dnsUNFILTERED: Jonathan Singer, GuidePoint Security

[00:00:06] Mikey Pruitt: Welcome everybody to another episode of dnsUNFILTERED . Today I have a special guest, Jonathan Singer from Guidepoint. He's gonna tell us all about, the channel. Maybe we'll start there. But all about sales. what is your title? A technical account.

[00:00:21] Jonathan Singer: Technical account manager, technical account

[00:00:23] Mikey Pruitt: manager,

[00:00:24] Jonathan Singer: glorified account executive, but don't take know.

I do have a technical background,

[00:00:30] Mikey Pruitt: yes, we were just nerding out about Jula, Jonathan is quite capable of giving us the rundown on some tech stuff. Jonathan, welcome to the show. Glad to have you.

[00:00:39] Jonathan Singer: Hey Mike. Thank you so much for having me on. I'm really excited about this.

[00:00:43] Mikey Pruitt: Good. So Jonathan and I have met once or twice at Guidepoint, I think I've been to two. You've probably been to a lot more than that. Can you start by telling us, and this is for myself, mostly partially the audience, but give me your definition of the channel. What is that?

[00:01:00] Jonathan Singer: So the channel, in my opinion, can mean a lot of different things.

For my case personally, channel means going to market with more than just yourself or just your own organization. It's going to market with, strategic play, having other people in the room that can help you get a seat at the table or speak positively about your product or solution.

It's like taking your sales team and throwing a force multiplier at it, and that's how I see the channel living in it. I get to experience that every day.

[00:01:38] Mikey Pruitt: So I think this terminology really confuses people. I've only been knowledgeable about the channel for maybe two years or so, and the familiarity I had before that was through MSPs.

which are part of the channel, but you're really on the reseller side.

[00:01:54] Jonathan Singer: Absolutely. I do define an MSP as a channel. Also, remember, channel can be, a couple different things or you can have multiple channels to a goal, right? in the reseller world, we focus on taking.

Fantastic brands from across the industry and helping get them introduced to people we already have wonderful working relationships with. Help solve those challenges that our customers are dealing with in the enterprise by saying, did you know that some of these brands do exactly what you're describing to me?

Maybe it's worth checking it out. Maybe it's worth getting an introduction, like how an MSP is going to say it sounds like you have a problem within the organization. You've hired us to help you fix it. But furthermore, we're gonna bring along our toolbox. And that toolbox is full of different tools, software technologies, and things that are going to help solve that ultimate challenge.

the MSP is definitely a channel to the customer, but so is that reseller world.

[00:02:58] Mikey Pruitt: That is a great description of the channel. I'm, definitely more knowledgeable now, and for the last few years I've seen the benefits of selling in that manner. So it's really good to hear a solid description from someone that lives it every day.

So thank you for that. Absolutely. I hope the audience enjoyed it too,

[00:03:16] Jonathan Singer: So this is coming up on my 12th year at Guidepoint. I've definitely seen a lot, learned a lot. this is also my first foray in this kind of role I came from data centers before where there wasn't necessarily a channel world.

We were just buying racks, directly from manufacturers. it's a different experience, but, it's cool to see the benefits when you are involved in that kind of stream from product to solution.

[00:03:43] Mikey Pruitt: How do you think the. Selling of cybersecurity software has evolved in the channel.

[00:03:50] Jonathan Singer: I have this theory of the story. It goes something like this and in every little cybersecurity startup's life, there becomes the point where you've exhausted your own resources. I feel like. You, grow as an organization hire good salespeople hit the market get your customers and use cases, and start to build a portfolio then you start to slow down.

Or feel like your sales become stagnant. your team has done what they could and you have to figure out how to grow, expand, and onboard more customers, through a potentially creative manner. Like the channel as in seeking out other partners to say, you seem to know some of these accounts way better than we do.

can you help us get. to our new sales goals and expand our brand. Can you potentially represent us in a positive light such that, there is now more people that are made aware about what we do beyond, our own initiatives, And I say our own initiatives from the position of that product company.

[00:04:55] Mikey Pruitt: So if you're a product company, if you're creating something, what is a good roadmap slash playbook to get in touch with someone like Guidepoint to prepare yourself to sell through, someone like Guidepoint.

[00:05:09] Jonathan Singer: The trick versus is have a product, right? a good product, preferably.

