 So thank you very much. First, thank you for pronouncing my name right. That's that's probably a first in an event. That's why they pay me the big bucks. So my name is Yuvash Khoj. I'm the head of product management with checkpoint for everything cloud security. What I do want to discuss today is, you know, back to how we started the event, like the cost of cyber threat to us is in a place where we just have to do something else. And I'll talk about this something else. For me, everything that we do today has to include some kind of automation, some kind of capability that is not part of just man work and women working on something. We have to really shift left by also shifting into a more AI ML focused cyber security capabilities. And it is within our thoughts and it's within our processes and it's within our products that we use and develop. So before delving into this, let me just kind of make sure that we all understand what what really keeping security people up at night. And first, it's a lot about visibility. I'm an old school guy. I was a CISO service providers back in the days where a pizza box wasn't just something you bring pizza in, but it was a one you server. And in order to save to understand what's happening, you just needed to map the wireings, right? You knew what's connected where we don't have this visibility. We do not know where our crown jewels are. So how can we protect what we cannot see next? And this is a developer conference, right? There are a lot of developers and DevOps people here. How do security people keep still their values and, you know, are they really valuable for the organization? And the reason is that back in the old days, security peeps were involved in designing systems as they were just thought about. And today's in a lot of cases, we see the DevOps team and the developers team coming and say, we're ready to go production, please secure this, right? So this is this is actually like, am I still valuable for the organization question? Next is complexity. Just think about how complex for someone who is not part of the DevOps community, not part of the developer community to understand the differences even from a technology, but also from a risk perspective of VMs versus Kubernetes containers versus serverless functions, et cetera, et cetera. Last but not least, and this is something that did not change ever since day one of information security is how do I keep myself off the Wall Street Journal headline? This is like the number one concern. How hard is it when, and I'm not calling developers, you know, non-knowledgeable or, but they do not understand security always, right? And how do I make sure that there are no mistakes done on the left side because we're shifting left? How do I make sure that we're not making mistakes there? So the use of machine learning in AI is really critical in order to grab so much information and make it actionable and make it something that is insightful. And a lot of times I hear people say, I'm getting so much data, but it's like finding a million needles in a wheat field, right? That's one of the challenges that we see today. So this is why we need to use AI. The more data, and I'm sure you know that, the more data you feed to the machine learning beast, the accurate it's going to get. Last but not least, if your organization still thinks that we could use all tools to solve new world problems, it is not going to solve these problems. We have to use new solutions. And those new solutions, what I suggest is really look into machine learning and AI in order to solve these problems. Now, let's take a scene like a day in a lifetime of a security person working with DevOps and development engineers. First question is, okay, you're asking me to secure this Kubernetes cluster. What network traffic is happening in between the cluster nodes? What's happening in between, you know, east, west, north, north, south? And the answer is usually, well, I don't know, like, we don't have any policy, right? And then the security person talk about the old world solution uses the number one advanced analysis tool in the security policy analysis arena, which is an Excel sheet. And let's get all the logs into an Excel sheet and crunch it and find the unique connections. And this is how I'm going to build my solution. It does not scale. It does not respond well to changes. What do we do differently? And this is exactly where I want to turn into a small demo. And again, I just want to really show you how could you harness AI in order to create a security policy model. So what you see here, you know, a very simple, very traditional, almost three tier, if we're still allowed to use this term, application with, you know, a front end, an application set of capabilities, and then maybe a more secure system. So how do I know what different relationship from a networking perspective do I need? What we will do is we'll actually use a discovery agent to first understand what assets do I have, which is also, we talked about visibility. I don't know what service do I have, right? And the first thing, and I'm not going to go through, you know, how it's installed, et cetera, et cetera. The first thing and discovery agent would do is map the different nodes, the different pods, the different services, et cetera, et cetera. Very limited visibility, right? Only one namespace because nothing still happened. But once we turn on learning mode, we could actually start understanding what's happening in between the nodes and build a policy model. It's not just let me record this, but really build a policy model. And yes, there are things that we could statically, you know, do from day one. I don't want my system to go to malicious domains, right? But still, I want machine learning to actually tell me what's happening inside my system. So once you turn machine learning in order to build the security policy, you're going to start seeing, and this is, I think, the beauty of machine learning, it's going to grow as you go. It's going to be very coarse at first. And then it's going to, and it's going to tell us, listen, you're at high school now, you need to keep learning until you get to a professorship, you know, position in terms of like, I know everything that's happening there. But the more you go, it's giving you, it understands now like what namespaces are being used. It understands now the actual connections and relations between the things. Now, maybe it's not as colorful as the diagram we saw at first, but these are the network vectors that you see. So once we have this, we can also start looking at the policy model that it suggests. And the suggestion, of course, again, new world, we can't use IP addresses as security policy constructs, but instead things like pod names and resource names, and services, et cetera, et cetera. So what we saw here, in a matter of hours, getting from not knowing nothing about the network traffic and knowing exactly what security policy we need and everything is courtesy of machine learning that built really the model. You're changing, you're adding a node, you're adding a pod, it will relearn everything. So you can always use machine learning again and again. Let's look at another scene. Another scene where someone needs to understand what's the permission model that is needed. And you go to DevOps engineering, developer engineering to say, well, we don't know. It's an S3 bucket that is pre-configured by a third-party tool that we're using. You cannot secure a black box. You cannot. You need to really understand what the permission levels are. So in order to do so, let's see how do we use machine learning in order to again build a permission model, not a network security model, but instead a permission model. So first thing that when you have, and in this case, it's a serverless function, that you can see is like, what different resources do I use? But by the way, there are cases where engineers don't even know exactly what's being used because it's a third-party tool. But also when they build it, if they don't document everything, they just don't know. After using machine learning, static code analysis, et cetera, we could understand two models, the configured model. And because we're calculating all the paths that the code could take, what is the required security model? And it will tell you, listen, your S3 bucket is currently overly open, and you need to shut it down. Now, try to go to a developer and tell them, reduce the permissions on the S3 bucket, and they're going to say, well, what does it mean? I want to be able to do everything I do. And the benefit of using machine learning in order to build a policy model is that not only tells you what's needed, it empowers the security people to speak the lingo of DevOps and developers in order to even give them a YAML snippet in order to configure the resource. So again, in a matter of a minute and a half, just running the function once, twice, 10 times, the more you run it, the more accurate you get. You get from, I have no idea what's happening to a, I know everything there. So let's summarize. Remember, especially if you're a developer or from the DevOps community, the more data you send to the security guys doesn't mean that you're giving them more visibility or more insights. And this has to be something that we always remember. You have to create a situation where you have insights. The second thing is that the more information you actually feed to machine learning, unlike a person that just needs to read an audit log, the more information you feed, then the more accurate your beast would be. We live in a world where we're not looking for a needle in a haystack. We do not. Advanced persistent threats are here to stay. We're going to see them even more. And we're looking for million needles in a wheat field. It's not just a stack. Think about where your system is distributed across multiple cloud service providers. How do you understand what's happening there? And with that, I'll thank you. Thank you very much.