50. Alan Braithwaite, Co-Founder and CTO at RunReveal: SIEM doesn't have to suck

Hello, everyone, and welcome to another episode of the Security Podcast of Silicon Valley. I'm your host, John McLaughlin, and I'm joined today by a very special guest and good friend, Alan Braithwaite. That's right. Thanks for having me, John.

Thank you for joining. Perfect. Amazing. I'm so happy.

I'm so happy to hear that. It's great to be here. So, Alan, you're the co-founder and CTO of RunReveal. That's right.

We're at a simple security data platform with the goal of helping security teams to peg threats faster and easier. And before you started this company, you've been building this company for about a year and a half. Before that, you were at Segment for a good chunk of time, five years. And then before that, you were at Cloudflare way back in the day for, what, about three years or so?

Yeah, that's when we met through our mutual friend. But also, I met Evan, my co-founder there. Yep. He and I worked at Cloudflare and became friends and just kind of chatted a lot about our future visions and ambitions.

And then we. . . I remember, yeah, we had that coffee in that little coffee shop right outside in the front of Cloudflare.

They had the little scooters and the motorcycle there. Yeah, that was so good. I'm so sad that they shut down. Such a good coffee shop.

Yeah. Yeah, run by Cento. Cento's still around, thankfully, but the bigger coffee shop, not so much. I'm sure the rent was high.

I'm sure it was, yeah. It was just a good spot. You probably had coffee there all of the time. Not quite.

It opened just before I went to Segment. So I was already on my way to Segment at that time. Evan, though, he boomeranged back to Cloudflare after Joe Sullivan started working there. And so he probably had a lot more coffee there than I did.

Well, we can be coffee jealous. Yeah. It's important to fill life with amazing things and good people and great coffee. Yes.

And San Francisco has the best coffee, hands down. Easily. In fact, when I travel, it's always a delight to come back and enjoy a coffee. Yes.

Very much so. And you recently arrived back yourself. So you have moving boxes behind you for those who can't see the video. Yeah.

Welcome back home. Happy to be back. I can say that the coffee here is the best because I lived in Seattle and New York. And it's just not quite the same coffee culture as we have here.

I'm sure it's more just a difference in taste and preferences. But there's just something about the light roast and the single origins that really prioritized here over other locations that just can't get enough of. You're so polite. There's going to be so much hate mail that comes in from, oh, you said this about our coffee.

Like, oh, it's OK. We can be honest. San Francisco does half the best coffee. Like, hands down.

If you agree or disagree, please leave a comma. Do you think of yourself as a security guy, Alan? I've thought about this a lot in my career. And I wouldn't have thought of myself as a security person for a while.

But looking back in retrospect, I don't know how I can think that because I've always been tinkering with computers, breaking things. So I'm not sure it's really appropriate to say I was not a security guy. But here we are. I'm building a security tool for security engineers and really just finally accepting that part of me and leaning into it.

And sponsoring B-Size, I might add. Sponsoring B-Size. B-Size was a big inspiration to us, honestly. Evan has, my co-founder, has worked in security his whole career.

I've always been a software engineer, which is why I haven't really considered myself a security person per se. But that being said, it goes way back when I was in grade school and high school, kind of circumventing access controls on library networks just to, with the sole purpose of trying to play video games. There you go. Yeah.

Using properties to play RuneScape on the library computers because RuneScape was not allowed. And from there, in high school, trying to get domain admin so I could add a Quake 3 arena to a network share so everybody could play on school network. So you could say I was kind of into security from a young age, but I never really thought of it as a career option until much later on. It was really in college when I started to seriously consider security as a career prospect because I was studying computer engineering, learning the hardware, knowing that I wanted to be a software engineer.

But being, becoming enamored with computer security, largely due to the fact that it was kind of an emerging industry. I mean, it's been around for a long time, of course, but when I was in college, the Wi-Fi was still unencrypted and SSL was not very wisely deployed. So it was trivial to do very nefarious things on public networks. And that was kind of a big eye opener for me.

