Name: State of AI Report + Real Implementation: Your Complete Guide to Modern Threat Intelligence
Uploaded: 2025-09-23T17:31:18.234Z
Duration: 49 min 8 s
Description: State of AI Report + Real Implementation: Your Complete Guide to Modern Threat Intelligence

Transcript for "State of AI Report + Real Implementation: Your Complete Guide to Modern Threat Intelligence": Alright. Welcome everyone to today's webinar. I'll give people a, a few seconds to join us, find their seats, get comfortable. Maybe this is a lunch and learn for you, or it's earlier in the morning and, you need a cup of coffee. So, we'll give you a second before we get started. Alright. Well, welcome everyone to our webinar on the state of AI and automation and threat intelligence. I'm excited to be joined by two experts from Recorded Future today as we dive deep in the impact AI and automation are having on our own threat intelligence program and of some of the customers we work with, as well as exploring the findings from a survey to over 520 executives and practitioners on this topic. But before we begin, a couple of very small housekeeping notes. The session will be recorded. You should get an email with the recording to the email you registered with within about twenty four hours. Secondly, don't hesitate to ask your questions. We'll try and get through as many of them as possible, and we'll also have dedicated time at the end. But with that, let's get started. And I'll start with introducing today's speakers. So I'll meet you then, introduce themselves and also tell us about maybe one AI workflow inside work or outside of work they've implemented to work smarter, save time, or maybe just make life easier. Jim, I'll start it with you. Cool. Thanks, Sam. So I'm Jim Wolf. I'm a a security architect here at Recorded Future, and I work on our internal, CSIRT team. So I've been I'm curious by nature, so I've been dabbling with different AI workflows, and trying to learn, as I go along. So a fun workflow that I've done in the past, two months is we, I go on an annual backpacking trip, and the this last trip was about eight days. And because of it being a long trip and covering a lot of miles, water security, and logistics around resupply, camp spots, etcetera, are really important. So we typically, amongst our group, divide that amongst, several people, and then we get together and and, you know, try to identify, the plan. Well, I thought it'd be interesting to use, one of the agent features available on on, one of the common AI platforms right now where I put in, hey. Here's the trail that I'm doing. Here's how many days and nights it's gonna be and identify some of these key things and build out it. I had to build out a PDF. It took probably thirty minutes and that it did a really good job on building out a PDF with a lot of supporting links. And then I put that into notebook l m and had it make a podcast out of the information. So we were able to when we got together, I was like, hey. Let's give it the twenty minutes to see how it did. And it was about 90% accurate as to what the, we would have wanted to identify. So I thought that was a fun, non work related AI use case. Good practical use. Yeah. Nate, I'll toss it over to you. Yeah. It's awesome. So, Nate Lee, senior principal sales engineer here at Recorded Future. Spent a lot of time working with our customers. One of the topics, almost every call these days is about AI. I use AI extensively in my personal life as well as my professional life. I have a million different kind of use cases on the on the personal side. But one of them that I've really enjoyed I've been a a smoker, a meat smoker for a number of years. I have a big green egg. I love to kind of, discover new ways of of doing some of the the classic things like just simple steaks and and chicken and stuff like that. But, what I started doing is I started feeding all of my past, smoke sessions where I had maybe had, some notes or I even have, I have a a fireboard, automated fan that I use now. But it will collect, all of the information about the temperature changes in the meat and the the green egg and stuff like that. So I started putting all that in. Like Jim actually just said, I also love to feed a lot of information to AI, in order to one, I'm curious to see what kind of output I'm gonna get from it, but I give a lot of background. So I live at 7,500 feet. I'm in a dry environment. Sometimes I'll I'll brine or or or salt the the meat at different times, twenty four hours in advance, forty eight hours in advance. And I'll just kinda see what the what the output is, when I'm done and I take notes and and on how how the the meat was, how long it took and stuff like that. But one one particular time, I was having a very, very long stall. If anyone smokes meat, they'll know what that is. There's a point when you're smoking like a a pork butt where you get to an uncomfortable spot where you the it does the temperature doesn't seem to be changing for a long period of time and your goal of, you know, a certain number of hours is is fast approaching and you're like, oh, no. I'm gonna end up with, you know, taking too long and the party's gonna start and I'm not gonna have the meet ready and all this kind of stuff. And I fed in because I had given it so much information from past smokes that I had done, I fed in all of the details about this particular session and I was like, hey, don't worry about it because you you you, brined it a certain way, and because you put it in the fridge for this amount of time, and then you let it cool for this amount of time, and given the altitude that you're at, you know, it it'll probably be a a forty five minute stall and then you're gonna