This Week in Enterprise Tech 565, Transcript

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show.

0:00:01 - Lou Maresca
On this week enterprise tech Ms Brian Chee, Mr. Curt Franklin and I talk about the future of digital trust with Adobe's content credential system. This was joined by Zach Wasserman, CTO of Fleet. We're going to discuss the evolving landscape of endpoint management security and how leveraging open source is actually changing things there. Plus, we're also have a special treat. We're joined by a listener, Jeff Marraccini. He sees so from all tear and he's going to take us to just how he's implemented some of our recommendations. You definitely shouldn't miss it. Ti on the set.

Podcasts you love from people you trust. This is TWiT.

0:00:45 - Lou Maresca
This is Tweet. This week enterprise tech, episode 565, recorded October 13th 2023. Shea birds and DM dreams. This episode of this week enterprise tech is brought to you by how alto networks protect your OTS. That's networks and remote operations with zero trust OTS security. To learn more, find the link in the show description or visit pal alto networkscom. And by things. Canary. Canary tokens are a quick, painless way to help defenders discover they've been breached by having attackers announced themselves for 10% off at a 60 day money back guarantee. Go to canary dad tools. Slash Tweet to the code Tweet and the how to hear about his box. And by Nareva. It's a first. Nareva's new pro series the HCl 310 for large rooms and the HCl 410 for extra large rooms. Is you uncompromise audio and systems that are incredibly simple to set up, manage, deploy at scale. Learn more at Narevacom. Slash Tweet.

Welcome to this weekend enterprise tech, the show that is dedicated to you. Enterprise professional, the IT pro and that geek who just wants to know how this world's connected. I'm your host, lewis Moreska, your guide through the big world of the enterprise, but I can't guide you by myself. I got to bring in some professionals and some experts are very own Mr Curt Franklin, principal analyst, at Omdia and the man who has the pulse of the enterprise and I can tell you he's always busy. What's going on with you this week, Curt?

0:02:17 - Curt Franklin
Well, oddly enough, I've been pretty busy. I've gotten a couple of things published. I'm pleased about that. Talking about talking with a number of companies it's interesting the way things go in waves. I've been talking a lot about cybersecurity awareness training this week and one of the interesting things is the way that companies are starting to use generative AI in their training campaigns. Several different ways of doing it, ranging from using AI to generate compelling phishing messages to test employees on, all the way up to using generative AI to comb through lots of data on threats in order to tailor training to be the most effective against the threats that have the highest priority in a particular organization. Lots of interesting stuff going on. I've gotten to talk to a bunch of people, and that always makes me happy.

0:03:25 - Lou Maresca
Makes me happy as well. Thanks for being here, Curt. Speaking of interesting stuff, we have Mr Brian Chee, who's always got some fun stuff to play with. What are you playing with this week, Cheebert?

0:03:34 - Brian Chee
I have a bouquet of remote serial devices and we're actually going to be talking to a viewer out of Michigan to talk about how this device an air console has made a difference for his operation, and it's going to be a lot of fun, in fact. Why don't we finish the intro and then we'll get to our visitor?

0:04:02 - Lou Maresca
Sounds good to me. Well, speaking of fun, we have lots of fun coming up. We'll dive deep into the future of digital trust with Adobe's game-changing content credentials. The question is, is it really game-changing? Let's let you join. By Zach Wasserman CTO Fleet, we're going to discuss the evolving landscape of endpoint management. Security, and the lines between work and home are blurring. Learn how organizations cannot just adapt but thrive by leveraging some open-source technologies and some smart collaborations. So stay with us. But first we do have a special treat before the blips today. Some of our past segments have some pretty big, deep impact on people of our audience and their organizations. So today we have a guest that's going to tell us all about it, Cheebert?

0:04:42 - Brian Chee
Well, our guest today is Jeffrey David Marraccini. I think I pronounced that right. Lou's going to keep me honest on this right. He works for a company called Altair. Now, this is not the Altair of way, way back, the original PC. In fact, Jeffrey told me this Altair was founded in 1985, I believe. Anyway, he builds supercomputer clusters and works with all kinds of really, really noisy equipment. And, Jeff, you've got a set of earmuffs on your desk. Could you explain why you have those earmuffs and why an air console has made a difference for you?

0:05:28 - Jeff Marraccini
Well said, Brian, and again thank you for introducing the air console to me. So hyper ones computing clusters are usually a few to tens of thousands of computers tied together into a network that work on matrix problems. So a lot of this is engineering and scientific computing. We call them solvers that are used to simulate solutions to make airplanes, cars, whatever better. So the problem with that is is there's lots of nodes that have GPUs and, in many cases, very high speed fans in them, so when you're behind them they're extremely loud. In fact, in many cases they're dangerously loud. This is why we wear earmuffs.

The problem with hyper ones computing is they tend not to be highly available. So if one of the nodes goes out, you have to get it back online very quickly. In some cases, if there's an issue with one of them, you can lose the results of your job and possibly lose a lot of money. Of course, plus, you tick off your engineers and your scientists while you're waiting for that node to be rebuilt or brought online or whatever. So using the air console allows us to remote in to the system from a safe distance, get on to the console, figure out what's going on, decide if hey, if we can fix it really quick. If we can, great. If we can't, we take the node out of the cluster.

The cluster continues working and the engineer or the scientist is very happy. And then again you can do that from a safe distance rather than being behind a group of very hot systems in a data center or in a computing closet. We're a lot of times against not only the noise but also the heat. A lot of our engineers actually have to wear very light clothing in these facilities because it's just so hot. Exactly, just plugs into the back of a system or a switch and you can get into it from a safe distance, do your work and be in a very comfortable environment. So I love them. And again, you don't want to wear these things if you can, because these are really annoying and they're not so great for your hearing.

0:07:29 - Brian Chee
Yeah, and one of the interesting things is I introduced the Bluetooth versions of what I was doing to a bunch of tech sergeants in the US Air Force and they actually have to do work on avionics and they have to do the work when the engines are running and so they're actually using it for the same reason, and the University of Hawaii, shall we say, is a very large consumer of supercomputer clusters, to the point of we actually have a cray and they started using these things.

They kept borrowing them from me till I finally put my foot down and said buy your own, darn it, you have a budget. Anyway, Jeffrey, thank you so much for sharing a little bit of your time and your story. We love it when viewers can take away something really useful and save their hearing.

