Risky Business - Snake Oilers: Ent AI, Spacewalk and Mondoo
Episode Date: May 1, 2026In this edition of the Snake Oilers podcast three vendors stop by to pitch the audience on their products: Ent AI: Co-founder Brandon Dixon pitched Ent, an inte...nt-aware, AI-powered endpoint security control. Spacewalk AI: Founders Chris Fuller and Tim Wenzlau pitch Spacewalk, an AI-powered incident response platform. Mondoo: Co-founder Dominik Richter pitches Mondoo, an AI-powered “service as software” in the vulnerability management space. This episode is also available on YouTube. Show notes
Transcript
Discussion (0)
Hi everyone and welcome to this latest edition of the Risky Business Snake Oilers podcast.
My name is Patrick Gray.
For those of you who are not familiar, these snake oilers editions are wholly sponsored,
and that means everyone you hear in one of these editions of the show paid to be here.
The idea being, of course, that we get a few vendors to come along and pitch their products to you, the listener.
And today we're hearing from three companies.
We are going to hear from Ent AI or Ent Security.
You can call it either.
Brandon Dixon from Ent will be along in just a moment to talk us through their product,
which is they're calling it intent-aware security.
It's very AI-heavy, the idea being that you can monitor endpoints for user and agent actions
that violate company policy.
It can sort of divine intent based on what it's observing.
It's basically science fiction.
This one's very cool.
So that one will be our first cab off the rank.
Then we'll be hearing from Spacewalk.
And the idea behind Spacewalk AI is they have created
an AI-based incident responder.
The goal of the company was to create the most experienced
best incident responder on the planet by leveraging AI.
And that's a very interesting pitch.
That one is second.
And then finally, today we're gonna hear
from Dominic Richter over at Mondu.
Mondu started off as an open source tool.
And these days does basically, okay, so what does he call it?
He calls it services software, but it uses,
It makes heavy use of AI agents.
And the idea is it is a vulnerability management service as software.
So Dominic Richter from Mondu will be along in a little while to talk us through that one.
But first up, we're going to hear from Brandon Dixon over at Ent.
Now, I've got to disclose, you know, Ent is, Decibel has an investment in Ent and I'm an advisor.
Decibel, of course, owns a bit of risky business.
So just to disclose that to get it out of the way.
But yeah, I'm working with these guys.
and I think what they have built here
and what they are continuing to build
is borderline science fiction.
I think it's tremendously impressive.
The idea being, as I said, just a moment ago,
that they've built this sort of intent-aware security tools.
So they've instrumented endpoints up the wazoo
and based on the data that they stream off the endpoints
and some of the on-device sort of AI processing that they're doing,
they can get a really accurate picture of what's actually
happening on that device and whether someone is doing something they shouldn't be
doing either maliciously or accidentally they can stop it they can also tell when
it's an agent doing something and whether or not that agent has gone off the
rail so it's a really really interesting product early days but very very
interesting so Brandon Dixon is one of the co-founders of Ent and he joined me to
tell us all about the product all about what they've put together he was
the founder of Passive Total which was acquired by
IQ, which was then acquired by Microsoft, and he left Microsoft after helping launch security
copilot there. So yeah, he's got a bit of experience in the old AIs. Here's Brandon Dixon.
We are doing intent-aware security at the endpoint. That is what we do. And so we model behavior
directly on the endpoint where people are working and where AI systems are working. And we
use that understanding to inform a variety of different use cases across security,
starting mostly with inside risk.
That's where we see a lot of the uptick right now,
but it also allows us to see into specific parts of DLP.
It allows us to streamline elements of the SOC.
You can effectively think of it as us minting behavior intelligence
across the enterprise and then making that available for the organization.
Okay, so the idea here is that it is an endpoint, it is endpoint software
that does a bunch of tricky stuff that basically gives you insight,
and control over what happens on the endpoint
from the perspective of what the user is doing
and what any agents they might be using are doing.
Is that about right?
That's correct.
Yeah, effectively how it works is we run a really lightweight agent
directly on the endpoint.
There's no kernel level hooking.
And so it almost functions like an application.
And then we model the user-driven behaviors that take place.
And so when the person is interacting with that system,
we're capable of then understanding
how those raw events turn into activities and then get described into behaviors.
So are they going and copying a bunch of files that they just recently downloaded to an external drive?
Are they engaging with the SaaS application that might be AI and pacing sensitive information into it?
Really, because we're at the edge and we have full context, we can essentially see anything that the user sees.
And that is one of the benefits that we bring is just the power of the level of context.
that we're able to bring.