RA is right around the corner, right? This, that is big showcase of all the tech startups, everything fresh coming out of, Israel and Silicon Valley, all these fantastic tools. just 'cause you're a startup doesn't mean that your technology, is weak not fully mature.

There's some great stuff, but the trick is. Are you actually doing business today? Do you have customers that are providing a feedback loop so that you have constant improvements? Are you identifying what your potential competitors are doing in the market? where is your business from a maturity perspective

Is there something ultimately to deliver and solve a challenge or solve a problem, and can it be done effectively? that's that first phase I just talked about, which is as you grow and mature as an organization through your own internal efforts, you're marketing, selling, building your customer base, getting use cases on your homepage, and then you start to realize.

Maybe direct is starting to become exhausted and we have to start seeking channel partners resellers and somebody to help. Get to that, stage two. And then it becomes, understanding, who am I targeting? What is my market? Am I doing the entire United States? Am I trying to stay, close to the West coast or close to the East coast?

You might start shopping around for, different resellers, different integrators, different MSPs And understanding, is your tool part of a bigger solution like an msp? Can it be integrated at large? It be multi-tenancy or is, your goal to just go wild? I wanna sell to everyone everywhere.

then you start to look around and see, okay, who's got that kind of market presence that can, force multiplier, put me on blast, get me in front of the most people, as much as possible. But again, I say this, like it sounds simple. There's still so much more to it.

I'll continue. I'll go, if we wanna run with it.

[00:07:11] Mikey Pruitt: I was thinking of the, put you on blast phrase that you said is like the perfect tagline for Guidepoint and other, people in the reseller space, but I am curious, so that's the, I'm a vendor that want to sell through the channel and I'm curious, do you see vendors that sell only through the channel?

Or is it easier to mix?

[00:07:32] Jonathan Singer: Yeah, and that's the thing too, it's almost like a sliding scale. you start out as a startup, as a small company, doing pretty much everything. Direct, maybe some referrals here and there through personal relationships, but over time that scale flips.

from our perspective, we love to hear when somebody is, what we say, a hundred percent channel or all in on the channel. I will never fault. A, product company for holding on to, some legacy, direct that's massive where the customer says nobody's gonna, get in the way.

no reseller. I wanna work with you only. when somebody says, we only sell through channel. if we get an inbound lead direct to us, somebody visits our website, and they ask for, a quote or pricing or follow ups, we have to bring it to a channel partner.

That's the kind of relationship we love, because that to us means that you are interested in making us part of your success and story, value in being part of that relationship where, as a product company you may solve, one or two solutions, but at the customer enterprise security is very wide being part of that experience means that, as a reseller, we can help tackle some areas where the product company is not filling in and we're building better security for everybody.

[00:08:49] Mikey Pruitt: You mentioned a good keyword in there, relationships, and that's what I've seen over the last few years since I've been, working in the channel more directly.

building relationships with, people like yourself, companies like Guidepoint and others. Is really how it all works. people wanna buy from people, and that's what it's all based on.

[00:09:10] Jonathan Singer: I think one of the biggest misconceptions about a channel partner is the role that we play.

At the end of the day, I represent the end customer in their best interest, as a kind of, not just a value added reseller, but as more specifically a trusted advisor. when we're working with our product companies, we have to remind them. This is the communicated goal. These are the agendas.

Maybe there's a budget in mind or something like that. Where, my perspective is how to keep a company secure in all aspects. as a product company though, there's only one agenda, which is sell my product. And so it requires a lot for us to stay vendor agnostic.

It requires a lot for us to stay neutral, and that's. Where relationship starts to flourish. And, and so our relationships with our customers, grows as we show them, how we're willing to go to bat, be part of negotiations. And show them that, their goals are, our goals.

Funny enough, oftentimes my customers are companies of products that I use. It might be my bank and I have to remind them I pull my debit card and, it's my best interest to make sure this goes well. It could be my cable company. You're like, I've got a little

[00:10:36] Mikey Pruitt: Where do I submit that?

[00:10:37] Jonathan Singer: Let me just, I need to make sure this goes well because I don't want my information. and so hopefully that perspective on not just building that relationship, but nurturing it and maintaining it. Is so critical.

now that, a product company is gonna come in and to the channel and say, we see that you have a very deep relationship. They trust your perspective, they trust your advisement. And, we have to be respectful of that.