rapidly increase to the end. And it was exactly it was exactly correct. I wouldn't say that it's like every single time I have a big success with stuff like that, but by feeding all that information into it, and I continue to do that now today, now I can just go in and say pork butt. And it gives me my my preference for how I like to, to do pulled pork. So that's my big exciting use of AI lately. Oh, that's a great great use. I get myself a green egg and start my use case as well. The slippery slope, Sam. Yeah. Yeah. Exactly. Yeah, last, probably the least here as well. Sam Weymock, the team lead on our product marketing team. One thing I've started dabbling with is, you know, maybe on a Friday night, get off work where you don't have time when you go to the grocery store or anything, check what's in our cupboard and fridge to make maybe an adult beverage. Throw everything we've got in there and ask Chad GPT to come up with something. Maybe give us some directions, whether we're feeling something smoky, sour, sweet, and then it'll it actually plugs or, creates some good concoctions that we've had. So, kind of been our virtual bartender chat GPT, which has been nice. But, awesome. Well, with that, we'll get back into, a threat intelligence. And before we begin talking with our two experts, I did wanna highlight the state of AI and automation report we conducted alongside our research firm, User Evidence. If you haven't seen this report, you can easily download it from the docs tab, in this webinar portal. The report covers findings from over 520 cybersecurity executives and practitioners on how they're currently using AI and automation in their threat intelligence program, how much value they're seeing, what roadblocks are coming up, and what their future expectations are. Now as you can see on the right hand side of the slide, some of the findings from the report include that 93% of respondents rate AI as crucial to their future strategy. 85% say implementations meet or exceed their expectations, and 86% trust AI generated threat intelligence outputs. But for this webinar, we'll use the report as kind of a backdrop to discuss how our two experts see the current state of AI and automation in threat intelligence from their unique perspectives. So I'll begin by posing the first question to Jim. How is the implementation of AI into your workflows compared to your initial expectations, And have there been any surprises, positive or negative? Yeah. It's a good question. And I think it, it's been good and bad because I think there's been some quick wins, and then it's added also a lot of, challenges as well. So being on the CSIRT team, one of the responsibilities that we have is to do, vendor reviews. So if we're gonna onboard a new technology or a new vendor, you know, we have to go through the process of doing a security review on, the product or the company, etcetera. And I think those are always getting, we're getting better at doing them and coming up with a more uniform approach. But one of the, elephants in the room is we have to start to now ask, does that technology leverage AI? And, you know, unsurprisingly, almost everybody now is leveraging AI in some capacity. And so then we have the questions as to how do they leverage our data, with regards to AI. You know, we wanna make sure that we aren't being used to train any public datasets. Right? We or we want to make sure that we're still in control of our data. And if we can get granularity as to, you know, what control do we have as to what data that we're sharing. We're trying to keep in mind as as a security team or we don't wanna say no to things. We wanna see how can we say yes. And if if it is a no at first, how can we put controls in place to say yes? So really making sure that we have, when we're onboarding a vendor, just wrapping our arms around understanding their AI and their capabilities and trying to come up with a framework that's gonna allow us to scale and get better at answering that for, future onboardings as well. So it's something that we're we're getting better at. A positive workflow that we we've had is, you know, with the nature of the job is there's a lot of reporting, that I need to do higher up, and I'm a lot more comfortable working with datasets like JSON blobs or raw data, than writing up a nice pretty report. But what I found is is that, you know, using some of the AI tools that we have internally, if I can feed these datasets in and say, hey. Here's the desired report or outcome that I want or the communication based on this data. It's able to save me the time to generate a report that is digestible for the audience that needs to receive it. So, I I don't enjoy, I'm not great or enjoy a report writing or or, like, slides or what have you. And I found that it's made me better at that, without having to sacrifice, data quality whenever I'm doing those types of activities. Nice. So you're saying you're just not not really into the marketing side of things. Right? They're not Not much. No. Not much. Nate, in working with your clients, what are some of the AI use cases that you find that delivered them the most value? Yeah. I think that, you know, one one of the big hard parts of being a human is that it takes us a lot of time to process in mountains of data. So being able to to feed in that data, or utilize a service that's already accounting for mountains and mountains of data to provide, quick insights is something that customers, are really leveraging AI for. So I think that that's an important use case. Kind of making AI work for you so that you can your your human brain is freed up to to then take the the quick insights and develop, you know, analytic outputs or