Okay, so walk us through a little bit more about how it works, right?
Because you've said it's a lightweight agent, goes on the endpoint.
I'm guessing where AI comes into this is once you are streaming,
even just like if you were just doing a video stream of what's happening on a endpoint,
back to an LLM or an AI agent, it could pretty accurately describe what a user is doing just from watching, right?
So I'm guessing, though, that what you've done is a little bit more intelligent than just streaming like RDP back to,
back to an AI agent who is watching and describing what's happening. So why don't you tell me
how you've actually tackled this? Yeah. So for us, like we have a big philosophical view that
we're watching a lot of workloads go back to the endpoint. So historically, we've used the
cloud and SaaS tools for a lot of our jobs. But with the increase of AI agents and AI workloads,
we're seeing more people draw some of that back to the local machine. Additionally, we're seeing
that the consumer-grade hardware is starting to get more capable GPUs, MPUs, and just RAM in general.
So the way that we design the system is to run completely on the endpoint itself without the need for the cloud.
So we're capable of modeling that behavior that takes place, the interactions that the user has directly on the system,
and that means making use of lightweight embedding models, but also small language models that can be at the edge,
some of which have vision aspects as well.
And then we're capable of instrumenting the endpoint in such a way that we understand that
behavior and then can describe what it is that the user's doing and then determine based on
that trajectory of where the user might be going in the behavioral space, does it look like
they're about to violate a corporate policy?
Does it look like they're about to make a mistake?
And if so, we can then intervene and stop that user from doing so.
And that intervention could be something like a pop-up.
It could be flashing the screen.
It could be playing a noise.
But it could also be something they can't see.
It could be taking a screenshot.
It could be disabling the network connection, moving a file,
disabling a process.
Really, the way that we've designed our product is to make it more like a programmable endpoint.
And we have policies that drive how that behavior actually functions.
Now, these policies, right, when you're dealing with systems like these,
the days of having to learn some crazy policy language, right?
are kind of done. So how do you actually get policies into this thing? I'm guessing this is a
natural language kind of thing. Do you have a chat with it about what you wanted to do?
Yeah. So for I think where we're at right now, we're building more of the chat experience on top of
it to orchestrate how we get into the policy language that we have today. But we've actually
designed the policy language to use more of a code back end. And so the idea behind this is that
it's Pythonic in nature. And so when you look at the
actual policies that we have today, they look like Python, but they're not. They actually compile
down to an intermediate representation that's more scalable and performant that can run on the endpoint.
But the reason why we selected Python is that AI agents and AI coding are particularly good at
representing Python within their distribution. And so from a context perspective, I don't really need
to feed a lot of context in to go from natural language to a policy that handles what the user
once. And so we have agentic processes that we describe the outcome that we want, or we feed it
telemetry, or we feed it a use case. And it goes and forms the policies, writes them in code that
gets compiled down to the intermediate representation. And there you go. It can run on the edge or it
can run on the back end. So there you are, by the way, that I just said, well, the days of writing
these things in a scripting language are done. And you're like, yeah, it's a scripting language.
Sorry about that. So there is value in it just because it gives us a bit more control.
So one of the things that we hear is that, you know, sometimes I'll look at the market and I think people just sometimes lose their mind and they're like, we're going to go put this nondeterministic language model system, you know, wherever the control point is and we're going to replace control point with said nondeterministic thing.
And it just doesn't work.
And like natural language is too subject to interpretation.
We can use it as a tool to get to an outcome, but code is nice because it very clearly states.
what it is that we expect to happen,
and there's a level of deterministic outcomes
that you can get with that.
And so the policies themselves,
like the policy engine, combines deterministic logic,
behavioral modeling, and inference all in that single language.
And so what's cool about that is I can go and hook
an atomic operation like someone activated the clipboard.
And then I can use a deterministic rule to say,
does it look like there's code inside of the clipboard?
If there is, and I want to go and in
intervene at that moment, I could do so.
Doesn't sound like anything fancy because it's not.
Just rewrite the clipboard with poop emojis.
Yeah, exactly.
You know.
Or, you know, or bags of cash.
But imagine now that you could stack on a filter here or a function that says,
is this normal behavior for this user?
And that that function call then returns a bullion of whether or not it's normal.
So now I'm getting a deterministic outcome based on the behavioral baselines that we have.
And then I say, okay, it's not normal for this.
the user and it does look like code in the clipboard, and it's something they haven't done.
Then I could go to the inference and I could say, and if I brand this code, would it manipulate
my system or do anything risky?