0:08:19 - Jeff Marraccini
Thank you so much, TWiET. You're fantastic. Appreciate it.

0:08:22 - Brian Chee
All right, you take care. Anyway, how about we go and see what's happening with Mr Liu?

0:08:32 - Lou Maresca
Go ahead and jump into this week's newsflips Now when, a move that underscores its commitment to blazing fast Internet connectivity, comcast announced the rollout of its Doxxus 4 technology in the US Cities over, actually, the old school coax, that's right. Doxxus 4.0 delivers a symmetrical upload and download speeds ranging from 300 megabit to staggering 2 gigabit per second. The game changer here is the technology's full duplex capability, allowing simultaneous high speed data transfer without compromising either upstream or downstream speeds. Now Colorado Springs will be the inaugural city to experience this next-gen Internet, with neighborhoods in Atlanta, philadelphia on deck for future deployments. Branded as X-Class Internet, here's the X again. This portfolio introduces a varied speed tier that can cater to diverse user demands, for full live sports streaming to latency sensitive business applications.

Now Comcast CEO emphasizes the competitive edge that the company holds here, stating our connectivity experience, powered by the Xfinity 10G network, will deliver networks up to 10 gigabits per second over our traditional network to virtually all of our customers, plus even better reliability, lower latency and optimal in home Wi-Fi coverage. Now it's worth noting that the Comcast has been an industry pioneer in Doxxus technology, which actually originated back in 1997. Now the company has continually invested in enhancing their network robustness through technologies like distributed access architecture and low latency implementations For enterprise professionals. The potential applications for these speeds are manifold. Imagine the seamless execution of a cloud-based application or a video conference call being clear as day, or a large-scale data analytics happening over stream. So, whether you're in Colorado Springs or keeping an eye on upcoming deployments, comcast's DOCSIS-4 is shaping up to be a game changer in the landscape of residential and potentially enterprise internet services.

0:10:31 - Curt Franklin
How soon is too soon, according to some cybersecurity professionals we could find out, due to a new proposed rule from the EU that requires vendors to disclose that they know about a vulnerability actively being exploited within one day of learning about it, regardless of the status of a patch. According to an article in dark reading, these same professionals are urging that the new rule sought out in article 11 of the EU's Cyber Resilience Act be reconsidered. In an open letter signed by 50 prominent cybersecurity professionals across the industry and academia, these professionals argue that the 24-hour window is not enough time to fully understand the vulnerability, much less fix it, and would open doors to adversaries jumping on the vulnerabilities without allowing organizations enough time to remediate the issues. Now, there is no disagreement about the urgency of patching vulnerabilities. The concerns center on publicizing the vulnerabilities before updates are available, since that leaves organization at risk of attack and unable to do anything about it. As we've seen in the past, 24 hours may even be too short of time to develop mitigations or workarounds, much less remediations like patches and updates.

Now some alternatives have been suggested, including one alternative that involves preliminary notification, where vendors can be given a preliminary notification with a brief grace period before the detailed vulnerability is disclosed to a wider audience. This would be like saying hey, customers, there's an issue in this module. Yet another way focuses on coordinated vulnerability disclosure, which encourages a system where researchers, vendors and governments work together to assess, patch and disclose vulnerabilities responsibly. This is very much modeled on the responsible disclosure model that many, if not all, white hat or ethical hackers follow. Now, those of us outside the EU may think this doesn't affect us, but it does. On the good side, the US has an opportunity to observe, learn and subsequently develop wealth-informed cybersecurity policies, as well as proactively prepare for any potential ramifications if Europe moves forward too quickly. On the downside, we can't ignore the ripple effect of the EU's regulatory decisions, as evidenced by the GDPR's influence on CCPA and other US privacy laws. This suggests that European decisions on disclosure and timing could be a forecast of similar regulatory considerations here in the USA.

0:13:34 - Brian Chee
This story actually comes from a company called Seed Studios. The realistic view of the world is I've made it no secret that I'm not really wild about general-purpose AI, these giant large language models. There's going to be a lot of fighting over them and things like that. I am a big supporter of edge AI because I think that's where it's going to make the biggest impact. This is actually one of them. In this case, the hardware is an A603 carrier board with an NVIDIA Jetson Orrin NX CPU on it. What they're doing is they're using a drone for fast response inspection for public safety, and this is being deployed in the United States.

Public safety is one of the important links in city management, whether it's forest inspection or a rescue scene. It usually plays a key role when the emergency department cannot be there on time. Let's take, for instance, a forest file as an example. It's commonly related to fire prevention, forest resource monitoring and so forth. However, the traditional manual inspection has obvious disadvantages of low efficiency and if the discovery is delayed, it's likely to cause irreversible loss and consequences to forest resources. Let me translate that statement. The manual forest inspection are commonly called fire towers. They're typically in very out-of-the-way places. There's been lots of movies about them. They are big metal towers up in the air with a wood box on the top and they stick a very lonely forest ranger up in the top. They stand around on a little walkway with a spectacular view with binoculars. But what happens if they have a cold? What happens if they're tired? What happens if they're having relations? Are they going to miss that first wisp of smoke?

So EDGE AI is now appearing, both with neural processors and now with the NVIDIA GPU processing. So the EDGE AI scenario that I'm hoping for in this case would be a big win for public safety is being able to do smoke detection or fire detection by unblinking, unsleeping and unwavering EDGE AI. I was proposing putting that up on one of the taller dormitories at the University of Hawaii, because there's a ridgeline behind the university that is very susceptible to brush fires, especially because of a homeless population that decides they want to cook hot dogs or something. The interesting thing is it looks like there's going to be two camps Is it going to be a GPU based system or is it going to be a neural processor based system?

We had Intel on not too terribly long talking about using neural processors so that you don't have to soak up large, large amounts of GPU cycles. So we already have seen we're going to try and get them on again access communications. They make very high-end webcams. They have third-party smoke detection software. Interestingly enough, a lot of the work done, either neural processor based or GPU based, are very, very similar in the facial recognition world. So if you actually see a picture, it'll actually put a square around whatever it thinks is smoke and it'll give you a percentage on whether or not that it thinks that's really smoke. So it ought to be interesting and go go edge AI Indeed.

