>> Hello friends and welcome back to Fabulous Las Vegas, Nevada. We are here at AWS re:Invent in the heat of day three. Very exciting time. My name is Savannah Peterson, joined with John Furrier here on theCUBE. John, what's your, what's your big hot take from the day? Just from today. >> So right now the velocity of content is continuing to flow on theCUBE. Thank you, everyone, for watching. The security conversations. Also, the cost tuning of the cloud kind of vibe is going on. You're hearing that with the looming recession, but if you look at the show it's the bulk of the keynote time spent talking is on data and security together. So Security, Security Lake, Amazon, they continue to talk about security. This next segment's going to be awesome. We have a multi-, eight-time CUBE alumni coming back and great conversation about security. I'm looking forward to this. >> Alumni VIP, I know, it's so great. Actually, both of these guests have been on theCUBE before so please welcome Dan and Haiyan. Thank you both for being here from F5. How's the show going? You're both smiling and we're midway through day three. Good? >> It's so exciting to be here with you all and it's a great show. >> Awesome. Dan, you having a good time too? >> It's wearing me out. I'm having a great time. (laughter) >> It's okay to be honest. It's okay to be honest. It's wearing out our vocal cords for sure up here, but it is definitely a great time. Haiyan, can you tell me a little bit about F5 just in case the audience isn't familiar? >> Sure, so F5 we specialize in application delivery and security. So our mission is to deliver secure and optimize any applications, any APIs, anywhere. >> I can imagine you have a few customers in the house. >> Absolutely. >> Yeah, that's awesome. So in terms of a problem that, well an annoyance that we've all had, bots. We all want the anti-bots. You have a unique solution to this. How are you helping AWS customers with bots? Let's send it to you. >> Well we, we collect client side signals from all devices. We might study how it does floating point math or how it renders emojis. We analyze those signals and we can make a real time determination if the traffic is from a bot or not. And if it's from a bot, we could take mitigating action. And if it's not, we just forward it on to origin. So client side signals are really important. And then the second aspect of bot protection I think is understanding that bot's retool. They become more sophisticated. >> Savannah: They learn. >> They learn. >> They unfortunately learn as well. >> Exactly, yeah. So you have to have a second stage what we call retrospective analysis where you're looking over all the historical transactions, looking for anything that may have been missed by a realtime defense and then updating that stage one that real time defense to deal with the newly discovered threat. >> Let's take a step back for a second. I want to just set the table in the context for the bot conversation. Bots, automation, that's, people know like spam bots but Amazon has seen the bot networks develop. Can you scope the magnitude and the size of the problem of bots? What is the problem? And give a size of what this magnitude of this is. >> Sure, one thing that's important to realize is not all bots are bad. Okay? Some bots are good and you want to identify the automation from those bots and allow listed so you don't interfere with what they're doing. >> I can imagine that's actually tricky. >> It is, it is. Absolutely. Yeah. >> Savannah: Nuanced. >> Yeah, but the bad bots, these are the ones that are attempting credential stuffing attacks, right? They're trying username password pairs against login forms. And because of consumer habits to reuse usernames and passwords, they end up taking over a lot of accounts. But those are the bookends. There are all sorts of types of bots in between those two bookends. Some are just nuisance, like limited time offer bots. You saw some of this in the news recently with Ticketmaster. >> That's a spicy story. >> Yeah, it really is. And it's the bots that is causing that problem. They use automation to buy all these concert tickets or sneakers or you know, any limited time offer project. And then they resell those on the secondary market. And we've done analysis on some of these groups and they're making millions of dollars. It isn't something they're making like 1200 bucks on. >> I know Amazon doesn't like to talk about this but the cloud for its double edged sword that it is for all the greatness of the agility spinning up resources bots have been taking advantage of that same capability to hide, change, morph. You've seen the matrix when the bots attacked the ship. They come out of nowhere. But Amazon actually has seen the bot problem for a long time, has been working on it. Talk about that kind of evolution of how this problem's being solved. What's Amazon doing about, how do you guys help out? >> Yeah, well we