This episode explores why the most dangerous vulnerabilities are often the ones organizations don’t even know exist. HD Moore shares how attacker-grade discovery techniques can expose hidden assets, broken segmentation, and overlooked weaknesses before they become breach points.
The often-overlooked truth in cybersecurity: Seeing the Unseen in Vulnerability Management
In this episode, Sean Martin speaks with HD Moore, Founder and CEO of RunZero, about the often-overlooked truth in cybersecurity: the greatest risks are usually the things you don’t know exist in your environment.
Moore’s career has spanned decades of penetration testing, tool creation, and product development, including leading the creation of Metasploit. That background shapes his approach at RunZero—applying attacker-grade discovery techniques to uncover devices, networks, and vulnerabilities that traditional tools miss.
Why Discovery Matters Most
Through repeated penetration tests for high-security organizations, Moore observed a consistent pattern: breaches rarely occurred because defenders ignored known issues, but rather because attackers exploited unknown assets. These unknowns often bypassed mitigation strategies simply because they weren’t on the organization’s radar.
Beyond CVEs
Moore emphasizes that an overreliance on CVE lists leaves organizations blind to real-world risks. Many breaches stem from misconfigurations, weak credentials, or overlooked systems—problems that can be exploited within days of a vulnerability being announced. The answer, he says, is to focus on exposure and attack paths in real time, not just lists of patchable flaws.
Revealing the Gaps
RunZero’s approach often doubles the asset count organizations believe they have, uncovering systems outside existing scanning or endpoint management coverage. By leveraging unauthenticated discovery techniques, they detect exploitable conditions from an attacker’s perspective—identifying forgotten hardware, outdated firmware, and network segmentation issues that open dangerous pathways.
Changing the Game
This depth of discovery enables security teams to prioritize the small subset of issues that pose the highest business risk, rather than drowning in thousands of low-impact findings. It also helps organizations rebuild their security programs from the ground up—ensuring that every device is accounted for, properly segmented, and monitored.
Collaboration and Community
Moore also shares his ongoing contributions to open source through Project Discovery, integrating and enhancing tools like the nuclei scanner to accelerate vulnerability detection for everyone—not just paying customers.
The message is clear: if you want to close the gaps, you first need to know exactly where they are—and that requires a new level of visibility most teams have never had.
Learn more about runZero: https://itspm.ag/runzero-5733
Note: This story contains promotional content. Learn more.
Guest: HD Moore, Founder and CEO of RunZero | On Linkedin: https://www.linkedin.com/in/hdmoore/
Resources
Learn more and catch more stories from runZero: https://www.itspmagazine.com/directory/runzero
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
[00:00:00] Sean Martin: Hd. Howdy. How are you, man? Pretty good. How yourself, are you surviving the show so far? I think, uh, I think my feet would disagree, but yes, I am. It's uh, it's a good event. I have to say.
[00:00:12] Sean Martin: Your marketing team, oh, this is amazing. Yes, right. This was the genius. This was not a, this is thing you could buy, but that way this is cool. The location is cool and I think, I think people know you're cool and then the company's cool. So it's a, it's a whole round of coolness here. Um. I'm thrilled to actually chat with you.
[00:00:33] Sean Martin: I caught up with, uh, with Todd in, in, uh, London, and he and I had a good chat and uh, I'm excited to dig a little deeper into some of the stuff you're doing. Run zero. Um. You're a legend in this space. A lot of people know you. But for those who are new to the, the world of cybersecurity and and vulnerability management, maybe a little background on HD Moore and some of the stuff you've done leading you to run zero.
[00:00:56] HD Moore: Sure. Like most of my career has been breaking into stuff or building tools to break into [00:01:00] stuff. Yeah. And so this is very much like my first job where it's very much like we wanna help people avoid that and not get broken into, but using all the same tick. You know, trip tips and techniques that, you know, I've been using for the last 25 years to break into things.
[00:01:11] HD Moore: Now using that for kind of the other side, which is how do we use the same discovery techniques that, uh, pen tester would use, but use that to find vulnerabilities that you wouldn't otherwise find using traditional tools. Yeah, maybe some
[00:01:24] Sean Martin: of the tools that, uh,
[00:01:26] HD Moore: teams would be. Sure. Like in the, you know, early days I worked on Meta Exploit for a long time, so that was my baby.
