#102: Cybersecurity 101 and The Future of Cybersecurity with Dr. Eduardo Rocha

Guest Intro

Dr. Eduardo Rocha is the Senior Sales Engineer and Security Analyst at GlobalDots, an independent cloud and performance optimization integration partner.

What You Learn

0:00 – Introduction 0:56 – GlobalDots 2:51 – What are Layer 7 attacks? 5:55 – What is a zero day exploit? 6:43 – What issues scare Dr. Rocha 8:00 – Going Passwordless with Biometrics 11:36 – Using Blockchain for identity? 14:58 – How security breaches happen 15:36 – Pegasus scandal 17:01 – What’s exciting in cyber security? 18:09 – More about Log4j 19:30 – The threats of quantum computing 25:51 – How ready are we? 28:19 – A.I. in cyber security 32:22 – Follow up with Eduardo

Episode Links


Introduction (0:00) Sean Weisbrot: Welcome back to another episode of the “We Live to Build Podcast.” As you can see, you can finally see me and the guest, because we’re going into video from now on. So, I have with me today Dr. Eduardo Rocha. So, Dr. Rocha is the senior sales engineer and security analyst for GlobalDots, which is an independent cloud and performance optimization integration partner. That’s a mouthful. Thank you for taking the time to talk with me today. I really appreciate it. Why don’t you tell everyone a little bit about what it is you do; to make sense of the introduction I just gave because it’s a lot of words. GlobalDots (0:56) Dr. Eduardo Rocha: Sure, Sean. First of all, thank you so much for the invitation. So, basically, we GlobalDots are a global leader in cloud innovation. And we like to call ourselves innovation hunters. We basically connect our customers with the latest cloud and web technology that goes from web security, web performance, devops, cloud management, cloud security, portion management, cloud cost optimization, and also advanced A.I. and machine learning models. We are a team of experienced engineers and architects offering you know an easy end-to-end innovation adoption. We will help in consulting, guide you through the implementation, deployment, and also, into ongoing professional services. And, we will proactively come to you with newer technologies helping to solve the problems that you will kind of face tomorrow. Sean Weisbrot: So, it says that you’re a sales engineer and a security analyst. Is this a specific goal for the company? They want the people who are selling to be the people who actually understand the security that they’re selling, rather than just hiring a random salesperson and saying go? Dr. Eduardo Rocha: Correct. So in Portugal, we have a saying which is like, “having the hands on the door.” So, we basically really work, and implement the solutions, and also guide our customers in the post-sales process of the sales cycle. And obviously, then, help them achieving the maximum usage they could have of these security products we put in place. When we think about threats, like layer seven attacks, or bots, we really make sure that our tools and solutions are performing the best they can. Minimizing false positives, minimizing false negatives, maximizing true positives, and making sure our customers are happy with the products they get from us. So, yes, we integrate to implement, and we also, then, are there for the wholesale cycle. What are Layer 7 attacks? (2:51) Sean Weisbrot: You just said a whole bunch of terms I’ve never heard of. So, I’m gonna start asking you about them because I don’t understand them and I’m pretty sure a lot of other people listening don’t understand them either. What is a Layer 7 attack? Dr. Eduardo Rocha: The Internet is governed, let’s call it, by the OSI Layer 7, layer module. We have the transport layer, where you know we carry our bits and bytes of our communications. On top of that, we have the Layer 3 and 4 which are responsible for the transport and for the session. So, organizing all of those bits into trackable pieces of information. And at the top of the layer of this kind of pyramid, we have Layer 7, the application layer; think of things like http, SQL, and so on. So, when we talk about layer 7 attacks, we talk about attacks against the application, think of SQL injections or cross-site scripting and so on. That’s basically the main task of a web application firewall, to detect those attacks and properly mitigate them. Does that make sense to you, Sean? Sean Weisbrot: Yeah, sure. Continue. Dr. Eduardo Rocha: Exactly. Then I mentioned false positives and false negatives, which is like a big problem in the security industry, which is basically making sure we don’t perform any classification mistakes. A false positive is classifying something as a threat or an attack while it is not; a false negative is classifying something as not being a threat while it is. In the web application firewall world, we use a number of rules and signatures that are in the database so we run less into that risk. Of course, when there’s a