Name: Global Partner Webinar - Meeting the Exposure Management Challenge: Key use cases for success
Uploaded: 2024-09-10T14:08:22.988Z
Duration: 40 min 4 s
Description: Global Partner Webinar - Meeting the Exposure Management Challenge: Key use cases for success

Transcript for "Global Partner Webinar - Meeting the Exposure Management Challenge: Key use cases for success": Hey, everybody. Thank you so much for joining our webcast. This is an expert panel discussion today. We've brought together some really exciting guests from across Rapid7 with deep expertise around exposure management and attack surface management, which we're excited to talk about. Really hot topic. This, webcast is available, on demand. So if you need to hop off early for any reason or you wanna reference this content again later or share it with your team, you'll have access to that, beyond just today, but really excited to have you all here. And as I mentioned, the focus for our discussion today is really around the evolving exposure management landscape. The group that I'm gonna introduce in a moment, has a lot of exposure management expertise and also has the benefit of talking to a lot of customers and security professionals every day. And in those conversations, we've we've had the opportunity to learn a little bit more about the unique problems that we are hearing on repeat from security teams at certain themes that kind of continue to rise to the top. And and we're gonna dive into each of these today. But the first is just the fragmentation and the sprawl of the attack surface is really testing and putting a lot of pressure on the traditional approaches and existing systems that teams have in place today. So lot of sprawl, and it's creating the situation where, you know, Gartner recently shared a stat that 80% of security teams can't see a majority of their environment. And so, you know, how do you secure what you cannot see? It's really challenging, and it's introducing even more complexity into something that was already really hard for teams. So knowing, you know, hey. I'm getting this huge laundry list of things that I need to patch and take action on. What's important? What's really what really matters environment in my environment? So teams are lacking that relevant context to know where to focus. And as the environment sprawls, the stakeholders and the people that security teams need to coordinate with also sprawl. They're managing multiple systems, but they're also managing lots of stakeholders. And so being able to know, hey. Who owns these assets in the environment? Why was this set up? Is this business critical? Is it not? You know, what matters? I guess is what I would boil down to is is really a challenge. And so these are some of the big themes that we're gonna dive into, and I'm excited to introduce, our expert panel that we've accumulated across Rapid7, that again has been talking to customers and security professionals about these themes and also has some really good and actionable advice for folks that are just starting that 2025 planning process and trying to figure out, hey. Where do we kick off, and what should we be thinking about going into next year? So, I'm Meaghan Buchanan. I'll be moderating today. I'm on our product marketing team here at Rapid7. I'm gonna let my, fellow panelists introduce themselves starting with Allen. Allen, how are you? I'm good, Meaghan. Thank you very much. Hi. Yeah. Allen Rogers here heading as as heading up the engineering organization for our new surface command, product and, very pertinent, I think, to this particular conversation. Absolutely. Yeah. Hi, everybody. My name's, Craig, and I'm, I've been working for about 12 years in security operations, instant response, and especially in the last 4 years, really working with with customers around this exposure management problem and, you know, how we can use data to help fix it. Awesome. Hi, everyone. Jane Man here. I and I head up our product management team, on the exposure management portfolio. I've been working in the vulnerability management space for over a decade now. So I've talked to a lot of customers and organizations about the challenges they're facing in vulnerability management and, and recently, really noticing this trend towards exposure managements. Yeah. That's a great segue, Jane. And I'm actually gonna stop sharing so everyone can take a look at our panel here. And, you know, as as you mentioned, Jane, exposure management, a topic not necessarily new, but I think is getting some new life, maybe breathed into it across the industry. We saw it as a really big theme at BlackHat this year. You know, more talk about it across the analyst community. We're kinda hearing a lot of inquiries, from our customers and security teams about it. So, I guess let's start there. How is exposure management different from maybe your traditional vulnerability management? Or, you know, how is the space evolving right now that feels different from what we've seen in the past? Allen, do you wanna kick us off on this one? Sure. Yeah. Absolutely. You know, it's, it's a matter of, I think, pragmatism largely. If you think about, you know, this is the dynamicness of the whole discipline of of cyber defense. We as you said kind of in the lead in here, things are changing so dramatically. The attack surface is evolving. The volume and sophistication of attacks is continuing to get greater and increasing. Security budgets aren't keeping up. Teams are being asked to do a lot more with a lot less. It just is putting security teams in a really tough spot. So I think just naturally as a reaction to that, organizations are really starting to understand, okay. Well, I don't have enough resource to do everything I need to do. How can I really focus my resources in on the things, the exposure, the vulnerabilities, the security issues that are going to have the maximum impact on the