So what we're doing is we're stacking together all these different signals that combine
deterministic outputs, but behavior modeling and the power of generative AI into one programable
policy.
And that allows you to do some pretty powerful stuff.
And it runs at the edge.
Now, look, you've said that you can do some of the inference here.
and like some of the AI, you know, fairy dust magic, you can do some of that inference on the endpoint.
But I'm wondering, like, for a lot of people listening to this, they're going to be thinking,
can my poor already, like, sort of outdated hardware stretch to doing that?
Or is that just going to slow everything down to a crawl?
You know, like, what are the sort of system requirements for doing that sort of inference on the, on the edge?
So for us, the way that we designed the endpoint agent itself is it's meant to be minimal footprint.
So if you want to get the full value, naturally you're going to have hardware that gives you at least a gig of memory free
that's capable of doing some of that inference locally and then having like a pretty decent set of CPU like maybe an eight core or something.
This is modern.
We're talking modern laptops here.
So I do expect that most people will have this.
But in the event that you don't want to run it on your laptop for whatever reason, all of our functions will still operate.
But when it comes time to inference, we can still inference.
we can still inference it'll just go out to your customer boundary
and then do that heavy lifting out there
and then bring the answer back.
And so you still get the benefit of having AI
delivered inside of the agent itself.
And it's just that some elements are going to be put into the cloud.
But we've designed the system to be ready for the future that we see
in which everybody's going to have sufficient hardware
and that the architectures themselves of these transfer.
And other AI advancements are going to be able to run on the edge without an issue.
And we want to be prepared for that.
Just before we wrap it up, you know, every founder, right, thinks of the first tranche of customers who are going to be enthusiastic about what they're building, right?
Who is that trance for you?
Who is it who's going to be? Oh, Goody, I need this.
Global 2000 and above where we've seen traction and deployments, like we already have success.
cases and accounts is in Fortune 500 businesses, ones that tend to be a little bit further along.
They're coming from financial institutions, energy sector, tech sector.
It just so happens that the people that run these devices and hardware internal to those
environments also have a bit more beefier hardware, especially for some of the folks that they
perceive that there's risk.
So these are folks like your developers, your executives, you know, others that are experimenting
with AI.
They all become potential candidates where they might do some.
something silly. And so they want to be able to run something that models that behavior and then
is able to get in the way if risk presents itself. Yeah. And to be clear, too, we're not just
talking about typical DLP use cases of zip files going into Google Drive, right? You know, you can actually
see when someone's doing something unusual in an internal application. Like it might be a SaaS app.
You can watch what they're doing in the browser. One more thing I wanted to ask you about, you know,
you alluded to this earlier where you can actually start having a look at.
at what, you know, endpoint AI assistants are doing as well. How can you actually tell when it's
the assistant versus the user, though? We have telemetry that's available to us, so we don't just rely
on vision, but we also have telemetry that we instrument around the behavior itself. But we can also
see handoffs that take place between the user and, say, an IDE, a user and something like Anthropics
co-work. There's some level of engagement that takes place on that system to some extent. And when it
occurs outside of like the boundaries of the endpoint that we may not see, say it's remoting in or some sort of session there.
We could tell from the session of where that user's coming from.
And then we also profile the user itself.
So there's other things that's interesting.
If you're able to capture things like the mouse input or the keyboard input, maybe not even the content, but just the movement and how it operates,
those create patterns as well that allow us to create signatures around this looks like this particular person versus looks like some sort of system or automated controller.
top of it. Yeah, yeah, that's getting a bit sci-fi there, which is very cool. Brandon Dixon,
thank you, because then you're going to have the AI learning how to do the keyboard and the mouse
like you, right? We already have it. That's how we train our environment now. We get around the
cold start problem by having a synthetic environment that literally is like for all intents and
purposes, a company with a bunch of virtual workers going and using enterprise software with our
agents essentially installed in there. So we tune our models in that way as well. Yeah, yeah, nice.
Nuts, nuts. What a world.
Brandon Dixon, thank you so much for joining me to walk us through Ent AI.
Always good to chat to you, my friend.
Thank you, sir.
That was Brandon Dixon there, talking all about Ent AI or Ent Security, whatever you want to call it.
Just don't call it late for dinner.
And I've dropped a link to their website in this week's show notes.
So you can check it out a little bit further there if you would like.
Okay, next up we are chatting with Chris Fuller and Tim Wenslow from Spacewalk AI.
The idea behind Spacewalk is they wanted to create an A8.
agentic incident response platform, which I think is a really cool idea.
I actually spoke to someone, geez, about a year ago who was thinking about founding something along
those lines, and I was really interested in getting behind it.