processes. On that same note, faster time to value, when taking information that needs to be turned into reporting. So even similar to what Jim was saying, it is like, not everybody's good at writing reports. Not everybody had kinda has the analytic practice necessarily of understanding how to write maybe like an intelligence report. So I think that being able to find those quick insights, still use your your human brain to kinda piece things together, but then, that process of then putting that into something that you're going to deliver to a customer, you're gonna deliver to your executives, you're going to deliver on a quarterly basis. I think these are, pretty significant time savings, in putting those together. As as Jim was mentioning, I have to answer a lot of questionnaires and, RFPs as part of my sales engineering job. So I'm finding that our customers are leveraging AI more and more. And typically, that is, it saves me a tremendous amount of time. And so, you know, we don't damage your relationship by taking too long or or I have, you know it reduces risks for us as the provider of a service, to our customers. And, I can only, hope and wish that more customers are gonna take advantage of those because it really does reduce time for everybody in that process. And then the last thing I'll point out is I am seeing more of our customers utilizing, a variety of kind of, task specific AI for things like writing code, writing signatures. So things that they may not be specifically skilled or experienced with. I'm seeing there's opportunities for organizations to level up some of the the younger, the newer, folks that are part of their teams where they can now participate in things like, you know, writing more technical, you know, outputs. Awesome. And, Jim, back over to you. And thinking more about automation, Is there a specific use case that has delivered a lot of value to you and your team? Yeah. So, on our team, we we look at different ways that we can automate our processes, and an example might be, how can we leverage some of our different modules in any of our alert workflows and get get intelligence out of, get intelligence out of our modules, whether it's an alert or a report, etcetera. So what we end up doing a lot of the time is writing some custom code, to do that. You know, we're not, we like writing, the custom code if there's not a specific prebuilt tool that we either have in house or have purchased. The thing that I'll say is, you know, I'm an engineer architect, so I typically know what the inputs are going to be and what I want the outputs of a process to be. I'm not a developer. So I'm can write code, but I would say that I'm probably not I I mean, say for sure I'm not the best at it, but I've gotten, dangerous. But the thing with some of the CLI tools that are available now, that, you know, we are able to use, I'm able to come up with a framework or come up with an initial version of code and then really use, like, the rubber ducky debugging methodology where I know what the output should be, but it's not working quite as expected. And I know exactly how the system that this code should be working with, and and it's not operating as I want. Rather than me try to fix the code myself, I'm able to, you know, kinda work side by side with an AI agent to manipulate that code and get to the desired output way faster than I was able to previously do. So I think being able to leverage or write better code to work with any of our, APIs has really been helpful. The one thing that I'll say is it's still good to have somebody who is a really good developer in the loop because I've before deploying to production or making this a, you know, a formal formally deployed process, I'll sit down with somebody who is really strong with coding and they're able to identify, hey. You shouldn't use this specific type of function or process because there's security concerns around it, or there's a more efficient way to be doing this. So I think it's, that's where you kinda gotta walk the line as to where just because it's getting you to your desired output doesn't necessarily mean it's the best way, to do it. So I think still working with the people that could know best and and do a review on any of the AI generated content is still, definitely is something that you should still include in the process. Great. And, Nate, I know you advise a lot of lot of different organizations out there. For those looking to improve their automation processes, where are you trying to typically advise them to focus? Yeah. So, I mean, it it's interesting because everything that that Jim said is is applicable to where I might, advise, you know, a lot of my customers. And then, one of the things you pointed out that I think is is super important is you have to find what those repeatable processes are. So there are things we all do again and again and again. And, sometimes we don't even necessarily think about it or realize it. I think it's important to identify what those repeatable processes are that you could potentially automate, with AI. And and things that aren't even necessarily risky. Right? I think that there's some some, worry that there's some risk to using AI because the output may be, you know, may be a hallucination or something like that. But there's a lot of of task specific AI agents. There's also a lot of, more technical repeatable processes that humans spend time doing that are a great, are great candidates to be automated with AI. And then to the same point, helping teams level up, knowledge and effectiveness by kinda strategically figuring out where to leverage AI, I think is important. Again, like, things like developing, Yara and Sigma rules, things like