And that's what really drove my interest in things like cryptography and authentication protocols and things like that. So even though my first job out of college wasn't in security per se, I was at a fiber optic networking company, which is now defunct. I went to Cloudflare not long after graduating college. And that was just my dream job at the time.

And still an amazing company, full of amazing engineers. And that was my break into security. Yeah. That's a strong security presence.

Yeah. Yeah. Even though I wasn't on the security team, I was on the data team there, you're still surrounded by all of these really brilliant engineers who are all thinking about security all the time because that's the core product of Cloudflare is just building a more secure internet. And that was really inspiring to me at that time.

Still it's still. Amazing. Did you get to work with Nick Sullivan? I think way back then.

Nick Sullivan actually interviewed me and I remember our interview very distinctly. Yeah. Okay. What did he ask you?

Well, let me give you some background. Before I interviewed at Cloudflare, I actually applied through the Y Combinator who's hiring. And I didn't hear anything for a couple months, but they were still posting to Y Combinator saying, hey, we're still hiring. So I messaged.

I did follow-ups. And they eventually saw that I had applied and bumped me up again. They're like, ah, who's this guy who keeps sending us emails? Absolutely.

All right. Let's see. But between the time I applied and the time I actually got the interview, I had gone to the crypto meetup at Cloudflare, which were cryptos and cryptography, not necessarily cryptocurrency. Of course.

The real crypto. The real. Thank you. I thought, yeah, it was learning a lot about that at the time.

And so even though I wasn't on the crypto team, I think Nick may have seen that or something. And in any case, he ended up being on the interview panel and we were talking about how to authenticate API requests and why HTTP is a kind of fraught protocol for trying to verify API parameters because you have to sort the query parameters and do some sort of hash function in order to have any kind of guarantee that it hasn't been tampered with. But it's all predicated on the fact that TLS or SSL is not present. So at that time, we didn't have universal SSL.

So that was kind of important. And we just were kind of going back and forth, imagining this future, which I hesitate to say, but I think we're almost there with nearly universal deployment of SSL. Things like the SSL tooling has just come so far in that amount of time. So fortunately, like we don't have to rely on those kind of clunky API protocols.

And that's kind of what we talked about in our interview there. And so it was fun. That's awesome. I worked with Nick before his time at Cloudflare when he was on the DRM team at Apple.

Oh, cool. Yeah. Yeah. He and I, we worked for a good chunk of time.

Apple's got a killer team for sure. Several of them. And actually, it's really amazing. A bunch of the people from that team went off and started companies, joined other startups.

A bunch of them are on the show. Nick has a show, so you're in good company. So tell us a little bit about what is RunReveal? What do you guys do better than everyone else in the world?

Yeah. We're a security data platform, is what we're calling ourselves. And we make correlated detections across SAS applications really easy. By integrating directly with those applications, normalizing the events, the audit logs that are being ingested, pulling out those important signals, things like logins and API token creation out of that normalized data stream.

So you're not having, as a security engineer, to zift through the terabytes of data that you're ingesting. And you can really just focus on building detections to create youthful alert. And in order to do this, we really had to reinvent every component of a sim, which is kind of the space that we're playing in, from the ground up, from scratch, to make it really simple to use and easy to manage. Because none of the existing vendors or software out there that we could find really did all of this very well.

And so we're taking a very product first approach to this problem. And we're not building the database, which gives us a huge advantage. We can really just focus on what security teams and detection response engineers need in order to give them the value that they're looking for out of a tool like this. And all of the other tools, you kind of, there's just a lot of tools out there and it's difficult to build one that has, kind of removes all of the cruft and only gives you the things that you need and gets out of your way and lets you do your job.

Awesome. No, thank you for sharing. I noticed that you didn't call yourself a sim. Yeah.