They decided to do something else in the end.
So, yeah, not surprised that someone is tackling this.
I think it's a really good use case for AI.
Chris, of course, he worked in the intelligence community in the UK, did some time at Obsidian in the end,
and that's where Tim Wenslow wound up as well.
He's been kicking around in Infosec for a while.
even worked at Respond Software years ago, which was a risky business sponsor briefly.
So yeah, both these guys are not, you know, brand new arrivals in the security space.
But let's start off now with Chris Fuller, who's going to tell us all about what they're
trying to do with Spacewalk AI. Enjoy.
We're trying to build the world's most experienced instant responder, which I think is basically
taking the top-tier operators in the world and combining them with like top-tier AI research.
put in those two things together and I think magic happens.
I think what we want to do is take what these guys are doing,
which 50% of the time is just working, you know,
pretty like benign things that come out of the SOC or level two
or whatever your structure is.
And they're just not leveraged.
We want to like push that way down,
try and make that as fast and as easy as possible,
and have these guys doing like things where they're like truly leveraged.
Okay.
So that's the idea is to build an AI,
you know, incident responder that's the most akin to the most experienced incident responder in the world.
Makes sense. So how do you actually do that? Like, what do you do to make that happen? Do you have to
give it a million API keys so it could go out and gather information? Like, what does it actually
look like to build a system that does what you describe? Initially, there's somewhere that you get escalations
from. There's like whether that's service now, whether that's like mission control and splunk,
whatever that is, there's some way you get escalations. Those guys,
going to flow into the platform and then the platform is going to determine what data it needs itself.
So again, if you've got those connections to different things like Sublime Security or
Splunk, Next Gen Sim, Obsidian Security, it's going to pull that data and it's going to profile
infrastructure, identities, all those sorts of things and kind of build out like, hey, there's
this data that we need to be able to look at and turn around.
But I think what we found in the real is that these are guys that have like 50,000 tabs open
on their screens, they're sending like, you know, data.
We have a browser extension that you can send the DOM through and we'll rip out the data
from that.
You can upload forensics images.
You can upload log files, screenshots.
If there's a Slack channel in the instance rolling, you just drop the Spacewalk
bot in there and then it's going to grab whatever the team's talking about, the threads,
the data and kind of centralize that all in one place.
So I think what we've figured out is we need to be super flexible with the type and the places
that we get data from.
and so I think we've done that pretty successfully.
So this is what I find interesting here is you're not trying to just plug into a seam,
you're not trying to just grab EDR logs and say,
ah, we're doing incident response.
Like the idea here is you can be pretty ad hoc with what you throw at this thing, right?
Yeah, we pride ourselves on honesty being able to take any type of data.
And so sometimes we're pretty surprised at what we get given.
But at the same time, for us, we've built a very,
straightforward architecture that, or a very flexible architecture that basically can take almost
anything and translate it into a way that basically the AI can like interrogate it.
And so for us, yeah, if somebody throws a format we've not seen before, we just go and take
that data, we give the AI the right tools, the right ways to kind of introspect it.
I'm dying to know because you were like, yeah, I'm really surprised at some of the stuff
people try to use. Like, can you give us a couple of examples there of some, you know, because that's
what incident response is like, right?
You might have some suspect device.
It might be some internet of things thing.
It might have some ancient Linux something.
And you've got to all of a sudden do incident response on that and figure out what's going on with it.
Is it that sort of stuff like weird images of, you know, mem dumps of like non-standard systems or, you know, what sort of weird stuff do you deal with?
Yeah, we were actually talking with a very experienced response team.
You know, they gave us some data and said, hey, like, we put this thing.
the platform didn't work. And essentially, it was just several thousand CSV files that they'd
been passed from an entity that they were asked to do instant response to. And they had no context,
no real idea of what was going on. Like, hey, there's some host here. Can you find out bad stuff's
happening? So I think for us, like, instant responders are asked to do some pretty tough things.
And so for us, yeah, who wrote that, we'll be releasing that shortly into the platform.
The boss comes in, hands you a potato, and says, what does it mean?
Exactly. Can you do an instant response on this? So yeah, for us, we've kind of seen it all,
all the way from like, hey, I just phone this person. I've just got like a transcript of them talking
about bad stuff happening on a point of sale system to, yeah, kind of some honking great set
of forensics images that they want to process into the platform.
Joining us also is Tim Wensler, who is the chief executive of Spacewalk.