zero day exploit, then, we are a bit more behind and have to develop new signatures for this attack. In the bot world, in the automation world, where we constantly battle against web scrapers and fraudsters and try to stop account takeover attacks and credential stuffing. There, it’s sometimes, there’s a bit of a gray area, where automation replicates so well the human behavior, that it’s sometimes difficult to properly distinguish between an automated request or request coming from an automated tool versus a request coming from a real user. And that’s where we really have a complex battle, let’s call it like that, between achieving what I was mentioning before–the maximum performance, meaning detecting as much as we can, the highest true positive rate that we can achieve with the lowest false positive and false negative that is possible, right? So, in this sense, because classifying something as a threat while it isn’t could have the consequence of a legitimate customer of yours being blocked from, you know, finalizing a purchase or something of the like, right? While on the other hand, not detecting a threat would allow that attacker to complete their request, possibly allowing them to perform an account takeover or to perform a scraping attack. Sean Weisbrot: Yeah, all right. You’ve given me several more terms that I want to clarify. One of them is zero day exploit, and the other is scraping. What is a zero day exploit? (5:55) Dr. Eduardo Rocha: So, a zero day exploit is something that is an attack for which we still don’t really have a mitigation. We know how it works, we know what is happening but we still don’t have a signature. So, if you think about also the Log4j that we had at the end of last year. There was a certain period of time in which that vulnerability was being exploited but we weren’t aware, and we didn’t have a signature to properly block it. As soon as the CV got published, we started to write rules looking for instance, for specific strings of values in the user agent of the request that we were seeing to properly mitigate them, right. So, that was our first attempt at having a signature and passing from zero day vulnerability into something that we could properly mitigate with the rule. What issues scare Dr. Rocha (6:43) Sean Weisbrot: So earlier, you were talking about trying to understand what keeps business owners up at night, and trying to solve those problems. What keeps you up at night in terms of cyber security? Do you see any threats that aren’t really publicly known very well, or is there something specific you see coming down the line that really scares you? Dr. Eduardo Rocha: Yes and no. There’s always some way of bypassing something, and sometimes, what keeps me more worried is some entry point that we’re not covering in the whole, the vivid chain of my customers that then bypasses our protections. And yes, I mean launching DDOS and heavy scraping attacks are now very cheap, you know. Sometimes, it’s impressive like the amount of traffic and the text that we see on the wires these days. In terms of something that we’re working a lot, which is passwordless, you know, and having those businesses not migrating from a password world into a password-less world. The credential stuff in their contact coverage, right. People having their passwords, using different same passwords recycled, and using different portals, and then some password data leak, and then, some successful account takeover that is sometimes difficult to prevent. Yeah, that kind of stuff. Going Passwordless with Biometrics (8:00) Sean Weisbrot: I totally agree that we need to become passwordless. But what I’m seeing in its place is like biometrics, like fingerprints, and facial recognition, things like that. Is that any more secure? Or are there attack vectors in that regard? Sorry to get technical for the audience. Dr. Eduardo Rocha: I think at some point in time, and this might be the year, or the next year, we will migrate from accounts to identities, right? And, I think your biometrics, your face, your fingerprints, your IDs or and so on. These are, but, this biometric data that univocally identifies you, right? And if you could use that and draw passwords and usernames which just authenticate my identity with my service provider, we would probably be at a point where ATOs wouldn’t happen at all. Because you know, there are no pass or credential staffing attacks because there are no passwords to crack or to iterate through. Almost all of us have some kind of FIDO enabled device at our hands, with you know, like, we say fingerprint sensors and face ID\s and so on. So, if we could use that data to authenticate ourselves with our providers, and show that it’s us accessing with biometric data validating that request, I think we would probably be in a more secure world and we would sleep better at night. Sean Weisbrot: I want to push back on biometrics just a little, and