[00:01:30] HD Moore: I ran with that from like 2003 to about 15 years later before I finally took a step back. And the great thing about Meta Exploit is people would say we handed out machine guns to children, but mostly we are trying to like democratize access to exploits and really push the disclosure and, uh, make it like, make it okay to publish an export.
[00:01:47] HD Moore: Because back in the early two thousands. It was kind of risky, like you would be worried about going to jail or getting sued just by publishing exploit code. Now we don't think twice about it, but a lot of it's because we fought so hard in middle split aside to make it boring and make it just part of everything else we do here.[00:02:00]
[00:02:00] Sean Martin: Democratizing exploitation, uh. Recording, I guess basically disclosure. Exactly. Um, so the, the, the founding of Run Zero, um, what was the catalyst behind that and, and you? So I like, um,
[00:02:16] HD Moore: I spent a lot of time like doing consulting work and then doing product work and back and forth. So after, um, long stint Rapid seven, about six and a half years post pedestal acquisition, I spent about a year and a half, two years just doing consulting work.
[00:02:27] HD Moore: Like just going out there and trying to hack things again because like, I don't feel like you can build a product unless you actually see the pain customers have. Right. And one of the nice things about that job is like we would do the same customer every quarter, and it was like a huge merchant bank.
[00:02:38] HD Moore: You know, they process 13 million credit cards every so often, like. It's a massive, massive organization and it, they really care about security and they care about social security so much that they've got all this money, they're hiring these really great pen test teams, and yet we still broke in every quarter and it was always a different thing every quarter.
[00:02:53] HD Moore: So I started thinking about it like, what is the commonality? How are attackers still able to break in even though you put every possible resource you could [00:03:00] afford to put on these things? And the, it really came out to discovery. They didn't know about stuff and we used what they didn't know to break in.
[00:03:06] HD Moore: So typically, if their security team knows about a device, a product, a technology, a network, they can do all kinds of things to mitigate it, to secure it, segment it. But if it's something that's like not even on their radar, well that is gonna be the most dangerous thing in their environment. And we proved again and again on the pen test side, that's actually the easiest way into the organization.
[00:03:24] Sean Martin: Yeah. Because they don't, they don't know The exposure then is probably even greater because they don't have some of the mitigating controls in the, I want to ask you this because I'm curious. Early me display days. To kind of the rapid seven days to now. Um, I presume a lot of what you described in terms of boils down to not knowing and that not knowing, being exploited.
[00:03:50] Sean Martin: Have you seen other things that change though? Um, certainly environments change, move to the cloud in that timeframe. Yeah. Uh, obviously AI in this [00:04:00] timeframe. Um, but in terms of organizations running the business and using technology. Um, from a, from a pen test perspective, from a bad actor exploiting perspective, have things stayed consistent or have they, have they changed over the years?
[00:04:16] HD Moore: I mean, look at how bad actors are breaking in. It really hasn't changed much in 30 years. It's the same old, same old, right? I mean, if you look at the Mandiant report for this year, looking back at last year, the top four initial access vectors that attackers used to break in for cases they investigated.
[00:04:31] HD Moore: We're all security appliances. It was Palo Alto. It is Fortinet, it was Avanti. So it's the same old firewall at the edge being compromised. Those are now the easiest point into the network. So in that sense, like it hasn't changed too much. I think what has changed though is how the industry has responded.
[00:04:44] HD Moore: Like the industry's not great at staying focused to one thing and doing well. You can see folks over rotating on ai, over rotating on blockchain, you name it. And because of that, even with the cloud stuff, you know, every security company found in the last 10 years, maybe without, except for run zero, has started [00:05:00] off saying, we're gonna go out for the cloud.
[00:05:01] HD Moore: And our take is like, you know what? Every chicken sandwich restaurant actually has a Kubernetes cluster inside. Like there's so much physical equipment out there. If you're an organization that provides medical services or retail or manufacturing, like that's not cloud stuff. Mostly if there's cloud involved, but you still have to care a lot about on-prem.
[00:05:17] HD Moore: So this is kind of been a contrarian take of like, you still have to secure the basics and we feel like most of the industry has turned an eye away from doing a good job in the basics, and now they're. Trying to sell you things you don't necessarily need while kind of being exposed and the rest of it.
[00:05:30] Sean Martin: And so in terms of, I guess, having a sense of what that, what that world looks like operationally, and then from a, from a risk management and vulnerability management perspective. I think a lot of organizations probably confirm this. Think they know what to do. They're, they're given a list of vulnerabilities, they're given a list of CDEs.
