know who's been doing this, you know, who's worth their salt, who's done it for any period of time at some point has gone, damn it.
I burned everything. You know, I burned an identity. I burned a sock puppet. I burned my identity. I burned my gear. I've got a, you know, everybody's done it at least once. Um, and it's, it's a hassle, right? So, you know, it's, uh, it's hard. And like you said, then there's different. Levels of training and experience.
And, and, you know, it's, it's not easy. And the travel is another big piece. I do a fair amount of stuff on the road as well. And it's nice to have the ability to do it from anywhere, whether it's my system or somebody else's system. So, uh, I want to jump in. [00:24:00] So now that we've talked a lot about, you know, digital investigation, what it is, uh, you know, you guys have been in business a while, you've been doing this a while, what changes have you seen?
Uh, commercially, you know, when it comes to the adoption, you know, of digital additional investigations, you know, as, as a concept, as a, as a business practice, you know, what have you seen changes in the last 10 years or so? Yeah, so we, when we started
Ramesh: out selling this, This product for this particular use case, right? Unsurprisingly, we were selling to a lot of government agencies, right? Because they're in the business of intelligence and that's where we started. But I would say in around 2019, maybe 2020, somewhere around there. We started to see this massive crossover for the same use case into the commercial sector. Um, and it was, it was really interesting to see. In some cases, it was actual, you know, analysts who'd work in the public sector, some agency, uh, federal organization. And they'd, you know, maybe hung up their boots on working for the government and they were getting a new job in the private sector.
And so [00:25:00] they were standing up a team, uh, at the request of the company to try and mitigate some kind of risk to that organization. And then what we started to see was a huge proliferation of the types of teams doing this work within corporate organizations. I think everyone, you know, the natural thing that comes to mind is it's always the guys doing incident response or it's the guys doing, you know, uh, is sitting in the SOC doing investigative analysis and following alerts, or maybe it's the CTI team. For sure, they are fantastic UCSs for us, and they're probably our first knock on the door when we go to any large organization, because we know that regardless of the vertical you're selling into, there's probably those teams in existence. But beyond those initial teams, We've seen so many other teams and identified them within corporate organizations, right?
It could be Physical asset protection. It could be corporate security. It could be executive protection. It could be Uh know your [00:26:00] customer or anti money laundering type groups working in financial services firms. It could be crypto mining and uh you know, financial frauds analysis teams, uh, uh, it could be insurance groups looking for insurance fraud, right? Trust and safety teams in social platforms. They could keep listing these groups They all go by different names based on the verticals and the people that they hire, very similar backgrounds, but maybe have different titles but for us They all look the same at one very very common denominator level, right? They're doing cutting edge work, they're being asked by their organization to go out and actually do direct engagement and primary analysis. They're building intelligence product. They're doing that over a long period of time, and they're bringing that back to the organization so that that organization can put in place remedies and mitigation steps for, for these risks, right? And so that's just, blown up for us, right? The commercial sector at [00:27:00] this point is our fastest growing sector, and they're frankly more teams and more use cases that we're learning even as time goes by, right? This market and the applicability of this kind of digital research. In the private sector, I think is on its maybe first, second, maybe third innings, but that's about it, right? There's a lot of room to go, and these users are extremely specialized in the area of the risk that they may be. You know that they that they spend time in, but they also intuitively know that they can't just do this work ungoverned and unprotected, right? And that's really where we see kind of us, uh, entering the market space much more meaningfully in the future because we're trying to connect with, these very specific profiles and we, we feel like we understand the situation that they're in. Right. Um,
I
think the
A.J. : interesting. So, Oh, go ahead. Oh, go ahead.
Ramesh: well, I was going to say, we see more people [00:28:00] being trained and learning the trade craft to go out and do this kind of work as well. Right, whether it's four year established organizations that they're learning at or it's like online courses or whatever. It doesn't matter people are Adding this to their repertoire as a skill set and they're trying to get trained to do the tradecraft properly
A.J. : Yeah, it's interesting. I've been, like I said, in the private sector about nine years and a big chunk of my career has been teaching people just the basics of Intel, frankly, you know, come out of the Intel community, just teaching the intelligence cycle, um, and, you know, intelligence community directives and things like that.
I have seen a lot of growth in that time. It's not obviously just me. There's a lot of other people doing it. Uh, but as you said, there's, there's this big growth. There's more people doing it, uh, and doing it quote unquote the right way I'll say. Um, But, you know, they're teaching one of the fundamentalist universities have courses on intelligence and cyber intelligence, cyber threat intelligence, which is a combination of traditional intelligence and like computer security, right?