Tim, when you are rolling in there to, you know, doing the slide.
deck in front of the VCs telling them about, you know, trying to activate their greed gland,
telling them how much money they're going to make. You know, what do you, how do you pitch this
in terms of like, who's going to buy it? Is the idea, let me guess, big corporates and incident
response firms to begin with and then eventually everybody, is that sort of the pitch?
Yeah. So if you think about all the investments that organizations have made into security
operations, Sims, detection tooling, at the end of the day, what you're doing is you're protecting
the time of the instant responder for when you have a scenario that's high impact, high likelihood,
and you want them to reason and collaborate. But if you look at the tools and investments that have
been made in that space, instant response teams are working out of tickets, Slack channels,
browsers, SharePoint, OneNote, Google Docs, etc. It's a soup of collaboration tools that
have not been optimized for this incredibly high impact scenario. If you contrast that, there's
quite a lot of pain in that process, as you can imagine. But it's also the most valuable
data set in security. Detection is generated in a hypothesis, but an instant response outcome,
a report, a timeline is a very granular conclusion of what the adversary did. It's labeled by
probably the most highly knowledgeable, skilled operator at your organization. And they're spending
most of their time chasing down tickets rather than taking that intelligence that they're
curating and pushing it back down onto the detection surface, pushing it back across the control
surface to understand, hey, where can we take more resiliency? And the most compelling part of the
platform where we've created this system to have high accuracy. So every assertion that we're making
is backed by evidence. It's backed by data. Well, that's the missing evidence that all those other
earlier platforms are looking for. And so Spacewalk sees itself very much as an intelligence layer
feeding back down to the earlier technologies.
Now, one thing I'm really curious to talk to you about is it seems to me that the, that solutions
like yours, like AI-based solutions doing security tasks, the biggest competitor that you're
going to face is not other companies doing the same thing.
It's going to be incident responders trying to use AI themselves because instead of having to
go through procurement and get budget and whatever, they've already got token budgets, right?
They've already got like some of these pro subscriptions, which are heavily subsidized.
by companies like Anthropic and quite powerful, right?
So they can just go ahead and vibe code something that,
look, it's not going to be as complete a solution as you,
but it's definitely going to help them speed up their work.
Is that what you're finding at the moment?
It's like it's the whole, I mean, it's,
you won't even call it build versus buy,
because people aren't really building.
Is it, you know, getting by on general models versus buy?
Is that kind of a thing that's happening right now?
I think the way I think about it,
is like in some senses that the ecosystem is like way more fluid than it was, say, six
months a year, certainly like before that, where I think for us, we don't see it as like a
build versus buy. We see it. Like as you said, it's a spectrum of, hey, what are the bits
that you want us to build or things you want to leverage? You know, we've got some incredibly
smart AI researchers that sit and think like, how do I take, you know, five different hypotheses,
generate really high fidelity ones and then work through kind of ruling them out, building all
of that in a way which is efficient and you're not going to spend, you know, sort of a thousand
dollars on each case, but you get really high accuracy versus like, hey, there are elements of
this that we can build, you know, custom to our organization. So I think for us as a case of saying
there are elements that we definitely think, like, hey, you should probably get a vendor like
spacewalk that's going to do a really thorough job of that. And there are other things where it's
like, hey, have you got a custom use case? 100%, like, we want to expose APIs to you.
like allow you to build on top of the platform, add custom skills, all of those sorts of things
that kind of mean that you're leveraging, yeah, things like Claudecode, those sorts of things.
Now Tim, just before we go, I just wanted to get your opinion on one last thing,
which is it feels like a lot of the products doing, I guess, cybersecurity data crunching,
whether that's AI sock-based stuff, whether that's vibe hunting,
whether that's, yeah, detection and response or incident response.
It all feels like it's doing data crunching on the same stuff.
So could these products sort of collapse, do you think, into a single category?
And instead of having a splunk, you know, or any of these cloud splunks from Microsoft or Google,
we might just wind up with one sort of AI system that sits there doing all sorts of analysis.
It does analysis in real time.
It does analysis retrospectively.
It does incident response, but the point is it's just a big blob of logs and data that has AI crawling all over at 24-7.
Like, you know, that's sort of where I see things going.
And I want to get your opinion as someone who's building a specialist AI platform looking at one part of the sort of attack timeline.
You know, do you think eventually that you're all going to be either acquired or rolled into one mega AI that just handles the lot?
I think the unique perspective that Spacewalk brings is that conclusion, that intelligence of what to look for.
And so as you're curating incident knowledge within Spacewalk, we're pushing that back down into your organization to improve resiliency.
I think if you look at software developers today, they each have six, ten instances of Claude Kill going at the same time.