have this CloudFront connector that allows all Amazon CloudFront customers to be able to leverage this technology very, very quickly. So what historically was available only to like, you know the Fortune 500 at most of the global 2000 is now available to all AWS customers who are using CloudFront just by really you can explain how do they turn it on in CloudFront? >> Yeah. So I mean CloudFront technologies like that is so essential to delivering the digital experience. So what we do is we do a integration natively. And so if your CloudFront customers and you can just use our bot defense solution by turning on, you know, that traffic. So go through our API inspection, go through our bot inspection and you can benefit from all the other efficiencies that we acquired through serving the highest and the top institutions in the world. >> So just to get this clarification, this is a super important point. You said it's native to the service. I don't have to bolt it on? Is it part of the customer experience? >> Yeah, we basically built the integration. So if you're already a CloudFront customer and you have the ability to turn on our bot solutions without having to do the integration yourself. >> Flick a switch and it's on. >> Haiyan: Totally. >> Pretty much. >> Haiyan: Yeah. >> That's how I want to get rid of all the spam in my life. We've talked a lot about the easy button. I would also like the anti-spam button if we're >> Haiyan: 100% >> Well we were talking before you came on camera that there's a potentially a solution you can sit charge. There are techniques. >> Yeah. Yeah. We were talking about the spam emails and I thought they just charge, you know 10th of a penny for every sent email. It wouldn't affect me very much. >> What's the, are people on that? You guys are on this but I mean this is never going to stop. We're going to see the underbelly of the web, the dark web continue to do it. People are harvesting past with the dark web using bots that go in test challenge credentials. I mean, it's just happening. It's never going to stop. What's, is it going to be that cat and mouse game? Are we going to see solutions? What's the, when are we going to get some >> Well it's certainly not a cat and mouse game for F5 customers because we win that battle every time. But for enterprises who are still battling the bots as a DIY project, then yes, it's just going to be a cat and mouse. They're continuing to block by IP, you know, by rate limiting. >> Right, which is so early 2000's. >> Exactly. >> If we're being honest. >> Exactly. And the attackers, by the way, the attackers are now coming from hundreds of thousands or even millions of IP addresses and some IPs are using one time. >> Yeah, I mean it seems like such an easy problem to circumnavigate. And still be able to get in. >> What are I, I, let's stick here for a second. What are some of the other trends that you're seeing in how people are defending if they're not using you or just in general? >> Yeah, maybe I'll add to to that. You know, when we think about the bot problem we also sort of zoom out and say, Hey, bot is only one part of the problem when you think about the entire digital experience the customer experiencing, right? So at F5 we actually took a more holistic sort of way to say, well it's about protecting the apps and applications and the APIs that's powering all of those. And we're thinking not only the applications APIs we're thinking the infrastructure that those API workloads are running. So one of the things we're sharing since we acquired Threat Stack, we have been busy doing integrations with our distributed cloud services and we're excited. In a couple weeks you will hear announcement of the integrated solution for our application infrastructure protection. So that's just another thing. >> On that Threat Stack, does that help with that data story too? Because it's a compliance aspect as well. >> Yeah, it helps with the telemetries, collecting more telemetries, the data story but is also think about applications and APIs. You can only be as secure as the infrastructure you're running on it, right? So the infrastructure protection is a key part of application security. And the other dimension is not only we can help with the credentials, staffing and, and things but it's actually thinking about the customer's top line. Because at the end of the day when all this inventory are being siphoned out the customer won't be happy. So how do we make sure their loyal customers have the right experience so that can improve their top line and not just sort of preventing the bots. So there's a lot of mission that we're on. >> Yeah, that surprise and delight in addition to that protection. >> 100% >> If I could talk about the evolution of an engagement with F5. We first go online, deploy the client side signals I described and take care of all the bad bots. Okay. Mitigate them. Allow list all the good bots, now you're just left