it’s not your fault, I’m just playing devil’s advocate here. When police officers try to find evidence at a scene, they often look for the fingerprints of someone, left behind right. If we all are moved on to a fingerprint-based biometric authentication kind of standard, wouldn’t it be easier to break into people’s accounts if you can just lift their fingerprints off of any surface that they’ve touched? Dr. Eduardo Rocha: It would be easier to break a password, or to find that password. There are a number of works of people trying to bypass face id with reconstructing 3d models of people’s faces and face ids have been very successful in mitigating those. With fingerprints, yes, you could probably snuck out some fingerprints, or an eye you’ve gotten. Also, you know an d make some fake fingers too. But at the end of the day, if those, that, biometric data would be attached to a device you know; like, my iphone accepts my face and my fingerprints, not your iphone. Your iphone won’t accept my face or my fingerprints. So, there’s also a connection between biometric data and my device. My device without my biometric data is useless, and my biometric data with my device is also kind of. But I can always enroll in a new device, right? But, what happens is that actually, you know, all of that biometric data never really leaves your device, right? It’s like a challenge that is sent to you that you sign back with your biometric, and send that challenge sign back, kind of a public key cryptography challenge, you know. But at the end of the day, we need a revolution there. We need a change into passwords because it’s not just properly secured anyways. And then, we also still rely on two factor authentication which helps obviously but, you know, sometimes those SMS codes get lost or not sent, you know. There’s also sim swapping attacks that break that. But I think, you know, this biometric is probably as secure as we can get, and probably transitioning from a point where we stop talking about our accounts but rather about our identities within those service providers, right? And then, that biometric data could be the key and the guarantee of my identity when accessing those providers like whatever they might be– online retailers and so on. Using Blockchain for identity? (11:36) Sean Weisbrot: There’s talk of kind of using the blockchain for identity. I’m not against blockchain. I mean I’ve been involved in the blockchain industry since 2015. I like it. I know that it’s in its infancy. I know that there’s a lot of problems with it, mostly scalability. Do you think that blockchain has the potential to kind of get rid of biometrics, or do you think there’s a potential for them to co-exist, like, biometrics that exist on a blockchain that are verified against a blockchain. Or do you think that biometrics would still beat out blockchain for security and safety? Dr. Eduardo Rocha: There could be a point in time where both coexist and biometric data. Your identity is then obviously authenticated in the blockchain through your biometric. I still have to gather my thoughts about it, how these two would coexist but I could see a future, or a present where they could coexist, and helping decentralizing authentication, peering it out, but it’s a fairly complex topic I would say. But yeah, I mean something that most likely will come soon. Sean Weisbrot: The way that I was thinking about it, I think the way that other people in blockchain are probably thinking about it is like, for example, right now, we pair our biometric signature to our device, right? So, instead of pairing it to our device, we pair it to a transaction that exists on the blockchain. So, we make a payment to the network, and the network stores our biometric data, and then, whenever we want to log into a device it just pings from the blockchain or you send it, like, a mini transaction from the blockchain to that thing. So then, your device, it doesn’t matter what device you use as long as you can prove your fingerprint to the blockchain, something like. Dr. Eduardo Rocha: That could be something definitely interesting. My concern is always, somehow, your biometric data being stored somewhere else than your local device. But there’s, you know, it’s something that can definitely and will be explored, right? But yeah, it’s a valid concept absolutely. Sean Weisbrot: The reason why I think people are thinking about blockchain for this is because the goal of web 3 and beyond is to decentralize things. Then, having your, so basically, right now, if you’re using biometrics and you’re just pairing it with your device, your entire biometric information is stored on that single device. So ,if anyone gets access to your device the information is there for them to steal. Now, I personally have no idea how that’s done so I’d like to ask you that. But before I do that I want to finish my thought real fast. So, if you were to use