[00:11:03] Mikey Pruitt: So let's talk about that end customer for a minute.

I've typically seen more enterprise style customers come through the channel.

[00:11:11] Jonathan Singer: this great commercial break, is brought to you by coffee. Don't sleep on it.

[00:11:16] Mikey Pruitt: Don't sleep on coffee. It's going places. So let's talk for a second about that end customer. And those relationships, I've typically seen larger, like enterprise style customers buy through the channel.

Is that pretty common or who buys through the channel, I guess is the question?

[00:11:34] Jonathan Singer: So besides all of these relationship based, discussions. There are some strategic discussions too. A lot of it comes from a legal perspective, some of it's paperwork.

You've probably heard the term that, we've got paper outta place, right? Yeah. But what that really means, and this is a fun term. It's one throat to choke. what I mean by that is when things are good, it's a handshake. And when things are bad, you're backing into a homer bush

the idea is, as a customer, as a business, you may have something like procurement, especially at that large enterprise level You're signing agreements, you're signing, MSAs and master service agreements. You're signing ULAs, that's more direct with the vendor.

You're, there's a number of different things that are taking place, and if it's a single point of contact. For all of those inbound purchases or the variety of tools and solutions across the enterprise, it simplifies things greatly rather than every single new relationship or new person coming in, you gotta start the paperwork process all over again.

I hear this over and over you need to go through our channel partner, work with Guidepoint. This is the conversation between a customer and a vendor. Because we already in agreement with them. We, they, we've done the red line rodeo, the legal mumbo jumbo. If we were to review some contracts with, a new, supplier, it's gonna take months.

So there's an opportunity to speed up that sales cycle because all of the due diligence is for the most part in place already.

[00:13:04] Mikey Pruitt: Yeah. So you really did the hard work of the paperwork. so now in our equation we've got our buyers or your customers, and then you've got the product, the vendor.

Something like DNS filter, and then you've got Guidepoint kind of playing matchmaker, it sounds like.

[00:13:19] Jonathan Singer: I don't want it to be considered like, some kind of middle person in this thing. You're right, it is essentially a matchmaker in some cases. From a customer perspective, one of the most common questions is, I have this X, Y, Z, who's their competitor?

What are you seeing in this market space? How do I mature my product better compared to what others are doing, There's a lot of strategic conversations and we get to have that kind of visibility across almost 700 different manufacturers. Not that I have every single one memorized, but ideally, we see enough going on

We have experts in house. VAR is the second thing we do here at Guidepoint in the channel. The first is still services. And the reason I'm bringing that up is because it plays into that channel aspect of us also supporting a lot of the products that we resell.

We will, not just help with installation configuration Upgrades, but we build up massive professional services teams for some of our biggest solutions that we resell, simply because we wanna offer a more competitive. Alternative to vendor delivered professional services.

Here's the other thing too, I'm just gonna cut to the chase. Does a product company wanna be a services company also? No, they wanna be a product company. We help offload some of that professional services, opportunity. And we'll just handle it in the channel. We'll do your training.

We'll go through and we'll make sure that we have capable engineering staff to deliver upon it. But that's just one of the extra little components to say the channel isn't just, moving from one side to the other. We're injecting ourselves to make it, a little bit more effective for everybody and cheaper,

[00:15:10] Mikey Pruitt: Everything's a little cheaper at scale, so that is really interesting. Matchmaker, the dirty word I guess is. a secondary function of what you do at Guidepoint. You're really acting as that trusted advisor that MSPs long to be.

[00:15:23] Jonathan Singer: Absolutely. You said one of the other magic words, which was scale.

from a Guidepoint perspective, we're over a thousand strong across the United States. What that means for us is that it's that kind of Costco theory. The more you buy, the cheaper it gets in bulk. the sheer volumes of, solutions and technologies that are being delivered by Guidepoint gives us the opportunity.

To come in at that lowest price possible simply because. We are such a high bulk volume, player in the channel The more you sell as a channel partner, the, better pricing opportunities, become available to you.

if you're doing tens of hundreds of millions of dollars in revenue in some of this stuff, it really. Helps, come to the table with that kind of best and final, that kind of look. We're talking numbers that you're not gonna see anywhere else in the market simply because we do so much of this stuff.