So I've seen a lot of good maturing in the space. You mentioned early innings, and that's still true. It [00:29:00] might even be early innings in like cricket innings, not baseball innings. Um, because it's, uh, it is taking a while for everything to get up to speed. And for those who don't know, they're just in cricket and baseball.
Cricket goes on for days and days. So if you think baseball is long and boring, check out a cricket match once in a while. Okay. Uh, it takes like a week. Uh, it's very interesting. Uh, just so anybody who likes cricket doesn't get mad. I said that, but their innings, it's a lot more innings. Uh, anyway,
Ramesh: You know, I'm actually a cricket fan, but like, I
A.J. : I know you're a cricket fan, so I know you're
Ramesh: about baseball. I used baseball specifically because they told me it's nine innings. Did I get that right? It's a nine
A.J. : Yes. Nine in baseball. How many is it in cricket? It's like 228 or something.
Ramesh: Well, technically the innings is two per team in the longest form of the game, but we won't go there.
A.J. : Oh, it's stupid. Wow. Well, they are the longest innings.
Ramesh: But you're right. It could be a five day game. It could be a five day game. Yeah.
A.J. : It's, it's a fascinating game. I've got to learn more about it. It's fun to watch. I see some amazing plays once in a while, but I won't pretend I understand cricket. All I know is it's wildly popular.
[00:30:00] And apparently the U S is pretty good at it all of a sudden. Um, If I'm led to believe correctly, at least. Uh, but anyway, so the key piece here, you know, is that, as you said, we're seeing more of this growth and listen, we're hearing a lot in the news now about a lot of changes in the government, whether you like it or not, politics aside, a lot of changes in the government peers.
We're gonna have a lot of people leaving the government. I believe while that's. Disruptive right now and challenging, and I suspect for a company that does a lot of government work has probably been interesting to watch unfold. It also means we're gonna have a lot of talent moved to the private sector that again has the skill set has these these backgrounds also is used to having the tools to get the job done that are suddenly going to find themselves in different environments where maybe they don't.
So You know, I'm hopeful that we're gonna see another uptick in the, uh, in the growth in the maturation of intelligence programs and intelligence like work. As you said, it might not be part of Intel. I mean, brand protection, executive protection, physical security, all these other spaces, um, you know, time of money, anti money laundering, things like that.
I'm hopeful we're actually gonna see a big influx of talent again, coming and saying, Hey, these are the ways [00:31:00] to do these things properly. And therefore there's more opportunity for, for these kind of tools, uh, to get, uh, to get more growth because people come out of the Intel space and see a tool like this go, you know, platforms like this go, well, I gotta have this because I don't have this anymore.
I don't have what I had in the government and I can't just be out here on Google on, you know, Microsoft Edge, just wandering around the world. It's not gonna work out well for me. Um, I'm curious, though, but. Along with that, you know, this, this growth and this change, where does AI fit into all of it? And I'm going to ask the question everybody's going to ask anyway, AI is everywhere now.
So like, how does AI fit in not just, not just into the platform, but how does it fit into doing the open source research or the, or the counter aspects of, of the research? And, you know, what does that, what does, how does that play in, how does it play in the platform as well? And some of the tools, but how does that.
How's that the thing? Because people are going to ask, so I'm going to throw AI AI fit in in your mind?
Ramesh: yeah. I mean, it's going to have a huge role. There's no doubt about it. Not just in, in our space, but every, every space, right? I always describe it with respect to our area as an equal [00:32:00] opportunity tool, right? Meaning,
A.J. : Mm
Ramesh: does it have the opportunity to help? The types of folks that we're selling into be more effective and do their job better.
100 percent Absolutely. But it's, it is also an equal opportunity tool that helps adversaries just flood the zone with even more noise, misinformation and disinformation and decoys, right?
And so, as long as we look at it as such, right, it's not a panacea that only works on one side of the fence. It's, it's gonna be on both sides of the fence.
And so I would expect, and we have seen adversaries pick this up as a weapon to amplify, uh, and, and, and misdirect and, you know, hide in and even bigger data deluge that we're all facing. Right. One thing's for clear, whether it's AI assisted or not, the, the, the amount of information being created digitally. On a per day basis, whatever whatever that means, you know [00:33:00] websites created social media posts photos uploaded crypto mining transactions You pick your metric. It's only up and to the right So how can AI be helpful? Well, look, I think AI can be hugely helpful when applied on the right side of the fence, right?
