 So I'll start here and it's kind of funny because we were just laughing about this is a really wide-angle lens by the way I see that's pretty great. That's actually pretty great So I'm hanging out where all the shirts are is I was like this is this is the whole Stash where they do all the stuff and but this is after we did trade-craft Tuesday So if you haven't watched it the link will be below for that And it was the how to think like attacker and this started. Well while ago we did the idea Before I flew here But it was fun doing the behind-the-scenes because we worked on this yesterday. We went through the attack scenarios and Probably what a better half of a day eight hours or so makes you feel young against both Let's start have the background like in hacking and poking away at then things and there just wasn't a joke Cola over the table Yeah, no red bull got broke out. It's pretty good on the drinking side. Yeah. Yeah I was really it's a bottles of water. It's really just shared documents going back and forth and research and Walking you through the process but watch that video to kind of get an overview and of course at the end of it There's also some remediation ideas and ways you can help protect yourself against it But it's been kind of fun hanging out here because the other thing we did was I got to see behind the scenes We dove into specifically my client file my clients and watched how they do the threat ops and that was really cool They built a hell of a product. I have a video where I talked about the product and stuff But seeing real action watching John and he's he's ahead of threat ops and go how does he decipher something? How do you know if it's a threat or not a threat? It was definitely kind of cool. It's that behind the curtains moment where it's like I don't know what the magic is but when you get a look behind it You actually get to see like what the chef's making in the you know in the kitchen So I thought it was pretty darn cool and it's not magic. That's the best part They I heat companies that just had to obscure what they're doing. There's no no obcecation or barrier This is how the product work if you do this we clear out the noise with some automation tools We create global lists of this run this QB updater EXE guess what it's not a threat How do we know it's not threat? Well, these are the methodologies because guess how many people are any QB updater Which the stats are kind of cool too because they know that kind of information. Yeah, I think it's one thing when you get to see Hey, this is what my own like company looks like right, but it's a whole different thing when you get to see like Statistics at a global scale. What do attacks look like you can even see when like some hackers go on vacation or start updating their tools Yeah, when they come back so with a volume at endpoint as they have on there It's just crazy because you can build graph statistics on it and say this is this is like how to how it changed Like you said when they the guys that did emotive they took a vacation around August it appears You know or retooling right? Oh, I think we're starting to finally get caught by all the new preventive security products Let's retool for 90 days and come back next quarter and destroy once again. You can see that type of stuff Yeah, I mean technically if you want to divide it up I'm we're on the blue team business us here and they're on the red team business and that's it's almost feels a little more lucrative to be on the red team and It's a lot it's a lot easier because you only got to be right You know you're spraying stuff out there You got to be right and find that one little hole and get in versus when your blue team and you got to be right all The time a hundred percent which is hard as an MSP myself It's you know keeping my clients protected is why we use the Huntress product and but it's just that hole behind the Scenes of it's not magic. It's indexing of files. It's raw Someone had to look at this and it was just kind of fun And then me and him and been BS and actually I got to get in my flight back to the good old Detroit They're I'm here in Baltimore where they are right now and but business owner business owner It's fun talking to so we had those conversations. They have a cool culture here You know everyone puts that our culture is cool, but after hanging out with these guys for two days I Enjoyed it. I felt at home. They have a culture similar to ours and Oh, that's that's something you got you can really be put a feathering out on that one I'd be proud of it like you said it's one of the things that is like tech nerds You don't come to appreciate that when you start running your own business, right? It's oh, this is something That's actually proud of what do do the employees like being there or do they hate me in there? That's huge Yeah, you don't want and it's some of my goals I had as a business owners and just take people always stop with the money and a profit I want to make a company that people don't hate and don't say man. I hate work. I don't want to come to work This is gonna suck and you know, I've been that's those are those are more important than you think I don't you have to make money because if not none of that matters Yeah, but the lights go out the lights go out and no one has any candy to eat and I mean he's got a bunch of candy No, that's maybe happy because But they're getting suckers and everything else to you're