 

[00:16:28] Mikey Pruitt: Oh, hey, a quick shout out to DNS Filter. It's like a bouncer for your network. It keeps out fishing, malware, all that nasty stuff. It's super easy to set up and it just works. Check it out@dnsfilter.com. And now back to our conversation with Jonathan Singer. So you've got these relationships that are, human relationships.

So there's, a lot of, or sure there's like feelings and, humans were flawed in many ways. So there could be missteps on either side, either from the product vendor or the customer. What are some of those common missteps that you see that could potentially, stop a deal from happening

[00:17:06] Jonathan Singer: I, yes, you're right. Nothing is perfect. It, there's all kinds of different stuff. I think one of the biggest things that can really get, a channel partner like us in trouble is trying to, forget about that relationship or push some kind of agenda.

Again, I brought up that we have to be vendor agnostic, we have to represent the customer's best interest in any discussion, negotiation, and opportunity. there, is always somebody, or some kind of scenario where, you're pressured into, you should sell this, wherever that messaging is coming from, whether it's coming from the vendor or something like that, we have to be very respectful. We have to remind like, yes, you probably do a very good solution. a very good price for your solution. But you will never hear me say, you need this.

You'll never hear me say, you have to have this. Those are not things that we can do. And those will pretty much kill that relationship we have. it does happen from time to time. And it's not fun when it does. one of the biggest challenges we deal with.

In the channel is that teeter totter I mentioned earlier where you have a volume of direct sales and a volume of channel sales, If the opportunity for a vendor to sell directly to a customer still exists, that means you have the opportunity to sidestep the channel.

That means you have the opportunity to ignore or take us outta the picture. It does happen from time to time and, maybe you don't need some of those benefits of, having a lot of the legal paperwork already knocked out for procurement. Maybe you don't need some of those benefits of established relationships, and credibility.

Maybe you just see it as an opportunity to make a quick sale, and that, does happen. it is hurtful, and it's a little bit greedy.

[00:18:54] Mikey Pruitt: human part.

[00:18:56] Jonathan Singer: It's very human. I have a coworker trace. He's a long time friend

he likes to call, certain types of people in the industry, coin operated. if you're in it for a quick buck, this is not the industry for you. If you're in it to establish long-term relationships, build credibility, across the industry, or, be somebody who is sought after from a business, and working relationship perspective, you'll do well If you think, cyber is sexy and hot and you wanna, sell, more power to you, but I don't think you're gonna last very long. It is a very small, tight-knit community

[00:19:34] Mikey Pruitt: that is, such a great way to put it. I think it really highlights these relationships you have been building with vendors, with customers, and you're in this delicate position

That you can't burn either side of that, because it leaves, Jonathan with a bad name, oh, don't deal with that person or that company. So it's a really delicate balance and kudos to you guys for managing it so well.

[00:20:00] Jonathan Singer: it's a long adventure.

one of the fun things is I'm surrounded, in my personal life by successful, sales teams and salespeople. In fact, my wife, is in software sales. I only joined this side of the house in the last couple years. As I mentioned I come from a very technical place, Data centers and PHP and all that other fun stuff we were chatting about earlier, before the show and the notes. I look to them. It's all about, honest sales being true to yourself and not, not to shame anybody out there, but what's your worst nightmare use car salesman mentality, I'm over here I think we all. Buy cars, so we gotta go confront that fear at one point too. Anyways,

[00:20:41] Mikey Pruitt: so since you opened the can of worms on salespeople, what do you think makes a good salesperson? You mentioned trust and authenticity, so I assume those are part of the equation.

What else makes a good salesperson? Because. Whether we like it or not, everyone is in sales. You are selling yourself. You're selling a service, a product, something how do you be good at that while maintaining credibility?

[00:21:04] Jonathan Singer: the first thing I learned was just being honest and being yourself, right?

If you can communicate clearly and not feel stressed or over anxious that was the first thing, something I'm definitely still learning is how to communicate and how to be effective. In making an ask. That's always been the toughest thing for me historically how do you ask for, a connection to somebody within an organization?

How do you ask for something that may feel uncomfortable initially. the way I've started to tackle that is I say if somebody asked me that question, how would I respond? Would I be angry? Would I be upset or. Would I simply say that's part of their job.

