BRINC Drones raises $75M led by Index Ventures with Motorola Solutions, targets 911 response network

hypers scaling and announcing the raise all at the same time. Uh but be before we dive in uh introduce yourself uh and the company and uh yeah, whatever backstory you want to give for the audience. Yeah, of course. Um well, first off, thanks for having me, guys. Uh backstory, I spent five years working at Palanteer.

I worked across a lot of crazy different stuff as as one does at that company. Uh worked abroad. I was in South America. I was in Eastern Europe. Um uh eventually started to work on really deep core product things. Uh uh towards the end spent a lot of time on what we effectively our experimental product team.

Uh so 0ero to1 uh new product bets. Uh worked directly for the pounder CTO Sham Sunker. Absolute goat. A shout out to him. Also one of our angel investors. Amazing.

And yeah, um, and then yeah, towards the end, you know, as everyone sort of became obsessed with AI, it was it was really obvious to me that like we're going to live in an increasingly like schizophrenic internet. Like, you know, what you see is not necessarily what you what you get online anymore.

Um, especially the way I think about is the cost to be a shitty person online went to kind of zero dollars over the last like three years. Uh, you got infinite text, infinite images. That stuff is awesome, super creative. Just obviously there's bad people out there that are going to misuse it.

uh and I wanted to do something about that. Uh and that's really what Outtake is focused on. We we we we try to preserve au authenticity, identity online. Uh go deeper there. Who who are the kind of companies that you're working with today and will be working with?

Um you know, I'm sure some some you can share, some you can't, etc.

Yeah, it's it's funny in cyber security there's this like there there's a there's a lot of sensitivity around like what you can and cannot share and but um we've been lucky to work with phenomenal places like uh you know OpenAI is one of our one of our favorite customers really pushed us when you think about the kinds of cyber security threats that they might be dealing with.

Um really anyone that has a brand big enough to really matter is a brand that can be misused. Right? So a fun side effect for us as a company is like our customers are intrinsically people that matter because they're are the ones whose names and brands are being uh misused to manipulate people, right? Um yeah.

Can you talk about so so I feel like everybody's been aware of this threat around AI uh impersonation you know some of these like voice models even video models at some point are getting so advanced that it it's becoming a big threat can you talk about um it feels like we haven't um it it we haven't faced like Armageddon yet but I'm sure like uh I'm sure part of that is the work that you guys are doing and the work that you know these foundation models are doing.

So can you talk about like what's app actually happening in the market because I have this sense that like you see this like tip of the iceberg where you're getting like spam on iMessage or you're getting email spam or you're getting you know some fishing attempt etc.

Um, but what what is the work what is all the work go that's going into this to make sure that you're only seeing that tip of the iceberg, right? It doesn't feel like we're completely flooded yet. Um, but this thing, you know, this kind of phenomena is scaling. Yeah. To to your point, I hope we never see Armageddon.

Uh, I I think there's this like gradient of sophistication as you pointed out where like, you know, the average consumer deals with spam text, maybe some shitty emails.

Uh and certainly hopefully not like you know people have talked about the idea that your dad is like giving you a deep fake voice call and whatnot but like we haven't necessarily seen that right.

Um interestingly a lot of the attacks you know on the other end of the of sophistication are actually really targeting enterprises right and and it kind of makes sense. It's like um that's where the money that's where the data is.

And so what we are seeing is like the quality and volume of let's say like uh inbound email fishing attacks has like gone up considerably. And and this just goes back to the idea of like the cost to do that dropped a lot, right? Um and so enterprises are are like dealing with an absolute flood of attacks at the moment.

Um and there and then there's a variety of attacks, right? So there's like, you know, there's the good old email security stuff we just mentioned. There's just a lot of stuff around social engineering generally, right?

It's like, here, let me throw together a fake website and then use that to like DM people, uh, to to send emails via that. Uh, or let me just get the customers of that company, let's say, and I'm going to use a random name that's not connected to us.

Let's say it's like, uh, I don't know, the Bank of Bank of Canada in some way, right? It has a website. Um, that's going to now be used to scam Canadian citizens in some way.

Um yeah, this the sophistication is like really one one phrase that I always come back to is like um it's not only that grandmothers are the ones being scammed, it's actually grandmothers can become scammers now. And it's because right it's like it's just easier than ever. Uh and that's actually the real issue.

