 from the Hard Rock Hotel in Las Vegas. It's theCUBE, covering Hoshokon 2018. Brought to you by Hoshokon. Okay, welcome back everyone. We're live in Las Vegas for Hoshokon. I'm John Furrier, host of theCUBE. This is the first inaugural security conference around blockchain. Our next guest, John Kirsch, who's the chief evangelist for Sentinel Protocol. Great to see you, thanks for coming on. Hey, it's great to be here, John. Thank you very much for inviting me. I love the shirt. I got my CUBE shirt here. You got your shirt on. Cool crowd here. So before we get into some of the things you guys are working on, what's the scene here like? For people who aren't here, this is a first ever blockchain security conference around in the industry. What's, what are the type of people that are here and what's going on? Why is this important? Well, that's a really good question. I mean, I can think back, and I remember meeting the president of Hoshok for the first time back in New York at consensus. And he was giving a presentation. And I thought it was a fantastic presentation, but we broke ice, we shook hands, and then we bumped into each other again in Seoul. And then I was also talking to Tim Draper, not too long ago. And Tim said he was coming out here to Las Vegas to give a presentation. And he is one of our key investors. So we thought it would be a good idea for us to show up as well. And we believed that many times in trade shows and other types of seminar series, there's too much emphasis on fintech and not on security. And the reason why I say that is basically in the blockchain crypto world. Right now, one of the major challenges of holding back the growth and the success is the lack of security, not in the core blockchain technology, but in the DApps and in the other connected applications. People are getting hacked. And there's different types of hackings. Everything from Pishing to malware, to DNS, engine hacking, to smart contracts, web applications. I mean- The server series large. Many different vectors. And it's complex. Something needs to be done about it in order to unlock the potential of blockchain crypto. Yeah, and I also love this event because one, first of anything is always good because it's president creation. You don't know, there might be another one if it's around next year or not. But I think this one seems like it's got the right people at it that it will grow. Because remember, the security is the number one problem. It should be seamless. It's complicated, multiple keys to deal with, multiple chains. Never mind the surface area for hacking. So I think blockchain is going to be a sea change. We all know that all tech alpha entrepreneurs are getting that. The complexity around the software is the key. What do you guys, how do you guys look at this? Because your guys are in the business to solve this problem. Right. What's the answer here? Well, we look at it from an experienced point of view of cybersecurity. And what I mean by that is that we have a lot of people on the team that come from companies like Palo Alto Networks and F5 and Fortinet. I come from Darktrace and other cybersecurity companies as well. But we look at it from a point of view of what did we do in the past? What were the problems? How can we leverage those technologies? What's wrong with the stuff that we did before? And how can we correct those gaps and provide a better product that's more usable, easier to install and then has the multi vector analysis capabilities to do the, not just antivirus for instance, but how about AI, machine learning, for detecting new anomalies and behavior or new threats and attacks or sandboxing. But how do we solve the problem is really our main focus. So I got to ask you a question. A lot of people in the industry that are smarter to try and attack this problem, there's two schools of thoughts. We are going to get the software, going to get the AI, going to do all this stuff over here. And then the radical view is, hey, the old model isn't working for blockchain because it's a different architecture, it's decentralized. So you can't just take network protocol stacks and say, hey, this is your security stack in a old network model to decentralize. So it needs a redo. So we need a refresh or do over. So this just seems to be the tension that's productive, but still contentious. What's the answer? Because the old Juniper Cisco switches might not be the perimeter based firewall model. I love that question. We need to do over or not. So we are the world's first crowdsourced threat intelligence platform. I didn't say product, I said platform. And that means multiple, various different types of products on our platform. But in addition to that, one of the biggest problems today is the need to update. Let's say if you're looking at things from an antivirus point of view, if you haven't updated your database, your system, then you've got vulnerabilities that you haven't addressed. And so we don't need to be updated. Our system is running on a decentralized blockchain and therefore is connected through APIs to different types of endpoints. We are platform agnostic. So we could connect to IoT type devices or other types of mobile telephones or to PCs, servers and so on. And by having this collective cybersecurity intelligence, by definition, that means we have a richer, wider database of more information than if you license a product from, let's say, any one of the antivirus vendors, you get that company's intelligence and support services only. But we're doing it where we're taking company A, plus B, plus C, plus this white hacker, plus this individual here. And we're basically combining all that together and offering it to our clients. And so is it like a single source of truth or knowledge around trust? How's the trust factor come in? Because if I'm a company, I want to know that everything I'm running is updated. I want to know what it is first and that it's updated. And you know, in this