We see a lot of parallels to the incident response team in the next couple months where they'll be running six, ten, twelve instances of Spacewalk AI, chasing down various escalations, chasing down various threat hunts, or collaborating with our AI as well as their peer incident responders in a complex incident scenario.
Okay, Chris, what do you think about this idea that, you know, eventually everything's going to collapse into a single product that doesn't.
all of this log crunching.
Yeah, I think you said something really interesting before we kind of came on air, which was,
like, what would you do if you had, like, infinite human, like, hours?
And I think, I kind of think about that in the same way, which is, like, what would happen
if you could deploy AI to every part of your stack?
You wouldn't send every log, for example.
You wouldn't run detection in a single place.
You wouldn't run detections as something that gets, like, created.
It might have a life cycle of hours rather than, like, years.
you wouldn't run a threat hunt like on like, hey, every month we should run a threat hunt.
You would be doing all of that continually.
So I think for me, really where the platform's going or really where the space is going,
is I think it's about taking that intelligence and then learning from it in real time.
If you see a campaign that's either taking pace in kind of environments that are parallel to yours,
the hard bit is like detecting that, figuring out what's going on, figuring out what's generalizable,
and then applying that into another place.
So I think really what's exciting is like we're seeing probably a tidal wave, you know,
like we were talking about before coming on air for the last three months, really seeing AI come into the,
you know, the attacker like toolkit, whereas I think in the defenders were still a little bit slower.
But I think where those two things have to come up in like parallel is thinking like,
how am I as responsive and as adaptable as the attacker is going to become?
So I think that will mean that they have to, whether it's one system or a bunch of really tightly connected systems, I think like in some sense it's like they're going to be incredibly integrated or they're going to need to be to be effective.
All right, Tim Wenslow, Chris Fuller.
Thank you so much for joining us on the old Snake Oilers podcast to walk us through Spacewalk AI.
Very interesting stuff.
Thanks for having us here, Pat.
Yeah, I really appreciate it.
Thanks, Pat.
That was Chris Fuller and Tim Wenslow there.
Big thanks to them for that.
It is time for our third and final snake oiler today, which is Mondoo.
You can find them at Mondo.com.
That's M-O-N-D-O-O-O-com.
And Dominic Richter is the founder of Mondo, which, as you'll hear, started off as kind of like a policy-related open-source project,
moved into sort of more vulnerability management and, you know, other security functions as well.
but now they've got a heavy emphasis on AI-enabled service as software vulnerability management.
So the idea here is, you know, I was very interested to hear from these guys
because obviously an area that is prime for AI acceleration is going to be vulnerability management
because there's a lot of drudgery involved.
But also, you know, do you want to just go tell a bunch of agents to go patch things
and wish them luck? Probably not.
So, yeah, that's why I thought chatting with Dominic in this snapshot.
Nightgoiler's edition would be very interesting.
So here is Dominic Richter talking about Mondo and what it does.
Enjoy.
Mondo is a company about vulnerability management.
That's where we started.
That's where we grew out of.
But the spin that we were taking on it is that we provided as a kind of agentic service these days.
And just in those few words, there's like a lot of things embedded.
So it's essentially a fancy way of saying it's a combination of humans plus agents working together.
and combining their abilities in order to deliver outcomes in the volunt space.
Yeah, so we should set the scene a little bit here,
which is that yours is a company that was founded like a couple of years
before the AI revolution and sprung up out of an open source project.
Is that right?
That is right, yes.
So we came out of a policy engine that we had created
because we saw both vulnerabilities as well as misconfigurations on these systems
that's essentially what you would target in hardening.
I used to be a pen tester myself,
so I knew that there is a lot of hard things you can do wrong,
and then there is a lot of easy things you can do wrong,
and if you do the easy things wrong,
you make it easy for me to break through and get deep.
And we saw a lot of that, and we wanted to address it.
So we created a project to express policies in code
and make it so it's independent of the technologies,
because at that point, you know,
we had gone through the rise from servers to cloud to containers.
Like, we saw the writing on the wall.
There's more and more tech coming in.
So it might as well try to unify it.
That's where we got our start.
Yeah.
Yeah.
And so the idea here was to try to do more unified patch management across like endpoints,
Kubernetes, cloud, like whatever, right?
Yeah, that's right.
So first, we wanted to help detect your systems, inventory them properly,
detect the vulnerabilities, then really, like, clear out the signal.
Like, you know, one of the biggest.
problems is that there's a lot of noise out there with vulnerabilities too. The speed has only gone up.