It's like sometimes people talk about large language models and they're like oh like it could teach someone how to like clone small pox and it's like yeah dude sure it maybe but like it could immediately today tell you how to you know pentest someone's website and and try to get into it and so it's just like the barrier to entry is just so much lower than it used to be for all sorts of cyber security attacks that's been Can you talk about like the the scale of you know some of these like things like when I when I think about like you know everybody's in tech is getting like a coin based style fishing like hey you know give us a call like you some issue and I just think about like okay if that works one out of a thousand times it's the best business ever like is part of the reason that like you know the sort of um these issues are are scaling so rapidly is just because it's super profitable yeah I mean the the like one way to think about it is um we've all seen the tremendous growth of like AI outbound companies right they've done really well um uh it it's it doesn't take a leap of the imagination to understand that like that same sort of like well-intended outbound can be misused, right?

Um and so maybe one way to like paint an idea of volume is like just as the volume of AI outbound has increased on like legitimate use cases where I'm sure you and I both deal with a ton of LinkedIn inbound or email inbound. Um it's basically been one for one on sort of the darker side of it as well.

Um um what about the stuff you guys are doing with uh creators? I know uh in the announcement you said that you guys are working with Sycom uh the the team behind Human Lab. Um what are what are you seeing creators dealing with in terms of impersonation um as these models have have advanced?

I mean creators were some of our first customers, right? And it's actually because they were the ones the first ones to feel the pain. I mean to some degree maybe you guys deal with this, right? Someone might make a fake handle of your account Yeah, fake versions of your profiles.

Um there there's a lot of value in impersonating you guys, whether it's a financial endorsement, a startup endorsement, uh just pretending to be you for recruiting and something.

Um uh the the basically the creators were the first ones to hit because they were the most chronically online, right, is is the short answer there. Um and in the early days when the models needed more data to train on, they were also the ones that had the most data available.

Um, I think what was really fascinating for us as a company is especially since almost the whole team came from Palunteer, we had this we we had a lot of reps at selling to large enterprises, government and incredibly secure and so creators ended up being this great launching pad for us where we like built a product really really fast and then and then grew went up really really quickly.

Can you talk a little bit about recent AI model progress? I don't know if you read this uh article on less wrong from zero path, but uh just to summarize it, it said recent AI model progress feels mostly like BS.

Uh they this was from a founder who actually built an AIdriven pen testing company and they said they kept upgrading to the latest and greatest model. It would completely destroy the benchmarks, but then they weren't getting real world results. And this was a question about benchmark saturation.

Um, I could imagine that to your point about like the script kitties are better than ever basically because pentesting is democratized now or or or or hacking or scripting is democratized. But in terms of the work that you're doing, how important is AI model progress to all that?

And and what is the shape of the of the of the curve that we're looking at? Is it sigmoid or are we going acceleratory to the moon? That's such a good question.

It it goes back to my sort of like gradient of sophistication response which is like um you know surprisingly as we talked about we're all dealing with that flood of text clearly it's working but people keep doing it and so we all agree that like even if we paused all model progress that would continue right to um and so my general take is like the models are already at a point where they're having serious social engineering attack effects now as you go up that gradient of sophistication for example the pen testing founder he he might have a very legitimate argument where it's like, hey, uh sure there's all this hype around progress, but I don't actually see uh a model being able to autonomously hack a website because maybe that's at the further end of of the sophistication.

But I guess my claim is that like um you know uh it's it's something like 85% of critical data breaches happen because of social engineering attacks. It's almost like machines are easy to secure these days.

like we you know there's a massive multi-billion dollar industry that is all of cyber security that focuses on that. I I think one of the big contrarian things about outtake was it was really two things.

was like one hey if machines are pretty secure let's actually focus on securing the humans and then two traditionally uh enterprises will like stop at securing themselves right so they'll say hey I have my corporate perimeter um and then my VPN and everything and there is really buttoned up and that's great historically cyber security companies have been kind of I I think gunshy of stepping outside their perimeter and saying hey no I'm going to go search for threats out in the world like arbitrary websites social media wherever it is and we're going to go look for those threats and proactively tackle that.

That's intrinsically difficult because you're trying to influence a thing that you you know it's not part of your org. Um our ability to like do that and and and actually do the really hard work to get there um is really what helped us stand out is the only answer for a bad guy with an LLM, a good guy with an LLM.

And what I mean by that is that uh you know captas are not they're they're they're they're deterministic essentially uh and yet they they can thwart a non-deterministic attack from an AI.