If you've got 10 billion alerts and data points, you know, AI is a fantastic tool to try and winnow that down some, somewhat. But even after all that, I think my, you know, the key message we tell our customers is, That's great. You know, Use the hell out of it, and there are third party vendors who are partners of ours who sell AI tools to try and separate, you know, signal from noise, and they do a fantastic job.
Great. But at the end of all of that, you still got a lot of suspicious alerts and you need to go out and a verify them. And for the ones that are real, you actually need to then go actually do something. You need to respond in some way.
A.J. : Mm hmm.
Ramesh: And so my, my comment to, you know, customers thinking about how AI [00:34:00] impacts their kind of, you know, risk, uh, risk life cycle is it's great.
Use it, but don't think that the role and the expertise that you've developed in your team and your people to go do intelligence work is reduced because AI is going to take the load. It's not right. AI can help make their job a little bit more bearable, and it'll do a fantastic job of doing that. But your people ultimately still need to go out there, get out of the boat, get into the water, get actionable intelligence. Sometimes they need to go out and do primary analysis where there is no upstream alert. Right. There's no alert when,
if you're looking at a new region or a geography or a new supply chain partner on the other side of the globe, or, you know, your executive is traveling to a new place, there's no threat alert that's blinking on a screen there that AI has told you about.
That's primary analysis you need to go do before you go then execute whatever your plan is as an [00:35:00] organization. So, you know, logistics, transportation, planning, business partnerships, know your customer work. All of these things aren't AI assisted triaging, right? This is primary analysis. So whether it's an alert generated thing, or it's just the organization realizing they have to do primary analysis, one way or the other, an investigator, a human being who's highly trained, needs to get out of the boat and into the water and start doing direct engagement. And that part's
A.J. : Yeah, and I think you make a good point. I'm sorry. I think you make a good point when you talked about, you know, people that think that like AI is going to replace Intel folks. And I see it all the time. And I see people trying. And I've seen some very cool tools. You know, I just saw a demo last week for a tool that, you know, it'll go out and it'll pull a whole bunch of research for you and it'll pull back and actually write some products.
And I've played with some of those tools. But, uh, you know, the key pieces, there's some nuance that's lost there. The tools aren't perfect. Uh, I think they'll, they'll make people into, you know, humans become super [00:36:00] humans with, with AI and these capabilities, but it is not replacing us. It's a long way from it, I think.
And it's unfortunate because I think people. Want to believe it will, um, I think from an efficiency standpoint, uh, in terms of speed, but also let's face it in terms of cost and tell people are expensive. And I think a lot of companies would like to have all the intelligence and none of the cost. Uh, but the talent is still the talent.
And I think it's interesting. You've, you've been talking, you've said it a couple of times, you're talking about like primary analysis, right? That first person. Position, uh, which is just not something you're quite getting with the technologies that AI is not there. AI is fed what it's fed. And again, I use AI because I'm not, I'm not, I'm not bagging on the systems.
I use them a lot, but they're also fed the data sets are fed. They're not live. They're not pulling everything as it's happening. A lot of them tell you that if you ask what their cutoff dates are. Uh, so there's still gaps there you have to go find. Um, but it's important that people do, do recognize that.
There's no solution right now. That's just an automated AI. I'll go do it for us. It'll pull everything back. It'll tell us the answers. And, and the challenge of course, is that intelligence, the job of intelligence is to inform people to make decisions, uh, it's, it's actionable. I [00:37:00] ideally, not always immediately, sometimes it's informational, but the goal was to be in a position to make decisions and I don't know if anybody should be making decisions based on what a magic box tells them that they don't understand all the details of it yet.
So I always worry about that. So it's nice to hear you talk about it in, in that sense that it's. Important and it's relevant and it's, it's definitely improving things. Can you talk about these, these endless amounts of alerts, right? And alerts are fine, but that's, you know, as you said, you gotta be able to take action.
It's sort of like having a guard at the bank who says, Hey, there's somebody robbing us, well, that's, uh, that's not really your job. I mean, I appreciate you hit the alarm and now you, can you try to stop them? That'd be, no, no, I don't do that. I just stand here and watch. I'm just, I'm just telling you, somebody is robbing us.
It isn't really. Helpful. And by the way, I stole that from some commercial on TV. I didn't make it up. I wish I had, uh, but it's important to be able to go beyond that. And AI with all these alerts, still, you have to have somebody that takes action and does something. So
it does seem like there's a place for both to work.