the blockchain you would actually have your biometric data but it would be spread across potentially millions of different computers. And so, it would be basically impossible to hack, and therefore, steal any individual’s data, basically. Dr. Eduardo Rocha: You do with peer to peer, right? You just store fragments of your identity, and then they can be collected. And yeah, there’s a number of ways it can be done. Sean Weisbrot: So, if it were done like that, would you feel more confident in it? Because you were saying before, you don’t like it not being on your device, but if it were decentralized across a network, would you feel comfortable with that, or would you still insist on it being on your device? Dr. Eduardo Rocha: If it’s decentralized, I mean obviously, in crypto which it is, I’m only accessible by me, myself, and I. Then, it’s something I would feel more comfortable with, I suppose. How security breaches happen (14:58) Sean Weisbrot: I want to go back to that question I just had, which was, if someone did get access to your physical device, what would they have to do to be able to actually lift that fingerprint information, or that facial recognition information, that signature that you’ve stored on your device. How does it get taken, because I have no idea. Dr. Eduardo Rocha: Well, probably you’d have to talk with those guys in the Pegasus Spyware. You probably have to crack my passcode. Apple and all the other manufacturers make a very good effort in keeping that data encrypted and properly protected within the chips themselves. It might not be that easy. I’m not 100% sure that could be done, but it definitely can be done, I suppose. Pegasus scandal (15:36) Sean Weisbrot: So, you just mentioned the word ‘Pegasus’ and it’s something that I’ve heard of. I don’t know how many other people listening have heard of it. Maybe they’ve just heard the name, but can you just describe what Pegasus is? Dr. Eduardo Rocha: Well, it was some kind of spyware developed by some firm out there in the world that could basically access all the information in your phone. And they could also, assuming they would, have your phone in hand. They could basically access all information by breaking all kinds of authentication calls and just get everything up. Sean Weisbrot: You just said that they have your phone in their hand? Dr. Eduardo Rocha: Think of local authorities, they have handed the phones, and then they want to access information, like, it happened a couple of years ago in the states. Sean Weisbrot: Wasn’t Pegasus used to lift Jeff Bezos’s Whatsapp messages, or something? Dr. Eduardo Rocha: Correct. Sean Weisbrot: Do you know the details of that? I’m not really sure, I’ve just heard that. Dr. Eduardo Rocha: I’m also not 100%, but I think he received some kind of image or some kind of file that seemed harmless, and then, as it got downloaded into his, i don’t know, photo album, or so on, and it could access everything, and send it to some remote server where it then was share with the world. Sean Weisbrot: Maybe that was the picture of his girlfriend’s brother or something? Maybe that was the same thing? Like, they were trying to blackmail him but they sent it using Pegasus or something. Dr. Eduardo Rocha: I didn’t follow the specifics, the details. But yeah, it was something of that liking. What’s exciting in cyber security? (17:01) Sean Weisbrot: What’s your most favorite thing about being a cyber security researcher? Dr. Eduardo Rocha: There’s always something new in the industry, you know? Like we at GlobalDots, we have been working heavily in the bot mitigation landscape. Now, we’re also moving into the passwordless world, with passwordless as a service tools. Also, the adoption, by the adoption of the cloud, and all the security problems that entails and the solutions that we need for that to have a proper cloud security, process management, and make sure that your cloud environment in which public cloud it is is properly protected and secured. And that also when an attack comes again, thinking of that Log4j attack, you have the tools in, the proper tools in place to block those zero day attacks and normal attacking. So, I think that we always have new challenges. It never gets boring, like we usually say. And there’s always a new problem to try to solve, that’s why I mentioned also in the beginning that we have all those. We try to solve the problems that our customers might have tomorrow by having tools that are a bit innovative, disruptive, and yeah. More about Log4j (18:09) Sean Weisbrot: So, you mentioned Log4j a few times now. I have to ask what exactly is that? Dr. Eduardo Rocha: Well, it was an attack in which a specific string would be sent with http requests, and then, this would be logged by this logging mechanism called log4j. But in the background, that information could be properly processed and triggering some download of some remote code that