business context of business risk, given that I can't do everything? And really that's what continuous threat and exposure management, if you really boil it down, that's really what it's about. Let's look broadly across all of the bad things that can happen to me, relate that back to the business, understand the impact and the risk associated with those, and then really try to 0 quantify that in some way and 0 my resources in on the things that are going to have that maximum impact. And then put that in a process where we're gonna continually kind of reiterate and and, review and reassess those over time. So, yeah, that's that's really what I think is driving, the interest in the all the the focus, across conferences and and just generally the way security teams are reacting now. Mhmm. Yeah. And when we when we think about this kind of continuous threat exposure management, CTEM, another 4 letter acronym for people to to, hold on to. But, no, I think it's you know, we're not throwing out the old. This is more about an evolution, you know, or a step change, a shift in what we're trying to achieve. And, you know, Gartner's view of it is very much it's a cycle. Right? It's a it's a recurring off view for you here, Craig, actually. Oh, good. They even better. I'm it's much easier to see pictures than me try and paint them. So, you know, we can see the the full cycle here. You know, you're scoping that that problem. You're trying to discover the exposures that you have, prioritize them, which is so important as Allen said in the in the world we live in with the volume. Right? We have so much activity we can do in a day. The kind of problem space is so much wider than that. Right? And so we have to prioritize to fit it into that. And then, you know, the the final phase of validation and mobilization I mean, validation is so important to to know that we fixed that problem, that we have resolved that exposure. We've lowered that risk. You know, we're we're managing that. And so, you know, CTEM is about this this whole cycle, and it's an end you know, an endless ongoing recurring cycle. Cycle. And, you know, it's easy being in a a technology company, in a software company to think about, you know, CTEM from a from a technology perspective, but it's it's more than that. It's very much a a program of work. It's a way of working. It's a way of thinking. And, I think as well, you know, we we had a kind of the SOC transformation journeys and these SOC transformation programs over the past kind of 5, 10 years, and CTEM should be very much thought of in the same vein. This isn't just about a technology, a solution. There is no CTEM technology. It is a program of work that, as you can see from this, involves kind of people process on that on that technology there. Mhmm. Mhmm. That's a really great point. And as I think back through the decade that I've been in this space and think about the problems that vulnerability management teams have had over those years, it's not been the technology problem. It's always been the people process problem. And it's the same problems. Right? It's about how do we actually go from a list of vulnerabilities to actually being able to take action? And taking action is all requires talking with your IT teams, talking with your, visa is talking to cloud teams, talking to development teams. But it's also it's that translation layer that that's been missing. And that's very much a not just a technology problem. I think that that's, you know, that and as Allen said at the beginning, you know, the the world has changed a lot, but there's so many more problems. But but, but all around us. But vulnerability management itself, I feel like, hasn't really changed with it. And this is an opportunity to really take a look and know how can we do this better. So something that I'm really excited about here at Rapid7 is really, like, how do we help provide some of the tooling and the data that can help customers get to their action? Obviously, there's still the people and processes that we need to work with, but, but, you know, we can help bridge some of that gap. And and when we're thinking about bridging that gap, it's all about the context that we can provide. Right? Can we help teams, or can teams get more understanding of the business context about the thing they're trying to solve, like the who, what, why. Right? A lot of times people talk about the vulnerabilities, but it's not so much the vulnerable itself. It's about who owns it? Why is it here? What is it? What do I need to do? And that context is so important, and that's more important than, I think, the the actual just scanning in the technology. Yeah. I I think a lot of a lot of good points in there. And I think, you know, thinking about this, like you guys are saying, not as, okay, I'm gonna buy this product and then my everything will be solved. It's a it's a mindset shift. It's, you know, a culture shift within the security team. It's kinda getting people on board. And, Jane, as you were saying, having the right context to know what to do with that information. I think that was a big theme, that jumped out to me as we've been talking to customers recently about this is, you know, I'm missing that relevant information as my environment has sprawled to really know, again, what to focus to feel confident in being able to take action with this information, being able to trust it. So I guess for teams that are kind of, again, kicking off this process, maybe they're familiar with CTAM, maybe they're getting familiar with it. You know, they they know that they want, or they they recognize the benefit and the need for evolution as as you guys were just saying. Where does it make sense to start? How do we get that context? You know, what what's the right kinda kicking off point? And, Craig, maybe you can kick us off on this one. Yeah. I mean, I think, you know, that this is where the