Ramesh: and I'm a big fan of it, too. And there's opportunity, you know, we should, you know, our company will be using AI to make our product even better as well. So there's no kind of, you know, um, AI is good, [00:38:00] AI is bad, simplistic bumper sticker I'm talking about here. But what I think it can do is potentially, you know, that first pass triage It might free up the bandwidth for some of our users to actually graduate and spend more time doing deeper levels of hands-on investigation and intelligence production. Right? that could be a very, very near term benefit of, you know, enhancements from AI in what we call the front se, the front section of the Intel lifecycle. Right. It just creates more bandwidth. You know, we're all overworked. We're all doing, you know, more jobs than we're paid for. There's only 24 hours in a day or whatever.
And so like that, that time allocation between basic triage and verification versus, you know, investigative analysis and intelligence production, you know, maybe that starts to shift courtesy of AI, right, so it's all, it's
all like,
you know, how is this used and what, what, [00:39:00] what is it being asked to do and where does the scope of one, you know, product area end and another begin?
You know, that's, that's maybe how I would describe it, right? It's a huge assist, but let's not
assume that the scope of this thing kind of eats the world yet in this, in this full Intel lifecycle.
A.J. : Yeah. Well, that's a good point because Intel people long as I'm again, I started until 99. So I'm old. And as long as I've been doing Intel, the ratio has been we spent about 80 percent of our time on research and about 20 percent on actual analysis and production. And you'd love to reverse that because the research is, you know, it's time consuming and cumbersome.
It's the basis. You can't do the analysis without it. But then you don't have as much time as you'd like to actually focus on the content and really do the analysis and maybe do the, you know, run through the structure, analytic techniques and things like that. And the hope is that yeah. AI will help us with the research, uh, cause it is capable of going out and pulling things in very, very quickly.
And as long as we have the right databases set up, et cetera, and then we're able to spend more of our time putting together the puzzle, you know, instead of [00:40:00] just laying out all the pieces. Uh, so I'm, I'm hopeful that's going to happen. I've, I've had some success with it. It's fun to see. You know, companies think that way.
So listen, I want to move on to the last, you know, question we had put together prior to the show, when we were setting up, you know, we've talked about, uh, what the space is, what digital investigations, what the whole space is, what the marketplace is, what you've seen as far as, you know, maturation and growth over the last decade or so, what kind of recommendations do you have for organizations?
That are working in the space, whether it's CTI, whether it's, uh, you know, as you said, you know, the know your customer, all the different facets that can fall into digital investigation and sort of that intelligence and research work, you know, what are your recommendations for organizations?
Ramesh: Yeah, I think the, I think the key theme that, The other thing that, you know, we see is, you know, invest in your team, right? Like, I think, I think when I think about the benefits of running some kind of intelligence program in a function of an organization, right? The benefits really accrete when you're doing it over a continuous and long range basis, right?
Sure, there's [00:41:00] always interrupt driven, reactive, alert verification type work that's being done, but the real needle moving. You know, let's understand our risk environment, let's pick up new risks as they emerge, and let's develop countermeasures to it. That happens because you have a trained group of people. Uh, you invest in them in terms of training and tradecraft, so they're getting better in their jobs. You're equipping them with the right platform and tools to do their job. And then, from a program perspective, you're doing continuous long range work that counts. Right? And if you do that, it's almost like it's, you know, that analogy, you know, if you put a, you put a grain of rice on a, on, on the square of a chess board and you double it every single square, right?
Like, the first 10 of those is easy. By the time you get to square 15, it's impossible, right? So it's like that cumulative reward from doing this work over time and investing in a team that's specifically understanding and [00:42:00] becoming masters in your risks, Thanks. That pays huge dividends if you give it long enough time to kind of germinate and grow. And so that requires building that team in the first place and growing that team. So that would be one, one key part of it. And I would say, you know, the best organizations realize that the expertise of their human capital is actually key. from a risk mitigation standpoint. The tools are great and the technologies are great and the, you know, but, but the expertise of those individuals and their tenure at the organization are huge. Um,
the second thing, the second thing I might say is, um, and this, this varies by organization. So I'm, I'm generalizing a lot. I get it, but, um, I would say make intelligence productive production a systematic and regular practice and publish your findings internally. And make people understand the type of so what's and then what types [00:43:00] of analysis that you're doing. Right. It's one of those areas where
if nothing bad is happening for a while. Somebody somewhere is going to say, Hey, what's the value of this team? We don't get it, you know, like we're spending all this money on building up this team and this tooling, and we're doing this kind of proactive risk intelligence work, but like nothing's happened. Yeah, Sherlock, guess why?