[00:05:55] Sean Martin: They think they have the score, they think they have the context. Hopefully the data to kind of [00:06:00] drive. The actions for their team to reduce the exposure, reduce the risk. What's your experience there? Um, maybe specifically kind of the CVEs in terms of how they're used, maybe is that not enough to be used?
[00:06:13] Sean Martin: So kind of paint that picture for us.
[00:06:15] HD Moore: Yeah, I mean we as an industry, we overfocus on CVEs and they're not necessarily the easiest ways in typically folks are being compromised in this configurations, deepal, credentials. Um, just all sorts of other basic meat and potatoes type of security issues. And yeah, CBS are important for high risk issues, but.
[00:06:30] HD Moore: You know what a new vulnerability is announced, right? Let's say's new vulnerability and a V product or a managed engine or something like that. Um, what you're gonna see instead is like exploitation's gonna be happening within days, not weeks, not months. And so it doesn't really matter whether you have a, you know, if your security product doesn't need to tell you that it's unpatched, you already know it's unpatched in day one.
[00:06:48] HD Moore: So we need to do instead. Forgot, where are those things? How are they exposed? Do you have mitigating controls of them? Do you know what happens if someone does break into one of those systems? And that's really where we've been kind of falling short. It's like we've been so CBE focused that most of our [00:07:00] IT and other mitigation resources are just chewing down these giant list of things that could probably be solved through just normal patching.
[00:07:05] HD Moore: In reality where folks getting breached tends to be these like zero day, end day, end week types of scenarios where they know about the vulnerability, but they're waiting for the next cycle of their bone scanner or they're waiting for the next remediation window. And that is the period where folks are getting compromised.
[00:07:20] Sean Martin: And so how, what, what's the answer there then? Um, how, how, what in addition to, or what of or within the CBE should they use, should they not? Pay attention to, and maybe is there something else that they should
[00:07:33] HD Moore: be? Look, our take is like, CCB is nice, just have an identifier for a known attack. But it's not, it doesn't drive anything.
[00:07:38] HD Moore: We do, like, everything we're focused on is like, what's risk, what's exposure? How can attacker break in right this second? Um, not necessarily like, you know, what ccb, what CVSs scored has, what BS have. Score, like that's a little bit less relevant on day one, day two, et cetera. So the biggest challenge that folks need to look at, and you're starting to see other vendors do it too, is that they've put so many resources into like the legacy kind of goal management side, where it's just [00:08:00] this big machine that every week turns out a new list of things to go do, um, that they don't have any resources left to the defend against the real attacks, which are all the attacks, the edge, the perimeter, the configuration issues, things like that.
[00:08:09] HD Moore: So we're now seeing this like new wave of companies being started that just do like continuous pen testing for example. Right? And that's kind of like the other extreme is like now we only care about pen testing. We only care about external side. And like our take is you gotta have that vote. You have to know about all your stuff inside, outside.
[00:08:23] HD Moore: You have to know about all your vulnerabilities inside, outside. You have to keep up with the, you know, zero day emerging threats, but you also need to make sure you take care of the bigger problems over time as well. So it's not really, you can't really just pick one side of the coin. You kinda have to do both.
[00:08:34] Sean Martin: So I, I have this grand vision that, uh, security has the knowledge to change the way a business runs, and then more specifically is built. To run. Absolutely. And I often use the Vulnera vulnerability management case as the, the story to kind of paint this picture where I think to your point of we've moved to [00:09:00] continuous pen test and, and, and maybe not, we haven't arrived at continuous vulner management yet, perhaps unless we, we can learn more from what you're doing.
[00:09:09] Sean Martin: But I guess the point is we're we're spending all these cycles on tools and processes and staffing teams to, to close the gaps and, and, and mitigate the risks associated with these vulnerabilities, when in fact, all of that data. Could say if you built the stack differently or if you put some mitigating controls or did some segmentation or, or didn't, didn't collect this data, or didn't do this function in this way, we could eliminate all that bone work, bone management work, and focus on actually growing that part of the business.
[00:09:46] Sean Martin: A hundred percent. So I don't know if you have thoughts on that. Is no. Is that a golden dream that'll never happen? Or do you see things moving in that direction?
[00:09:54] HD Moore: I mean, ideally everything you put in your network, auto patches takes care of itself. You don't have to worry about, did I install that thing or not?