that where maybe not everybody's, real skilled at doing that, but AI is actually quite good at at at least getting you to a point where maybe a human can review like Jim is pointing out, you know, a a true, you know, rule developer. But I think that there's a lot of those and and there's opportunities to level up. The the fact is it's here. The fact is that our our, kinda newer folks to the industry, the younger folks in the industry are gonna be utilizing this as a normal part of their day and normal part of their life. And I think there's good opportunities to help level up the whole team by, finding those repeatable processes and then strategically figuring out where to deploy them. And Nate, a quick, question for the chat here. Are there any kind of concerns or maybe top concerns that customers raise when talking about AI? And how do you typically tackle that? Yeah. It's been interesting again since I have to answer a lot of security questionnaires. It's kind of like this increase in in, in what I what are becoming more standard surveys and questionnaires about how we how we developed our use of AI for Recorded Future specifically. So I think that there's there's been an interest in, like, that's also indicative of an inter an increased interest in using AI. It's not just a are you secure kind of questionnaire. It's a we're looking into this because we realize that it's here and we need to understand. So there's also been kind of a maturity of those questionnaires. At first, I don't think the people, a lot of the folks that were writing the questionnaires I was getting really fully understood AI. And so they're just like, we gotta get a handle on this somehow. Those have changed over time, and are far more they they feel more informed. Like, the questions aren't kinda coming out of left field. They're they're, they're they're, they come with a better understanding of what AI is from the start. So that kind of that's one side of it. The other side of it is I think that there's just, maybe there's a lack of of understanding or knowledge or a lack of vision on how to use it. And so, being, being open to how AI is more than just like a hallucinogenic, you know, super Google or something like that and really kind of understanding how it can work for us, I think, is an important part of that. And and that takes vision. So I think some, organizations that might be pushing back, there could be some regulatory reasons that they do that for the highly regulated, industries like banking and health care and stuff like that. But I think it's just a matter of time where people figure out kind of where where to insert the right kind of AI to maybe test specific AI agents that are gonna help them do things in a secure way. So I think, to kinda summarize a lot of that. Right? It's a lot of unknown it's the unknown unknowns that I think are are blockers for people being able to use or implement AI. And that's just, you know, kind of an iterative process of of starting to understand how it can be used and, how it's secured and all those kinds of things over time. That makes sense. And, Jim, when you think about it as kind of being a being a customer of different AI tools as well as Recorded Future on AI tool, you know, what what is your biggest roadblock when expanding AI use and how do you try and overcome it? Yeah. And I touched on it a little bit earlier, but it's really the questions that we have internally from a an HR and legal and procurement perspective regarding AI. So as I said, any of the tools that we're onboarding, understanding what's happening with our data, is critical, you know, in in wrapping our arms around that. But the other thing that I think is a challenge is a lot of the a lot of the AI tools are really, right, they're increasing productivity in a a way that they're doing that is by tying into various systems and really just able they're able to go through swaps of data way faster, than than a human is. So we've looked at different, tools and and we're starting the POV process with a few, but, they're able to integrate into a wider range of our of our tool sets. And a question that you would have is, you know, I shouldn't have the same data access that you or Nate have internally. And ideally, that's the case. But if one of the tools that integrates with one of these AI agents or tools is overly permissed, meaning that, you know, we haven't properly locked down the permissions on a dataset. If somebody goes in and stress tests a query to see what data that they have available to them and the subsequent applications that are integrated there aren't are overly permissed. A concern that I would have is that that data is so much more readily available because they're using an AI agent where if you were able to just try to manually scour through, you know, your productivity suite or your CRM, you would be there all day. But if you were able to just ask an AI agent a specific question and it's able to quickly give you the answer, that would be a concern of mine. But to backtrack on that a little bit, that's a concern of ours anyway. Right? We need to make sure that we have proper data controls in place. So in talking with some of these vendors, you could also look at this as the other way where these data tools, if you do a slow deployment initially and you stress test them, you could proper you could probably actually audit your permissions internally on the datasets that are available to make sure that you're not overly permissed. So, again, as the security team are we don't want it to be that we say no. We want it to be that we say yes to things. So we're coming up with strategies as to this is a concern of ours. How can we make it not a concern