Cause people are actually, you know, people are actually, but hopefully identifying and, uh, and, and mitigating this stuff before it gets to your desk. Right. And so
the
A.J. : Yeah, that's the hardest part in intelligence.
It's the hardest part of intelligence is that value component, right? If you're preventing things and nobody sees them, then they go, well, why don't we, why are we spending money on this? And intelligence professionals are sort of trained to be quiet professionals.
The goal isn't to draw attention to yourself. Uh, the goal is to go out and find things and prevent things if you can, and you take action and, and yeah, it's a, it's a huge challenge I've had. You know, my whole career in the government space. It's less of a [00:44:00] challenge only because the government prints the money and they just sort of get it.
So if you're an Intel and you're one of thousands and thousands of Intel analysts, they normally get it apparently right now. Not so much. There's a whole lot of prove your worth on a on a minute by minute basis, which is not really going to be great in the intelligence world, because that's not how Intel works.
But, um But in the private sector, I've seen that as a challenge. People are like, well, what do you guys do? And you try to explain, you know, what did you last week? Well, we, we, you know, we followed these threats. We did. Well, yeah, but what action did you take? Oh, watch out for my microphone. What action did you take?
What did you accomplish? And it's like, well, nothing this week. Oh, well, I don't know if there's value in this. And it's hard to explain that Intel is an ongoing longterm. Investment. And if you, if you take snapshots moment by moment, yeah, it may not look good. I tell people all the time, it's, it's like physical security at a bank.
Uh, or having say health insurance, you know, if, if you haven't been robbed as a bank in a couple of years, I doubt anybody decides to just shut down the physical security system and get rid of the guards. It's the cost of doing business. Everybody knows you're a bank. You'll get robbed at some point and you don't just get rid of your health insurance, at least in the U.
S. where it's required for [00:45:00] everything, because you've been healthy. you know, because something is going to happen. It's just an understandable thing. And then there's all these preventative components. You know, geez, I haven't had a cavity in a long time. Well, why? Well, I've been getting my dental cleanings twice a year, which are covered by insurance, but you don't really think about the component there.
But if you stop getting dental cleanings, you're probably going to get cavities. Uh, and, and people just don't connect those dots. Now, how do you, as a, as a guy who's been doing business a long time here and, and ROI is always a big part of it, right? People want, you know, where's my return on investment.
They want to know yesterday, the day they buy, they want return on investment, right? How do you manage this? How do you, how do you bridge that gap to show people the value over time? You know, you're saying, Hey, we need to invest in the people, invest in the tooling and the platforms and have a systematic approach to it.
Uh, how do you. How do you help people with that? How do you help people show the value over time? What kind of metrics are you able to help people understand so that they can justify this to their leadership, even if they understand it? Or if they don't, then how do they, you know, justify it to them?
Ramesh: yeah, I think the key things are, you know, if you're a leader or the manager of one of these groups of Intel analysts, right? Come up [00:46:00] with your own metrics. Right? Uh, maybe corporate hands you a set of metrics and who knows where they were created and by whom, right? But if your team is at the cold face of doing this kind of work, come up with your own metrics that actually shows this is how forward leaning and proactive we're being and here are the tangible results from it, right? Now, what those metrics are is specific to your organization in your business, of course, but the key point I'm making there is have them be yours. And then start to publish against them and just realize that the further you move out in terms of concentric circles from your organization, especially as you go up your organization, the less understanding and the less appreciation there's going to be for the role that you deliver to the organization. Right. And, and, you know, worst of all, you get onto, you know, you start hitting a C level executive outside of a risk function and [00:47:00] then. I wouldn't expect that person to have any real clue that you even exist, let alone your, your metrics. So publicizing that I think is really important. Right. And if that means lobbying people higher up in your chain so that they can then lobby people up in their chain, I think that's a key part of the role. Right. And I'm not just talking about preserving your function here. That's a very negative way of looking at it. I'm talking about helping your you and your users be appreciated for the value you're delivering the organization. Right. Because, you know, there are teams doing amazing works across all sectors. Right. Um, but, you know, their own set of metrics that they're publishing and, you know, it's being adopted by the organization at large and there's appreciation for their team. I think there may be a way to go on that front.