could be then potentially integrated in your application and then dumping information from your customers, right? So, basically, it’s been called log4j because it exploited that logging mechanism log4j. And then, it would trigger, yeah, these anomalies requesting a remote IDAP server that would then allow that, let’s call it, piece of malware or malicious code to download some remote code, and then have it running in your cloud infrastructure and whatnot. Sean Weisbrot: That sounds scary, honestly. Dr. Eduardo Rocha: Yeah, it was. It was an entertaining end of the year last year. And all the security vendors were then obviously trying to put in place signatures, and the attackers are also trying to adapt to those signatures trying to bypass them. So, it’s a bit like what we call sometimes, a cat and mouse game. It never gets boring but it’s also sometimes very scary, what the consequences of some of these things could be, yeah. The threats of quantum computing (19:30) Sean Weisbrot: One of the things that I’m looking at very, very carefully is quantum computing. And from the very little I know of quantum computing, it seems like all of the cyber security architecture and infrastructure that we have right now would basically be rendered obsolete once a quantum computer is trained enough, right? Once there’s enough qubits running and there’s enough of a desire to destroy the infrastructure. What do you see and what timeline do you, you know, how many years, not decades. I think we have years. How many years left do we have until quantum computing kind of takes over and destroys that? Dr. Eduardo Rocha: That’s a very good question, probably a decade or less I don’t know. There are some encryption libraries in Linux that have already been updated, and the US government is also following guidelines to properly address this. But yes, it’s kind of scary. Any private key could be included in fractions of a second. It’s also something that’s quite scary indeed, and could and should keep everyone awake. But I think, we’re already, they’re already having some discussions and the industry is starting to address these issues as soon as we can. Sean Weisbrot: But how can you address it? Because, let’s say for example, you’ve got a sha-256 encryption, right? It’s designed using traditional code, a traditional language, a non-quantum based system has created and manages it. So how can you possibly create additional snippets of code to protect against this algorithm from quantum when we don’t even understand how quantum works, therefore, how can we protect against it? Because really, what I see will need to happen is, we’ll need to create new types of algorithms that are based on quantum technology, but if nobody has quantum technology, nobody can create something to protect itself from quantum technology. Dr. Eduardo Rocha: Yeah, that’s a very complex topic indeed. But we can already kind of speculate the algorithms and try to propose solutions and start discussing it. But yes, I’m also not so much educated about quantum, but I’m following the recent releases in Linux. These rules, but yeah, it’s something very scary indeed. Sean Weisbrot: What kind of conversations are you guys having behind the scenes; kind of developers conversations. Dr. Eduardo Rocha: Most concerning topic is also to evolve into a password-less world and also focusing on properly protecting our cloud infrastructure with the proper posture management solutions that will allow us to, you know, move from a rule-based kind of detection world into a kind of more anomaly and behavior-based rules and baseline profile. Those are the most used topics. Sean Weisbrot: I’m gonna just kind of put it out there, and say as a conclusion to this section, that quantum computing has the potential to destroy every single encryption algorithm that exists today. Dr. Eduardo Rocha: Yeah, that sounds correct. Sean Weisbrot: Okay. With that in mind, any application that exists right now that you’re using and by you, I mean anybody. Anything you say or do right now can and will be vulnerable once quantum computing is good enough. Dr. Rocha and I agree it’s within 10 years; anything you say today that is stored on let’s say whatsapp server, or signal server or telegram server– that can come back to destroy your life. So, if there’s anything you’re saying or doing that you don’t want anyone to find out about, you should not say it or do it. If you’re saying or doing anything, do it in person, with your phone off, and your sim card out. Don’t even have your phone near you, like, have your phone a kilometer away from you. Because the audio devices are listening, like this, I’m not crazy. Like, this stuff has been proven already. I’m just kind of reiterating it. So basically anything you can ever, anything you say or do, and you say something about it to somebody on some encrypted app, it can come back to destroy your life, so stop doing