of ours anymore? So let's make sure that we go through a POV and a stress test process, validate that, you know, hopefully, our worst fears aren't true and that are the existing controls that we have in place. Let's go and audit those and make sure that they're healthy and stable, and that'll allow us to then implement and and sign off on that tool. So I think the big thing here is this is so new for everybody. And I think coming up and being dynamic with the way that we approach onboarding these tools and how we either say yes or no is something that we just have to be quick on our feet because it's gonna be different six months from now than it is today. So we're just trying to be dynamic in, in reviewing and saying yes to these tools. Yeah. And and to go into some of the research in the report, it shows that the top blockers for expanding AI use, especially in a threat intelligence program, is the loss of analyst control, vendor flexibility, limited expertise. Kinda pose it to both of you guys, but do you think there's one that you're definitely seeing, or are all those kind of what you would figure to expect? I'll jump in first. I think lack of experience is probably, what I would say, is a is a big hurdle. I think these are tools are new enough for everybody in in a the AI is never gonna answer not confidently, it tends to be. Right? Like, if it gives you an answer, it's like, here's the answer. And I think making sure that you can appropriately ask the right questions to the right AI tool, like, knowing which data it should and shouldn't have available. But then also, you kinda have to have that intuition, to fact check where needed and to you know, especially if it's a key data point that you're gonna run with, if it was generated by AI, making sure you that you get the skills to and that you have the skills to do the validation on that data as well. Yeah. I I agree with that. I I do feel that kind of the the nature of the query, is also really important and that comes with experience. So, being able to identify when the results maybe doesn't sound exactly right, as Jim is pointing out because it will answer, confidently, I think is important. So a lot of that has to do to do with experience. On the other, I think you said something also about, losing analyst time. What was the how did you phrase that? Lack of analyst control. Lack of oh, lack of analyst control. It's interesting. I I think there's probably a lot of layers to that, because, it really kinda depends on how you implement and deploy it. I think that there's a a general appetite for trusting AI, but because of these questions that you're posing and kind of all the layers of meaning behind them, they're they're it's it's trusting AI is different than implementing it. So really understanding how it fits into your workflows and stuff like that is one thing. And and that's kinda different from the the question of, is it something we can trust and is it something we can use? Okay. Then now how do we use it? And how do we how do we provide kind of a an SOP for the use of AI in certain areas of our of our jobs and then maybe even leaving it out of other areas. And speaking of trust and validation, Jim, how would how would you rate your trust level on a scale of one being no trust and five being full trust. And can you explain why? So I'll be noncommittal and go in the middle with a three. And I think that's because I've seen different success. I've seen different tools, I think, do it better better than others. And the, I think the challenge, like I've said earlier, is I don't typically see AI tools answer something not confidently. They're almost always like, here's the answer and run and run with it. I think, you know, our AI does a good job at this and other AI tools where if they're gonna give you an answer, they're gonna also provide the underlying sources to that answer. I think that's key to being able to verify, and I think that really is a time save in and of itself. If they can give you an answer, but then link you to the sources, I think if you should go through with due diligence to make sure that you trust, trust those sources and you're coming up with the same verdict, as well. I I think it's important to have the capability and and making sure that you have the skills to do that validation. Another reason that I think this, piggybacks off of that is if you the reason for a three is my score is, I think if there was some way that a a confidence level was provided with an AI generated response, I think that would just also help to, you know, put how much validation do you need to go through. I'd say right now before I'm spitting anything out or sending anything forward, I'm really still going through and trying to validate as much as I can. And with that being said, I have the responsibility to not ask questions that I can't validate. So I think I'm always surprised though. I think it's gotten better and better in the even in the last six months with how much you can trust that data. So even though I'm I don't wanna say I'm a skeptic, but I'm following the trust but verifying, I'm becoming more trusting. And they, so the report says 86% of respondents report high trust levels of AI generated outputs. Now you've probably talked to about 500 plus cybersecurity executives and practitioners over the past year as well. Do you think that's reality, or are is maybe, what you're finding a little bit different from the report? Like I said, I think that there's, I think that it makes sense that there's a trust level of 86%. I think that that isn't necessarily a reflection of an appetite to implement though. So I think that the I I feel like the customers are still trying to figure