The Evolution of Platforms and the Role of AI with Phil Calvin

Joseph Carson:

Hello everyone. Welcome to another episode of the 401 Access Denied podcast. I'm really excited as always to bring you amazing guests, hot topics, and something to give you a bit about information that you can take away and really apply to your organizations and your security strategy. Today I'm joined by an amazing guest I've been chasing for a long time, so I'm so happy to get this person. And not only did we get them on the podcast, but we also got them live in person. So we're joining you and this episode has been recorded live from BlackHat. I'm going to pass it over to Phil to welcome Phil to the podcast. This is the 401 Access Denied podcast. I'm the host Joe, and my guest today is Phil Calvin. Phil, do you want to give the audience a little bit about who you are, what you do.

Sure, absolutely. So my name is Phil Calvin. I'm the chief product officer at Delinia. I lead the product team, the engineering team, cloud engineering team, and technical support team. So I always say I'm the one throat to choke when things go wrong.

Phil Calvin:

So now we got you on camera.

Joseph Carson:

Absolutely. I'm good with that. So I've been at Delinia for about three years, joined just after the merger of Thycotic and Centrify and prior to that, spent about a decade, almost a decade at Salesforce, led the platform engineering team there. Prior to that, had a few startups. Sold one to Salesforce and one to Citrix, crashed a few others into the ground. Always been involved with enterprise software since I was a little kid. Early days building software for Rockwell software and manufacturing control systems. I love building large scale platforms.

Phil Calvin:

Fantastic, fantastic. That's what today's episode is all about, taking that knowledge that you have and really run the evolution of platforms, because one of the biggest topics I've seen this year has been the acceleration and adoption of platforms. So that's what we're going to talk about today's topic and the theme. So let's talk about a little bit about the early days, the evolution. Where do platforms really start and what was the birthplace? So that really evolution?

Joseph Carson:

For me, and this is not for everybody, but for me, my very first job as a co-op at Microsoft and as I was 18 or 19 years old. I really got an exposure to Microsoft sort of platform view of the world. Their world was, "Here's a set of APIs that are built into the Windows platform." And that's how they would call a platform. So they'd ship that, and as you evolved, other applications started building on top of Windows and on top of Linux and Unix and they'd build their own platform on top of it. Rockwell software for example, when I started we had something called RS View 32, which is a great mechanically nerdy name, but that was for manufacturing control systems. Then as you fast-forward, you look at platforms like Citrix MetaFrame and obviously in my days at Salesforce, the Salesforce platform technology changed and evolved over time moving to the cloud, absolutely.

Phil Calvin:

How it was delivered, I think that's the big change and how we consume it. I lived through the days of the WinFrames and MetaFrames and it was always about... That was the virtualization deliver platform was about that thin client. It allowed you to deliver applications across large environments and the evolution was really about easier to manage, centralization, easy to deploy agents and so forth. So that was really that, but it was still on-premise. It was still in your environment, you still hosted it and you delivered it over your network. How has the evolution, what's been changing over the years? I think when you're talking about things like when you get into Salesforce, that was a whole different evolution because that's where you start thinking about where you're not hosting it anymore, someone else is hosting it. So tell us about that evolution.

Joseph Carson:

I think you've seen a couple of shifts, is that there's the shift from we go to a virtualization platform like you talked about with MetaFrame, and then you will go start to move to the cloud and the original ASPs and then Salesforce sort of coined the term cloud where the delivery vehicle is actually just somebody else's infrastructure, when you think about it at it's most basic. And so that, you look at Salesforce and Workday and CrowdStrike and all these companies that are building on this modern platform and they're delivering this cloud. And I think the big change that you're starting to see just in the last five or six years is not just that it's delivered in the cloud but it's constructed different and then you would build even the Salesforce platform ten or 15 years ago. Your mental model around constructing is completely different and it gives you just an agility from an engineering viewpoint and it's a much more modern way to be building and approaching software.