0:17:34 - Lou Maresca
Thank you, cheebert. Well, folks, that does it for the blips. Next up we have the bytes, but before we get to the bytes, we do have to thank a really great sponsor of this week, enterprise Tech, and that's Palo Alto Networks. Cybersecurity has become the top focus in organizations, and I'm sure it's at your organization as well. Now, one additional challenge is the fact that there's been significant growth in the number of OT assets that require internal and external connectivity. Ot assets are usually pretty vulnerable to an attack. There's often no security built into the asset, as well as poor visibility, unencrypted traffic and much more. Now Palo Alto Networks Industrial OT Security is the solution security teams need to provide effective visibility into OT assets. It provides the most comprehensive zero trust security across all OT environments and is developed specifically for industrial and manufacturing operations. Industrial OT Security delivers comprehensive visibility, ml-powered, scalable discovery and intuitive visualization of OT devices and patterns, ot vulnerabilities and even risk assessment. It also delivers on zero trust security, offers segmentation and lease privilege, access control, continuous trust verification with 24-7 risk monitoring and continuous security inspection. Plus. It's simplified operation. That's why it leverages existing infrastructure. You can deploy it in minutes and share device information natively with tools. Protect your OT assets, networks and remote operations with zero trust OT security. To learn more, find the link in the show description or visit PaloAltoNetworkscom. That's PaloAltoNetworkscom. We thank PaloAlto Networks for their support of this week in enterprise tech. Well, folks, it's time for the bytes Now.

In a significant move for digital trustworthiness, adobe unveiled a new symbol designed to tag AI generated or altered content. This part of the initiative of CP2PA seeks to bring clarity to the murkiness around a digital content, particularly given the rise of deep fakes and misinformation. We all know deep fakes. We've seen a lot of them. Now Adobe calls it content credentials. It's displayed as a lower, lowercase CR symbol. You can see it there. It's essentially a metadata signature, signature that gives you a snapshot of the content's origin and the tools used in its creation. The key players collaborating on this are not actually small, that's right. Adobe worked alongside organizations such as Microsoft, bbc, nikon and TruePick. The symbol will indicate not just if its AI was actually involved in its creation, but also which digital tools were used, allowing users to click on the CR symbol to be more details.

The big question is does it really assure authenticity? Well, not entirely. Actually. The CR symbol merely signifies the presence of metadata. It doesn't vouch for the content's genuineness or actually anything at all really. In other words, deep fakes could also carry its own credentialing here as well. Yeah, adobe believes this is a metadata tagging system could become as ubiquitous as the copyright symbol in the digital landscape.

But here's the Achilles heel. The system is voluntary. Metadata could be stripped or lost in the chain tools used and it doesn't support that actually doesn't support content credentials. Now, while the metadata is encrypted, it's not entirely foolproof against tampering. Beyond Adobe, google and DigiMark also are stepping up with their initiatives like Synth AI and at Synth ID and digital watermarks respectively, to track AI generated content.

Tech industry's overreaching pain here is to build a framework that's at least provides some level of traceability and transparency, albeit not infotality. No, mark Wilson from Fast Company puts it actually pretty simply the CR system in from its current form is good to have, but not must have for verifying content authenticity. It's not a good, it's not a great way to really ensure transparency, but it falls short of offering a foolproof system for combating digital redisception. In conclusion, the CR symbol is a step forward. Let's not make it make a mistake here as a comprehensive solution. I do want to bring my co-host back in because there's been a lot of these campaigns by organizations. Sometimes you know they have a secondary reason for doing this. Curtis, I want to throw this to you first how effective will you think this voluntary content credential system will be combating this type of thing?

0:22:06 - Curt Franklin
I think this will probably be at least as effective as the little box that says I am not a robot that people are asked to check on to prove, to prove conclusively, that they are absolutely human and couldn't possibly be any sort of programmatic or robotic system checking those boxes. It's a nice thought. It's a lovely thought, and in a world that didn't really need an attestation of human creation, it would be beautiful. But there are a bunch of problems, not least of which is that AI can create meta tags. Shoot, I'm not even really good at it, and I can create AI programs to do meta tags.

It does speak to a very real issue, which is that AI generated audio and video are becoming so good they have to use a phrase my son loves to use leapt across the uncanny valley, so that they're no longer just bad enough to make us feel queasy about watching them. They're now quite realistic, and so for things like news, political news, for things like company news, whether good or bad, for fraud and for simple trustworthiness of the information that flows to us, there are some significant implications, and I'm not sure that something as simple as a voluntary watermark is going to solve them. I wish I had confidence that it would, but I just don't.

0:24:33 - Lou Maresca
All right, Jim. What do you think? How effective do you think this will be? Have we seen this type of thing before?

0:24:40 - Brian Chee
I think in the form that the article talks about, it's going to be a flop. However, adobe has had a system in their PDF. It's basically if you make any kind of modifications, even if you erase a space and then put a space back, it will say the document has been modified. The content credentials has that potential to go just that little bit further. Now I do kind of throw up a skyrocket here that this might also be Adobe trying to go and sneak their way onto every computer in existence and get a license fee out of them. That's possible. However, I'm going to draw a similarity to a Japanese system called a hunkle.

If we could bring up that webpage, you can actually take a family crest or a symbol, as long as it is a unique symbol, and register in Japan.

It is good enough that it is acceptable in lieu of a signature, because, remember, a signature is a traditional signature, is a very western concept, whereas a registered personal seal has a government registration behind it.

So the point I'm getting at is the concept of a hanko could be very much like the content creation symbol. According to the article, if you hover above the logo, it's supposed to pop down a list of the contents or the ingredients and in theory, if any of the ingredients are changed, it's supposed to display a big red X over the logo. Will that be enough? I don't know, but if we start registering it, kind of like NFTs, maybe this might be the digital signature that I've been ranting about for the last decade. Maybe I personally think scribbling on a digitizer pad and having the system record my actions as being a signature I think is weak. But if I had an NFT that I could register, say with the US Post Office, which might also revive the Post Office as being significant again, might be a way to go and have real digital signatures that is so lacking in today's e-commerce world.