[00:09:59] HD Moore: [00:10:00] It should just automatically do the thing, right? You should go to your centralized logging, you should have some sort of like management and monitoring, et cetera. Like the challenge is we're still building new tools, building new products that don't even have the basics. There, like every time a vendor gives you a virtual appliance, they're effectively giving you a a bag of bits that are sort of rotting on day one.
[00:10:15] HD Moore: Like they're not applying os updates anywhere nearly as fast as that VM as you would apply them to your production systems. So that's by definition all those things out there that are provided by a third party, whether it's firmware on a router, device, et cetera. Or virtual appliance. They're just out there slowly collecting technical debt and getting more and more vulnerable.
[00:10:30] HD Moore: And we can't do anything about that unless you actually fix the core problem, which is, like you said, build things that are defensible from the beginning. Right. So are there,
[00:10:39] Sean Martin: are
[00:10:39] HD Moore: we, have we moved the needle on that front? We're a little bit, A little bit. We're seeing like a company right now that I think is, they're cleaning up.
[00:10:46] HD Moore: They're making tons and tons of money for this reason alone is chain guard. They effectively say like, we will sell you other people's free software for lots of money. And in return we'll verify that it's probably not backdoor. Okay. And that alone is enough to drive an entire business right now [00:11:00] that just tells you how bad the scale of the problem is, that folks just want to like change the source of their data to be a third party and they're willing to pay for that alone.
[00:11:05] HD Moore: So just the backdoor I was hoping you were gonna say and we hardened it for you. But even just that No, no, just, just verify. Like it hasn't been back door lately. Crazy is enough to make a ton of money doing it. So I think there's definitely something to be said for like having kind of a. A gold supplier of some sort.
[00:11:21] HD Moore: So when you can say like, I'm gonna source my components from you, you're gonna make sure that they're secured, updated, et cetera. I believe chain guard is similar. They'll make sure like all your, you know, missing passions are applied to your images before you deploy them, things like that. So, I don't know, don't wanna talk about them too much, but I think it's an interesting model that they're effectively selling free software just for that kind of peace of mind aspect.
[00:11:39] Sean Martin: So what I do want to talk about is, uh, the creative stuff and the innovative stuff that you're doing with Run Zero. Yeah. So give us an overview of, of what you built, how it fits into an organization's current security program. Or they might be struggling with, we just do, we just work off the CV list and crossing our fingers.
[00:11:59] Sean Martin: So how do, [00:12:00] how do you
[00:12:00] HD Moore: help
[00:12:00] Sean Martin: them
[00:12:00] HD Moore: kind
[00:12:00] Sean Martin: of be,
move
[00:12:01] HD Moore: beyond that? Absolutely. I mean, the first thing we have to convince folks is like, one, you don't even know about half your stuff. And we show that again and again, and we go to an organization that's already using every tool we can imagine. And they say, we've got 10,000 devices here.
[00:12:13] HD Moore: And we say, great. You got 25,000 and you're only doing bone scanning on 8,000 of them, and you only have EDR and 5,000 of them. And they go, well crap. Now we need to double our cross swipe license. Now we need to double our bone scan license. And we're saying, hang on a second, like let's talk about a little bit more.
[00:12:26] HD Moore: Because the vulnerability scanners are now only good at scanning machines where they can authenticate to like the old days of building a scanner where it has the attacker's eye perspective. Like very few people we're doing that. We're doing that. Of course, that's kind of our bread and butter is unauthenticated discovery scanning, vulnerability detection.
[00:12:40] HD Moore: But the legacy vulnerability management vendors have really gone all into authenticated agent based discovery. Now that, uh, the ER vendors are also selling vulner management tools like ec CrowdStrike 7 0 1, other folks jumping into it. They're selling you the same thing, but they're selling it from the context of an agent on the.
[00:12:54] HD Moore: So they don't know whether it's actually exploitable, they don't know if it's reachable. Right. And that's really the challenge. So like kind of a, [00:13:00] a lot of what we do run zero is going back to the drawing board and saying We need to do the amazing unauthenticated discovery because when we report something, we find through that mechanism, we know it's exploitable because that's how we found it.
[00:13:09] HD Moore: Right? We're getting the same perspective that on attacker wood. So a lot of our innovation is how do you take that unauthenticated approach into modern environments where things are really difficult to fingerprint, they're really difficult to like get information. All these machines are locked down so tight that it's an incredible amount of research.