Phil Calvin:

Absolutely. I think it really allows all organizations of all sizes to consume it because when you started thinking about during the 2000s, 2010, I remember that platforms got so complex. There were so many components in the background. You had to have network specialists, you had to have operating system specialists to database specialists to application specialists just to deliver the end application, the actually ingredients that made that up. Basically you had to manage all of that. You had to have licenses for all of it. You had to have resiliency built in for backup to deliver that one end application. I went through the times where even integrating, I went through integrating TNG with Remedy and SNMP and all of those complications, and it took sometimes six months to a year just to integrate.

Joseph Carson:

And one of the side effects of that much heavy lifting in order to integrate is the actual end user experience is compromised. Because since you had so much technical lift to actually integrate technology together and get all the bits and bytes working together, you really couldn't think about, "Well, how is this platform going to be consumed by somebody?" So the side effect of this cloud revolution and migrating platforms to the cloud is the running of all this technology becomes my responsibility and result of the customers. And then you get, you've had this wave over the last 10 or 15 years of this, I call it the consumerization of the experience.

Where 15 years ago, 20 years ago, if you had an enterprise software that had one big green button, took 40 seconds to operate, did what it needed to do, consumers would be happy and the users would be happy. Nowadays, that button has to be styled perfectly, it fits into the overall user experience and operates nearly instantaneously. And I think just that has increased the ability, have also increased the capabilities of platforms to deliver functionality to your customers.

Phil Calvin:

Absolutely. And what does the platform for you look like today in the modern sense of technology? Because now you get a lot of value. It's allowing when you need to deploy updates, it's instantaneously. When you need to get new features, it's instantaneous. If you need to add more users or more computational power, it's so flexible, so elasticity. For the person who's consuming now, they don't need to worry about all of that underlying, let's say services that build that platform up. They just need to consume the specific application. So what does a modern day platform look like?

Joseph Carson:

So I'd put a modern platform into a few buckets. Give me few seconds, I'll explain the buckets. The first one is I think you have to decompose your system into services, what's called microservices. Not because that's technical and nerdy and it's great, but because what that allows you to do is have teams run autonomous objects that you can have appropriate level of what's called quality automation so you can run quality and security and you can make sure that that object, that microservice does exactly what it needs to do. You're allowed to push code to production on a continuous basis. There's no concept of, "I'm going to push a bunch of code and call this a release." That's the first part of it. The second part of modern cloud is you need some core, what we call shared services that allow you to build a common interface on top of that.

So things like a common RBAC model, a common permission set, a common way to deal with provisioning and those kinds of things. And then you have the ability to extend that platform. There's a number of ways you can extend platforms, whether it's you do it as a set of APIs, like a publicly accessible platform or whether you have the ability internally to add new capabilities. So in our case, for example, we had the delivery platform. The first use case we brought on there for the customers was the secret server use, so vaulting and all that kind of stuff. We additionally built up remote access on top of it for privilege, remote access and bringing on other internal delineated capabilities. We bought the great company called Authomize and another company called FastPath, also fantastic. And we went from closing Authomize in January to launching them generally availability in June integrated on the platform.

And so they're using this core services, all the pipelines, all that kind of stuff. That's a modern platform. The last part of it, which is probably the most important from an end user viewpoint is a common set of experiences. So we have a common set of user interface libraries so that all of the capability we can deliver, look and feel the same. So we're not shipping our org chart to the customers, which is something I use. So it looks like it's a common application whether they're working in a vault use case or whether they're finding over-privileged cloud...

Phil Calvin:

Fantastic. That for organizations, it really means that they can just consume the use case-

Joseph Carson:

Correct.

Phil Calvin:

... Rather than the entire having to think about things like resiliency, backup and recovery. A lot of the security elements is built into the platform itself, which really changed. It means that organizations that they can really focus on the acceleration side of things and almost a consumption as they need to. There's a lot of buzzwords around different events and the media around AI and LLM, large language models, LLMs. What's happening on the platform side when it comes to integrating some of the more futuristic side of things? What's happening?

Joseph Carson:

Again, coming back to some of the benefits of a modern architecture, we're just rolling out a feature we're calling AI-driven audit.