0:27:36 - Lou Maresca
If it's anything like their PDF security, I think you should probably run and hide, because if you don't believe me, you can check out the CV 21608, the latest remote code execution bug there. That's a pretty interesting one, so check that out. I personally want to throw this last word to you, because I think you mentioned this before. I mean, obviously, there's a lot of things going on with defakes. People can't trust what they're seeing. Now. They're getting better and better. Obviously, adobe is trying something, google is trying something. They're attempting to build an ecosystem where people can trust things. So if you voluntarily jump in there and they have some kind of repository of images or even photographers or whatnot start jumping into this, could you just trust their content better? Are we just basically saying, hey, we can trust their stuff better. If you don't get it from them, it could just be fake. Is that what they're trying to do?

0:28:23 - Curt Franklin
I think that's what they would like to see happen, even if we give them the benefit of the doubt and say that this is purely done for the better of mankind. They would love it if the betterment of mankind included everyone using something that was associated with them. The problem here's the deal. For it to be truly useful it would have to have a certain critical mass, used by enough organizations and enough individuals so that people who don't live in media or technology could see it and know that it meant something useful. The problem is that with multiple systems it's going to be difficult for anyone to gain a critical mass. Now. The free market theory says that ultimately one will prove its worth and be adopted by the market and shown to be the best and the one true way to show human creation. The pessimist says that we'll be lucky to have that happen before Skynet makes it all irrelevant.

0:29:54 - Ant Pruitt
I got to jump in here. This is the voice of Ant Purit Vaddoz, listening and trying to figure out where that voice is coming from. I did a segment on this on Tech News Weekly here at Twitter the other day because, yes, I am a big Adobe fanboy, yes, I am an authorized Adobe affiliate, but, yes, I will call BS on them if I see BS With that out of the way. I thought about this a little bit more and I agree with you all saying that there needs to be some type of critical mass to be involved with this for it to work. But, to their advantage, here this coalition is also working with the open source community so they can have their feet held to the fire when it comes to dealing with the content authenticity initiative, and I showed off an illustration, if you will here.

This is a shot that I took camera raw file Just to test it out, just to further prove that this has to be adopted by everybody. This is on my website you know a Squarespace website and I updated the image, you know, using AI. I basically I removed that person. I didn't go in and just push the pixels around. I specifically use the AI generation tools inside a Photoshop, and as I hover the mouse over this, you see there is no bash. Nothing has happened, and that's because, more than likely, squarespace or whoever else they have running on the back end hasn't necessarily adopted this particular process just yet.

So, next, you have to worry about social media. This misinformation and disinformation stuff that we're dealing with from images and videos and audio, is usually on social media, not just particularly on a website. Is Meta gonna adopt this? Is X gonna adopt this? What about everybody that's on the Fediverse? Well, the people running those servers adopt this. So again, it's a bit of a crapshoot here and we got a long way to go, but at least it's open source and people can be held accountable. All right, I'm shutting up now. We got bills.

0:32:04 - Curt Franklin
Wait, hold on a second. And because, if I can, I'd like to ask him a question. Since he jumped in, let's go back to the images you present because clearly, from a photojournalist viewpoint, making the change that you showed is a violation of journalistic ethics.

0:32:31 - Ant Pruitt
That is correct, and that's something that this COC AI is supposed to help is have a paper trail of showing All right, this was snapped by Ant Pruitt on this particular camera. Ant Pruitt also exported this and gave it to the New York Times, or what have you. And then if the New York Times decides to go in and want to crop it, it is supposed to still show that paper trail of New York Times went in and did a crop on this or what have you. And all of that is supposedly encrypted. And if it's supposedly, if it's moved, there's supposed to be a way that it could be flagged to show that, hey, this thing has been manipulated and we cannot verify the authenticity of it anymore. But we did have it at one point and some point it got stripped out. Here's your flag. But again, everybody has to adopt this system and I hope more people do, because election season is coming up here in the U? S and boy I got to tell you. Y'all know how that can go.

0:33:30 - Curt Franklin
I do, and let me say that on that last, if you are player four is mom and you want that shot as as processed, more power to you. You know, right, give it to mom. Right, if you, if you claim to be pervading news, the rules are different. Sure, and as you say, that's where the real issue is and that's where Brian likes soapboxes here's one of mine. That's where a breakdown in journalistic ethics globally largely, although not entirely, tied to the use of social media networks as news dissemination channels has created a problem that that's going to echo for a long time. We've already started to see it in the in what's happening in Israel and Gaza right now. Yep, um there, there are tons of doctored, fake, terrible images floating around that cannot be verified, many of them, because they're just not real. But they do inflame passions, they do incite people to heightened rhetoric and action on one side or the other, and so these are things with very real ramifications. This is not just a philosophical discussion among photographers. This is real world.

0:35:09 - Ant Pruitt
Sure is, and I got to tell you, if you were standing in a pool pit somewhere, I'd be yelling amen right now to you, sir, well said.

0:35:18 - Lou Maresca
Well said indeed. Thank you guys, great conversation. I definitely think I'm hoping. I'm hoping for something. I'm hoping for something to move things to forwards. Well, I say that doesn't for that bite.

Next up we have our guests, but before we get to our guests you have to think another great sponsor of this. We get on a rise tech and that's things canary. Simply put canary tokens, tiny tripwires you can drop in a hundred places and they fall with things canary philosophy, trivial to deploy, with ridiculously high quality of signal. There's a little room for doubt. If someone nefariously browsed a file share or opened a sensitive looking document on your canary, you immediately will be alerted to the problem. Thanks.

Canaries founding team has a background in offense but has prioritized defensive thinking and developing their devices. Canaries team is uber conscious of customers trust in their product and takes extensive measures to ensure their devices do not pose any additional risk. Canaries are designed to be secure by using memory, safe languages and sandboxing. The architecture ensures that no critical network secrets are stored on the canaries. To maintain security, canaries are not allowed to be dual home or span VLANs, as it could give attackers access to jump across networks. Things canary has put immense effort into ensuring they don't introduce new vulnerabilities to customers networks. Her bird can let off just one warning before it's owned, it's lived up to its namesake and it's earned its keep. Customers have the option to break the back end authentication link to prevent things staff from accessing their console. Additionally, a third party assessment commends the secure device of the platform and software stack implemented by things. Hardware VM and cloud based canaries are deployed and loved on all seven continents.