with human traffic. We have other client side signals that'll identify the bad humans among the good humans and you could deal with them. And then we have additional client side signals that allow us to do silent continuous authentication of your good customers extending their sessions so they don't have to endure the friction of logging in over and over and over. >> Explain that last one again because I think that was, that's, I didn't catch that. >> Yeah. So right now we require a customer to enter in their username and password before we believe it's them. But we had a customer who a lot of their customers were struggling to log in. So we did analysis and we realized that our client side signals, you know of all those that are struggling to log in, we're confident like 40% of 'em are known good customers based on some of these signals. Like they're doing floating point math the way they always have. They're rendering emojis the way they always have all these clients that signals are the same. So why force that customer to log in again? >> Oh yeah. And that's such a frustrating user experience. >> So true. >> I actually had that thought earlier today. How many time, how much of my life am I going to spend typing my email address? Just that in itself. Then I could crawl back under the covers but >> With the biometric Mac, I forget my passwords. >> Or how about solving CAPTCHA's? How fun is that? >> How many pictures have a bus? >> I got one wrong the other day because I had to pick all the street signs. I got it wrong and I called a Russian human click farm and figured out why was I getting it wrong? And they said >> I love that you went down this rabbit hole deeply. >> You know why that's not a street sign. That's a road sign, they told me. >> That's the secret backdoor. >> Oh well yeah. >> Talk about your background because you have fascinating background coming from law enforcement and you're in this kind of role. >> He could probably tell us about our background. >> They expunge those records. I'm only kidding. >> 25, 30 years in working in local, state and federal law enforcement and intelligence among those an FBI agent and a CIA cyber operations officer. And most people are drawn to that because it's interesting >> Three letter agencies can get an eyebrow raise. >> But I'll be honest, my early, early in my career I was a beat cop and that changed my life. That really did, that taught me the importance of an education, taught me the criminal mindset. So yeah, people are drawn to the FBI and CIA background, but I really value the >> So you had a good observation eye for kind of what, how this all builds out. >> It all kind of adds up, you know, constantly fighting the bad guys, whether they're humans, bots, a security threat from a foreign nation. >> Well learning their mindset and learning what motivates them, what their objectives are. It is really important. >> Reading the signals >> You don't mind slipping into the mind of a criminal. It's a union rule. >> Right? It actually is. >> You got to put your foot and your hands in and walk through their shoes as they say. >> That's right. >> The bot networks though, I want to get into, is not it sounds like it's off the cup but they're highly organized networks. >> Dan: They are. >> Talk about the aspect of the franchises or these bots behind them, how they're financed, how they use the money that they make or ransomware, how they collect, what's the enterprise look like? >> Unfortunately, a lot of the nodes on a botnet are now just innocent victim computers using their home computers. They can subscribe to a service and agree to let their their CPU be used while they're not using it in exchange for a free VPN service, say. So now bad actors not, aren't just coming from you know, you know, rogue cloud providers who accept Bitcoin as payment, they're actually coming from residential IPs, which is making it even more difficult for the security teams to identify. It's one thing when it's coming from- >> It's spooky. I'm just sitting here kind of creeped out too. It's these unknown hosts, right? It's like being a carrier. >> You have good traffic coming from it during the day. >> Right, it appears normal. >> And then malicious traffic coming from it. >> Nefarious. >> My last question is your relationship with Amazon. I'll see security center piece of this re:Invent. It's always been day zero as they say but really it's the security data lake. A lot of gaps are being filled in the products. You kind of see that kind of filling out. Talk about the relationship with F5 and AWS. How you guys are working together, what's the status? >> We've been long-term partners and the latest release the connector for CloudFront is just one of the joint work that we did together and try to, I think, to Dan's point, how do we make those technology that was built for the very sophisticated big institutions to be available for all the CloudFront customers? So