Uh you could imagine arc AGI puzzles becoming the next capture uh or or or in your view do we need just to stay is it is it a uh probabilistic on probabilistic combat from here on out? I I love this question. Okay, so yeah, one of my biggest anxieties is that like generally to your point, captions are broken, right?

Which like, hey, we passed the touring test a while ago. For some reason, we just blew past that and don't talk about it enough. We all are blowing past uh what effectively was the the like modern version of the touring test, which is just captur.

And like there's clearly, in my opinion, not enough panic about this, which is why I was so pumped to tackle this two years ago. Um and we spent a lot of time thinking about this. Um anyway, to get to your actual question of like proistic versus proistic, uh I I think there's a few answers.

Um I I'll hint at the future of outtake a little bit. Uh some of it's still parts of it are still in stealth, but um I think a lot of what we do today is what you're talking about.

It's probabilistic versus probabistic and we're thinking about hey here's the harm we're seeing and like can we go practically discover it and remove it, right?

The other half of it though candidly is like can you talk about briefly can you talk about the agentic approach there which is basically like you're sending good bots around the internet finding these sort of social engineering impersonation attempts and then basically like acting like a human would in terms of being like reporting this content you know basically flagging it being very specific about it.

But maybe could you dive in there around like yeah why um yeah why why this this sort of agentic experience is important when you're not building when you're building out in in the sort of like um dealing with threats in the real world out on the internet versus internal. Yeah, excellent uh point.

I think like the the one of the other reasons that I was so excited to take a bet on this space is candidly this whole space is full of a graveyard of companies that were services companies, right? So like it intrinsically was a task so difficult that only humans can do it.

Meaning you know let's say we're protecting again the Canadian bank. Um you need to uh have have an ability to go like proactively search for every place that you think the threat might emerge. You need to be able to adapt to the idea like let's say that bank sells mortgages in the summer, right?

The search terms that you use to find the scams that might occur because now they might be mortgage scams need to adapt for the season, right? Now you and I as humans can get to that pretty quickly.

uh historically models were not going to just like infer the season and then figure out the like latest trending scam for this particular customer, right? Um we are able to do that, right? And so it's it's it's like having agents that are thoughtful about how search occurs from period to period really really matters.

The other thing is uh deciding what is considered harmful for that particular customer. Like there's a lot of nuance there by company. I mean celebrities is a great example, right? Where it's like there's fan pages, you don't want to remove that stuff. Um, and so there's a lot of nuance in how you determine harm.

Again, a reason why you would train up, you know, uh, a team of people to be like, hey, this is what we consider harmful. Uh, there's a lot of mo and frankly figuring that out.

Uh, it when you use outtakes product, there's a there's an aspect where our users effectively train our models to explain what they consider risky. And then the final bit is um taking over the actual like remediation steps, right?

Like um, everyone talks about legal AI like we I I think we've built one of the most effective legal workflows, right? where we like go out and like interact with third parties to resolve external issues. Can can you talk a little bit about the actual monetization or value capture here?

I could imagine if I'm a bank and my customers are getting scammed, it's not exactly a bug bounty that you're but you are creating value for me because my customers are going to be happy then they're going to be unhappy with me if they get scammed even if I had nothing to do with it.

Um how if you go out and and shut one of these rings down, how are you getting compensated? It's a great question. the the way we think about it is um tradition. So, so I I guess good for us. The customers were thinking about these problems, right? They were just at a relatively lower volume historically, right?

So, like um if you look at the chart of like sort of digital attacks happening on uh let's say social media websites, etc. , it sort of like is flat flat flat and then like 2022 2023 it like starts to go exponential, right? Um we were, you know, positioned ourselves well.

We saw where the puck was going and said, "Okay, great. all the people that were already managing that low level of attacks. I mean, they existed. They just were a cobbled together team of like cyber security analysts and occasionally lawyers at every or every large organization had someone thinking about it.

Um, but they could sort of manage the one to 10 attacks a week, right? Um, they were expensive though because they're, you know, uh, yeah, very very high like uh, hourly wages for these folks. And so, um, when the volume spikes, it becomes untenable to use that old system.

And then it became really clear that Outtake could step in. And so to your point about value capture, it really became a question of like, hey, you would be trying to manage this. You would be trying to uh have these folks work like 24/7.