Yeah. We're very intentional about that. I felt the intentionality. There's a lot of other players out there right now calling themselves a security data platform who would be our competitors, of course.

And they're more security ETL products. They have detections and they have all of these things as well, but they look a little bit more hands-on, so kind of choose your own adventure. So a bit more customizable, maybe more oriented toward the high enterprise, whereas we're trying to build for everybody.

We took this philosophy from Cloudflare and Segnant where we want to build something that enterprises can use, of course, but also we want to build something that even the smallest teams without a large budget can be able to deploy this critical piece of security software that every company needs, whether it's for compliance or just to make sure that you actually have a good security posture and you can detect incidents. It's something that we're aiming for. Ah, you said the magic word, compliant. We need this for compliance.

Yes, we do need this for compliance. So all the gratitude in the world. Everybody does, yeah. Yeah, we all do.

I don't know anyone that escapes that problem. I mean, unless you don't have a business, but okay. And there's lots of ways that you can like kind of hand wavy do a SIM, but doesn't really get you everything you need that you want out of the product. So there's a lot of options out there.

A lot of people are starting to build their own, which is what we would consider kind of our biggest competitor really is people without a SIM and people building their own SIMs because they're completely. Do they see the knee that you have already seen and have stepped forward and built this amazing product? Right. And they, well, they do all the vendor analysis as well.

They go out and they try and buy it and they just can't find anything that hits the right number of features. They're the right features themselves and also comes in at a price that is digestible to growth companies. When security is seen as a cost center, like you don't win by charging more than companies like Splunk. Well, yeah, it's hard to charge more than Splunk, right?

Right. Keep your tongue in cheek. So why did you start RunReview? You mentioned like there's a lot of stuff out there.

Nothing really hit the spot. Yeah. We started RunReview actually with the goal, kind of the singular goal of helping people detect breaches more easily. And we actually started by building something completely different as you do in when building startups.

We started by building honeypots and canaries, similar to Think's canaries. Maybe some of your listeners might be familiar with them famously bootstrapped, didn't take on any VC money. Great product by founder Heron Mir. And after some time building, we realized that a lot of folks in the industry don't really know how to fit it into their budget.

So that created kind of an uphill battle for us, especially with an established great product like things out there. So we kind of had to reanalyze what we were doing. We still believe that canaries and honeypots are a great and underutilized tool, but really needed to make a change in order to start to get traction. And so it was about that time we had started to build a data pipeline for collecting the events from those honeypots.

And as we were building it, we started to realize if you squint, this kind of looks like a security log pipeline. And we started to run some numbers and realized, hey, we can actually build a better sim. We can build a security data platform that's useful and scalable and still be able to provide value and charge less than a lot of the incumbents. So that was the big light bulb moment for us was when we realized that we could do this at a much more affordable price point and still build a better product and make it easier.

You know how they say you have to be 10x better than any existing product to really make a dent? Well, that was kind of the moment where we realized that and we just immediately took a turn and didn't look back. That's a classic story. I love it.

It's like you are building something amazing in-house and you're having to solve like even smaller, more specific problems underneath the hood, realizing that everyone actually shared that data pipeline problem. And you used your superpowers that you find earned at your time at a lot of flair and then at segment to really just pour all of that hard-earned experience into this new product and with your pivot. Yep. That's exactly right.

And it's kind of an ideal team for it too. Evan having been an operator, senior director of security, product security at Cloudflare. He has all the operational experience to know what's important to security teams. Meanwhile, I built the data pipeline at Cloudflare and did the same segment.

And so my whole career, I've just been thinking about how to do log processing and scalable event processing. So scale is one problem we won't have here at RunReveal, which is something I can say very confidently. Getting the product right, it's essential to have somebody like Evan on the team. So it just came out and made a lot of sense.

And so. That's so important that the co-founders on the founding team compliment each other and bring their own set of superpowers to the table. And that was like, you've got the winning formula. So just for all of our investors out there, would you like to share your bank account that we could transfer money into and get that safe signed?