that's really what's exciting. And we also leverage a lot of the technology. You talked about the data and our entire solution are very data driven, as you know, is automation. If you don't use data, you don't use analytics, you don't use AI, it's hard to really sort of win that war. So a lot of our stuff, it's very data driven >> And the benefit to customers is what? Access? >> The customer's access, the customer's top line. We talked about, you know, like how we're really bringing better experiences at the end of the day. F5's mission is try to bring a better digital world to life. >> And it's also collaborative. We've had a lot of different stories here on on the set about companies collaborating. You're obviously collaborating and I also love that we're increasing access, not just narrowing this focus for the larger companies at scale already, but making sure that these companies starting out, a lot of the founders probably milling around on the floor right now can prevent this and ensure that user experience for their customers. throughout the course of their product development. I think it's awesome. So we have a new tradition here on theCUBE at re:Invent, and since you're alumni, I feel like you're maybe going to be a little bit better at this than some of the rookies. Not that rookies can't be great, but you're veterans. So I feel strong about this. We are looking for your 30-second Instagram reel hot take. Think of it like your sizzle of thought leadership from the show this year. So eventually eight more visits from now we can compile them into a great little highlight reel of all of your sound bites over the evolution of time. Who wants to give us their hot take first? >> Dan? >> Yeah, sure. >> Savannah: You've been elected, I mean you are an agent. A former special agent >> I guess I want everybody to know the bot problem is much worse than they think it is. We go in line and we see 98, 99% of all login traffic is from malicious bots. And so it is not a DIY project. >> 98 to 99%? That means only 1% of traffic is actually legitimate? >> That's right. >> Holy moly. >> I just want to make sure that everybody heard you say that. >> That's right. And it's very common. Didn't happen once or twice. It's happened a lot of times. And when it's not 99 it's 60 or it's 58, it's high. >> And that's costing a lot too. >> Yes, it is. And it's not just in fraud, but think about charges that >> Savannah: I think of cloud service providers >> Cost associated with transactions, you know, fraud tools >> Savannah: All of it. >> Yes. Sims, all those things. There's a lot of costs associated with that much automation. So the client side signals and multi-stage defense is what you need to deal with it. It's not a DIY project. >> Bots are not DIY. How would you like to add to that? >> It's so hard to add to that but I would say cybersecurity is a team sport and is a very data driven solution and we really need to sort of team up together and share intelligence, share, you know, all the things we know so we can be better at this. It's not a DIY project. We need to work together. >> Fantastic, Dan, Haiyan, so great to have you both back on theCUBE. We look forward to seeing you again for our next segment and I hope that the two of you have really beautiful rest of your show. Thank you all for tuning into a fantastic afternoon of coverage here from AWS re:Invent. We are live from Las Vegas, Nevada and don't worry we have more programming coming up for you later today with John Furrier. I'm Savannah Peterson. This is theCUBE, the leader in high tech coverage.

>>You want us to >>Look at that camera? Okay. We're back in Boston, everybody. This is Dave ante for the cube, the leader in enterprise tech coverage. This is reinforce 2022 AWS's big security conference. We're here in Boston, the convention center where the cube started in 2010. Highend song is here. She's head of security and distributed cloud services at F five. And she's joined by Dan woods. Who's the global head of intelligence at F five. Great to see you again. Thanks for coming in the cube, Dan, first time I believe. Yeah. Happy to be here. All right. Good to see you guys. How's the, how's the event going for? Y'all >>It's been just fascinating to see all those, uh, new players coming in and taking security in a very holistic way. Uh, very encouraged. >>Yeah. Boston in, in July is, is good. A lot of, a lot of action to Seaport. When I was a kid, there was nothing here, couple mob restaurants and that's about it. And, uh, now it's just like a booming, >>I'm just happy to see people in, in person. Finally, is >>This your first event since? Uh, maybe my second or third. Third. Okay, >>Great. Since everything opened up and I tell you, I am done with >>Zoom. Yeah. I mean, it's very clear. People want to get back face to face. It's a whole different dynamic. I think, you know, the digital piece will continue as a compliment, but nothing beats