gonna go home with cavities and probably our knowledge A whole lot of malware knowledge, so that's but it just that whole behind-the-scenes has been a lot of fun there and It's all things like I hate people that talk like everything is hard or magic and it's it's hard, but it's not magic I can't reiterate that enough. That's why we talked about in the tradecraft Tuesday We broke down the attacks. They're not magic. They're not just picking on you But how do you think like an attacker and because you know, I still participate in the hacking community And things like that and so do you I mean you have a lot of friends in Intel and threat ops You get quite a Robodex of names that know you where you can bounce ideas off of because of information sharing The most fulfilling sometimes right is not even like what we're sharing But sometimes what you know the people were adding live in our chat saying hey, you know, oh gosh I'd heard about this. I'd seen this I'd never thought about how that could be applied So I think those are probably the fulfilling moments for me that actually get me like motivated is oh Hey, I'm here to share my stuff But when somebody walks away with like oh, man, I totally have this I'm going to be able to make an adjustment the way that I'm securing my own end points That's kind of what does it for me and in someone asked me like say hey Tom because you talked so much about your business on this YouTube channel Doesn't that give away the secrets and couldn't someone just compete with you? I'm like no, you know I get some great ideas when I start opening up with MSPs and I see this up push and you know with some of the Big MSP companies tooling companies of getting people together and going no We're putting in a room not just to sell you a product go talk to each other and some MSPs are like no I can't talk anything. Everything's a secret like cool. Keep your personal client information That's that's great. Keep that personal when it comes to how things operate the intelligence community works by sharing the knowledge This is how we see these attacks How do you see it and you know people at other companies that make other tooling software and that shared knowledge Doesn't mean my tool finds it I can't I figured out a way to do it and I'm gonna make myself better by not sharing in the long run That's not a long-term play. Well, if you think about earlier We looked at like the emotet and just how it pres How prevalent and emotet was this month or this quarter even and the first thing we did was pivot to Twitter where people were Sharing command and control links like these are common emotet download servers and command and control Without that we literally wouldn't be able to build some of our own analytics So it's kind of just a testament to like sharing of information and at the end of the day Like it's all about execution in your own unique flair in the business side of the house. Oh, yeah Why not be open? Yeah, this is not the the part that you can really Say this is my uniqueness is knowing that I know the command and control service of my clients are protected from it No, share that knowledge back out there put it back out there How you discovered it because someone else that shares it to me have discovered another one that you didn't have in your list And co-opting these lists. There's plenty of other spots. You could be unique. So I just share Knowledge this is like I said basis for my channel basis for a lot of things I do and the heart of the hacker community and this is actually Wow two months ago your trade kept Tuesday and ransomware as a service Oh, that was that's probably by my by far my favorite just because it was watch that episode I'm gonna link to both of those below but what those things once you realize ransomware as a service like they have reseller links referral programs and once you understand if you go if you spend any time at a black hat event at a Defcon event you're gonna realize hackers are all like show-and-tell well guess what I hacked look at what happens when you poke this box this way That community there is even unfortunately There are bad people in that community that are then using this intelligence to attack companies But their sharing of knowledge is the reason that we're seeing these attacks at scale because some of this MSP Community's like we got to keep everything a secret and that little bit of knowledge and the other team You got to remember the ethos is the opposite on the other side of that wall if one of them figures out how to do it They don't even keep that to themselves even though they're trying to profit from it at scale with ransomware They're sharing it amongst their community and building a reseller program around. Yeah a marketing affiliate links you name it I think today We kind of got to share like there's always that dynamic right attackers as you mentioned earlier only have to be right once But kind of today we got to show the inverse of defenders being able to like live on our tradecraft Tuesday We started using some of the like open source tools and then show Dan to be able to find like potentially vulnerable Networks and in the process accidentally stumbled on to like some skater ICS equipment things like that That's just a great example of like the defense team coming together and saying like oh We probably better notify these folks right that this is you know publicly available if you can so I think for me It's a