Go to canarytoolslove and see for yourself all the genuine customer love for Thanks Canary. Visit canarytoolstwitch and for just $7,500 per year you'll get five canaries, your own hosted console, upgrades, support and maintenance. If you use code TWIT and how to hear about its box, you'll get 10% off the price for life. Thanks Canary adds incomparable value, but if you're unhappy, you can always return your canaries with their two month money back guarantee for a full refund. However, during all the years TWIT has partnered with Thanks Canary, the refund guarantee has never been claimed. Visit canarytoolstwitch and enter the code TWIT and the how to hear about its box, and we thanks Thanks Canary for their support of this week in Enterprise Tech.

Well, folks, it's my favorite part of the show. We're actually gonna get to bring a guest to drop some knowledge on the TwiRy. Today we have Zach Wasserman. He's CTO of Fleet and co-creator of OS Query. Welcome to the show, zach. Thank you so much for having me. Lou, absolutely, we have a huge spectrum of experiences in our audience and some of them like to hear people's origins stories. Can you take us through maybe an abridged version of your journey through tech and what brought you to Fleet?

0:38:18 - Zach Wasserman
Sure, absolutely so. I think for me it started with just a childhood love for computers. Of course I grew up around the dot com boom in the Bay Area and just saw things exploding in the potential of computers. My professional background really got started through some university research into cybersecurity where we published some interesting work around hacking the radios that the federal agencies were moving to and I got to work with some really cool grad students amazing professor Matt Blaise on that research. And then later I moved into cybersecurity in industry through being on the security team at Facebook and it was there that I helped create OS Query and we eventually open sourced that, and that kind of gets to the whole rest of the story that I'm sure we'll dig into today.

0:39:11 - Lou Maresca
Absolutely, absolutely. Yeah, let's just try right in there. I think obviously we hear a lot about the fact that endpoints are frequently cited as the weakest link in most organizations security, especially with remote work. People are extending their networks to everyone's homes. What are you seeing that? Some of the foundational practices out there that you are recommending or are you seeing people recommend around adding more security but not adding complexity?

0:39:35 - Zach Wasserman
Yeah, for sure. And of course I think it starts with the idea that you can't secure what you don't know. And in particular, as we move to, or as we have moved over the last three years to more remote and hybrid workforce, we have way more unknowns introduced into our environment. So we don't control the networks anymore, we don't control the devices, because people are doing BYOAD whether we like it or not, and we need to find ways to get visibility into what's going on on the devices. So that's kind of the thesis of fleet and we use open source technology to help gather insights on what's happening in devices across Mac, windows and Linux, which are, of course, the major desktop computing platforms.

0:40:19 - Lou Maresca
Now some interesting things that we've talked about. Obviously, you said there's not a lot of control out there, but there's an ask out there to see more of a convergence between security teams, developer teams, operation teams and making sure that IT settings are kind of fluid throughout. What are you seeing from frameworks or technologies that can really enable that type of thing?

0:40:40 - Zach Wasserman
Well, something that I'm really excited about is taking some of the dev ops practices things like GitOps and configuration as code and bringing those into the IT and the security realm, and so we have started to hear about things like DevSecOps, bringing security into the development workflow, but also, I think, bringing those dev ops practices in helps us establish more transparency within our organizations and more repeatability and auditability around these things. So those are big things that we're working for Additionally, bringing those things into IT as well, so that we can understand on these devices, which are, of course, a really sensitive part of our infrastructure, what changes are being made, who's making those changes and why. So those concepts are something that we're really excited to see growing and we're excited to bring through the tools that we are building, again both open source and commercial.

0:41:38 - Lou Maresca
I've used a lot of bring your own device systems and services MDM services out there. Obviously, a lot of them apply policies to the device and we're seeing this increasing number of organizations allowing bring your own device, which makes their fleet huge and their diversity of their device is huge. The one thing that I see that organizations struggle with is their users don't necessarily trust the service that they're putting on the device because they don't know what they can see or what they can watch or that kind of thing. And then the flip side, the organization can't necessarily trust the user because they don't know what they're doing in the background. So what do you say to organizations that have, or people that have, this problem?

0:42:20 - Zach Wasserman
Yeah, this is a really interesting question. Our core thesis is that transparency helps to build trust. I mean, I get it that if you're a security team and organization, you need to know what's happening on those devices in order to keep the organization secure. And I also get it if you're a user, you don't want to think that the IT or the security team is poking into your personal information. So our balance is to be had here. I think that the thing that I've learned through working with IT and security teams over all these years is like these folks don't want to dig into anyone's personal information. They want to keep the devices secure. They're being really responsible about how they use the tools, and if we provide them the opportunity to be more transparent with the users about what the tools are doing, then that really helps to build the trust and build a culture that I think is more resilient.

0:43:20 - Lou Maresca
I love the transparency side of things. Now I want to jump into the concept of just open source versus proprietary, because there's a lot of transparency when it comes to open source and obviously a lot of flexibility, but there is a trade-off. Sometimes it requires a little bit of expertise when it comes to in-house. So if you have to make a change or if you have to make it specific for your organization, you have to have some expertise so to be able to do it. Where do you see, how are you seeing organizations kind of balance those benefits there when it comes to your software?

0:43:48 - Zach Wasserman
Yeah, absolutely, and obviously I'm biased here, but I think that we strike a really cool balance where we've taken this open source core technology, so OS Query, which is an agent that runs on the individual devices.

It can extract a ton of useful information and it's integrated not only in fleets products but also into products from major corporations like VMware and Microsoft. So we're certainly not the only ones using it, but we think that we've struck a really good balance between giving you the insights out of the box and giving you the control to look for what you need specific to your organization. So, again, we provide the opportunity to do these things like configuration as code and so that you can evolve processes around, deciding what you want to monitor on devices, what kinds of policies you want to enforce, what kind of configurations you want to push. And I think that by giving folks both the out of the box functionality and the click ops, if you will, the GUI to work with that's friendly and well designed, but also the deep integrations, you end up being able to get the best of both worlds and to move towards a more modern practice where we have a smaller set of more skilled individuals doing really high impact and high leverage work in the organization.