I don't know. Are you, did you raise? We just announced our first raise right before B-Sides and RSA. Oh, congratulations.

A half million. Thank you. Very nice. Just enough runway to get us off the ground and trying to avoid some of the challenges of raising too much.

So we're just being very intentional about fundraising. We really just want to focus on building a great product and not have to be too concerned with going out and doing a whole lot of investor relations. Over-sister managing all of their expectation. Exactly.

Yeah, it's the best type of investor is not one that brings money to the table. It's one that brings the opportunities. So at this point, it's all about traction. Right.

And whenever I think about entrepreneurial journeys, it's computers are the easy part because they just do what we tell them to do. It's the people that are kind of maybe a little bit on the more interesting side, like the tricky side. Because when you ask people to change their behavior, when you ask for adoption, asking people to change their behavior. And we are an interesting bunch.

We all are like quite irrational and opinionated. And we've got lots of emotions about all sorts of things that oftentimes don't make any sense at all. And good luck. Good luck.

Thank you. Thank you. That's actually why we kind of latched onto sim as a category, even though we kind of see ourselves as bigger than that. We realize that people need something familiar to be able to associate us with the features that we're building.

So we're on a mission to make sim not suck is what we like to say. Sims that don't suck. A sim that doesn't suck. I would love a t-shirt that says that on.

A sim that doesn't suck. All right. That's awesome. And speaking of the world of sim, there's a bunch of current events happening.

So not too long ago, there was a huge consolidation with Exabeam and Logarithm emerged into shoot radar and all auto networks. Yeah, that's right. There's a lot of consolidation happening in the space, which is really interesting to see from our perspective. So what do you think is happening?

What's going on? Well, it's a really hard space. Building in this space, it's their data intensive applications. It's a lot of infrastructure to deploy.

Historically with Splunk, you bought an appliance, you installed it, racked it, tagged it, and started running with that, paying Splunk a second mortgage. Oh, and speaking of Splunk is acquired by Cisco. That's right. Yeah.

Even the running joke is that Cisco couldn't afford a Splunk license, so they bought Splunk outright. It was cheaper. It was cheaper to buy Splunk than to buy a license. But, you know, just aside, Splunk's a great product.

Obviously, they're hard to disrupt because there is a massive deployment of Splunk in the world and tons of talent who are trained on Splunk and know how to use Splunk and optimize it. And that's not to be ignored, I think. We took the learning from Splunk itself, the fact that they have Splunk query language, and the more and more we talk to people. So let me take a step back.

We're building on top of a database called ClickHouse. So that enables us to not have to build the database like Splunk is and a lot of the other sims we're doing. So that gives us a lot of breathing room. But we realize that security engineers and analysts don't often love using SQL to do their investigations and write their detections.

And so Splunk has Splunk query language. Sumo has their own query language, which is similar syntax. Microsoft has Cousteau. And so we wrote a language called PQL, which is an open source piped query language, which compiles down to SQL.

And it can work with any SQL database. It's agnostic towards the backend SQL database, which is great because you can use it in other places where you wouldn't be able to use it otherwise. So that's kind of a significant advancement, I think, in this area. Um, but we're learning from our customers and meeting them where they're at.

So with Splunk, you know, all the other tools, people wanted that feature. So we went ahead and built it. But getting back to the question, like what's going on with all the, all this consolidation, it's just a really hard space. Building an infrastructure company is very difficult because it's very capital intensive.

You have to think about your margins and with the mergers, they're really kind of saying that they, what they're doing, they need to combine in order to get to the next level. And so I think it's a great opportunity for us because it's kind of saying that when people go out to buy a SIM, they're like, let's buy a SIM. And they're all pretty much usage based in terms of their charging. So people are like, wow, this is pretty expensive.

How can we reduce the costs? So they pick up a tool like Crib. And they realize, oh, we need user entity behavioral analytics in order to be a more effective form of detection. So they pick up something like an exabeam or something along those lines.