A.J. : Yeah, I think you're on to something with that too. And I've had some discussions with people helping with, you know, develop metrics and whatever. I built some programs. I also consult with a lot of folks building programs. And this is something that was a learning for me coming [00:48:00] out of the government space.
And I'm all in now. And I tell people when you're building a program. You know, one of the things you're gonna have to do is understand, obviously, your stakeholders and their and their needs and start building it, but you're gonna have to advertise like something that is just anathema for a lot of Intel folks.
But I've said you're gonna have to advertise internal. You're gonna have to build, uh, momentum. You're gonna have to build champions. People have to understand what you do and why it's valuable, uh, because that's how you're gonna keep your budget and keep moving forward. Um, and, and deliver real value, right?
Again, it is about creating metrics and, and be able to say, this is what we do, and this is how it helps. It's hard when you're doing something that's proactive, uh, because if you actually did it right and prevented, uh, so it means now as an Intel person, you have to go into the operation space that most Intel people don't want to do and go across and say, Hey, we did this.
And it resulted in these recommendations were changes made to people, change policies, if they change, uh, countermeasures, you know, things like that, uh, then you're able to use that as the metric to say, here's how Intel actually forced. Or improved things created change, right? Because that's that's the metric that people are looking for.
Prevention is tough. If you're doing a really great job and preventing things, then it's hard to show [00:49:00] the value, which means you have to be able to go and show the actions that were taken as a result of the intel. Um, you know, it's easier when you're dealing with some things like executive protection, perhaps, you know, nothing bad happens and they go, well, nothing bad happened.
But if the executive felt good going into the experience, then you've got some metric there. They felt they were comfortable and they were safe and they were able to change their behavior, for instance. I know your customers, probably another one that comes up with some good metrics, but some it's really difficult, right?
So I think you make good points. I've started doing the same thing with people, you know, talking about getting, uh, you know, with stakeholders, getting their Intel requirements, tying your Intel production, your output, your reports, whatever they are, your briefings directly to recall requirements. So you have a metric to say, you know, here's how many reports we did.
And they were against these tiers of requirements, et cetera, but also having that. Marketing for lack of a better word. So people understand that you're, that you exist and why you exist and the impact you have, even if they don't see it directly, uh, because it has a lot to do with, with the survival of the program, especially in an era where there's so much, um, pressure.
And there always is some, but there's so much pressure on budget and on, you know, ROI and on efficiency and [00:50:00] all these things, uh, and it's tough. It's tough for Intel people. I think a lot of times to realize that now you kind of have to advertise to and you have to, I don't want to say sell yourselves, but we can't just sit quietly and be these quiet professionals that are just doing the work and don't want, don't want the attention.
Most Intel people really don't. They just want to do things and And be quiet. And now you kind of have to draw some attention to yourselves where you don't end up having, uh, you know, advocates in the positions that are gonna make sure your program continues. And then, of course, every place I've seen that kills Intel, bad things happen.
And then then they have an interest, and then they want their Intel program back. You know, they'll find out the hard way, but nobody wants to go through that.
Ramesh: And it's, you know, it's not like, you know, people are malicious or, you know, there's misalignment
or, you know, it's just, you know, it's human psychology to some extent, right? Like, you know, that your team is going to be asked to do after action reports and post mortems post some kind of an event. Like, that's just, it's part of it.
Right? And it's gonna get, uh, circulated up and depending on the severity of the incident, it's gonna get to higher and higher audiences and your team's gonna be [00:51:00] known through that lens. Right. And, and, and I think all we're we're saying, or all I'm trying to say on this is look. There's something outside of that kind of level of engagement with the rest of the organization.
It's the preemptive, proactive planning and assessment work that you're doing on behalf of your company. Make sure that that's, you know, out there as well. Make sure it's equally balanced, right? Um, make sure
it's the thing that actually gets to the right desks, absent any kind of an event. Right? Uh, maybe make sure there's a quarterly summary that says, here are all the things that we did and what we found and the things that we preempted and the measures that we're putting in place, right?
Like, that's, that's just as important because there's somebody in the organization who's only aperture into the work that might be done in your organization. Uh, you know, the only aperture they have is like an after, after action postmortem type experience.
A.J. : Mhm.
Ramesh: And that's such a small part of the overall risk management work that your team is [00:52:00] likely adding to your company or your organization.
A.J. : Yeah, no, excellent points. And that communication, you know, I do tell people Intel is not a product. Intel is a service. Um, and people have to remember that there are Intel products, but Intel itself is a service. It's a people business. You have to have those relationships, you know, because there's trust involved and that does require.