So we wanted to set the focus on what actually matters and what is real. I have been both on
the giving as well as on the receiving end of posting about vulnerabilities that, like where
I went to my engineering teams and I said, look, I found these critical vulnerabilities. And they're
like, I'm sorry, Dom, that's bullshit. Like that service is not running. That colonel is not
live. Like, what are you talking to us? And yeah, we're really.
we realized you need to make it real for your teams to work together and try to fix it.
And that's what we focus on there.
So what have you done to AIify the Mondo software?
Like where have you applied it and how have you applied it?
And what's the outcome of that been?
Okay, so there's a couple of pieces here.
The first thing is that if you get a big stream of data coming in, you had it in one of your past
podcast too, by the way, where you talked about threat services.
There are a couple of people talking about this, how you find the actual signal within those.
We have done something similar for vulnerabilities where we actually look at the vulnerabilities that
matter.
And we try to make it simple for people.
Like there's a lot of people that claim it.
There's a lot of dashboards that will show you like, oh yeah, here's your, you know,
we scored this high.
This is a critical trust us bra.
And so we really tried to work with our customers to, um,
create something of like a nutree scoring approach for what matters to them. So typically it is
attack surface. You know, can I reach it somehow? Can I attack this thing? It's blast radius. So if I
hack this machine, how much further do I get? Pentesters basically love this one. If you can hop from one
system to the other, it's business criticality. Does the system matter for you in any way, shape, or
form? It's exploitability, i.e., you know, is this thing real? Like, if you give me a CVE, like,
Is there an exploit for it?
Can I actually take it up?
Can I break into this?
And lastly, there is news.
So if we talk about some CVEE or like what we did,
Shai Huluad recently, right, like version 2 of it,
then other people know about it.
It's getting broadly attacked.
You might want to get moving on that issue more quickly.
So with all the signal coming in, we used, first of all,
the first thing that we do is prioritize and understand your findings
and then get you to initiatives.
So typically when we go to security teams,
they are trying to achieve something.
And it's not just about seeing something in a dashboard.
Like they, for instance, need to pass an audit
or they need to get their risk down that they currently have.
Or their window systems are horribly out of shape
and they don't know how to effectively patch them.
Like their entire team has issues there, right?
And so we go in and we are not just a dashboard,
we are not just a tool.
what we are actually treating it as a service.
So that's why it's the mix of agentic mechanisms that we have
plus the service angle.
So we actually look at the customer and we're saying,
okay, what are you trying to solve?
What do we actually need to help you with?
And then using all the data that we have,
we're looking for the outcomes.
So if an outcome is, for example,
that I get your vulnerabilities down by 60% by the end of the year,
then that's what we're driving towards.
And then the question is only, okay,
what are the steps that we take to get there?
and that's where we create the plan, we automatically executed.
The automation really comes in through the agents doing a lot of the work,
both in the detection, but then also in the fixing.
Because a lot of the fixes are...
Yeah, so you've talked about the sort of detection and prioritization piece,
which is kind of like, you know, that's kind of like co-pilot work, whatever,
you know, taking a bunch of signals and, you know, trying to surface,
okay, you might want to deal with these ones first.
But like, the stuff I'm really interested in is like,
how do you then get an agent to go out and start fixing stuff in a way that's sort of predictable,
repeatable and not dangerous? Frankly, right?
So the two ways that I've seen, by the way, for the dangerous one, too, this is where I've seen
a lot of people start.
They will just tell their agents, you know, you get control over this machine, go out and do things.
And then the agent will, I don't know, hallucinate something in the middle of the night and
decide to delete your database.
So that's not what we want.
There was a CVEE here, so I just vaped the operating system, right?
No more CVEE.
Problem solved.
Good work.
It is crazy how these agents and AI, like, it's really gaming the system.
Like, it's trying to optimize it.
If you tell it to do something, it will try to game it, even if it's doing the thing
where you're like, this is really fucking dumb.
Like, are you trying to destroy me?
Like, if the fastest way to reduce code in your repository is to delete the repo, it's
going to be like, here you go.
I did the work.
And so we ran into a similar problem here because we didn't want the automation to go to
this fancy black box that can come up.
with the craziest actions that you can think of.
Like, if you just give it admin access and you tell it, go do and have fun,
like it's going to work 90% of the cases, but there is going to be a few percentages
where it's going to delete something that is critical to your business.
And that's not going to be fun.
So, okay, so what do we do?
Well, I actually come from, also from the automation space because,
platform automation, because after being a pen tester and having so many of these
platform teams yell at me about the vulnerabilities, I was like,
How hard is this?
Let me actually switch sites and let's try to automate these systems.