0:45:20 - Lou Maresca
So one more than when I bring my co-host back in. But you talked about evolving obviously evolving policies and settings and configurations and we always talk a lot about on this show future proofing security but it almost is a misdome or it's almost impossible to get there, and organizations are looking for ways to make sure that they have really good end point security strategies that are effective now and that they can adapt to later. Are you seeing that possible with MDM solutions? Is there other things organizations should basically be thinking about here too?

0:45:50 - Zach Wasserman
Yeah, and something that we've talked about a lot is that MDM is really so much more than just the base MDM protocol that's on the devices. So Apple, now for around 10 years, has had the MDM protocol and Microsoft is now building MDM into their operating systems and MDM is really useful and it's a critical component, I think, of securing workstations. But it's not enough. There's so much more that you need to do beyond what MDM provides.

Things like software management, things like script execution these are not usually things that go directly into the MDM and particularly things like monitoring, again from a security perspective, from a compliance perspective and from just understanding, from a productivity perspective, the performance of the devices. So we really try to integrate it all into one system so that you don't have to rely on piecemealing together all of these different components or finding that your deeply, deeply integrated system is missing something critical and you're not gonna be able to build the integrations. Again, we think about balance and we think about trying to make it so that we'll integrate everything for you, but we'll also leave integration points open so that you can tie all the rest of the tools in that you need.

0:47:12 - Lou Maresca
Fantastic. Well, I do wanna bring my co-host back in, but before we do, we do have to thank another great sponsor of this week in Enterprise Tech, and that's Noreva. Noreva Meeting Room Audio Technology has a history of wowing IT pros. Duquesne University has 100 Noreva devices installed and one of their senior technologists recently said I can't say enough about how impressed I am. Audio has been my life's work for 30 years and I'm amazed at what Noreva, mike and Speaker Bar will do.

Noreva has made another leap forward with their introduction of their Pro Series, featuring the HDL 310 for larger rooms and the HDL 410 for extra large rooms. For the first time, you get pro audio performance and plug and play simplicity in the same system. Before the Noreva Pro Series, multi-component pro AV systems were the only way to get pro audio performance in a large and extra large room. Noreva continues to amaze IT pros with the Pro Series. In fact, their online demo highlights the Noreva audio expert being heard clearly from under a table or behind a pillar or any other obstruction. It's pickup performance that many conventional systems can't even match. Let's talk coverage the HDL 410 covers rooms up to 35 feet by 55 feet with just two mics and Speaker Bar, as imagine equipping the extra large meeting room or lecture hall with just two discreet and well-mounted devices. You can even use them individually in a divisible room as well. The HDL 410 has features a unified coverage map. In fact, which processes might pick up from two devices simultaneously to create a giant single mic array. Now the HDL 310 covers spaces up to 30 feet by 30 feet with just one mic and Speaker Bar.

Nureva is all about simplicity as well. The HDL 310 takes about 30 minutes to install and the 410 takes about 60 minutes not much at all which, with continuous auto calibration, noreva audio automatically and continuously adapts the changes in the room's acoustic profile. And with Noreva console, the cloud-based device management platform, it takes the pain out of the tasks like for more updates, checking device status, changing settings and a lot more. Bottom line, with the Pro Series, noreva makes it simple to quickly and cost-effectively equip more of your spaces for remote collaboration. Learn more at norevacom slash twit that's N-U-R-E-V-Acom slash T-W-I-T. And we thank Noreva for their support of this week at Debris Tech. Folks, we were talking with Zach Wasserman, cto of Fleet. We're talking about Endpoints, security, mdm, lots of great stuff. But I do want to bring my co-spec in, because they have some great stuff to talk about as well. Curt.

0:49:57 - Curt Franklin
Oh, I appreciate that, you know. One of the things that I am really interested in is MDM for Android devices versus iOS, because one of the things we always hear is that anything that has Android in it is much more difficult to manage, simply because of how many versions there are. First of all, is that something that you've experienced and, if it is, how do you deal with it? Can it be dealt with? Yeah, you know, Curt, we are not yet at Fleet.

0:50:39 - Zach Wasserman
Doing mobile devices. That's probably coming in the next year for us. So, as we move to multi-platform MDM, our focus is starting with Mac OS, which we've already released, and Windows that's coming in the next month or so. So mobile is an upcoming challenge, but I can tell you from the experience of going from Mac OS to Windows certainly we are. You know you do see much more heterogeneous configurations and device configurations, and so we are aware of the unique challenges that are coming with that.

0:51:13 - Curt Franklin
Well, I know that you talk about you do Linux and there's more than one distribution of Linux out there. Is it a similar issue? Do you think that the experience of dealing with the different Linux distros is perhaps giving you a hint of what is to come?

0:51:34 - Zach Wasserman
Yes, and in some ways it's even worse with Linux, because we also deal with both Linux workstations and Linux servers. So we're seeing very, very different computing environments and we're seeing extremely different APIs, in some cases different package managers, different surface areas, with things like SE Linux only being available on some systems. So we definitely on the on the on the visibility and monitoring side, we have for quite a while been dealing with this, and it's not just on that front, it's also not just Linux, it's also how different is Mac OS from Linux and Windows from the two of those? So there are so many ways in which a system like ours tries to abstract away the complexity of all those things and we do the best that we can so that our IT admins and our security teams can think about that. They think about the higher level concepts as much as possible. But there are always places where you have to start to make the user aware and the user has to have the knowledge of the unique aspects of certain systems.

0:52:44 - Curt Franklin
Well, you know, I I think it is superb. I agree with you that the endpoint is critical, Maybe the most critical area of the infrastructure, but I also know that endpoint is one of those words that has a bunch of different meanings depending on who you're talking to. I mean, I I stumbled into mobile devices on my first question and you, you answer that very gracefully. I'll say, um, desktops in all of their guises are obviously endpoints, but do you have people who are asking you about OT kind of endpoints? Because there sure are a bunch of those out there. And, my heavens, um, does that world make the craziest day on the desktop look like a walk in the park?

0:53:51 - Zach Wasserman
Yes, certainly, and we are starting to see some really interesting organizations, such as modern EV manufacturers, who are starting to look at using our technology on some of their OT devices, and the thing that that that we benefit from is some of those OT devices are running Linux, some of them are running Windows, and so the agent that we have there does begin to work on those things, but certainly there are unique challenges across those, and initially, you know you talked about the, the wide range of things that can be defined as endpoints. The other thing that I think is worth mentioning is I think we need to start thinking about containers as endpoints Kubernetes, clusters and other sorts of containerized computing environments. The individual nodes are endpoints, so so endpoints are being layered within other endpoints. There is a hugely heterogeneous level of configurations, and I think that this increasing surface area is a challenge for IT and security and operations teams to continue to grapple with.