You know, being able to build those relationships and being able to to build some transparency. And, you know, you make a good point. Things like quarterly reports, just, you know, wrap ups. Listen, as an Intel professional, I hate those. And most of us do like, nobody wants to do their weeklies or monthlies or quarterlies.
It's, it's a hassle, but there's a real value that I'm not gonna lie. I probably didn't recognize until just the last few years. Uh, I've always been on the other, you know, when you're on the production side, it's like, Oh, I just did all this stuff. Now I have to go back and wrap it up and I have to put it in a bow and I have to make this pretty little picture.
Can't just read the Intel. It seems like a waste and then you realize, no, this is actually really important to roll this stuff up for people who aren't going to read the 280 reports and you've got to be able to tell them this is what we did. This is the, these were the outputs and this was the value.
It's in everyone's best interest to [00:53:00] take that time. And that's been It's been something that's been hard for a lot of Intel folks, I think, uh, who just want to do the work and quietly go about their business, and it can't be done in most days anymore. So listen, we're coming up on time. I want to, uh, be cognizant of that.
Uh, first of all, thanks for being here. This has been a really cool discussion. Uh, digital investigations is very interesting, obviously authenticate and the silo platform. You know, like I said, I'm a big fan. Um, yeah. But as we're getting to the end of the show, you know, I got to close your question.
Everybody gets nobody gets a break includes you. Uh, even though you pay me a little bit now, it's still you're still still gonna get hit the same question. So the question obviously being that the name of the show is unspoken security. So with that mind, you know, tell me something you never told anybody before something that's been unspoken.
Ramesh: Wow. From any, any, any aspect of life, right? That's the, that's the question is completely
A.J. : Yeah. Any, it can be business. It can be personal. I always tell people like, don't confess to a murder. Like I might be required to tell people this is being recorded. So I, you know, I don't want to be that guy. Uh, so don't confess to something just horrible. Uh, but yeah, any, anything, anything in your life really is open.
Ramesh: Well, if you're a [00:54:00] good Intel guy, you should have known that I, if I had committed a murder. So, no, I have not committed a murder. Uh, I
A.J. : To my knowledge, you haven't, and I'm, I'm
Ramesh: exactly. Um, I guess there's a, uh, I think that's one thing. Um, I, I, I've been writing short stories for a long time.
Uh, and I've never, yeah. And I've, and I just like the format of it.
And it's kind of like a. I guess it's relaxing to kind of just like open a blank doc and start riffing. Um, and I'm sure they're terrible, but I've never ever told anyone that I do it. And, and I've certainly never shared any of them with anyone ever, because I'm too frightened about as to what the feedback would be.
I think that would be crushing if someone said this is the worst story I've ever read. It's complete crap.
A.J. : Oh, I doubt that'll be the case. How many are we talking to? I mean, you've been doing this for like, do you have hundreds? Has this been going on for years and years
How many
Ramesh: I don't think it, it, it might be high double [00:55:00] digits by now. And we're
talking like, you know, three pages, four pages, you know, something.
A.J. : Oh,
Ramesh: These aren't like, you
know,
A.J. : fascinating.
Ramesh: um, but, uh, yeah. And, and I know I rarely go back and look at old ones 'cause I find that kind of, uh, demoralizing and I, and as of yet I've not shared, shared them with anyone. Or requested any kind of feedback. But, you know, it's something I do.
A.J. : Is there a specific theme? Do you, I mean, are you like writing sci fi? Are you writing romance? Or are they all over the place? Is there,
is there some, some theme to them?
Ramesh: it's usually I'll meet some interesting character bumping through life, meeting people and then I'll, I'll meet like three or four people and between them I mash them together and create some odd person, and then I talk about their interactions with the world.
So it's inspired by people I've met, but It's
never, it's never about a specific person.
It's usually like an amalgam of different personality types. And I just write some, whatever comes into my head. It's a very [00:56:00] unstructured thing. I'm not going to pretend I do like a bulleted skeleton on all that jazz. It's like, it's like, uh, jazz.
A.J. : Well, it sounds like a stress reliever for you. I mean, it's, it's obviously outside of work. It's outside of, I don't know, you know, the, the day to day for you, right? So, uh, yeah, it sounds like a really interesting escape. It's, it's definitely, I've never heard it before from anybody else so far. I mean, I've heard people write obviously, but I've never heard, yeah, this, this was, A first heard from you, obviously, and I think it's really interesting.