out, like, how can we and where can we use AI in our workflows. I think that that's complicated because the the implications of making bad decisions can be great, especially if you're like a bank, and you're trying to protect people for stealing money. And so I I while I think that there's a trust level, I think that people are still trying to figure out what that means when it comes to the, actioning on that and implementing it into their security workflows. Got it. And looking forward, you know, 67% of respondents believe generative AI could reduce analyst workloads by around a quarter or more. So, Nate, do you think generative AI will have this kind of effect on threat intelligence workflows? Or, again, did respondents maybe overestimate the impact? I think that's a tough one. I mean, I I think it absolutely positively impacts intelligence workflows or it can if people are are implementing it and and utilizing it. I know where we provide it in our service offerings, it is a massive time saver. And it it absolutely increases workflows. I feel like we hear this all the time from our customers. It's also I think it's a natural progression and necessary, for handling volume and complexity of data that we have. So I mean, data is not diminishing in volume. There's more and more and more and more of it. Threat actors are using AI to more rapidly deploy, you know, issues for everybody. And so I I think that there's a a good argument for the not just the necessity of it, but, the actual reduction of of time spent coming to conclusions and writing reports and making decisions, with the use of AI. So And, Jim, I'll I'll toss the same question over to you. Yeah. I mean, I think there's definitely gonna be an avenue to reduce our the time for our workflows. And, you know, a way that we've already been leveraging our own AI internally is, you know, as part of our regular monthly report that we send to the entire company, you know, something that we try to do is look at our own, threat maps and identify who are who are threat actors or malware families that are of top concern. We have a lot of integrations that allow us to to start threat hunts based on that data, but we're also able to leverage AI to, you know, list out, hey. What's of top concern in the last two weeks? What are IOCs that are relevant to this? And then, help us do a threat hunt there or help us validate why maybe we are doing that that threat hunt and give a give a response. So, you know, all those items, I think, that ties into not just report writing, but also the more technical aspect of implementing or or establishing why you're doing a threat hunt. So that's just one example as to how we are already leveraging, our own internal AI through and TI workflows. Now do you think there's a world where, yes, it cuts down 25% of workload now, but because of the ability for threat hackers to set up new campaigns, that 25%, doesn't actually get, reduced, like, because we're having to battle more and more fires? Or is that just a, a theory for maybe five years from now? My only thoughts on that is I think is humans, we're really good at filling up our time. So I think even if we find a 25% saving here, I think we're gonna find some other way to to fill that. And to your point, it's not just us that are you know, it's not just the the threat actors are gonna be leveraging, AI too. So it's gonna be six months from now, maybe we have a better answer on how it's impacting or not either saving us or not saving us time. I think TBD. Yeah. I think it's hard to say. I mean, as Jim's pointing out, like, when I save time in one area of my life, I'm gonna fill it with with new things. And that's not always a bad thing. Right? Because I become I can become more effective if I manage that well, across some, you know, different things that I'm doing in my life, both personal and professional. So, it'll be interesting to to see what we say in six months, a year, you know, five years from now. I'm I'm anxious to see what that's gonna look like. Yeah. Maybe we'll get that four day work week where, maybe we're still still doing the same thing. Well, thanks everyone, and keep, putting in your questions into the q and a. I will make sure to get to them momentarily. I just wanted to talk a little bit about our upcoming, Predict twenty twenty five event before getting into questions. So registration is open. You can use our code pre 2025 to redeem a free pass at either event. So we got an event in New York coming up October and as well as one in London from October. So depending where you are. There's we're gonna have some great, training sessions, some awesome speakers that we've got lined up, as well as some very interesting breakout sessions so you can learn how to operationalize threat intelligence across a number of different workflows. And for the New York event, if you've been paying attention to the Recorded Future or social media accounts today, you might have seen that, Michael Che and Colin Yost will be, actually, one of the speaker headline speakers at our Predict NYC event. So we'll see what kind of SNL sketch they do that maybe pertains to threat intelligence as well as AI and automation. But with that, I'll get back to, the q and a. And, one for you, Jim, to come up. So how do you reevaluate vendors when their product or service you use changes to the use of AI, you know, especially if you just performed a full review without that functionality? Yeah. So we go on regular review processes for even whenever it's coming up with a renewal. And I was just submitting a a PO earlier today where I had to ask if the scope of work has changed, because is it it or does the the product change? And one of the new questions