it. Dr. Eduardo Rocha: Yeah, probably something off the like. Kind of scary. That’s the stuff that keeps you awake at night, that feels strong. Sean Weisbrot: Yeah, like it has to, because people are just so used to trusting that when someone says this is encrypted that like you’re safe, but the reality is, you might be safe today; that doesn’t mean you’re safe tomorrow. And that’s only because technology hasn’t gotten to a point yet where they can take that information. Dr. Eduardo Rocha: By the time it gets, then kind of more available, we will certainly have everything properly updated. I’m optimistic about it. But I have to remain optimistic, otherwise, it’s just too difficult. Sean Weisbrot: Well I hope so. Because one of the things like, let’s circle back to blockchain is that a lot of blockchains are not prepared for quantum technology. And some of them say that they’re quantum resistant, although you don’t really know if they’re quantum resistant until you try to break it with a quantum computer. So, you gotta just kind of take people’s word for it, but, you know, if we’re trying to base our future on this new technology as a financial instrument, but it’s potentially, you know, fallible to quantum computing, like, we just have no idea. So like I’m short-term and medium-term, meaning like five, five-ish years, I’m still bullish on blockchain even though the world’s basically melting down right now. Like, literally, blockchain, the total market cap of all of the cryptocurrencies has just gone under $1T yesterday for the first time in, I think a year and a half. It’s like everything is melting down, but I still believe that for blockchain as a technology, there’s a big future for it, but long term post-quantum computing, I just don’t know where it’s going to be. And it could potentially be absolutely destroyed by quantum. Although quantum could take over and we might have quantum chains and then it’s all solved. But it’s a very interesting future. Cyber security is very very important, you know, from where I’m standing. And I may sound like I’m really knowledgeable but I am not a technical person. I’m just a guy who likes to spend a lot of time researching stuff. Dr. Eduardo Rocha: By the time it comes, I hope we will have everything kind of properly updated: our encryption algorithms, our encryption keys, and all of that. So we still have some time and it’s incredible how much you can adapt to a fast-paced world, the community, and all the security vendors out there. So, I’m relatively optimistic, but yes, it’s a big problem that lies ahead. How ready are we? (25:51) Sean Weisbrot: From 0-100 percent, how optimistic are you or how confident are you that we’ll solve these problems before they just destroy traditional systems. Dr. Eduardo Rocha: Somewhere between 70 and 80 percent. Sean Weisbrot: That’s great. Dr. Eduardo Rocha: I’m in a good mood. Sean Weisbrot: I wish I were you. I’m more at about 30 to 40 percent confident. Dr. Eduardo Rocha: No, yeah. I mean I try to remain a bit positive and I also see how good we adapt against the threats that we fight nowadays and the cool new tools that we have. So I think the industry together can pull miracles, and also, we have governments also looking into this problem to help us protect our identities online. And yeah, I remain optimistic until proven wrong which might happen, but… Sean Weisbrot: I’m inclined to feel more optimistic after what you’ve said just because you’re in this every day and I’m not. If that’s how you feel then surely you’re seeing a lot more than myself and others are seeing, and so, maybe I should be more positive about that. At the same time you said governments are working on this. I get the feeling the governments don’t really care about the individual person’s data, they care a lot more about them getting caught with their pants down with all of their secrets being exposed to the world if they don’t protect their algorithms better, if they don’t find a way to upgrade it. Plus, they’re also probably looking at how they can control quantum computing in order to protect themselves and to hurt their enemies or to spy on their enemies and possibly their citizens in a more private way. So is there anything we didn’t really hit upon that you would like to discuss? Dr. Eduardo Rocha: No, I think we went through everything, kind of. I remember we went through cloud security, we went through identity and passwordless future. So, we talked about the current threads, the layer 7 bots and we could probably have another session sometime about A.I. but let’s keep it for another session as it’s such a long topic. But, no, I think we cover substantially most of the topics. Sean Weisbrot: I need to pull on this now, this thread you mentioned, A.I., and I was also thinking about VR, cyber security and VR. If you had to choose one of the two as the final topic for today, which would you choose? We’ll