And the way you do it, what you're describing is actually fascinating that you just, it's an amalgamation of a few people and then you sort of just create a story, a fictional story of what their life might be like or what their interactions are. I think that's really interesting. If you ever decide to share, I'm happy to look,
Ramesh: If I do,
A.J. : feedback. I can, I can
Ramesh: that?
A.J. : I can be polite. If not me, I will tell you I have a friend of mine and I'll even name him by name. If you ever listen to the show, Chris Degney. Uh, so Chris is a, uh, you have something to come. Actually, you both went to University of Chicago. Uh, Chris is a Harvard and then University of Chicago man.
Uh, he's a PhD in mathematics. He's brilliant and a really nice man. [00:57:00] He also left the cyber security and sort of defense industry and, and write short stories.
Uh, that's what he does now. Um, yeah. Yeah, it's, and I think it's full time. I don't have to check. I'll connect you with Chris after. And if anybody knows Chris Degney, uh, if you know me, you might know him.
He's fantastic. And tell him I called him out on the show. Um, yeah, he went into that like full time and that's what he does. And it's, it's fascinating to see. And he writes like. He tries to write very compacted, like very short stuff. It's very interesting the stuff he can put together. He writes, you know, longer stuff too, I think.
But, um, but I've seen it done before well. And again, somebody I wouldn't, you know, totally different industry wanted to do it on the, on the side. I'm sure his, his doctorate in mathematics, uh, isn't really paying off as, as part of his writing skills. But, um, he's, he's brilliant too, and kind of took the same concept.
So, uh, if nothing else I'll introduce the two of you. I'm sure since you don't know him, you can quietly share him some stuff. He'll never tell anybody. Um, and this is what he does regularly. Um, and seems to really enjoy it. Uh, and I think it does all right with it too. So, um, I think it's fascinating. I'm glad you shared it.
If anybody wants to hack into Ramesh's systems, it'll be hard cause I'm sure he's using silo. So it's gonna be hard to find him. But, uh, but if you do and you find those [00:58:00] short stories, you know, I, I, I'd be interested to get a chance to read some of those. It sounds really interesting. And if I turn up in one of these, I'm, I'm not sure if I'll be flattered or if I'll be insulted.
I guess it depends on how you pictured my life.
Ramesh: exactly. Well, this has been a real pleasure,
AJ. I want to thank you for having me on.
A.J. : No, thank you. I really appreciate it. I appreciate you making the time. You know, it's a busy world and you know, you're the CEO. Well, you're the president and the founder of a co founder of a company. You're a busy guy. Um, and, and to take the time, I really do appreciate it. Before we let you go, is there anything, any last thoughts, anything you want to, any parting, parting thoughts, anything, if you want to plug You know, authenticate and silo.
You're welcome to I'm sure I'll put something in show notes, but any last thoughts you want to leave the audience for we check out for the day.
Ramesh: Yeah, look, we're, we build a platform for what we think is really important work being done in the world. Um, it's the type of work that actually really impacts people's lives. Um, we are passionate about, if you're listening and you're an intelligence analyst of some description working in some risk team somewhere, you know, we [00:59:00] try and make, wake up in the morning and build a platform that enables you to be safe and do your job more effectively. We'd love to get to know you. Um, uh, we're always learning from our community. Um, we'd like to get as close to our community Uh, well, you know our user base as possible So we understand what it is. They need how they're using the platform and what more we could add to it over time. So um Please feel free to reach out As aj mentioned he's part of the team now, so, you know, uh, you can ping him ping me But you know, we'd love to we'd love to meet you We'd love to talk to you and we'd love you to check out silo
A.J. : Awesome, man. Thanks. I appreciate it. Uh, so yeah, we're gonna check out. Listen again for everybody who's listening and watching. I appreciate it. You taking the time today. You know, feel free to, you know, follow us and subscribe and give great reviews. If you don't like the show, just keep that to yourself.
Uh, no, don't tell me privately. I'm happy to try to make the show better. Uh, if you have ideas on how to make the show better, let me know. Uh, you can send me an email at ajatunspokensecurity. com. If you have, uh, guest ideas, if you want to know more about, you know, Ramesh or Authenticate or anything else, [01:00:00] please reach out, but please do, you know, continue to follow and subscribe and download and spread the word, uh, so we can keep the show going and have great people like Ramesh on.
Uh, and again, so with that, I'm going to go ahead and sign off. This has been another episode of Unspoken Security.