0:55:00 - Curt Franklin
Well, you'll be happy to know that I'm not going to ask you about containers, I'm not going to dive into that particular pool, but but I am going to step back just a little bit, because it seems like every time we have a major vulnerability that crops up that affects 10 million endpoints, it's going to go back and someone's going to say, aha, it's in an open source library, aha, it's in an open source module, it's, it's all the fault of open source. Is that a battle that you're still fighting and you know have? Have you had enough practice at taking those punches to have developed a ready response when, when someone tries to make that argument?

0:55:57 - Zach Wasserman
Yeah, really interesting question, and I think the the widespread impact of these kind of vulnerabilities in open source are really a testament to the value of open source. Every organization is integrating open source into their technology stacks and it's that value that causes, I think, though, the widespread impact. But from a commercial perspective, we don't see much resistance there, in particularly from the most progressive, the most technology focused, the fastest growing organizations you know. Just look at some of our biggest organizations in the technology field today the face, you know, the Fang organizations. They have pushed open source, they have built themselves on open source, and I think they've proven the value of building on and investing in open source. And I think that that sort of demonstration of value and commitment to those things is trickling down into the organizations that want to be able to move as fast as those top organizations that want to reinvigorate their growth and that kind of thing.

0:57:12 - Brian Chee
Well, I'm going to ask a crystal ball question only because I've actually wished for MDM in one form or another for almost my entire career, especially when I was doing classified projects. When a workstation cost me anywhere between four and 20 man hours to configure for a classified environment, mdm would pay for itself in a heart. So here's the actual question Is the need is the want? Is the desire for MDM forcing some standards? Finally, or am I just wishing?

0:57:57 - Zach Wasserman
Well, certainly, mdm itself itself is a standard on both the Mac OS and Windows, and so those are things that Microsoft and Apple are pushing.

I think the example of the classified environment is an interesting one, because in particular on Mac OS and, I believe, in Windows it's not possible to actually use the MDM technologies without interacting with the servers of Apple and Microsoft, and so while we can have our own MDM server, we still have to have involvement in those servers, particularly because the way that devices end up checking in for new policies and actions to take is usually triggered by push notifications through those servers. And so standards we are getting, but these are not open and these are not things that can be developed entirely independently. With Fleet we offer folks the opportunity to self host their own MDM server, so really the sort of most sensitive portions of this can be implemented through open source technology which is fully auditable and increases the transparency there. But there's not a way to eliminate the vendor reliance entirely, and I think that that's kind of an interesting and unique challenge for some of the most highly sensitive environments.

0:59:26 - Brian Chee
Okay, well, let's. I'm going to ask the crystal ball question, going just a little further, and this time I'm just going to ask you if you could wave a magic wand for this industry. What would you change? What would you like the manufacturers, the authors of these systems to realize that they're holding up an entire industry? What kinds of things would you like to see?

0:59:54 - Zach Wasserman
Yeah, I mean. What I'd really like to see is the manufacturers committing to allowing both enterprises and the vendors that serve them to do the full life cycle of that kind of service without relying on this again, the servers of the manufacturers. So give us the standards, give us the protocols, make them open and make them completely able to be actioned independently, so that we can fully understand, own and trust those processes in order to both kind of move quicker to serve our customers as vendors and for our customers to be able to get the full transparency and control that they want to see over their devices.

1:00:40 - Brian Chee
Yeah, so kind of like I register with you. You give me a digitally signed package, an envelope, saying this is for Workstation X and that's my life cycle authority and now I can take that, I can get it validated by my system security officers and so forth and still want and do my things offline. Does that sound about the direction of your wish?

1:01:09 - Zach Wasserman
Yeah, it does, and it's worth noting that that's not actually far off from where we are today. There is, in particular, with Mac OS, there is a system where we as an MDM vendor get to sign certificate requests for our customers and then Apple will sign certificates for those customers and those will then be used by our software, somewhat out of ban from Apple, to do the management. So we're in the process of getting there and I think there's just like a few key steps missing to sort of enable full autonomy here.

1:01:47 - Brian Chee
You'll be glad to know that was actually the topic of a slightly over one hour rant by myself with various three letter agencies at a very, very, very large office building in Washington DC when I still wore a uniform.

1:02:07 - Zach Wasserman
Very cool.

1:02:09 - Brian Chee
Someday. I keep wishing for an MDM for the classified world just because I hired so many people just to configure Workstations and I could save the US government so much money. Anyway, you know what? I think? We're just about out of time. What do you think, lou?

1:02:28 - Lou Maresca
Yeah, with any great show, time flies. I definitely believe that with this show. Zach, thank you so much for being here. Since we're running low on time, can you maybe tell the folks at home where they can learn?

1:02:38 - Zach Wasserman
more about Fleet Sure. Check us out at fleetdmcom. So that's fleetdmcom, and you can learn all about both Fleet and the other projects that we're doing. So thanks for being here.

1:02:53 - Lou Maresca
I'm going to go ahead and share with you the open source project of the Linux Foundation that we're built on top of. Thanks again. Well, folks, you have done it again. You sat through another hour of the best thing in a prize and IT podcast in the universe, so definitely tune your podcast to try it. I want to thank everyone who makes this show possible, especially to my amazing co-host sorry, the very old Mr Brian Shea.

1:03:16 - Brian Chee
We're doing what you know also. You know machine that well, not a giant claw machine, but we've got a claw machine. We've got all kinds of really fun stuff, including Wacko night. We've got people in armor that you can go and whack on with swords and so forth. Lots and lots of fun. I'm gonna be posting pictures. I'm gonna be probably live streaming some video and a lot of it's going to be on Twitter, which is now called X. Still don't understand that name. Sorry, I'm a DV NET LAB, advanced net lab. That's kind of a leftover for when I was teaching at the University of Hawaii. You're also welcome to throw show ideas, make comments and so forth. Jeff Marci Nii actually sent one to me and that is cheaper spelled C, h, e, e, b, e, r, t at twit TV. You can also send email to twight at twit TV and I'll hit all the hosts. We'd love to hear from you and who knows if. If Something we talk about makes a difference in your job, let's have you on and let you brag about it. Jeff did.