belly to belly, as I like absolutely say. All right. Hi on let's start with you. So you guys do a, uh, security report every year. I think this is your eighth year, the app security report. Yeah. Um, I think you, you noted in this report, the growing complexity of apps and integrations, what did you, what are, what were your big takeaways this year? >>And so, like you said, this is our eighth year and we interview and talk to about 1500 of like companies and it decision makers. One of the things that's so prevalent coming out of the survey is complexity that they have to deal with, continue to increase. It's still one of the biggest headaches for all the security professionals and it professionals. And that's explainable in a way, if you look at how much digital transformation has happened in the last two years, right? It's an explosion of apps and APIs. That's powering all our digital way of working, uh, in the last two years. So it's certainly natural to, to see the complexity has doubled and tripled and, and we need to do something about it. >>And the number of tools keeps growing. The number of players keeps growing. I mean, so many really interesting, you know, they're really not startups anymore, but well funded new entrance into the marketplace. Were there any big surprises to you? You know, you're a security practitioner, you know, this space really well, anything jump out like, whoa, that surprised >>Me. Yeah. It's been an interesting discussion when we look at the results, right. You know, some of us would say, gosh, this is such a big surprise. How come people still, you know, willing to turn off security for the benefits of performance. And, and, and as a security professional, I will reflect on that. I said, it's a surprise, or is it just a mandate for all of us in security, we got to do better. And because security shouldn't be the one that prevents or add friction to what the business wants to do, right? So it's a surprise because we, how can, after all the breaches and, and then security incidents, people are still, you know, the three quarters of the, uh, interviewees said, well, you know, if we were given a choice, we'll turn off security for performance. And I think that's a call to action for all of us in security. How do we make security done in a way that's frictionless? And they don't have to worry about it. They don't have to do a trade off. And I think that's one of the things, you know, Dan in working our entire anti automation, uh, solution one is to PR protect. And the other thing is to enable. >>Yeah. You think about Dan, the, I always say the, the adversary is extremely capable. The ROI of cyber tech just keeps getting better and better. And your jobs really is to, to, to lower the ROI, right. It decrease the value, increase the cost, but you're, I mean, fishing continues to be prevalent. You're seeing relatively new technique island hopping, self forming malware. I mean, it's just mind boggling, but, but how are you seeing, you know, the attack change? You know, what what's the adversary do differently over the last, you know, several years maybe pre and post pandemic, we've got a different attack service. What are you seeing? >>Well, we're seeing a lot higher volume attacks, a lot higher volume and velocity. Mm-hmm, <affirmative> it isn't uncommon at all for us to go in line and deploy our client side signals and see, uh, the upper 90%, um, is automated, unwanted automation hitting the application. Uh, so the fact that the security teams continue to underestimate the size of the problem. That is something I see. Every time we go in into an enterprise that they underestimate the size of the problem, largely because they're relying on, on capabilities like caps, or maybe they're relying on two of a and while two of a is a very important role in security. It doesn't stop automated attacks and cap certainly doesn't stop automated >>Tax. So, okay. So you said 90% now, as high as 90% are, are automated up from where maybe dial back to give us a, a marker as to where it used to be. >>Well, less than 1% is typically what all of our customers across the F five network enjoy less than 1% of all traffick hitting origin is unwanted, but when we first go online, it is upper 90, we've seen 99% of all traffic being unwanted >>Automation. But Dan, if I dial back to say 2015, was it at that? Was it that high? That, that was automated >>Back then? Or, you know, I, I don't know if it was that high then cuz stuffing was just, you know, starting to kind take off. Right? No. Right. Um, but as pre stuffing became better and better known among the criminal elements, that's when it really took off explain the pays you're right. Crime pays >>Now. Yeah. It's unfortunate, but it's true. Yeah. Explain the capture thing. Cause sometimes as a user, like it's impossible to do the capture, you know, it's like a twister. Yeah. >>I >>Got that one wrong it's and I presume it's because