Sure, I'll help them out. I understand their role in this just as much as I hope they understand my role in this relationship. that's one of the big things that I'd say I'm still learning how to ask and how to, communicate, better. But that's the thing, keep in mind.

In a channel role, beyond just. Representing the customer We have a vast, landscape of enterprise security tools. And so it's not just being well aware of what DNS filter does, for instance, but also what's going on in EDR, NDR, what's going on in sim, in MDR?

What's going on in email? What's going on in cloud? And so it's not just being a relationship person, it's not just being a salesperson, but it's also being aware of the market, of the landscape. Doing your homework, saying up on the news, right? Like we were talking about. Understanding, those challenges.

And by no means, like I said, I'm technical, right? I lucked into this, but having some form of foundational understanding of where different vendors play and what they can solve, and understanding the threat landscape and what enterprise security means to different businesses, I think is absolutely foundational.

Be able to walk into a room and actually talk about something.

[00:23:05] Mikey Pruitt: I'm gonna say this and I'll clip it myself. I think nerds are better at sales than salespeople.

[00:23:12] Jonathan Singer: I spent the first 10 years of my career here at Guidepoint working, with different engineering teams, pen testing teams, all kinds of stuff.

more recently, under the direction, of a fellow named Rick Hill. And Rick has been that kind of sales guiding light for me. I've learned so much from him. one of those things is that having somebody to mentor you and show you these little things along the way has been absolutely priceless.

[00:23:41] Mikey Pruitt: I think it's I'm the same way, like I'm, come from actually a DNS filter. I was like the DevOps engineer. Now I'm in marketing, which is not sales, but it's, close and you come from data centers and now you're in sales.

I think it's just the way we're logically thinking about something we already know the technology side. We just have to learn to do the things we find hard, which is like the ask, as you mentioned. Communication, really important. Being less TURs than you would be with like.

Someone that you're trying to build a computer with or, pick a show, maybe pick plug location. Just plug it in, just install

[00:24:14] Jonathan Singer: I don't understand what's taking so long. And that's the other thing too is in the engineering world, there's a very clear start and finish, a project has a kickoff and a closing there may be milestones along the way, but sales doesn't have an ending. It's perpetuating. do we have a follow-up call scheduled? do we have a next step? Those don't necessarily exist when you finish your engineering tasks.

And it's a completely new mindset and a new adoption I appreciate that you bring up, the technical background fitting in. I don't think it's for everybody. But I've been advised for many years to give it a try.

And I'm really happy I did.

[00:24:53] Mikey Pruitt: Yeah. I would encourage, people that have strictly been in sales and not tech to like. Learn a little something like open your terminal and just see what happens. Learn how to close them actually go get a

[00:25:04] Jonathan Singer: certification.

[00:25:05] Mikey Pruitt: Yes. I have an older colleague his, LinkedIn tagline is like, the only sales person knows how to clo exit them.

Oh, look, does great. That's a good a got Kevin. Good. Love it.

[00:25:17] Jonathan Singer: That's definitely a good, conversation piece right there.

[00:25:21] Mikey Pruitt: So now I'm curious you have a portfolio of, 700, solutions that you have to know at least a little bit about, some of them deeper than others.

But what do you see, is emerging, what is coming next in cybersecurity? And maybe we can get into a little news here if you want.

[00:25:38] Jonathan Singer: Yeah. some of it's the same old stuff, IPV four had problems. IPV six has the same problems as IPV four.

What's old is new again in the industry, right? And we'll always, see, good technology around the host, good technology around, cloud infrastructure, good technology around, people problems like email phishing, stuff like that. as of November of last year, I need to gimme one of these things.

I need a drink here. agentic. AI has just been the hot new thing popping up. Obviously we are in the age of ai, right? This is definitely something that's been around for a couple years now not the legacy AI of. Programmed responsesthis modern AI age, this agentic AI has really started to take off in the cybersecurity space by allowing smaller, more targeted, more focused, capabilities.

One of the big ones I'm seeing is we've tried to challenge, companies to figure out how to do tier one support for tickets and stuff like that. When an incident comes in, how to triage, how to research, how to information gather. We're pretty much at the point now where AI can do a lot of that stuff.

We're seeing ai, especially its agent form, applied across, the enterprise simply because it's not. these massive systems of data sets. It's hyperfocused, hyper, quick, tiny, one off.