1:04:50 - Lou Maresca
He did. Thank you cheaper. Thank you, Jeff. Well, we also have to thank our very own Mr Curtis Franklin as well. Curtis, what's going on for you in the coming week? What can people find you?

1:04:59 - Curt Franklin
Well, I'm going to be busy doing research on a number of companies, looking at resilience quite a bit these days, also starting to look hard at cyber ranges and professional security training. So these are all things that I'm going to be working on in the coming months, sort of starting to get ready for my 2024 research agenda, also going to be wrapping up 2023 and putting together my trends to watch in 24 to find me. Of course, you can see things that I've written over at dark reading, at the dark reading slash omnia tab. Also, I'm doing a little bit more at LinkedIn. I'm Curtis Franklin at LinkedIn. You're all welcome to follow me and enjoying mastodon evermore KG for GWA at mastodonsdforg. Would love it if you heard. Heard me tell you where the addresses are. Give me a ping, give me a follow. Always love hearing from the twilight riot between shows.

1:06:20 - Lou Maresca
Thank you, Curt. Well, we also have to thank you as well. That's right. You were the person who drops in each every week to get your written prize. Goodness want to make it easy for you to watch and listen, catch up on your enterprise and IT news. So go to our show page right now twittv slash twy there it is. We'll find all the amazing back episodes, of course, and Co's information, guest information as well, but more importantly, they're next to those videos. There you go, you get those helpful subscribe and download links. Support the show by getting your audio version and your video version of your choice, because we're you know we're on all of your podcast applications or any one of your devices. So definitely subscribe, download and support the show.

Now you may have also heard there's also club twit as well. That's right. It's a members only ad free podcast service with a bonus twit plus fee. They can't get anywhere else. It's only $7 a month. And there's a lot of great things that come with club twit. One of them is the exclusive access to the members only discord server. That's right. Also, you can chat with hosts and producers and lots of separate discussion channels in there, lots of special events, so a lot of great things. They are definitely join club twit at twittv slash club twit and they you know what. They also offer corporate group plans as well. It's a great way to give your entire team access to our ad free tech podcast and start with five members, just kind of rate of $6 each per month. You can add as many seats as you like there and it's a really great way for your IT departments, your developers, your sales teams, your tech teams, whoever to just join and really get access to all of our free and all of our tech podcasts out there without ads and then, just like regular memberships, you get that twit discord server and that twit plus bonus feed as well, and you know what? There's also family plans. That's right $12 a month. You get two seats there and you get additional seats for $6. So you can take advantage of twit club twit in a lot of different ways. Definitely check it out Twitter TV slash club twit Now, after you subscribe, share the show with your friends, your family members, your coworkers, because we talk about a lot of tech topics on this show, a lot of fun stuff.

We guarantee that you will find it fun and interesting as well. So definitely share it with them. And you know what, if we do the show live, that's right Friday, right now, one 30pm Pacific time we're doing it live. You see all the behind the scenes, all the banter before and after the show. Come see how the pizza's made.

Go to live that twittv and watch the show live. And you know what, if you're going to watch the little show live, you might as well jump into our infamous IRC channel as well. Twit live and you can get to that by just going to your web browser IRCtwittv. It'll jump you right in there. It can join all the fun and all the characters that are in there each and every week. Thank you guys for being there. It really makes the show definitely hit me up.

I want you to hit me up on whether it's Twitter, xcom, whatever we call on it nowadays it's LuMM over there. Of course, I'm also on threads LuMPM on threads. I'm on Mass Sedona as well. Lumm at twit. That's social, of course. Always on LinkedIn, I'm always there. That's a great way to get in touch with you as well. You want to just message me over there or connect with me over there. I really love that If you want to know what I do during my normal work week.

Please check out developersmicrosoftcom. We post all the latest and greatest ways for you to customize your office experience to make more productive for you. If you have M365, check out Excel. Open Excel right now. Go to that automate tab. That's where my team loves to live. We're creating new platforms to let you automate things. It generates scripts that you can actually run over and power automate, create huge workflows and orchestrations. You don't even have to open Excel anymore. So definitely check that out and make it more productive for you.

I want to make sure I thank everyone who makes this show possible, especially to Leo and to Lisa. They continue to support TWAI each and every week and really can do a show without them. So thank you for all their support. Of course, thank you to all the engineers and staff at twit. Of course, thank you to Mr Brian Chi one more time as well. He's not only our co-host, but he's also our tireless producer. He does all the planning and the bookings before the show. So thank you for all the support over the years, because we really can do without him. Of course, thank you to our editor, because they're going to make us look good after the fact. Cut all of my mistakes out. Thank you very much and, of course, thank you to RTD for today, mr Ampruitt he is the talented Mr Ampruitt. He does a lot of shows, a lot of interviews, lots of fun stuff, anything interesting stuff. Go for you this week on Twitter.

1:10:28 - Ant Pruitt
Thank you, mr Lou. Well, this week I've been working on some writing yeah, writing, because twittv we do have blogs, so if you go to our website, twittv and scroll down, you'll see the latest posts there on the page, some from me, some from our other co hosts Every now and then, well, you lose, use a little bit of AI, but it all works. So, yeah, go check it out. I actually wrote about some of the stuff that I was yelling on regarding Adobe Max and AI and the stuff that we just talked about here on the show.

So yeah go check it out Twittv right there on the home page.

1:11:09 - Lou Maresca
Thank, you, hank. Well, until next time, I'm Lewis Moresca just reminding you. If you want to know what's going on in the enterprise, just keep quiet.

1:11:21 - Scott Wilkinson
Hey there, scott Wilkinson here. In case you hadn't heard, Home Theater Geeks is back. Each week I bring you the latest audio video news, tips and tricks to get the most out of your AV system, product reviews and more. You can enjoy Home Theater Geeks only if you're a member of Club Twit, which costs seven bucks a month, or you can subscribe to Home Theater Geeks by itself for only $2.99 a month. I hope you'll join me for a weekly dose of Home Theater Geekitude. 

All Transcripts posts