difference between exposure and and vulnerability comes in. You know, exposure is a superset of vulnerabilities, I like to think of it. You know, there is so many other sources of risk and exposure in organization outside of classic kind of CVEs, right, and vulnerabilities. And so, you know, that can be things like adopting pen test as a service, bug bounty programs. You've got the whole cloud security, kind of arena, and a lot of that is focused on not vulnerabilities, but on misconfigurations. Right? If if you haven't configured your cloud correctly, it leaves open doors, open windows, right, to be exploited. And so that's where exposures really come in is it it's a more holistic term for, you know and and, again, a lot of security teams might be doing some of these today in in kind of pillars of specialism, But, actually, these need to be prioritized across all of those pillars. Right? That cloud security, pen test red team, or bug bounty, and then, you know, your existing vulnerability management program as well. These are probably generating duplicate, you know, things. They're probably generating very similar problems, but they're not necessarily being put into a kinda holistic cycle that we can actually unify how we respond and prioritize to those. Yeah. That that makes a lot of sense. And I think, again, another theme that we heard a lot in these conversations, like, you're saying where, a lot of the teams we're talking to are spending a huge amount of cycles being the those system integrators and and looking for, you know, that unified picture that you're referencing. Like, how do they deduplicate? Allen, do you wanna I don't know if you wanna build on that a little bit. Yeah. Absolutely. I think it all kinda starts with, it's already been alluded to to some degree. It's really about visibility across your attack surface. Yeah. And you said it at the beginning, Meaghan. How do you protect what you don't know? And the the problem is not that we don't have enough tools and technologies to gather key information. The problem really is that that data is scattered across so many tools and and they don't call things the same thing. So it's hard to correlate that together. So effectively, customers have become their own data analysts and and integrators trying to pull data from these sources to actually get it make sense out of it all. So certainly, I think when you think about this problem, the most foundational aspect of it is how do I really gain that visibility across my infrastructure, and take advantage of the investments that I've already made in all these tools that have all good views and insights about different from different perspectives about my attack surface, but it's not in any cohesive way. So you start by thinking about how do I look more broadly across that attack service, both internal and external cloud infrastructure on prem, and do it broadly. It's not just about compute assets either. We've talked a lot about compute assets and their vulnerabilities, but if you think about risk to the business, there's identity risks, there are data risks. Where is micro sensitive data? How is it exposed? How am I protecting it? Is it encrypted? So anyway, it you need to think way more broadly when you're really thinking about exposure. As Craig says, it's a much broader concept, and we need to make sure that as you're pulling data from sources and you're thinking about what data can help you improve your posture, you're doing it more holistically. And then try to pull that data together and correlate it, which is not always an easy thing to do, but it's, you know, we've spent a lot of time actually internally here trying to build some technology and tool around that, certainly. And it there you can you there is a lot of value you can get by pulling that data together and correlating it effectively. And then basically try to use that to synthesize that 360 degree view of your attack surface. So every entity of interest, everything of cyber relevance that's an entity in that environment, whether it's a person or asset or a vulnerability, you have a place to go and get aggregated an aggregated understanding of that asset. And then, of course, you know, it comes to risk. In order to really understand risk, you have to understand not just that those things exist, you have to understand how they relate to each other because that's what oftentimes generates the risk. And also, how does that relate to the business context? Alright? Here's a critical exposure on a particular asset, and here's the similar exposure on another asset. Which one is the one I should go task my team with? Which should we focus on first? How do they relate to each other? Which ones are on public network facing networks? Which ones support critical business services? So it's that that's the view that you really are trying to generate is something that marries the business context onto and along with that technical context of know, vulnerabilities and network topology and that sort of thing. And then finally, try to do that in a way with enough context that you can begin to actually leverage automation and orchestration and other tools to help augment your team. The more we can, you know, kind of try to automate away some of these things, not obviously, not everything is automatable. You need a human in the loop many, many times, but there's a lot of work that we could push aside if we had enough context to really leverage automation more effectively. So when I think about the problem, that's kind of the order I think about is how do I aggregate that data in a way that gives me enough context to drive it all the way through that kind of value chain. Mhmm. Yeah. Absolutely. That's the foundation that you're talking about, that visibility of your attack surface. It's really the foundation of your security program. Right? Whether it's understanding how you go and drive the