Here's data center, the containerization, of AI versus the virtualization of ai. one is not bare metal, but it's still a thick client versus a thin client.

[00:27:10] Mikey Pruitt: that's a great way to put it. I hadn't thought about. Virtualize like a VM versus like a container, like a docker container.

The agent agentic version is the bare bones just what I need to get done Tool. To go do the job and report back. Exactly. Usually on this show, I'm the one who brings up ai, so I'm glad it was you this time.

[00:27:29] Jonathan Singer: We can't get away from it.

That's acceptable, because it's not just companies bringing AI to the table. Customers are adopting ai. we have to figure out what's going right. The threats in AI aren't necessarily an external hack.

It's how much access does your AI have? And it's not the AI's fault, it's because this permission has existed before. It's just following its directive. Look at copilot, accidentally finding financial records. It's highlighting a data security problem, we already had

It's just exponentially, bringing it to the surface.

[00:28:04] Mikey Pruitt: And you mentioned something else in there that was pretty interesting. You were saying that you were encouraging companies like with a SOC or sim to do some things with agentic AI in this case,

if Jonathan Singer comes to your door and says, Hey, vendor, you guys maybe should think about X or Y. The reason you're saying that is probably because people are asking you for it and you have nothing to provide for them.

[00:28:29] Jonathan Singer: Yeah. We get questions all day from customers,

I have this challenge or I have this compliance I need to abide by. I have these new systems, and need some guidance on how to approach it. Look, I'm not a developer. I'm in no position to, to tell any company where, what direction they should go in. we are the ears on the streets. We're hearing what's going on from both sides of the market, the vendor side with development, bleeding edge technologies, And from the customer side, what are their concerns? What are their needs?

What are they being told to do from. Compliance and regulatory requirements or, what are they, being told to do because they're doing, mergers and acquisitions and there's new things being introduced to them in a rapid business, pace. it's gonna come from both sides more or less.

it's definitely interesting to see where the security industry is going. one of the things too is, I mentioned early on there's a lot of startups. Big enterprises aren't necessarily always afraid of bleeding edge or beta testing, or, new customer use case stuff.

There's a ton of people out there that will always say, I need a well-established, mature, best breed products. We all know who those companies are because they have massive marketing budgets at RSA, at the same time, some of these smaller ones, there is absolutely an opportunity for adoption in the industry simply because they're novel or clever or bringing something more efficient to the table.

[00:29:53] Mikey Pruitt: Yeah. And it makes sense why a large company that may tend to stick with established brands be benefited to purchase through someone like Guidepoint. 'cause it's like. If you buy something on a credit card, you can do a chargeback or whatever. It's like that scenario where you can provide a little bit of guidance on whether guidepoint trusts the solution or not.

[00:30:14] Jonathan Singer: we definitely, take our vendors and put 'em through the ringer. If you remember, we had Tiger Cage, right? just the concept of, your website says what your product does, or your documentation says what your product does. But really show us, prove it.

Let our, engineering teams rip it to pieces, all kinds of fun stuff like that. We have folks in our different, professional services teams that have gone back to vendors and help them fix their documentation or fix different things. Because there were errors in typos and that we're almost coming in as, a little bit ahead of the curve on some of their own solutions.

it's definitely really cool with that. we get to hear the horror stories too, when, solution is selected and implementation doesn't go well because of technical hurdles or, promises weren't kept for, capabilities, after delivery, We see this, we and we keep track of, just because you're maybe the biggest player in the market, doesn't mean you deliver well.

On what you're trying to sell. we can always provide objective feedback and experiential, information. never putting anybody in, a super positive or super negative light. This is just based on what I've seen, myself.

[00:31:35] Mikey Pruitt: Yeah, that's a great, service for Guidepoint to provide, to be a sounding board, a sanity check for vendors.

Let us see what it does. We'll provide you feedback from customers that we hear about, and that's the holy grail for companies like DNS filters, hearing what our customers. Say like in private, like what do you actually think about it? Tell us we wanna improve it.

[00:31:58] Jonathan Singer: Yeah, it's gonna be us, saying, Hey look, we had some challenges with this before we, start to introduce it in a customer space. Do you think we should get this resolved? Do you think we should address how we're communicating, these solutions to make sure that we're not being dishonest about it again? I'm always, the second somebody comes at me and tells me, guaranteed every time a hundred percent perfect.