decentralized, trustless world, there is, from our point of view, a need for an organization that can be trusted by people who have been hacked or experienced suspicious activity. So we are addressing that. So we have a team of people called the Sentinels and they are tested and certified by our internal cybersecurity experts as having the capabilities and the knowledge, the experience to contribute. And when those people make contributions in terms of cybersecurity intelligence, we award them with points and those points can be converted to fiat or into other cryptos. So you're tokenizing the contribution relative to the crowd sourcing. Exactly. So is this like CrowdStrike or is it different? Oh, it's different, I think, from CrowdStrike because CrowdStrike, while it's a very good company and a very good product, what we're doing is that we're combining black list with white list and we're providing a reporting service. And so, and we're running it on the blockchain and the blockchain has certain elements that are very, very good in terms of immutability or a very high type of resilience factor or traceability. And so we're really taking our product and focusing on the blockchain crypto world but quite frankly, what we're building because we're utilizing the technology in an optimal manner, it is also applicable to the conventional cybersecurity world too. And I expect that it will be very commonly used there tomorrow. So it's portable in the sense of the function. You can actually bring this to the class of cybersecurity known detection type identification. I could be using it for Goldman Sachs or Bank of America or let's say this hotel. So how about the global cybersecurity landscape? How would, you know, if someone's putting their toe in the water for the first time, you're obviously in the trenches doing cutting edge work. Certainly the folks in Washington DC around the world have cyber conversations from General Keith Alexander's, new companies, got some interesting things going on there to kind of grokking it. What's so there's crowd sourcing? How would you break up the cybersecurity market? Because cyber intelligence is a big part of regional cloud deployments now. Amazon's going to have a region in the Middle East. I'm sure they got their DNS monitored well. But you have network points and you have software running on them. How is the market sliced up? Is there categories like that are cleanly defined? How do you view that? Well, you know, I look at things from a point of view of having started in the cybersecurity world, John, back in 1998. And that was when I introduced a company called WatchGuard to the Japanese market and also did that in Korea as well. But we pioneered the use of Linux appliances. Would you believe that? And we've also pioneered managed security services. And so one of the things that I learned over time as the cybersecurity world increased in complexity. I mean, back there, it was easy. All you needed was an anti-virus and you needed network firewall. And you had proprietary software too. Open source wasn't as prevalent. Exactly, but things keep on getting ratcheted up. The complexity factor is growing. And now we look at cybersecurity and there's so many different types of products and services. And so it really comes down to understanding the security policy of the end user, of the organization or the individual. What type of PC they're using? Is it an IBM? Is it Apple? And then putting together a security policy and then bringing in different types of products that basically help that individual or that organization to satisfy that policy. And then tuning that over time. Most people don't think about that part, but the tuning process is also very important. So, and then educating people too. So it's the number one industry problem that the industry needs to solve as an industry. And then what is the biggest concern that end users organizations will have? Well, I think the biggest problem out there right now that hasn't been solved is what's going on in front of our very eyes is the hacking of these exchanges and wallets. I mean, those organizations have lost now over $3 billion cumulative over the past few years and then over $1 billion this year. I mean, that's a lot of money. It's a lot of cash. And somebody needs to do something about it. And nobody knows where it goes. I mean. Well, actually we do know where it goes because actually that's the video I wanted to show today after my presentation but there just was enough time. We analyzed the safe hacking that happened just a few weeks ago. How much did they take? It was about $60 million. But we analyzed that and using crowdsourced information. We analyzed the transactions and so forth. And we found, believe it or not, that a large portion of those stolen bitcoins were washed and went through Binance, the world's largest crypto exchange. And so if they utilized our technology to understand that the coins that are going through them were stolen, we would do a lot to increase the cost factor for monetizing stolen bitcoins. We would help Binance to protect itself. So the laundering of the coins. Yes. You could basically put a penalty on that. Well, I don't look at it from a penalty point of view. I look at it from a point of view of helping people to make transactions that are kosher, that meet with their corporate policy, that comply with law, that enable them to ensure that what they are doing is correct. So you track the address. How do you know they're being washed from that? We basically track the addresses. We were able to track the addresses and I can show you a video later if you'd like to where we did just that and the information. This is on the blockchain. Showed that the coins went through Binance. So meeting the old classic IT operations, you always have the network management piece. This is again going to be a big part of the traceability and accountability piece of it. This is important. Yeah. In fact, you know, it's