action or or make that the action more efficient through automation orchestration or, whether it's, going in and and and, augmenting your SOC operations. Right? We have talked a lot about exposure management here, but this foundation is also critical. Like, that relationship you're talking about, Allen, is critical when you're thinking about investigating alerts or understanding blast radius, getting the the context that's needed to understand what this thing is so you can go and figure out how important it is or what needs to be done, as part of an innocent response. So, this visibility is just not just exposure management. Obviously, that's what we're talking about here. But, it's it's really what we've always been striving for when we talk about a good security program. Right? Right. I think that that visibility is also really critical for CSOs. And, Allen, you've talked probably talked to a few CSOs in your time. What kind of the metrics I I've been hearing from that our customers want and and CSOs want is really, like, they don't want to have different tools or different parts of the environment. They don't want to have siloed views of their program. They want one place where they can see how is this security operation operating, a security program operating, do they have full visibility? Are they gaps in their visibility? And then what can they do to make their program more efficient? Right? Yeah. Oh, a 100%. I think if you can, if you can build that view, if you can aggregate the this data to create that holistic view, the number of cybersecurity use cases that benefit from that or you think of a use case that a cyber use case that can't actually benefit by a holistic understanding of how an asset or a risk or whatever is it relates to the business, to the topology. A lot of the times that that context is also kinda available in certain places or silos. Sometimes it's embedded in things like naming conventions and other things. So it's having a way to collect that data and also kinda layer on your own kinda unique, nomenclatures and other things so that you can you can extract that context, the necessary context kinda in in process is also something to think about as you're building out this kind of a strategy. That's great. Well, every organization does it slightly differently. So being happy in that having the flexibility to be able to take into the those differences into counts, and also just Yeah. The amount of overhead for the security team. Right? Mhmm. Yeah. Most definitely. Yeah. And I think, you know, it it builds this really rich picture that gives, as you both are saying, the confidence and the trust to be able to prioritize more effectively. I feel like prioritization was a big theme that continue to come out when we're talking to customers of, hey. This is a huge pain point for me today. And, you know, it was a huge pain point 5 years ago, 10 years ago. Like, it it continues to be this thing that pops up of, you know, what really matters. And I think, you know, as you guys are just spelling out the relevant context to really be able to 0 in, to remove the duplicative information, to get rid of the noise that's just clouding, a lot of this right now is huge. And I think it also leads into a step that's, you know, that's from what we've heard, it can be overlooked at times, which is the validation. That, like, a 100% knowing of, yep, this is the thing that is truly exploitable. And I know that's an area that we've been, you know, investing in a little bit more, recently as well. I don't know, Jane, if you wanna touch on that a little bit of just, you know, the role that validation kinda plays in here. And, yeah. And I and I know that, Craig has some experience in this space as well. So I'll let him, follow-up all I have with his thoughts. But, I think it's when you looked at the CTM, validation is one of the steps and often an overlooked step in the process. Because we find have these bones. We find them. We we we say, okay. We do our theoretical prioritization, and we and we go in and and send them over. But often, we could hear back from the IT teams or your mediation teams. It's like, hey. This isn't actually there, or, hey. This isn't actually as important as you're saying it is because, actually, we've got all these other controls in place. So it's not actually exposed to the Internet, and maybe we should be looking at these other play things. So that validation step plays 2 parts. What parts? One is, like, to really find the truly exploitable things that that should be prided and should be acted on urgently, but also to help you understand, like, okay. What are what have we actually addressed with controls and to test that controls effectiveness? Like, you've spent security teams have spent money and resources and time and putting in place these security controls, are they actually working? Right? That's an important question to answer. Yeah. And the the context of, you know, you talk about the the vulnerabilities and that, yeah, we we general all these different scores and those scores and exploitability ratings. They're really important for, you know, the risk of that specific vulnerability. But I think what's so often overlooked and a big part of kind of the exposure management piece is where does that reside. Right? And it's like, you know, you can you can talk about open doors and how open the door is, but if the door's a bank vault or the door's, you know, a a car door, that's a very different threat level to an organization. And so I think that's where we need to think about the visibility piece in here, the relationship piece that you're talking about, the context of that vulnerability in the organization, and that's where you know, again, this isn't just about necessarily CVE, but as a general exposure, as a misconfiguration, again, what where is that and and how does that impact my organization? One of the