Nikesh Arora declares the SaaSpocalypse dead for cybersecurity as Palo Alto uses AI to surface 5-7 years of vulnerabilities in six weeks

soon.

Yeah. Great. Great to meet you. Have a good one. Let me tell you about Railway. Railway is the all-in-one intelligent cloud provider. Use your favorite agents to deploy your web apps, servers, databases, and more well railway. Automatically takes care of scaling, monitoring, and security. Our next guest is Nicash Aurora from Palato Networks. He's the chair and CEO, friend of the show. Welcome back, Nash. Great to see you. How are you doing?

I'm doing great, gentlemen. How are you?

We're doing well as as we're doing great.

It's been to see those watches. Uh, I have a Rolex Submariner in TBPN green on. We got them for the whole team.

Yeah. Not going to be happy.

What about your favorite guests?

Our favorite guests. We We We do have some of those. But

we do. We do. I actually I can't wear watches when I'm using a computer. I It's too annoying to me to have it clacking against uh

It's just I can't do it. Total skill issue.

Total skill issue.

Total skill issue. Well, um,

no skill issues over at Palo Alto Networks, thankfully. Incredible progress. Take us through it. What's the latest in your world?

Well, I think the good news is we can officially declare the sassocalypse dead for cyber security.

Why Why is it like uh did were you surprised that it that it took so long? It it it uh it obviously has only been what a couple months but still

Oh, the good news it gave every one of our happy shareholders a buying opportunities is good.

Yeah. So

there you go.

It took a few months because I think look the general tendency in the market was AI is going to eat every piece of software and it's going to be amazing. It's going to take care of it. Now AI is good

but even now the false positive rate on unaded models is 25%. Right.

Yeah. Yeah.

So if I don't explain the harness, if I don't explain the context, if I don't explain what the code is trying to do, the model still gets one out of four wrong.

In cyber security, our business will get everything right. I'm getting one out of four wrong. I don't think I'm going get replaced anytime soon.

Yeah.

It's like it's like having your car driven by OpenAI because I don't need a Whimo. I don't need to have all the machine learning code that tells you everything. So just stick a model in a new car and go drive off. It doesn't work like that. So I think what the market is beginning to realize is cyber security is going to get enabled with AI.

Yeah.

And if you want to get it enabled, you have to go with the people who have been doing this for a long time who sit at various enforcement points because we sit at north of 125 million enforcement points. You need AI to enable the enforcement points with new techniques to go sus things out that allows us to do a better job. But it's not going to come away and take my enforcement point away and replace me. So are we going to use the future? Yes. There's an alternate reality where the world wakes up to AI being good at, you know, hacking computer systems and all of the cyber stocks just like rip like off of that news. But it was interesting

uh interesting.

Well, I if you saw, you know, one of the core skills of Mitsos is is ability to daisy chain vulnerabilities and develop an attack. So, yes, it is not

an alternate reality. It's not hypothetical. It is true. it is the capability exists and that's why they were being so careful rightfully so in making sure they don't release the model at large because they know the model unconstrained has the ability of determining attacks based on vulnerabilities so I think it's the right thing for them to do is to make sure they do that in a measured fashion but what you're beginning to see more and more capabilities getting embedded in the core models openai has one now and anthropic has another one I'm sure Google has one too so just play this movie you forward six to nine months from Now it'll be impossible to put the genie back in the bottle or constrain them.

We have 6 to9 months to make sure that if somebody's able to use AI to attack somebody, the infrastructure on the customer end is equally fast to be able to repel it or block it at the same speed.

Yeah.

Now you don't get that without modernizing your stack without of course buying a lot of Palo Alto and having us help you get to place where we can defend in real time just the way AI can attack in real time. So uh the the cancellation of the SAS apocalypse is clearly uh it was a referendum on

for cyber security for cyber security for cyber security. Uh but but but but the the claim was uh AI will make Palo Alto Network's business worse and I think that's been disproven. We've discussed that. Uh the bigger question I have is how does AI make your business better? Is it just the demand side because there are more threats than ever so people have to buy more PaloAlto or are there other things happening internal to the organization that are making you more efficient higher growth like what are the other levers that are being pulled in the AI era

well AI will impact in multiple places right the first place is

the amount of buildout that's happening across the world on AI require means that more bits are going to be traveling across networks right everybody's trying to deploy AI collect more data. Remember, cyber security is the inspection business. We inspect every bit.