And so, getting into a little bit of the features of the overall platform, you can get out, check out a secret, and then go remote into a machine and do some work on that machine. And as part of governance, we will actually allow our customers to record what happened in that screen during that session, in that privileged session. And so you could think about hundreds of hours of recorded sessions and somebody's job would be to go and walk through that and walk through a hundred hours. So what AI-driven audit does is it actually looks at those video files, it does an OCR on them to turn it into a story, and then it applies an LLM model to that to find anomalies.

So for example, if I'm an admin and I normally go in there and work around database, but I suddenly went in there and reset a password, well that's kind of nuts, not normal. So I can get flagged by the system. So instead of having to watch hundreds of hours to find anomalous behavior or maybe insider threats or whatever, I can maybe look at five videos and five very specific locations.

Phil Calvin:

So it's really becoming a detection or SOC analysis assistant in regards to so they can focus on the things that matter.

Joseph Carson:

Correct.

Phil Calvin:

Really start, rather than going through, I remember sometimes when there was an incident, I would have hundreds of logs to analyze to go through and try to find that needle in a haystack. And what is this doing is showing you the needle in the haystack, which you need to go and look at.

Joseph Carson:

And you can present it in the platform interface. You can present it in a nice very clean, here's a red alert sign that you need to go over here, right quick. So the user doesn't have to go and fish through, find that needle in the haystack and do all that stuff. And it just ends up being orders of magnitude faster, very...

Phil Calvin:

So in this case, it really potentially reduces that dwell time significantly. One of the biggest challenges many organizations have is one is finding the needle in the haystack and reducing the dwell time, which sometimes is months for many organizations to find the attackers or find the abuse of privileges in the organization. So really reducing that dwell time and accelerating time to discover.

Joseph Carson:

Yep. And then of course remediate it quickly as possible after that.

Phil Calvin:

Fantastic. And what's your vision for the future? What do you see? What's coming? Where can you see this for organizations going to even further down?

Joseph Carson:

If you look at AI in particular and cybersecurity in general, there is a whole bunch of new use cases that AI is unlocking for customers. You've got a lot of stuff frontline workers and opening up a lot of new things that they can do. That unfortunately actually opens up the blast radius quite a bit. And so our job is to what can we do to use AI in order to proactively create authorization policies that allow us to do just the right thing at the right time. And so that's where we see the AI helping Delinia and our customers solve policy-based authorizations as quick as possible.

Phil Calvin:

Fantastic. And what were some of the resources you'd point people to if they wanted to learn more about platforms and Delinia specifically on some of the innovations that's been happening, what resources would you point them to help them learn more?

Joseph Carson:

Definitely go to delinia.com. There's lots of information in our platform. I would be remiss if we didn't talk about that. You see a lot of platform resources when you look at some of the big ticket platform vendors, whether it's infrastructure, AWS and Microsoft and those types of things. There's a tremendous amount of platformization resources around some of the platform technologies like Kubernetes and all that kind of stuff. And then, I worked at Salesforce as I said for quite a long time, and on the Salesforce world, there's a lot of good information on why platform and why ...

Phil Calvin:

And where do you go for knowledge or how do you consume your next knowledge in the future?

Joseph Carson:

I consume lots of different ranges of knowledge. On the technical side, I still spend enough time in technology that I need to go in there. I spend a lot of time in things like stack overflows, putting articles around that, looking around GitHub. I've actually did a little pet programming project myself and I use ChatGPT to help me plan up. While I've programmed in about a million programming languages, this one I hadn't, so I needed to learn it. So I use ChatGPT to help me do various things on that. I think that's just an incredible way to keep learning. There's no one spot for me, learning is a continuum. I'm always involvement whether it's about technology or the product we're doing or the cybersecurity.

Phil Calvin:

Fantastic. So hopefully that's a whirlwind tour of the history of platforms and some of the what platforms have turned into and a little bit of outlook for the future. Phil, many thanks for being on the show and it's been great having you. For the audience, we'll definitely make sure that a lot of the links and information is in the show notes and hopefully we'll be able to get you on back again to talk probably a bit more about the AI side of things.

For the audience, tune in every two weeks for the 401 Access Denied podcast. It's been great having Phil on the show. Hopefully look forward to seeing you in more episodes in the future. And for everyone, stay safe, take care, and thank you very much.

Joseph Carson:

Thank you, Joe.