So they pay another vendor for that. And now you've got tons of alerts coming out of your SIM. And so you pick up a product to consolidate those alerts. And now you need a product for automation on top of that.

So you pick up a SOAR. So there's just like a lot of products in the space that do one thing really well, but it's just kind of insane. Like they're all products, which are a means to the same end, which is effective detection and a response companies. They're all doing the same thing, but they're all different tools.

So I think a lot of this consolidation is driven by that, where they need all of the different features from the other companies that they have been built. And it's going to be interesting to see how they integrate the features from one another to create kind of this unified product experience. So we're also learning from that. And we're trying to build something from the ground up and take the key insight.

The product is not the data itself, but the value it provides in the form of building effective detection and response. So to do that, we're just making the management of the data as simple as possible and doing the heavy lifting for our customers so they can get what they need out of the product instead of dealing with building connectors, normalizing the data or building out destinations. Wow. Okay.

So as a security. . . No, it's a great answer.

As a security professional and a security operator and co-founder of YSecurity, I go, my co-founder and I and everyone at YSecurity, we go into startups. We help them raise their security posture with an on-demand security team, a detection and response policy and program. And then an implementation is always part of that. And the security alphabet soup of all the mergers and the acquisition, that just sounds like a total nightmare to get anything like useful, especially for a small company that's ambitious, that's moving fast, that needs to stay on top of their security.

posture for compliance reasons. And doesn't have time to sit there and twiddle, diddle and burn precious time and precious dollars on like a whole collection of stoop. And it really makes me want to just try Run and Review. Yeah.

Yeah. Yeah. Right now. If you can go do that.

Is it a self-service? There's a self-service. There is a self-service level. Yeah.

You can sign in and start using it. You can connect your cloud trail laws. You can connect Okta. Run and Review.

com? Run and Review. com. That's right.

Your hero is a stim. Sim doesn't have to suck. That's right. That's right.

And yeah. It's pretty great. I like the purple colors too. Thank you.

All right. So like red team, blue team, purple teaming. There we go. Great.

I like it. Yeah. Or purple. Good color.

Not too genderized. What's the best day that you've had so far in your journey at Run or Review? I think tomorrow is always the best day. Just keeping a positive outlook, being optimistic.

But realistically, in seriousness, our customers that make this journey worth it. And speaking of onboarding, we will often get on a call with a customer and just start onboarding right away and finish the onboarding. Within a call. Which is.

You have a trust center. I'm looking at your trust center. Yeah. Oh, you have SOC 2 type 2.

We do. High five. High five. Good job.

Now we can use it. Check all the boxes. No, it's not just about checking the boxes. It's great to see security companies also taking their own in-house security very seriously.

Of course. You have ART's here on your trust center. I think that's the first time that I've seen ART on your trust center. Well, we think security should be fun too.

I couldn't agree more. So we're trying to build a product that really delights the users and making it so easy to get set up and get running is just like seeing people's faces when they realize, oh, it was that simple to connect something else. This is great. So I'd say the best day at the company.

I was surprised that you could just, it just, that connector bit and it started to do things and it didn't make any, it didn't make too much noise, like all sponsors and. Yeah. It's a good day, huh? Yeah.

Yeah. So anytime we're setting up a new customer is a great feeling and we're here for them and we really love that. So I feel the love. I appreciate that there's smart people in this world that care deeply about hard problem and share that with the entire security community.

So a huge thank you, Alan, but being a founder is not always like sun shining peaches and roses. Sometimes there's challenging moments. Yes. And I'm wondering if you might be able to share what's the most challenging moment that you've had in your journey so far at Robert Gil.

Yeah. It's hard to pick one most challenging moment at this point. I wouldn't say we have had a most challenging moment yet, but every time we've gone and done a POC with a customer or a prospect and they determine that it's just not the right fit for them, it's staying low. And so of course, like we have high standards for ourselves, but security folks are really critical buyers.