[00:13:23] HD Moore: Just to figure out is it running this version of Linux or not?
[00:13:26] Sean Martin: And so don't give away the secret sauce, but, uh, how, how do you go about that? Um, 'cause clearly when you, when you're walking in and they have double the machines, even they can't find it themselves. So how, how do you, how do you.
[00:13:41] HD Moore: If you look at kinda the status quo, a lot of vendors bundle like the Nmap engine and N Map's.
[00:13:45] HD Moore: Fantastic. We love Nmap too. But Nmap will tell you like what the, what the OS kernel is. It'll say this is a Linux 2 6 18. And so if you're running something like a a vulnerability scanner and you use the normal OS fingerprinting, it's just gonna tell you you've got a Linux box and they'll say Linux server once say, got a hardware, is we go the opposite round.
[00:13:59] HD Moore: We [00:14:00] say like, this is a Roku media player running this firmware version of these vulnerabilities and this kernel. So we do the just kind of top to bottom layer two up fingerprinting and we try to tell you what the physical hardware is itself, how old it is, what vendor manages it. Um, another really cool trick we can do is we can tell you where the device is on more than one network at a time.
[00:14:15] HD Moore: So if we find a machine that's actually connected in multiple networks, we can deter, determine that from one scan of one network only. And we have some really neat techniques there. Um, on Windows platforms, for example, we use the DCR CO2 resolver and it tells us like all the secondary interfaces, pre authentication.
[00:14:29] HD Moore: So by looking at all your. And then saying, let's make a unique fingerprint for everything and see if we see the same unique thing in more than one place at a time. And then also using these direct tricks where we're able to query, announce it and make it tell us about it. Secondary interfaces, we can tell you about all the places where your segmentation is broken.
[00:14:44] HD Moore: We can show you cases where developer laptop is bridging your P-C-I-C-D-E. You're not CDE. Or crossing wires in a network that's high security versus low security. We see that all day long. So it's that type of like really kind of down in the weeds fiddly investigation that allows us to provide a lot more context about is this house it important?
[00:14:59] HD Moore: How, how's it connected? [00:15:00] So that's an interesting scenario.
[00:15:02] Sean Martin: So how, what's the, I don't know if there's a business case necessarily or what's the IT operational case? For a machine to be on multiple networks at once, and then clearly what's the, uh, what's the risk? Yeah, and typically
[00:15:19] HD Moore: it's often just accidental.
[00:15:21] HD Moore: So a good example, if you have a Mac laptop right now, and let's say you're connected to the wifi and you're running on between business rooms, and then you want to pull something up, the power system, or it's kind of slow, so you connect your laptop to the cable, you are now a router, you're now connecting the wireless network to the wire network, and you have the bridge in between.
[00:15:35] HD Moore: What's also interesting is that the popularity of container tools like Docker desktop, things like that. Docker desktop turns your machine into a router by default, it actually turns IP forwarding on by default. So one of the things that Run Zero does is as we're scanning every machine to the local network, we actually ask the machine if it to route packets for us.
[00:15:49] HD Moore: We can tell you, Hey, this device is actually acting as a router or not. So, you know, it's really common for us to find cases where you think you segmented your networks and then just some kind of accidental mess up, basically, right? Allows 'em to go. One, [00:16:00] 80 point B and the existing tools don't. Good job.
[00:16:01] HD Moore: Don't do a good job of even looking through that stuff. Little than reporting it and the c v's. Not gonna
[00:16:06] Sean Martin: find that.
[00:16:07] HD Moore: Yeah, nothing. I mean it's, it's very difficult to find that stuff 'cause you have to be down in the weeds at the wire level and you have to be doing, you know, interesting discovery packets of leak, secondary ips.
[00:16:16] HD Moore: And it's a lot of, uh, bit of a lost art too. I mean, security engineers these days generally cut their teeth on web applications and bug bounties. No one's really good at layer two, layer three networking anymore. And we see that kind of in the. The skill base. Yeah.
[00:16:30] Sean Martin: And so your team obviously deep, deeply entrenched in in that world.
[00:16:34] Sean Martin: Um, how does what you uncover then change how they manage or even maybe even rebuild their security program to good thing for what you,
[00:16:47] HD Moore: the step one is like what do you have? So we'll go to an organization and we'll say like, here's the other half of these things you didn't know they had. And they say, well, crop.