We're the TSA of the internet, right? Every bit has to go through a firewall. Every bit has to go through a product that looks at the bit say, "Good bit, bad bit. Bad bit stay away. Good bit can go."

If you're going to explode the amount of traffic in technology in the world, you're going to need more cyber security capabilities. That's one that drives more more traffic drives more demand. I think the other part is capability.

AI models are good at certain things. The question is how can we take them take their false positive rate from 25% down to zero and leverage them in what I do what we do and that's happening right now. We're all looking at how to take certain categories of cyber security embed AI into them to make sure we build a better product for the customer from a protection perspective. And of course like you said there's a third aspect where we can all use AI internally in our business to make it much more efficient. And I always maintained as I said perhaps last time I was with you that AI will democratize intelligence.

Yeah. which means the average.

Yeah. Yeah. You said you said efficient. Efficient. And it feels like you're a leader in this efficiency moment where so many companies are token maxing. We've saw $500 million bills going out. When I saw the Palo Alto Network's headline of using AI, using Mythos to uh to find critical bugs, the bill was token minned. I don't know what happened, but you only spent a million bucks. Uh what's going on? Is is this a cultural thing? Are you already looking at ROI? Are you head of the ball there or are you being is it more like a scalpel? You use it just where you need like what is the actual token maxing, token leaderboard, token ROI maxing. What are you doing?

Well, remember we have we have we have parsed our efforts into what is extremely critical and crown jewels.

Sure.

And we can't let open-source models open models touch them because we don't want our code to ever train anything in the public domain. It doesn't matter if whatever they tell us, I don't want my code training public domain. So for that, we built our own harness. We built our own we using our own open- source sequestered model which can't talk to the to the external world. So we know it's safe.

So half our code is going through that. We're not paying anyone for it. We're using it ourselves and built it ourselves. Is it going to be 100% of what's out in the public domain? Probably not, but it's probably 85 to 90% there and that's okay. I'll go deal with that.

And on that, is is inference cost an issue yet? Are you burning GPUs to the max and dealing with a half million bill?

We're just using trained models to run it through because we're using for tasks. We're not using them to go generate new stuff. Right? Got it. So that's one part of it. The other part is when it's stuff that is I don't need to spend expensive tokens for an IQ of 180 to solve a customer support problem. I can use a smaller language model. I can use an open source model to solve that problem because it's task specific. So we're trying to be judicious about the use of AI. But at the same time, I think we're not using it as well as we should be using it. I don't think anybody in the world except unless you're a Frontier AI model company has got it perfectly right in terms of how we need to use it. So, we've got to get up the learning curve and we'll get there. I think the the part which I was trying to say to you earlier, I think it's a very important point. What AI is doing for me internally is, as I said, is democratizing intelligence. The biggest risk in businesses is you hire 100 marketing people, not all of them are equally good. So you all gravitate towards the 10 good ones and you got to find a way to deal with the 10 really at the other end of the spectrum and you know 80 in the middle. Good news is if I train my my in model right with all my marketing data I can increase the average intelligence of all 100 of them to 95%.

Mhm.

Then I just need the judgment of the 5% from them which means you know it's a rising tide lifting all boats from an average average intelligence perspective. If I can get the outcomes of 3,000 customer support people to be amazing and there's no disparity, no standard deviation, I become highly effective, highly efficient, and pretty good at what I do.

Yeah. Uh Jordy, do you have something or can I keep going?

Uh what's your what's your point of view on AI psychosis in in the in the enterprise? John and I have been talk there there's a handful of our friends that we believe do have AI psychosis. they're uh heavy heavy users of the tools and you ask them what they've actually made and they can't give you a good answer. Now certainly there's an entire other category that uh is being very productive making useful things but uh there's sort of a uh

like Tyler on our team Tyler is extremely productive very low AI psychosis you ask him for something just builds it immediately and it's there usable tangible

but it feels like uh there's a lot of certain there yeah there's at least one model that has created a sort of psychosis in the enterprise over the last 6 months

uh and but tell me which Mhm.