that we have in there specifically listed is AI being implemented in this workflow as well. So we've added it to our questionnaire for either new tooling and that's involved in renewals as well. So I think what we're working on as a security team is coming up with a standard way to evaluate how they are leveraging our data if they're going to be leveraging AI. We're working on coming up with a common set of questions so that it's not we have a uniform approach, right, regardless of who's handling that that onboarding or that renewal. The other thing that I'll say is that our legal team is involved in every renewal, and PO too. So, I'm not as privy to the the way that they're handling the questions regarding AI, but I think they're probably similar if and if not more stringent than the some of the questions that we're asking on the security team. So long to sum that up, it's still a work in progress on the exact way that we locked down the questions and the way that we're reviewing AI capabilities. But as of late, it's been focusing on what control do we have over the data and making sure that our data is not being used to train, anything outside of our own internal, the dataset within that vendor. Makes sense. Nate, talking specifically about fraud detection in banks or maybe some more financial institution focused use cases. What kind of AI implementations, use cases have you seen? So I think that, I mean, primarily because we're work I'm working with customers within our own environment. The ability to consume large amounts of alerts and references and kind of get to the, get to the important pieces is one way. So we we can generate a lot of alerts in recorded future because there may be a lot of references to something like, payment information, credit cards, bins, and things like that. So, our our provision of AI insights on a long list of alerts, has been a massive time saver. Also, within that, doing queries within Recorded Future that might incorporate thousands of results and being able to to get a a good blurb at the top of their things that you need to focus on rather than trying to consume, you know, all the different types of references that may exist, are are are some ways that I see it as well. So I think that that streamlining and and, quickening the process of alert triage is is one way that AI, you know, is a great is really great at augmenting kind of the human time. Awesome. I know, you know, both of you have, yeah, Jimmy, you've sold, but, Jimmy, you've also bought AI products for threat intelligence use cases. What would you advise people on this call that might be exploring these kind of solutions on what to look for and test when they're in that, you know, decision phase. So if you're going to do an evaluation across a wide rate you know, let's let's say you're gonna do a bake off or POV across a few tools, and then coming up with a solid testing plan against the, again, if each tool is gonna have AI or even whatever the POV is. Right? Making sure that you have a common success criteria and and use case testing plan across those. The big thing that I would say that you want to test is from an AI perspective. I keep going back to, like, the data and and what's available and is this properly siloed. But, stress test it. Right? Make sure that it's not overly, permissive, but then also try to do a, quality check. I mean, a lot of these tools are going to say that they're going to save you a lot of time because they're gonna improve this process. You should be able to come up with use cases that you can validate if it's a time saver or not. Because, I mean, some I think we've all worked with some AI tools where you're maybe left a little bit more confused at the end of it than you were heading in based on the output. So I think just making sure doing some of that validation, especially from a you know, we asked the question earlier about trust, making sure that one, you trust it, and two, it's solving, the use cases that you have. Yeah. From my perspective as a seller, I think what I am usually encouraging people to do is to be curious. I think, you can't really understand how to use AI or which is better than others if you're not curious. When I when I do my Green Egg sessions, I do them in ChatGPT. I do them in Gemini. I do it in I do it in Luma. I do it in in all of them that I can get to because I'm just fascinated by the quality, the tenor, the, the length of the results, with the different prompts that I give it. And I think as a result, I have a good understanding of how, where, and when I can use particular, AI tools to accomplish specific tasks that I have. I write, legal documents for one of my one of my kids, and, or I do some things that look like they're legal. And there are certain tools that are gonna provide me far better output that's gonna that's actually gonna work for the the use cases that we have for for particular needs. So I I think that, curiosity is always a skill, to continue developing and continue exploring. In addition, obviously, to, like, the the practical things you have to do of of testing, stress testing, and all those other kinds of things that you absolutely have to answer, I do find that, it's easy to give up quickly if you're just doing simple Google like prompts. You don't like the results and you're like, oh, it's trash. Let's move on. We can't use that. So always encourage people to be more curious. And, Nate, to to jump on that, how you said you use a bunch of different tools, like, on my own personal, computer I've been testing, whether it's Gemini, CLI, or, an and Claude, or, I think OpenAI is is codec. So it's interesting to start with a project and then try to write the code using one