[00:16:53] HD Moore: Where you need to start a program to deploy EDR and all these machines, or we need to segment this network. 'cause we're connected, our OTs connect to it and we [00:17:00] really don't want that connected this way. So we help identify all the problems that they can use to start really laying out, like securing the network and typically like doing that type of security remediation is more valuable.
[00:17:09] HD Moore: And then it's making sure you've applied the Adobe reader pasture. Like that's one of the problems with the typical bone scannings. They'll say they don't really know enough about the assets context to tell you whether vulnerability matters or not, right? So they'll say, you've got an outdated PDF reader on your server.
[00:17:21] HD Moore: It's like, great, but no one's logging into my server reading PDFs. How is that relevant to my business? So what we try to do instead is like, basically we'll import third party vulnerabil vulnerabilities. But what we really try to do is give you the full context. Like we know where EDR is, know your MDMs are.
[00:17:33] HD Moore: We know how's configured. We know where the vulnerabilities are, and now we can say, based on all these points here, these are your highest risk assets. These are the ones that are gonna connect to your low security, to your high security that have vulnerabilities that are end of life, out of date, et cetera.
[00:17:44] HD Moore: And it's a much shorter list to work from. You're looking at like a dozen findings, supposed to a hundred thousand findings, and we think those are the most impactful ways to not get breached.
[00:17:52] Sean Martin: I love it.
[00:17:53] HD Moore: So as, as
[00:17:54] Sean Martin: we wrap here, um. And clearly we're just scratching the surface. I'm, I'm gonna encourage everybody to [00:18:00] connect with you and, and have Awesome, yes.
[00:18:01] Sean Martin: Meaningful, deeper conversations than I could have in this time that we have. Um, but I want to touch on one more thing, um, where, I mean, you continue to get back to the community. You've done it for many, many years. Uh, tell me a little bit about the project. Discovery and the work you're doing there with Sure.
[00:18:17] HD Moore: Yeah. There's an amazing company called Project Discovery. They actually do similar stuff to us, so technically they're kind of a competitor in that sense. They do a SN do things like that, but we love them very much because they open source all their tools and the tooling like, just like SLO was kind of a, the big force of open source security for a long time.
[00:18:32] HD Moore: The project discovery tool set, especially the nuclei scanner, is that now. They are now the torch bearers for open source security going forward, and they do a fantastic job. They typically cover new vulnerabilities, um, as they're being kind of identified faster than all the commercial vendors and they give it to for free.
[00:18:47] HD Moore: So at run zero what we've done is, number one, we've integrated our product with open source nucle scanners, so we can use their plugins and templates, things like that. But two is we actually spend a ton of time going back and trying to help them make the product better. So we spent a like. I spent most of my weekends for a couple of months [00:19:00] helping re-engineer the concurrency of the Nucle engine itself.
[00:19:03] HD Moore: We're working on basically helping them with, uh, more vulnerability coverage, more protocols. Um, we're looking at wiring in all the SH research, I'm talking about a defcon into the nuclei scanner, so you can do shambles type scanning from nuclei, and it's just really nice, like one work in open source again.
[00:19:16] HD Moore: But two, collaborate with another company where this stuff is, is, you know, we think it's valuable for everyone to benefit from this work, not just one company.
[00:19:23] Sean Martin: Back to your roots a bit.
[00:19:24] HD Moore: Yeah, that's exactly, and it's a lot of fun, right? The working
[00:19:26] Sean Martin: in the open is a blast. Yep. And, and meaningful and necessary.
[00:19:30] Sean Martin: Absolutely. Yeah. So, uh, yeah, congratulations on, on that and uh, everything you're doing with One Zero, I hear a lot of good things and uh, it's always good to chat with you. Is well, thank you so much, appreci your time today. Yep, likewise. And everybody, uh, seriously, I, I can't go to the depth you can in the conversation.
[00:19:47] Sean Martin: So do connect with HD and the team, uh, Todd Beardsley, uh, as well I spoke with, and, uh, see what you can't see. Find what you can't find. That's the only way you're gonna get [00:20:00] through meaningful vulnerability and risk exposure reduction program. Uh, we'll get run zero to do that. So thanks everybody for listening.
[00:20:08] Sean Martin: Watching. Stay tuned for more coming from Black Hats, uh, here in Las Vegas. I guess Mag do com slash BH USA two five. Thanks to everybody later and safety. Cool. Thanks sir. Appreciate your time.