And so I went in with automation tools like Ancival, Sheff, Terraform later on, and so on.
So I got to know all of these cool tools that the engineers on the platform teams have.
And so when we started Mondo, we realized, okay, we're trying to bring these two sides together.
But the way in which you roll out the fix, right, like from a security perspective, I want to push the button that goes and fixes the thing.
Awesome. But usually I don't really care about how that happens or I don't really like that's not my specialty.
On the platform side, however, I do care about that mechanism. And so in our book, it is a lot of
these as code platform automation projects that are out there. So we're trying to push as much
of the changes that we're doing through the tools that larger organizations use in order to automate
themselves. And again, coming back to the service thing, the cool thing about the service.
is even if we run into a customer that doesn't have that because they don't have a bunch of
answerable engineers, that's no problem. Like we literally roll it out and we manage it for you
so that you don't have to deal with it. The cool thing when you do it as code is that anytime
you push a change in, you can actually test and make sure that it doesn't do anything crazy.
Like you can't just go and delete the database. Not possible. Why? Because it's not just a black
box, like it's written in code. This is what the code can do. These are its parameters. You can fix
systems. So that's one big angle of it. So it really sounds like what you are offering here is more like a
professional service that is using AI to sort of scale up and be very efficient. Yeah. And we're doing this in a way
where other service providers can consume our platform too in order to provide their own services as well.
That's been the idea from the beginning. Like we didn't just want to make this for ourselves and just
built a services model here. We actually wanted to create a service as software kind of model.
Like, you know, SaaS software as a service, that's been like the model in the last 10, 15 years and
so on, and it's now switching over.
Yeah, your service is software. I get it. I get it. I mean, I think that's a cool idea.
So I guess what it sounds like is you're using the agents at this stage. I guess, you know,
it's not just a case of giving them like really privileged.
credentials and telling him go, go fix stuff. I guess that's it. You're using them
carefully, I guess, is the point. We're using them carefully. Yeah, like you essentially get to
see what it's trying to put in place, what it's about to change. There is this whole operational
considerations view of the world that we have where, for instance, after we get all the findings,
we figure out what you want to do to your systems and we work with you to say like, okay,
let's do A, B, and C, right? Like, not the rest. Then we actually look at, okay, if you do A, B, and C,
What are the operational considerations of this system?
Do you need to restarts?
Do these services need to somehow be spun up and spun down?
What are some of the implications that you have on your up time, downtime, and so on?
What is the rollback if you need that?
And again, all of those learnings come from doing this in the platform automation space for a long time.
Now, of your customers, what percentage of them are driving this themselves versus relying on
you for the service component.
So the service component is still fairly new in our playbook.
So we used to actually be more of a platform for self-service for longest time.
And then we realized with a bunch of our customers, they just wanted to buy it as a service
because it makes it easier for them to consume as well.
And so the service part is now growing.
I would say 25 to 30 percent are now moving to a services model.
Larger customers, some of the largest ones that we have.
like in car manufacturing and telco and so on, they actually drive it themselves.
And not only that, they're just doing it for themselves.
They're doing it for other parts of their organization.
So whatever we build, right, like I'm not just building as a service,
but we're actually building as a scalable software piece that they can use this way themselves
as well.
Yeah, but that would be for the really big companies with presences in like 30 countries
sort of thing, right?
That's the situation, yeah.
That's how they are consuming it.
Yeah, and anyone who's not that is kind of like, yeah, you know, you just do it.
So of that service, I mean, are they just getting, you know, their stuff patched?
Is that it?
They pay the, they've got an SLA, they just pay you, and then it's taken care of?
Mostly yes, for patching.
It's not just patching though, so I have to be careful about that one as well, because
patches only go so far.
There's also system configuration and hardening, which comes into this as well.
Could be, for instance, certificates, SSLTLS, maybe there are services on Windows or, for example, if things aren't configured right with your group policies, if we catch them, we can help you fix those as well.
So it's not just patching.
It's actually system configuration and hardening as well.
All right, Dom Richter, thank you so much for coming along to chat to us about Mondu and about, I guess, what vulnerability management looks like in the AI
and how you're getting some efficiencies there.
Very interesting to chat to you. Thank you.
You as well. Thank you for having me.
That was Dominic Richter there from Mondu.
Big thanks to him for that.
And big thanks to Mondu for being our third and final snake oiler
for this edition of the Snake Oilers podcast.
I do hope you all enjoyed it.
Of course, there are links to everything in this week's show notes
so you can go chase down these companies that way.
But yeah, until our next podcast, I've been Patrick Gray.
Thanks for listening.
You know,