good way that defense is starting to level the playing field a little bit instead of trying to play whack-a-mole as the defender Well, if we take down some of these attackers or even compliment each other in the process We kind of make the community better as a whole. Yeah and sharing the tools on there There's always some comment that'll come pop up on there. It's like you you're sharing show Dan Aren't you teaching more people to attack? No, they know don't worry. They're in the news every day. Yeah every day I don't think we're creating. I'm hoping someone grabs it. That's on the blue team go Oh, I didn't know it was that easy, you know We're talking like show Dan being $59 a month to scan a few thousand IPs throw your clients IPs in there It's like the cheapest tool you could do this with compared to any other tooling you buy for your For things and suddenly have visibility and go hey look I got notified a port got opened up That wasn't before why is RDP open someone's getting ready to plant something It can give you a lot of in touch once again learned all this from sharing knowledge and someone shared show Dan with me that wherever God has been a long time since I learned about it, but Yeah, and we could go on and on about that because you had a Google dork and Just to show how to find this was in the trick are to see how to find other things like opens open Sonic walls it was. Oh, yeah Sonic wall authentication pages You know what we talked about culture a little bit earlier and one of the things that really excited me as a founder Somebody said the easiest way to measure your startup success was going to be how easy is it for any employee to buy a $50 book and Maybe you know your own test within your own company is how easy is it to buy a $59 license to show Dan right at the end of the day At that price point and what you can do with it to secure your own network And it's not like we're getting affiliate marketing from right in team like this is something you can make a big difference from I'm gonna have to put my money where my mouth is and see the team just how easy is it for them to purchase their own like yeah I think this is a anytime I my team wants something whether it is even the physical areas We do infrastructure if they if there's a tool physically they can buy to make their life easier I've done a couple videos on like some of the the tools we have for testing wiring stuff like that It's buy it for them like if this makes your job easier cool There should be low paint of access doesn't make you more efficient and the same thing with my security guys If there's a tool if they think show Dan or whatever and I'm frequently because that's my side of the house I'm the one driving. I'm buying the tools and dumping them on their table all the time guys check this out Do you ever get the opposite of like oh Tom no more tools no more tools or they're just always excited to get new Sometimes they're excited sometimes are like what do you want me to learn now and then at least I'll try to build some Knowledge around it to show them how easy it is I feel like sometimes I'm the good idea fairy for threat ops where I'm like oh guys Here's this new algorithm or new way to find it like oh gosh. We're up to our armpits already. Yeah calm down Good idea. Yeah a good idea fairy. I think it's a CEO is the company you do that You are the idea person who runs an area is I do create a little chaos occasion So she I'm gonna come back Wednesday and they're they're preparing for it right now I've been gone for two days Monday Tuesday. I'm gonna show up Wednesday guys I got ideas and they're gonna be like we just want to have breakfast So I get there before everyone else and like I got all these ideas. Let's start Are you gonna do them Tom or we have to do them all you guys have to do them, right? I'm totally 100% because my he's gonna kick out. I'm gonna forget a bottom by Thursday I'm hoping you're gonna remind me and just then they're gonna be a long email. Yes Fun times well, he's got to take me to the airport or we just kind of babble on forever about this stuff But any closing thoughts? One super stoked to even have me here super stoked to have you in Baltimore as well But yeah, I think my my leaving thoughts or parting thoughts would be go share share and share, right? Put your content out there. We're doing it now. Obviously. We're having a good time doing it I think that's probably the easiest way as we as defense make a big difference against offense. Yeah, absolutely We'll leave with that and thanks And thank you for making it to the end of the video If you liked this video, please give it a thumbs up if you'd like to see more content from the channel Hit the subscribe button and hit the bell icon if you like YouTube to notify you when new videos come out If you'd like to hire us head over to Lawrence systems calm fill out our contact page and Let us know what we can help you with and what projects you'd like us to work together on if you want to carry on the discussion head over to forums that Lawrence systems calm where we can carry on the discussion about this video other videos or other Tech topics in general even suggestions for new videos. They're accepted right there on our forums Which are free? Also, if you like to help the channel out in other ways head over to our affiliate page We have a lot of great tech offers for you and once again, thanks for watching and see you next time