And I think rightfully often we're missing some such feature here or there that is a deal breaker for them. And that hurts. It's just one reason why we're really aiming to meet folks where they're at and not trying to be too opinionated about the types of features that we're building and instead letting our customers kind of guide us in the right direction. There is a big learning that we've had on this journey is that there's no two security organizations that look alike.

It is incredible the amount of diversity that organizations have and how they build and operate their security team and their security motion. And it's, I guess, not that surprising when you consider that security is seen as mostly a cost center and not value add to the business. But as a result, we often don't know what we're going to hear from our customers of their requirements until we're on the phone with them and kind of sussing that out and figuring out what it is that they need and how we can help them best. But it's always a little bit challenging to hear how you don't have this feature that we find really critical.

So we need to find somebody else to be able to fill that gap. But by and large, people are really bought into the vision. I think the fact that we're not a cloud only sim, we allow customers to bring their own database. Data presidency is a big front of mind problem for us, especially in the security space.

Huge. Yeah. Huge. So by allowing our customers to bring their own database, we're kind of fitting that space where a lot of the sims that have in the started five to 10 years ago are cloud first or cloud only sims make it really difficult to justify.

Buying them, which is why we see a lot of companies deciding to do the crazy thing and build their own sims because the other on-prem options just cost way too much. So we're kind of finding where it makes sense. You're a sweet spot. You found a sweet spot.

The sweet spot is like, A, you can own your data, put that wherever you want. That could be your data center. That could be your own VBC. That could be like a joint VBC probably.

Or if you don't care, I'm sure you'd be happy to host it. Yeah. Yeah. Exactly.

And that's the big thing too. If you don't want to host your own, we'll handle it for you as well. For a lot of folks, they're not big enough to have their own dedicated ClickHouse cluster, which is the database that we support today. Yeah.

You mentioned ClickHouse. ClickHouse. It's an interesting trick. I'm sure there was a lot of thought that went into it.

Can you want to just ease us a little bit on like why? Yeah. I mean, ClickHouse has been a great partner for us so far. We have a lot of experience with it from Cloudflare and Segment.

Cloudflare was a very early adopter of it, pretty much as soon as it got open source back in 2016. And I was honestly initially a skeptic. I was a bit dogmatic about how I viewed databases and what was necessary. And the fact that it didn't have transactions out of the box made me very skeptical that it could actually provide value, so to speak.

And I was very quickly proven wrong. We had some talented engineers at Cloudflare who deployed it, and I got to see firsthand the power that it could provide for doing things like analytics. And so I was kind of a fly on the wall and helped consult some on that project, but wasn't ever developing on it. And so when I went to Segment, I actually kind of brought it over and pushed to build some products on it.

At Segment, I did a Hack Week project where I built some customer-facing observability tools, which we call product observability, to help our customers at Segment better understand how their data is flowing through Segment. So things like being able to tell how many properties are being dropped from your JSON events or GDPR reasons or PII, that sort of thing. And so it was really important to our customers to be able to see that. And there was no database out there that could handle the high cardinality datasets that ClickHouse can handle.

So we started out as a Hack Week project, made it into a full project, and now it's deployed widely within Twilio, which acquired Segment in 2020. When looking at databases, there was a lot of thought that went into it, but it was like thought that happened previously. And it was pretty obvious to me when starting that it was going to be a great option. And like I said, they've been great partners throughout, and they're very supportive.

And I highly recommend checking them out, even if you're not doing what we're doing. Just for all of our listeners, I looked at their Wikipay ClickHouse as an open-source column-oriented database management system. Oh, yes. Thank you.

Or online analytics processing, like you were just talking about, Ellen, that allows users to generate analytic reports using SQL queries in real time. That, plus it's used in Cloudflare, it's used in Segment now, because you brought it over to Segment. So it's very powerful, very proven technology. Yeah, thanks for clarifying that.