capture can be solved by, by bots. >>Well, actually the bots use an API into a human click farming. So they're humans to sit around, solving captures all day long. I actually became a human capture solver for a short time just to see what the experience was like. And they put me to the training, teaching me how to solve, captures more effectively, which was fascinating, cuz I needed that training frankly. And then they tested to make sure I solve caps quickly enough. And then I had solved maybe 30 or 40 caps and I hadn't earned one penny us yet. So this is how bots are getting around caps. They just have human solve them. >>Oh, okay. Now we hear a lot at this event, you gotta turn on multifactor authentication and obviously you don't want to use just SMS based MFA, but Dan you're saying not good enough. Why explain >>That? Well, most implementations of two a is, you know, you enter in username and password and if you enter in the correct username and password, you get a text message and you enter in the code. Um, if you enter in the incorrect username and password, you're not sent to code. So the, the purpose of a credential stocking attack is to verify whether the credentials are correct. That's the purpose. And so if it's a two, a protected log in, I've done that. Admittedly, I haven't taken over the account yet, but now that I have a list of known good credentials, I could partner with somebody on the dark web who specializes in defeating two, a through social engineering or port outs or SIM swaps S so seven compromises insiders at telcos, lots of different ways to get at the, uh, two, a text message. >>So, wow, <laugh>, this is really interesting, scary discussion. So what's the answer to, to that problem. How, how have five approach >>It highend touched on it. We, we want to improve security without introducing a lot of friction. And the solution is collecting client side signals. You interrogate the users, interactions, the browser, the device, the network, the environment, and you find things that are unique that can't be spoof like how it does floating point math or how it renders emojis. Uh, this way you're able to increase security without imposing friction on, on the customer. And honestly, if I have to ever have to solve another capture again, I, I, I just, my blood is boiling over capture. I wish everyone would rip it out >>As a user. I, I second that request I had, um, technology got us into this problem. Can technology help us get out of the problem? >>It has to. Um, I, I think, uh, when you think about the world that is powering all the digital experiences and there's two things that comes to mind that apps and APIs are at the center of them. And in order to solve the problem, we need to really zero in where, you know, the epic center of the, the, uh, attack can be and, and had the max amount of impact. Right? So that's part of the reason from a F five perspective, we think of application and API security together with the multitier the defense with, you know, DDoS to bots, to the simple boss, to the most sophisticated ones. And it has to be a continuum. You don't just say, Hey, I'm gonna solve this problem in this silo. You have to really think about app and APIs. Think about the infrastructure, think about, you know, we're here at AWS and cloud native solutions and API services is all over. You. Can't just say, I only worry about one cloud. You cannot say, I only worry about VMs. You really need to think of the entire app stack. And that's part of the reason when we build our portfolio, there is web application firewall, there's API security there's bot solution. And we added, you know, application infrastructure protection coming from our acquisition for threat stack. They're actually based in Boston. Uh, so it's, it's really important to think holistically of telemetry visibility, so you can make better decisions for detection response. >>So leads me to a number of questions first. The first I wanna stay within the AWS silo for a minute. Yeah. Yeah. What do you, what's the relationship with AWS? How will you, uh, integrating, uh, partnering with AWS? Let's start there. >>Yeah, so we work with AWS really closely. Uh, a lot of our solutions actually runs on the AWS platform, uh, for part of our shape services. It's it's, uh, using AWS capabilities and thread stack is purely running on AWS. We just, uh, actually had integration, maybe I'm pre announcing something, uh, with, uh, the cloud front, with our bot solutions. So we can be adding another layer of protection for customers who are using cloud front as the w on AWS. >>Okay. So, um, you integrate, you worry about a APIs, AWS APIs and primitives, but you have business on prem, you have business, other cloud providers. How do you simplify those disparities for your customers? Do you kind of abstract all that complexity away what's F fives philosophy with regard then and creating that continuous experience across the