go down that one. A.I. in cyber security (28:19) Dr. Eduardo Rocha: I don’t know. Artificial intelligence machine learning is something we are working on at GlobalDots. Trying to solve problems of our customers based on data that they have using algorithms that are a bit, yeah, out of the box, and so on, and trying to extract data. We usually say data is the new oil and the way, and we have data coming from so many sources, be it your CDN, be it your security tools, be your IOT devices and so on. And so, all of that data will hold some secret that will probably bring your business forward. And we’re also working together with our customers and prospects to kind of help understand what they would like to extract from that data and having the proper algorithms, kind of, implemented by our department and help them in reaching that goal. Sean Weisbrot: I feel like there’s a way to use AI tools to improve your cyber security. Like, so basically, I’ve seen platforms coming out where they use AI models or machine learning algorithms to scan your code as like a code review before you push code. I’ve seen it for software testing, you know, to test against the, you know, the different rules that you need. Maybe there’s a way to use AI to kind of automate the process of looking for attack vectors, looking for holes in your code. Dr. Eduardo Rocha: Exactly, and it comes a bit also into what we were talking about is, kind of, dropping rule-based approaches into having more kind of a baseline. You know, how your cloud environment behaves, what is a normal profile, everything or anything deviating from that could be a threat right. So, that calls out for attention. We also do that a lot in the security world. We know how legitimate uses experience and interact with websites. So any kind of deviation from that profile could indicate a threat. Also, you know, like, when you interact with the mobile apps and so on, your devices will have a certain kind of 360. So you can use AI or machine learning to kind of build a baseline of what your normal behavior is and how normally your cloud environment behaves and so on. And then, kind of use that to establish deviations which could indicate an attack vulnerability being exported and stuff like that, right? So, that’s where it could come into play, and it’s already coming into play with some of our products in our portfolio. But the idea here is always to kind of have what I like to call, a positive security model. Like I know how this behaves, and if it behaves differently then something is off then, we should check into that. Like, if you say, a day, never access server y and start accessing it and calling some remote server, then, that calls for attention, right? So, that probably would allow you to drop rules and be able to detect vulnerabilities or their exploitations on the go as they have a different behavior and a different baseline than what your typical profile is. Sean Weisbrot: So, if you could create a model to look for holes in your code that you need to plug, how easily could a bad actor use the same tool to try to find holes in your code so that they can hack you? Dr. Eduardo Rocha: The biggest problem is, a lot of people embed open source code in their projects and it’s a known problem that hackers contribute actively to, or may try to contribute actively to open source, and then embed that code. Code scanning will help you kind of find some of those less secure libraries and, replacing them, updating them. So that’s something that’s also being done, yeah. Follow up with Eduardo (32:22) Sean Weisbrot: All right, great. So how can people follow up with you? Dr. Eduardo Rocha: Yeah, find me out on LinkedIn. Find GlobalDots in LinkedIn, and on twitter, and yeah, and on our website in a more traditional way. Sean Weisbrot: All right, great. So, I’ll have all that information as well as a transcript for this episode on the show notes at welivetobuild.com, and thank you very much for taking the time to talk with me Dr. Rocha. If you like this episode, definitely leave a review on Apple or Spotify as well as follow us on youtube where these episodes will live. And don’t forget that “entrepreneurship is a marathon not a sprint.” So, take care of yourself every day. And your cyber security is extremely important, and as you’ve heard from this episode, it’s constantly evolving. There’s tons of people trying to hurt you and steal your code and your IP and you just have to stay vigilant. And if you don’t know much about this stuff, then hopefully this was a rude awakening for you, and you start to think about how you can protect yourself and your team, and, you know, your property, so that you can continue to bring money in and and serve your customers in a safe and, you know, secure way. Sean Weisbrot: Thank you Dr. Rocha . Dr. Eduardo Rocha: Thanks, Sean.

Learn More

If you liked this episode, we know you’ll love hearing about…