I'm like, not that. That his drawing board, nevermind you, you just, you completely lost it on me.

[00:32:29] Mikey Pruitt: So we are recording this in the middle of April, 2025. we were talking about salespeople staying up with the news and trends and just yesterday we saw a news article about how the CVE database, where they list and tag critical vulnerabilities

lost its funding. Jonathan, you had some thoughts about it before we got on, so I think it would be cool to go over it on the show.

[00:32:53] Jonathan Singer: And just for those listening, you mentioned the CVE, this database of vulnerabilities, but this is essentially the most critical component to identifying, tracking, and addressing vulnerabilities in products across the entire cyber space, right?

everything that runs some kind of software or operating system or hardware, and it has a problem it oftentimes addressed with a CV. It's a Dewey decimal system that's been described of cybersecurity. I think I was reading, some posts from Jenny Sterly, about that.

basically, without this foundational bit of knowledge, how do we do vulnerability management? How do we identify and address problems that we find? And yes, this is big kind of shock to the industry, but luckily as I'm reading some more of social media this morning as I rock my brain, it's, there, there looks like to be some kind of outside initiatives that are really starting to slip up to the plate.

Take on some of that burden, of the financial responsibilities. Of the personnel responsibilities, this lifecycle of A CVE. touches a lot of hands, There's the security researchers that are identifying and documenting a vulnerability. There's, organizers that are receiving, triaging, reviewing and validating vulnerabilities.

There's communicators with vendors to, prove out that these are, problems, that there is a road to patching. There's a lot of people involved and as we know, people equals money, time, all that other stuff. And so I hope that, we find a solution to this pretty quickly.

[00:34:32] Mikey Pruitt: Agreed, and this story is still unfolding I don't normally talk about news on this, but I thought that was important to bring up because as you mentioned, it is so critical. it would be hard for cybersecurity to work in its current form without that system. So on all likelihoods, something will be done to continue its work.

I'm crossing my fingers. I just wanted to bring that up. Go ahead.

[00:34:54] Jonathan Singer: No, I was gonna say, I think the industry depends on it. just imagine a world where we didn't have insight information to vulnerabilities as they were happening in real time. It's leaving us blind.

what that means is only the threat actors, with good Nation state funding, those are the ones who are gonna. Able to keep up with this kind of stuff.

[00:35:17] Mikey Pruitt: The bad guys are, doing a little dance right now. They can't communicate with each other.

[00:35:22] Jonathan Singer: It keeps us employed, but that's not what we're here for.

[00:35:26] Mikey Pruitt: Exactly. Maybe, we should do more news on the show. That was fun. Maybe you, me and you, Jonathan, we can do a little news side gig or something. I do reporting on things I love it. Han got hacked.

[00:35:35] Jonathan Singer: that.

[00:35:36] Mikey Pruitt: I'm just gonna say nothing.

[00:35:37] Jonathan Singer: if anybody's been around the internet long enough. You've probably heard of the hacker called four Chan. I think the moral of the story is less about four chan itself and more about vulnerabilities, right? Which is for PHP.

that was exploited. you may have your opinions on the origins of the internet everybody gets targeted at some point, I feel like online it was their time.

[00:36:00] Mikey Pruitt: They had their time in the sun and now it's time to pay the piper, so to speak.

[00:36:04] Jonathan Singer: Yeah.

[00:36:05] Mikey Pruitt: Jonathan, thank you so much for, joining me today.

[00:36:08] Jonathan Singer: No, I want to take up your offer on discussing cybersecurity news. I try to stay ahead of the curb. I try to understand what's going on. I do send articles to my customers that are relevant to them,

and so this is right up my alley. Sign me up, Mikey.

[00:36:24] Mikey Pruitt: let us know in the comments if you think Jonathan and I should do a news show and, stay tuned to a podcaster near you. You might see a new podcast pop up.

[00:36:33] Jonathan Singer: Absolutely.

[00:36:33] Mikey Pruitt: short though, like five minutes,

[00:36:37] Jonathan Singer: whatever works.

[00:36:38] Mikey Pruitt: All right. Thank you Jonathan for being on the show. I really appreciate it.

[00:36:42] Jonathan Singer: Hey, thank you so much for having me. I had a great time. Can't wait to come back and chat some more.