states irrespective of physical >>Location? Yeah, I think you're spot on in terms of, we have to abstract the complexity away. The technology complexity is not gonna go away because there's always gonna be new things coming in the world become more disaggregated and they're gonna be best of brain solutions coming out. And I think it's our job to say, how do we think about policies for web application? And, you know, you're, on-prem, you're in AWS, you're in another cloud, you're in your private data center and we can certainly abstract out the policies, the rules, and to make sure it's easier for a customer to say, I want this particular use case and they push a button. It goes to all the properties, whether it's their own edge or their own data center, and whether it's using AWS, you know, cloud front as you using or web. So that is part of our adapt. Uh, we call it adaptive application. Vision is to think delivery, think security, think optimizing the entire experience together using data. You know, I come from, uh, a company that was very much around data can power so many things. And we believe in that too. >>We use a, we use a term called super cloud, which, which implies a layer that floats above the hyperscale infrastructure hides the underlying complexity of the primitives adds value on top and creates a continuous experience across clouds, maybe out to the edge even someday on prem. Is that, does that sound like, it sounds like that's your strategy and approach and you know, where are you today? And that is that, is that technically feasible today? Is it, is it a journey? Maybe you could describe >>That. Yeah. So, uh, in my title, right, you talked about a security and distribute cloud services and the distribute cloud services came from a really important acquisition. We did last year and it's about, uh, is called Wil Tara. What they brought to F five is the ability not only having lot of the SAS capabilities and delivery capabilities was a very strong infrastructure. They also kept have capability like multi-cloud networking and, you know, people can really just take our solution and say, I don't have to go learn about all the, like I think using super cloud. Yeah, yeah. Is exactly that concept is we'll do all the hard work behind the scenes. You just need to decide what application, what user experience and we'll take care of the rest. So that solutions already in the market. And of course, there's always more things we can do collect more telemetry and integrate with more solutions. So there's more insertion point and customer can have their own choice of whatever other security solution they want to put on top of that. But we already provide, you know, the entire service around web application and API services and bot solution is a big piece of that. >>So I could look at analytics across those clouds and on-prem, and actually you don't have to go to four different stove pipes to find them, is that >>Right? Yeah. And I think you'd be surprised on what you would see. Like you, you know, typically you're gonna see large amounts of unwanted automation hitting your applications. Um, it's, I, I think the reason so many security teams are, are underestimating. The size of the problem is because these attacks are coming from tens of thousands, hundreds of thousands, even millions of IP addresses. So, you know, for years, security teams have been blocking by IP and it's forced the attackers to become highly, highly distributed. So the security teams will typically identify the attack coming from the top hundred or 1500 noisiest IPS, but they missed the long tail of tens of thousands, hundreds of thousands of IPS that are only used one or two times, because, you know, over time we forced the attackers to do this. >>They're scaling. >>Yeah, they are. And, and they're coming from residential IPS now, uh, not just hosting IPS, they're coming from everywhere. >>And, and wow. I mean, I, we know that the pandemic changed the way that organization, they had to think more about network security, rethinking network security, obviously end point cloud security. But it sounds like the attackers as well, not only did they exploit that exposure, but yeah, yeah. They were working from home and then <laugh> >>The human flick farms. They're now distributor. They're all working from home. >>Now we could take advantage >>Of that when I was solving captures, you could do it on your cell phone just by walking around, solving, captures for money. >>Wow. Scary world. But we live in, thank you for helping making it a little bit safer, guys. Really appreciate you coming on the queue. >>We'll continue to work on that. And our motto is bring a better digital world to life. That's what we can set out >>To do. I love it. All right. Great. Having you guys. Thank you. And thank you for watching. Keep it right there. This is Dave ante from reinforce 2022. You're watching the cube right back after this short break.