Episode 6: Geek Out – Tom Hance (Part 2): NeuVector’s Proactive Approach is Key to Protection

Tom, before I get into this brilliant mind of yours and where we're going and the vision and the future and what you're most excited about, we in government hear a lot about meeting the mail, being compliant. I do my scanning, I know you've hit on it, but can you just emphasize or underscore, I've heard you talk about the difference between container security and container protection, but what do you say to somebody that says, Hey, I'm scanning and I'm meeting the compliance requirements. How do you move the needle and what would you say to somebody to say, let's have a stretch goal. Let's do a little bit more.

Tom Hance:

Yes, I mean scanning is good, but just think about the actual action. You're scanning your infrastructure for something that's potentially already breached your perimeter, and if that doesn't resonate with you, you're scanning for something that's already happened, so it's already at least gotten into your infrastructure. And then you're going to apply a patch. We did this 20 years ago with signature scanning platforms that were really popular that it simply didn’t scale. The bottom line is that any scanning only identifies known types of attacks or anomalous behaviors or dangerous behaviors, and then a patch is written and you have to deploy it. Same thing with compliance. You can be 100 percent compliant and scan it until the cows come home and not be protected from a new type of attack or any type of exfiltration event. You really need proactive security to do that, and we feel that behavioral protection at the packet and application layer is the best way to do that.

I appreciate it. You just jumped that thought in my head. Or should I say introduce it? It's the classic. We got to be more proactive. We got to be less just reactive even though that's how things have evolved. Again, as you've pointed out, with so many considerations for a customer now of migrating to cloud, having the right people, people process technology. Tom, tell me I'm right or wrong, half

Tome Hance:

Factor this. You're right. And I don't mean to say in any event that scanning and compliance aren't important, they are still very important. You don't want to leave the front door open and lock the back door only. You need to make sure that your applications are secure. And the best way to do that is to make sure your, you're building secure applications right through the pipeline all the way to production, but you really need a defensive mechanism. You need someone on the field to play standing in between the attacker and their potential targets, which happen to be your developed applications. That is NeuVector. Now we do a tremendous amount of scanning for our customers, layered deep fast scanning, very accurate, and allow for easy remediation of vulnerabilities and compliance issues out of the box. A lot of our customers use us for that purpose only and when they graduate or start to move applications into production, they'll stand up our behavioral protection mechanisms at the packet and application level and know that nothing can penetrate their trusted containers or get at their critical data sets simply because we're designed to protect their data at all costs.

Pete Tseronis:

Yes. I translate in just hearing you as a listener as much as a conversation that I'm helping lead is I'll sleep well at night knowing that NeuVector and rancher governments in my backyard, so I appreciate that my friend. Alright. Hey, listen, let's pivot a bit to the future and one of the things that I like to associate or relate to my audience in my former life as the CTO at the Department of Energy and Education to, and I'm doing my own version out there of educating, informing, and enlightening, is why should I care? And for me, I think we all, and most of us understand that our nation's most critical sectors, the critical infrastructure sectors are at risk and in need of an upgrade. And they're aging bridges, planes, trains, transportation, manufacturing, you name it, right Tom? To do that, technology plays a part and the beautiful thing with the infrastructure law, the CHIPS and Science Act, the Inflation Reduction Act, and many, many things prior to that.

Heck, we just came out of cyber, not cybersecurity. That was October, the October cybersecurity method, the recognition of resilience and security for our nation's most critical sector month in November. And that's when it becomes real to me. And that is how do I know that when I'm out driving my car, eating some food or breathing some air, that it's protected and it's not at risk. We saw this come out in executive order 14 0 2 8 when a pipeline caused a concern for many, many folks in our country. So at the Edge, the industrial Internet of things: What do you see NeuVector doing to keep pace with this constant evolving world that's changing? And what do you see a year from now two years from now in terms of that NeuVector roadmap that's going to help fortify and protect these critical assets?