Sometimes I get so excited about it, I forget to. No, it's good. It's good to get into the detail and to hear the story that goes along with the technology. Yeah.

So it's really good at analytics, online analytical processing, and it's kind of described as like an open-source, more affordable and faster. Snowflake. So if you fast forward into the future and you look at run reveal and it's just smashing success, help us see what that looks like from your version. Sure.

Yeah. So for us in the short term, our success is really just helping customers detect suspicious and malicious activities happening in their networks and to detect those faster. But long-term, we believe that there's, like we discussed earlier, there's just so many security tools out there that are doing so many things, but they all have one commonality and they all depend on good data. So long-term, we want to build security tools that require those data intensive applications and could benefit from an open and extensible data platform.

We learned very early on that selling to overworked security teams, just having the platform is not sufficient. So we really want to build useful tools on top of the platform to kind of activate that data and give more value out of the box and not just be like this security data platform, but instead have this collection of tools that are really useful to security teams and help businesses improve their security posture across the board. And so we're just working towards that goal and that vision and just want to help security teams be more effective in their roles. Thank you for sharing.

And would you say that there was a book or maybe a movie that you read or you watched at a very impressionable age that just significantly changed the way that you see the world and you wouldn't be the same person today without that perspective? Yeah. So thinking back, there's a lot, of course, big into cyberpunk, but I chose something that's not really cyberpunk. Something that really changed me at a young age was reading a book called Slaughterhouse Five by Kurt Vonnegut.

It's kind of a classic anti-war novel, but it also explores themes of free will and the nature of time and space. I'm in space and through the main character journey, I use dark humor and science fiction to kind of challenge the conventional narratives and prompt reflection on like trauma and the randomness of life. And it just kind of altered my philosophy towards how I think about the world. And it almost unintentionally has these Buddhist theme of being present and just really not dwelling too much on the past or the future, but instead working on yourself and being everything.

I don't know. I don't know. It's hard to put into words really, but it was really. Are you Buddhist?

No, I wouldn't consider myself Buddhists, but I do practice mindfulness. I am very interested to learn more about Buddhist practices, but that's more because I think there's a lot to learn from Eastern philosophy that we don't typically get taught in Western culture, just in terms of being content with what you have and not desiring too much out of the world, seeing what you can get back. I mean, in some sense, in some very concrete sense, the past is done and the future is not here yet. And the only thing that we ever have at this very moment.

Exactly. Yeah. And so the book through humor and science fiction kind of explores those themes. Spectacular.

Well, Alan, it's been amazing to have you on the show. Likewise. Thanks for having me. It's a really pleasure.

No, thank you so much for sharing your insights and just a little bit about your journey at RunReveal and some vulnerable moments and some good laughs. Would you like to leave? And good coffee. And coffee.

Yes. I'm in the mood for a coffee now. Well, now that you're back in the Bay Area, you can swing by and we could grab another coffee. If our listeners are interested in trying out RunReveal, there will be links in the description.

There's also links to Alan's LinkedIn profile, my LinkedIn profile, and A. Would you like to leave our listeners with any final words of wisdom? Put me on the spot. I know.

I didn't put this in the shit. No. Just Hakuna Matata, I guess. Hakuna Matata.

I love it. Lion King was actually my favorite children's movie growing up. And so that probably had a big influence too. It means no worries, of course.

What a wonderful name. The idea of, yeah, you just gotta kind of roll with things and take things as they come. Now that song is going to be stuck in my head. You're welcome.

Thank you so much. Of course. Thanks for having me. It's been an absolute pleasure.

Thank you so much, Alan. Thanks so much for dedicating so much of your life to solving these hard problems for the entire security community. And thanks for joining on the show and sharing a little bit about your journey. We'll have to do it again.

And thanks to all of our listeners for tuning in to another episode of the security podcast of Silicon Valley. I'm your host, John McLaughlin. This is a Y Security production. Thanks.