things CSA used to work with the words said was, you know, you can't protect what you can't see. Right? If if you don't know about it, how can you get your arms around it to to protect it? And so having that that visibility is a is a really important piece to it. Mhmm. Yeah. We're making decisions today about what we're gonna not do and not do. We just don't make it with any information. Right? We have some very basic informations about the the the risk score of a vulnerability, but that does not oftentimes, this has very little relationship to actual the true risk of the business. Yeah. That's the tool we have. So that's what people are using. So we gotta get better than that. And then people are doing these pen tests once a year, and that's that's that's how they that's how they get the true information. But once we we know once a year means as soon as the pen test is gone and a week later, the environment changes, the both your environment and the free environment. So how do we get that more I'm using the continuous word, CTEM. That continuous view into what's truly exploitable. I I think that's what, that's what we're we're trying to think about, how how we bring that validation into our into our portfolio, make it a more integrated part of exposure managements. Yeah. Yep. It makes sense. I think it's an exciting time. Like, I I feel like it's a a hopeful time for for people that have worked in the temp space for a while. And, again, as Yuval said, you know, building the context, getting that continuity and sort of flywheel going to, you know, create a program that's more actionable, that's, you know, showing more results and and ultimately more fruitful. I think everyone can buy into that. So I guess if I'm, you know, CSO watching, director of infosec watching, and I wanna champion this at my organization next year, you know, what what's your advice? You guys talk to a lot of security professionals every day. What's the right way to kinda kick that off and get the rest of my org excited and kinda bought into this vision? I mean, it's I don't know. I always say, like, follow the risk. Right? You've gotta you've each organization is different, and so, therefore, you know, CTEM looks different. And, again, I think that's where you have to stress this is a this is a program and not a piece of technology. Technology supports the program. And so I think following the risk is all about which areas of exposure to you as an organization are the most impactful. And, you know, some organizations are a 100% cloud or large cloud estates, and therefore, like, a lot of their exposure and risk is gonna be in that cloud, you know, environment. If we talk about organizations where their crown jewels are very data focused, right, if we talk about research organizations, organizations that have very kind of PII intensive, datasets, again, they're gonna have a different exposure risk. It's all about the are we encrypting our data correctly as our data in the right places are being, you know, protected in the correct way? And so that exposure prioritization is very much dependent on the key areas of the business that you want to, you know, from a risk perspective, protect. So I think that's the first place to start is your and, again, we've we've talked about this a few times. We know this, but it it's that trickiness of there is only so many activity tokens. I like to call it, you know, this kind of there's only so many things we can do, and so how do we prioritize to get, you know, things into those slots of things we can do? And that's gotta be driven by the organization's risk. There isn't a kind of broad brush to do that. Yep. That makes sense. I like that activity token. So I'm gonna I'm gonna use that. I'm gonna try that out in my role. Though, it it totally makes sense. And, again, I I I do think that this is a a movement that is gaining a lot of traction. And, obviously, you you know, we've all kinda touched on a little today. Rapid7 is well known in the space. You know, we're one of the, early vendors in vulnerability management. We've been a leader in the space for over 2 decades. And so, you know, very proud of the expertise, not just on this call, but at at Rapid7 in general and, you know, in the offensive security space more broadly. And, you know, we've obviously been committed to not just making our customers successful, but I think really, you know, creating a rising tide for the industry at large through things like Metasploit and attacker KB. Like, we're really open knowledge sharing is a big part of our culture. And so, you know, I'm sure there's customers, on on the webcast or people who are familiar with us through that open source community with Metasploit and otherwise. But, I'm sure people are interested in, you know, how are we evolving in this space? And we've recently announced, a new, product launch, Exposure Command, which we're really excited about. So, Jane, maybe just to update everyone, can you talk a little bit about Exposure Command and how maybe it's different from other approaches that are out there on the market that people might be familiar with? Yeah. It would be my pleasure. Exposure command brings together the comprehensive visibility that, that we provide through service command, which is what Allen and Craig they they've been working off many years now. It's our new attack surface management product. It provides a lot of that unified visibility that we've been talking about, today. I combined that with our leading vulnerability management solution and our cloud native application protection solution to provide a true end to end view. And, you know, obviously, there's a lot of companies out there talking about the exposure management space. What makes us different is we recognize that you may not use Rapid7 for everything that to get your visibility. We recognize that there are other tools out there that might fill