Transcript
Hi Mike Matchett with Small World Big Data. We are here at RSAC 2025 again. Still thousands of people. Lots of themes going on around cybersecurity with AI and supply chain vulnerabilities. Lots of other things we'll talk about a little bit. But we are here today with Blackpoint Cyber, and we are going to talk a little bit about what they're doing in cybersecurity. So first, could you just tell us a little bit about how you got involved in security. What's your sort of backstory a little bit. Yeah. So I've been in security for about 25 years. I've been in the enterprise security for a good part of my career. And I just came over to Blackpoint just a little bit about a year ago. Um, I've been more focused on the preventative side of cybersecurity, proactive security, looking at vulnerabilities, vulnerable management, exposure management and past year come over to the other side, which is more focused on detection and response. And you've used are those sites integrating at all just as a curiosity. Great question. This is what we're unifying with compass one. We just had a major, massive announcement yesterday, a new platform called Unified Security Posture and Response. It's called Compass One. We launched that yesterday. We also created a new category called Unified Security Posture. And here's why. It's really important when you think about proactive security, preventative security that's looking at how do I look at my vulnerabilities and exposures before you have a breach. Right. It's really focused on cyber hygiene. And then you have detection response that's looking at threats. And how do you really quickly detect those breaches. Usually those two sets of tools are not really connected. They're disjointed. This is where an opportunity lies, where you can create a holistic picture. And really looking at that single platform that brings that together, using context to make better decisions on how you can quickly remediate and respond to breaches. Here's an analogy. Um, you go to the doctor to get your annual physical, and you get to go through your blood work, and you look at the results and you know, if things are good with your blood work, maybe your doctor is like, well, you need to improve your diet and exercise, and that's more about focusing on hygiene. If things aren't so good for you, you're probably looking at, uh, being in the hospital next week or the following week for, for surgery. And, uh, it's really one report that gives you both those views. You go to one person, right? And you get that holistic view. Why doesn't that exist in cybersecurity? Right. So you preventative side and you got the response side. How do I look at my overall posture how I stand. How do I benchmark, um how I can improve over time. It's part of our human DNA to really improve your posture. Get that feedback going. Yes, exactly. And like it's part of our DNA to to improve. Right. To do better. Why doesn't that exist in cybersecurity. That's what we're trying to solve with bringing prevention, detection, response and remediation all under one single platform. Are there some like staffing or. I guess, people challenges with taking something that was really two different. I don't want to call them silos because they weren't that far apart, but two different kinds of disciplines and bringing them together. Is there some friction there? How do you help overcome that? Yeah. So I mean, there are really silos, right? So if you have really good tools looking at the preventative side, but if they don't talk to the rest of your ecosystem, the rest of your infrastructure, you know, you're not looking at the entire piece of the puzzle. So it's important to really tie that together and get that context so you can make better decisions. Um, when you look at, uh, a threat that that has that you're going through. Imagine if you actually had the context of a vulnerability or a cloud misconfiguration that you could look at to make better decisions on how you remediate your threats. It makes it much faster to be able to respond when you have that sort of context available. Right? So are people having to like, learn how to like do things in that loop fast like that? Almost sounds like these action loops like observe, orient, decide, act, those kinds of things where you start to become faster and faster at what you're doing and more effective and efficient. Um, is that a challenge for people to learn those things, or is that something people, as you start to say, come to naturally where we like we like to get that feedback. You know, it's you've got to start with the basics, right. You got to have the fundamentals of place. You got to make sure you're really focusing on cyber hygiene, run your vulnerability management scans, look at the right applications that you want to have, uh, bolted down. Uh, what are your cloud misconfigurations. So we've got different products that really do each of those things, and then look at the threats that really matter and make sure that you are bringing that whole system together into one unified view right behind you. Actually, I look at our platform, compass one, it's powered by our, uh, data Lake house, where all the data comes in. You can either have data coming in from our agent or different integrations. We have a whole set of integrations that we can pull data from into our data lake house. And then we have a bunch of analytics and threat detection that's done on top. And then we have several modules that give you that full holistic picture of the anchor point of our platform is called Security Posture rating. That gives you a rating to tell you exactly where you're standing from a posture perspective, with several actions that you can take to improve your posture over time. All right. Looking around at the at the show here, there's some definitely some themes going on here. What would you call out. And how would you say that Black Point might fit into those into that theme for someone. Yeah. So obviously it's not a surprise you're seeing a lot of AI, right? So we've been using AI for a lot of for a long time. We've been using that to optimize really our threats and really focus on the needle in the haystack to be able to help our SOC team. We have an entirely human led SOC team, but we have we're using AI to really enrich the data set, to be able to help them be more effective in their threat detection. And then, uh, with compass one, now we're going to double down further on using AI to make better decisions on the context that we have to be able to quickly make decisions, either. Prioritization decisions. Vulnerable management decisions. Threat response decisions. I mean, we've definitely seen bad actors using AI more and more. It's really good to see good. The good side of the tooling, using AI to get better and faster at responding to those. Where do you think that ends up? I think it's going to be really interesting. Right now you have a lot of I mean, we've had it historically even before I. Right. You had human threat actors and then working against the good guys. You're seeing that now in AI. I believe in the you know, the good will prevail. And, you know, I think there's a lot of positives that can come out of using AI. If you had to tell one thing to the entire audience here and through the through the speakers, what kind of recommendation would you make to them or advice would you give them? Focus on, um, getting out of the tactics of the weeds of like, which tool is better and so on, and really think about taking a step back and figuring out what's your posture, what's your risk? What is the efficacy of your program? Figure out how you can benchmark. Create a plan on how you can improve, and then go about picking the right tools to to really solve that problem. That strategic view is ultimately what's going to lead to being more successful in in protecting your attack surface. I really get kind of a map of the landscape first before you start going off and chasing bright, shiny objects. Exactly. That's exactly right. Uh, if someone wants to learn more about Blackpoint Cyber and what you guys have put together with your new platform and stuff, would you point them at your website? Is there anything specific? Yeah, we could do Blackpoint Cyber. Com we got tons of information there. We got a lot of information about compass One.com you got a bunch of webinar information as well, demos and things like that that you can download. Uh, and obviously stop by the booth here. We're also at Kaseya, so feel free to stop by. All right. Thank you so much Manoj. Thanks. Appreciate it. Take care guys.