really important is that when you think about this world, for instance, if I were to give you $5 and you were to get ripped off and somebody took that $5 from you, how would, John, how would you trace that $5? I would track the guy around that stole it, find out where it is. But if I don't know who took it. If you went to the police, they'd ask them for help. Do you think they could help you analyze and trace it and audit? Well, San Francisco, they break in the cars. They just take whatever they want. The police don't even show up. Right, but that's relying on luck. You know, did he open the right car? I wouldn't know who had this. But you know, that's one of the great things is that with the blockchain technology, if you use it correctly, you can trace many times. Not all the time. But it does offer various types of- There's a digital footprint. Yeah. There's definitely a traceable aspect of it. And that's one of the nice advantages. So I'd rather give you Bitcoin than the $5. Yeah, I'll take the Bitcoin. And probably worth more than the five. Money's going away. Paper money I don't know how to need for it. Talk about the aspect of Bitcoin and cryptocurrency as it relates to the funding of security attacks because that's been a big concern. People are trying to figure that out. Have you guys made any progress on tracking the funding, the underground funding for security attacks? Well, when you think about it, and when you think about the funding of security attacks, it's now teams. And a lot of these teams are very well trained and educated. And they're making some good money too. Yeah. And so they're making good money. They've monetized this. And all it takes is one time that they break in. And so once they break in, you're compromised. So you have to defend every time. And do it well. But they only need to break in once. But in terms of that. One bad day. One bad day. One bad second. And maybe your company's gone. Yeah. But the funding of these endeavors is getting more and more sophisticated. The money involved is becoming much, much more bigger. And we need to ratchet up our defenses so that we can provide. So what is the answer for me? Let's just say hypothetically, I get 50 million in Bitcoin for the cube bank for our community. And we're going to use that Bitcoin to have people flourish with content. And I got to store it somewhere. Yeah. What do I do? Well. What's my answer? Do I call my answer? I said, hey, if you're going to wash the lawn down, I might as well put it with you because if you're the home for all the money. Well, I think that the optimal solution is to get it off the network, put it into a cold wallet and safeguard that private key in a way that is very, very secure. Don't do not leave it on your PC. Don't tape it to your screen. But basically safeguard that private key very well. Put it into a deposit box at a bank. That might be a good idea. Or multiple deposit box spread across with instructions. But don't leave it, don't leave it in your wallet and don't leave it on, write it on the chalkboard either above your desk. But you, I mean, basically. Or don't write it down with the surveillance cameras watching you write it down. And you might want to use a multi-sig wallet as well. And that will also increase the security as well. All right. Well, what's the story with you guys? Give us a quick update on Sentinel protocol, the company. How big are you guys? You mentioned Draper funded you guys. What's the status? Well, you know, we started earlier this year, back in January. And now we have 30 security professionals. Our headquarters are in Singapore. We have another big office up in Seoul, Korea. We have a third office in Tokyo. We have now over 42 partners. I'm very proud to say that we've got, amongst those partners, at least 10 exchanges and wallets signed on with us directly that are very interested in using our technology, integrating it into their applications. And so. And why they work with you? For a hedge, for security, for insurance, what's the rationale? Forensics for data, what's the value for them? Once they've been hacked, it's pretty hard to recover. A lot of these companies that are hacked, in fact, it ends up with the company closing or being sold. So basically what they're trying to do is leverage our security to detect the threats and the attacks in a proactive, online manner before they get damaged. And then by doing that, they can enhance their branding, the services they're providing to their clients, and they can also help to maximize the stability and growth of their organization. As well as- It's a heat shield. The future life. It's a shield for them. It's a shield, yes. So they're being proactive on the security front. Exactly. So minimize any damages that potentially could get through. You know, right now, John, unfortunately, if you get hacked, it's a wild, wild west. It's every man up to himself. Yeah, it's a total stagecoach. Nobody's going to help you. No one knows who it is. You got to do some sort of real forensic and get lucky. Yeah. Sounds like it's hit or miss, right? Yeah, if you get lucky, you're a lucky man, I'll tell you. Because most of the people out there are not getting lucky. Yeah. So we're working together with our partners to basically solve this problem. And how much money did you guys raise? We raised approximately $8 million, or it was 25,000 Ethereum. Great, congratulations. Not at all. Thank you very much. Well, thanks for coming on. Meet you last night at dinner. Security is at the top of the agenda. We are here. This is theCUBE coverage. It's part of our ongoing 2018 blockchain cryptocurrency, now digital money coverage. Of course, as you know, we've been covering Bitcoin and blockchain on our blog since 2011. And more coverage here at Hoseokon. The first security conference dedicated to discuss security around the blockchain and the new digital assets. That is now money. I'm John Furrier. Stay with us for more after this short break.