in gaps for you, that you have visibility into areas that we don't provide, or you might have, subsidiaries or different business units, that you wanna bring together into a unified view. And so through surface command, we actually, support the ingestion of other toolsets, other data, our third party data, non Rapid7 data into our into exposure commands so we can provide you with that simple single view of a security posture data. So that's really what makes us different. But you do also get the advantage of those 20 years of experience that Meaghan was talking about, the intelligence that we've gathered through our open source community, all of that comes in exposure command. Yeah. Absolutely. It's a good segue, Jane, because I did want to you know, for folks who, you know, might be, new to the Rapid7, ecosystem or maybe have heard about this new command platform, that we launched and are are here to learn a little bit more. You know, as Jane said, we really want to deliver, you know, the way we think about it as command of your attack surface. We want our customers to be ready for anything and always really know what to do next across their entire digital estate. And so, you know, with the really exciting acquisition of Noetic, which Allen and Craig were alluding to, as Jane said, now we have that foundation of attack surface management to underpin this platform. And, you know, our goal is really ultimately to deliver a 100% visibility in real time across your attack surface. So bringing together all of that relevant context you can trust. And as the team said, you know, some of that's gonna be Rapid7 data. Some of that's gonna come from elsewhere in your environment, but it comes down to having that deep comprehensive visibility and context to be able to fuel this unified exposure management and threat detection and response that, again, I think we're known for in in kind of providing that, endpoint to cloud coverage. And and and these sides are reciprocal. Right? Like, there's a benefit of having that threat aware exposure management. So we we know what's actually getting exploited in the wild. Again, it feeds into that theme of prioritization, like, what are adversaries really gonna have in their sites. And we get better context and can understand, you know, blast radius and kind of the interconnectedness of your environment on the TDIR side of the house. So we're really excited about this new platform, and I did just wanna quickly plug these 2 new products as I think it's so important. And team, please, you know, pipe in if there's any, big points that I'm missing. But, again, surface command is that attack surface management foundation. So providing that visibility, as we said, vendor agnostic, bringing together your entire security ecosystem. As Allen talked about, the importance of marrying the internal and external together. Right? It's not just one or the other. We wanna have that full view, you know, everything in your environment, but you also get that adversary view of, outside in. And, again, it has to be endpoint cloud. Otherwise, it doesn't make any sense. Right? It's not your whole environment if it's not everything. And so, really, how do we bring it all together? And we're really excited about these actionable new views, and we have some early customers already using, which is great, and and we'd love to show folks more. And, again, it's feeding into our new exposure command product, which Jane was just speaking to as well. That's really the hub for for hybrid risk management. You know, so, again, something that an area that we're kind of known for in the market for the last 24 plus years, but, really empowering customers to combat that attack surface sprawl, and be able to, you know, provide you with, everything you need to know to be able to protect your environment, recognize what's truly urgent and important, and transform those to do list today, that list of prioritizations that are really endless today into, like, what's my actionable hit list that I need to be focused on, and how do I, you know, work through that and work more collaboratively across teams. So really excited about these new, focus areas. I don't know if there's anything anyone would like to add from our expert panel on these. I know we hit both of them kinda quick. I think the, like, the stitching together of those perspectives is the it's a really important part of the, you know, the vendor agnostic approach. Right? Is each of the tools in your security stack have a very unique view of what they do and the unique view of your environment as a result, But you need to stitch that together to get a complete kind of view of that environment. And so, you know, I think the the the unifying of the perspectives is the the really big piece for me here, with Exposure Command. Yeah. Yep. Absolutely. And, again, an area that I think we've got really positive feedback on from our early customers because it is a real pain point today. And I think it can be transformational for a lot of teams out there. So we're really obviously, I hope it's coming through in this webcast. We're very excited, to be talking about this, and we'd love to share more, help you learn more, or even if you're just, again, trying to get a handle on the space, the industry, how things are evolving, we have a lot of resources, on our website for folks who just wanna get more familiar on, like, a c ten program or attack surface management and how they can champion it. And if you'd like to learn more about our specific platform solutions, again, we're love to show you. We're very eager to help, and so we've got some resources that we're gonna share here. But I just want to again thank our expert panel for joining. Really appreciate it, guys. Lots of great tips. I hope everyone found it really valuable, and thank you all for watching. And please visit us, online to learn more. Thank you so much.