They obviously can't do that nor want to candidly u and slash you wouldn't be able to afford it. So let outtake come in do a 10x better solution at onetenth the cost and and this is a really good deal for everyone involved.

Um can you talk about uh we had Ashk on chief architect at Palanteer uh uh yesterday we were talking about the sort of forward deployed meme. Have you taken anything from that approach? You obviously were a forward deployed engineer all over the world.

Uh do you end up talking to these big platforms and they say like can you guys please come and just post up in our office for a week and figure this out or is it you know uh less intensive than that? No, I think the forward deployed meme is is there there's a lot of truth to it.

Um the reality is if if you want to if you want to go do something meaningful, you need to go sit by the customer and like make it happen, right?

I mean a lot of our best product insights have happened because like me or another engineer were actually on site and said, "Okay, like here's how we thought you were doing it, but in actuality you need to do it this way. " Uh so yeah, for deploy engineering, huge fan. Love it. Uh you got anything else? This is great.

Yeah, I I I wanted to know a little bit about like mechanically how do you shut down a ring of scammers. I remember reading this book about Paul Laroo. I don't know if you're familiar with this guy. He's called the mastermind. He people think he might have created Bitcoin and uh back in uh like 2004 or something.

He was you know those like spam emails you get that are like oh magical pill you know pill mill stuff. He was the one sending all of those and he leveled up so high that he would get a website shut down instantly spin up a new website.

But then he went even further and bought a registar so that he could register like new domains for free and you couldn't shut them down at the registar level. Not just like he had his own like TLD basically. It was crazy. Uh and so some of these some of these like rings are extremely sophisticated.

Is there a moment when you transition from, okay, my AI agent is just like sending a little cease and desist to, okay, we're getting in touch with like the authorities on this one because we discovered like, you know, a a major major organization here. Yeah. Okay. Uh I I have to be careful about what I can share public.

Sure. Sure. Sure. But yes, like sure. Yeah. We saw with the Mark Robber Mark Robber like busted some fraud scheme in India, right? I don't know if you're familiar with that one, but maybe just tell us some historical stories of how this works. Yeah. Yeah.

So, to your point on the mechanics, like um the the traditional way to like deal with all this is is is purely legal, right?

You you put together, let's say, or it depends on the exact type of attack, but generally everything you said is spot on, which is like cease and desist letter, maybe a complaint to the domain host, the registar, etc. Um that was a key ingredient in the early parts of outtake.

I think the big differentiator you know in addition to all the agentic stuff is like we've thought really deeply about how do we become um how do we become the platform that is like trusted by domain registars hosts um social platforms etc to to be a high quality source of reports right like that is incredibly incredibly important um and I I can't say too much but like yeah we we've we've invested a lot of engineering resources in that direction as well yeah that makes a ton of sense uh well thanks so much for joining this is a fantastic conversation and good luck to you.

Hopefully you bust uh you know some massive scamming ring soon every day. Every day I'm sure. But uh yeah, you're a new cyber security correspondent. Thank you. Uh thank you for all the helps. He's he's already been finding you know people impersonating us. It's great.

So uh appreciate your your your hard work and the whole team and congrats on the new round. Yeah. Thanks a lot guys. Talk to you soon. Cheers. Talk soon. Uh yeah, I I actually have gotten multiple times people set up fake John Kugan accounts, copy everything, copy every tweet, and then block me so that I can't see it.

And then I get and the worst part about it is that I don't think that many people are falling for it, but I get so many DMs from people being like, "There's a scammer that's impersonating you. I'm sure you've seen this. " And it's like, "Yes, I have seen it. " And then I have to go hunt it down and report it and stuff.

And so, uh it's just like annoying getting like a flood of text being like, "You're you're being impersonated. " we are good friends. But yeah, yeah, yeah, I appreciate it. Thank you.

If you've let people know, but in the future, uh yeah, I mean, still send it to me, but definitely just report it and try and get uh try and get the account taken down if it's out there floating around. Um next up, we got Quaid coming in the building. Uh Watches and Wonders is done.

Uh and it's been a busy week with all the tariffs and so we want to get a breakdown from him about how the watch world is reacting to all the tar tariff chaos. He's been in Switzerland. called in uh from Watches and Wonders late night last week and now that the show is over, we're going to get a full deep dive.

Also want to talk to him about how um how the news breaks around uh different watch news and how the how the media cycle works. So Quaid, welcome to the show. For having me,