Well, I think we're still far ahead of anything else out there simply because we're a protection device, not just a security device. But great question. I think you'll see more agencies move to kind of a hybrid deployment where they're running multiple platforms, possibly different CICD tools, different clouds or multiple clouds. They might be running 100 percent on-prem, of course, NeuVector supports that – supports air gap, fully air gap deployments if that's required. But you might see agencies running Google Cloud with an Azure Cloud next to AWS type cloud or anything of that nature and wanting it all protected under one roof. That's something that NeuVector offers. Also, automation that's critical. Simply like you said, if you're driving down the road, you aren't at a console, you want to make sure that you're protected when you're not looking. And that's really what NeuVector was designed to do.

You set up NeuVector, it learns your normalized behaviors and then lock those down so that even when you're not looking an attacker or an anomalous behavior cannot impact your applications. So I think the automation is key. We do something with NeuVector called “Security as Code”, because we know the application protocols, the file system, access, the WAF rules, the processes and the packet flows. We're able to, with a strike of a key, generate Security as Code in a security YAML that you can deploy across multiple clusters, maybe stand up a new production cluster or deploy the same type of security guardrails in a zero trust fashion across aircraft, shipboard, terrestrial battle in whatever manner you need to use it. So I think automation is going to be key moving forward. And then of course, the continued shift as more agencies move assets into production from this detect and patch model that costs us a tremendous amount and is really too late to the game to prevent anything into more of an IPS or IDP model where you protect first and defend your assets in a preemptive manner.

Thank you. Thank you, thank you. And really, that last segment there really hit home for me when you mentioned shipboard, terrestrial, spatial, airborne. This is the sectors that are depending on the internet of things, things that the edge that NeuVector Rancher Government has really adopted is that's where the world's today and is continuing to go, especially with the introduction of artificial intelligence. So Tom, thank you for that and I am going to walk away with this. It's not good enough to track and monitor container drift. You need to be able to prevent container drift. You told me that in our prep call, and that really stuck with me, and I hope that's something the audience takes away as well. So Tom, when I think of the government market, heck, the commercial market, the industry is littered with so many solutions, so many options, so many considerations. And while today we've talked a lot about the differentiation, value proposition of NeuVector. I mean the only 100% open source, zero trust container security platform. I believe it. In your words though, is there something that you feel you know to be true that is so unique, it's that one sliver that no one else can say when it comes to the NeuVector value proposition?

Tom Hance:

Well, I mean upfront, it's got to be probably a combination. One is the protection. Everybody has monitoring and fast alert with runtime, but that's not real preemptive protection like NeuVector offers. The second piece of that is being hybrid. And when we say hybrid, that means that we are really vendor agnostic. We're platform agnostic. That means you can run your protection for Rancher, Red Hat OpenShift, Mirantis, Istio, all at layer seven and run it in Air Gap or on-prem or in the cloud. And there's never a conflict. In fact, you can do that running with the proverbial single panted glass, manage the security across all those platforms that once, any CI/CD platform is something that we have plugins for NeuVector. And then of course all your registry types are supported. So we're really agnostic to the customer's environment. We make it easy to put all the pieces together that makes sense to the customer. They can continue to use the tools that they've used throughout the development process. And then we have integrations after the fact for recording tools like Splunk and others. So it's a very powerful integration that makes sense to our customer base.

I just heard you mention in your own words what I can reduce to flexibility, scalability, and interoperability in an agnostic manner. Did I hear you correctly?

Yes, you did.

Alright. Parting shot time, Tom, this is meant to give you a soft ball opportunity in 30 seconds or less. Just what do you want to leave with the audience after what we discussed today? I mean, we talked a lot about, and you did a wonderful job, but what do you want folks to walk away from and hopefully explore more about Rancher Government and NeuVector?

Yes. Well, I am passionate about protecting the war fighter and all the agencies across the board, and I think that protection is key. We need to move away from thinking that just because you scanned an image a couple hours ago that it’s protected. Selfless plug here: I would love it if folks that are interested in moving to a protection model, a protect first model, would contact RGS and just hear us out on the easy way to get protected in a preemptive manner.

Well, that's the component I love when it's not about the buying and selling, it's about the seeking and the solve it, as we say at Dots and Bridges. And most importantly, you did that. You helped give me a bit of an education, you've enlightened me and I actually want to go learn a bit more myself. And I hope that conveyed to the audience as well. Tom, it's great to see you again, and I look forward to our next chat, my friend.

Thanks for having me, Pete.