of those. Yep. Again, I'm not a developer. I'll I'll say that. But the one thing that I've seen, and I think this is relevant, even in the tooling that we're using at work is you can make so many quick changes and and edits with these tools that I found that, in if you're using, AI to make edits to, whether it's code or to a document or what have you, it makes so many quick edits that if you don't have some sort of version control in place, you're you quickly can you can get to a really good spot and then get away from that spot really that that, working version or something really quickly. So just, something that came in my mind is version control, whether that's something, you know, using Git or even just like Google Docs version control, when you're making edits. I think, I'm not sure if you've experienced the same, but you really have to not go too crazy. You have to make sure that you're iterating through and and and saving where you like, the result. I also find that it's important to know when to start over. So, like, sometimes you can get so far into a a long chat session with an AI tool that, it is it has taken a new form, and I'm like, oh, I remember this. I need to start over. Take that everything I learned from this long chat session, no matter what it's about, take what I've learned and provide that context in in a in a brand new interaction, often gets really good results. So, I mean, it's the same even with Recorded Future, AI chat. Sometimes I get deep into, a chat session and I just need to stop and start over. I've learned some things. I've developed I've I've, come to some conclusions. I've I've built some context and I can throw that into a new a new a new chat where I'm providing the context that I want and need, and I get better results. Otherwise, I just end up getting mad. So Awesome. Well, to to wrap, I think, I'll do one final question for you guys, and that's, you know, thinking about how do we start implementing more AI use cases into our regular threat intelligence processes. Like, how do we think about making the time to, say, practice using AI, for different use cases? Like, is that something we should be doing, dedicating time per week, per day, trying to come up with different use cases for using AI? How would you go about that? Well, you go first, Jim. Okay. Well, I think, Nate, you'd said it best, earlier where you said just be curious. And I think, you know, a lot of if you're doing a lot of testing with AI, I think it's because, you know, I think in many ways it is fascinating and it and being curious about what its capabilities are and what its capabilities aren't, you're not gonna know that unless you really start stress testing it. So I think a way that, you know, on our own team that we could really get more leverage out of it is ask the crazy question and see if we can use AI to help solve that process. If it's a really quick crazy question, we're probably not gonna solve that one, but I bet you we learn something along the way to where it's gonna help us. And I think the benefit of asking those crazy questions or having, like, a hackathon where we're gonna try to solve something is, one, it's fun. And then two, I think you're gonna learn, you're probably gonna learn stuff that you weren't expecting to learn as as you go through. And in a perfect world, you solve that crazy fun, question that you were trying to ask. But I think, these tools are so new and the capabilities are still evolving that just being curious and being willing to experiment, is the best way to really stress test them. Yeah. I think curiosity again, I'll I'll I'll say that for almost everything in life. We all benefit from being more curious, and not just giving up, quickly. So I I get a lot of questions, from customers. You know, how does how does your product compare to another product? I may not even have heard of that product. And, you know, a simple question might be, tell me about, you know, product day, and then it gives me all that. A better question is, how does how does Recorded Future compare to this product and where do we lose? Right? And so, like, asking the additional question. Right? Ask the question that you think, oh, I should go ask Jim. I should go ask Sam that because they know the answer to this. Still, I think it's we we don't wanna supplant that human interaction. But but think think about more than just what I would consider kind of a Google query, which is like, what is recorded future? But instead, say things like, I am a security analyst at a financial institution. I'm in we are interested in using Recorded Future, you know, threat intelligence module. Tell me how I my job can be better served, you know, if we were to move forward with the purchase of Recorded Future threat intelligence module. Like, that's a more interesting question than just, like, tell me about Recorded Future. So again, I think that gets into the curiosity thing and then, you know, expand that vision of of how, where, when, and why you can use Recorded Future, where you can use AI, and see what those results are. I think that it's, if anything, it's an incredible learning exercise, but I think that the that the output and what you learn, improves your ability to to understand how to utilize AI, develop a vision, have good answers for questions that people ask you about it, and so on. Be curious and and don't give up. Great AI advice and and life advice as well. Yeah. Beautiful. Well, thanks both Nate and Jim, and everyone for attending. Like I mentioned, you'll get the recording, around twenty four hours probably before twenty four hours after this session. And so with that, I hope everyone has a great rest of your day. Take care. Thanks.