Uh we don't need to name the specific model, but there's like um there's a there's the the same maybe sycophincency that you saw with 40 with a consumer. Uh I think is touch the enterprise in an interesting way. Uh

well there's just this risk of having the AI model an employee goes to an AI model says help me with this and then the AI model responds in a sickopantic way. Oh yeah, you're you're you're you're making a major breakthrough. you're making a huge impact at this company and it's just shuffling, you know, spreadsheets around re recontextualizing data, building endless dashboards. It's not actually moving the needle. Again, it gets back to the ROI question and I feel like as a leader of a large organization that's very AI forward. This is something that you'll have to contend with. Uh, you know, are my employees uh using AI tools effectively? It's another question on just the effectiveness of embedding.

That's a great question. I think we're past that stage at Palo Alto. So what we did was we let people use AI models and AI tools to experiment

to understand the art of the possible train themselves. Thankfully we did it without token maxing. So people have a good sense. They use all kinds of tools to understand what they are. But when it comes to enterprise efforts we're past the stage that you know we've got one great Tyler. I'm sure Tyler is amazing. I have 21,000 people. You know one great Tyler doesn't change my moves the needle for 21,000 people in the company. So, good. I'm going to take the other side of that, but I I take your point.

Well, you don't want me to take dollar away. So, what's told me last time I was like, don't take my boys. Exactly. So,

right. So, I'm sure we have our own towers. Don't worry about that. We'll be fine.

But the more important part I'm trying to make is that now we sit and understand what are the 20 things we could do and how much scale impact would they have.

Yeah.

Right. When if I say let's refactor customer support. I have 3,000 people. Let's train model, let's train intelligence, let's build harnesses, let's build diagnostic agents, let's understand the problem using AI instead of human beings trying to diagnose it. Now that that's not a usable model. That's almost like a business transformation project.

What data do I need to do? How should my product behave? You know, what's the first agent that you run when you get the data? What data does the customer have to give? So, it's re-imagining how we do the whole activity is a business transformation project. I've got 30 people working on it. They're not using AI tools. They're embedding the LLM in a certain place. They're they're sort of complementing with machine learning. They're complementing with new knowledge bases. They're complimenting with new data that comes from my product. So I'm trying to reduce my false positive down to low single digit. Right. I can't run an enterprise business AI with high false positive. So to get it to low single digits and a lot of programming goes around it.

Yeah.

So So the psychosis works or happens if you're just randomly arbitrarily using models to do certain things. We're not doing we're building.

Most importantly, the psychosis sets in when you're letting the AI evaluate itself or tell you if it did a good job instead of you knowing the ground truth. If you know that what it you're looking at a false positive, you're going to remain in reality. If you ask it, is it a false positive? It says, "No, it's not a false. This is the best."

Dude, yesterday I was doing my earnings. Okay. I had Gemini up in for my script. I don't like the way it reads. Can you just give me alternate ways to say this?

So it has this feature called refine. So I had to look at it. I said refine and I'm reading both of them. My team had written that in we simulated a cyber attack and it was possible in 24 minutes using new for models.

When I refined it, he said we attacked in 24 minutes. I'm like [ __ ] that's not what I'm going to say,

right? So I can't let AI lose and not pay attention to what it's doing. I still need the human supervision. I need the guardrail. Yeah. Yeah. You have to know the ground thing that it can do wrong.

Yeah. Exactly. um talk to me about um not not the crazy AI doom terminator scenario but just I think that there is some anxiety around AI and cyber security where you you see these powerful models they're able to to to create find vulnerabilities effectively and there's a fear that there might just be you know a rash of exploits that result in like your some emails leaking or some social network data leaking and just just a leakier internet that causes auses people to be like upset. But my white pill on this and I don't know if this is correct is that the gap between private uh closed source frontier models and open source models appears to be widening and that feels like there's going to be an incre maybe it's 6 months right now that you have access to the frontier models before it commoditizes. If if that grows, that gives me more confidence because I know you're going to go and clean up the internet and police it and be the TSA um for longer. If that gap was closing and all of a sudden it was, you know, open s closed source model, you know, gets a new capability and the hackers have it next week, I'm a little bit worried. I I think you could do it in a week, but I it's much better to have you have six months. But is that is am I interpreting that information correctly? should how how afraid should normal people be about the risk to a leakier internet, a less safe, less cyber seccure internet in the future?

So let let's let's step back. You know,

please

all of us test our software on a constant basis before we launch it. We don't want to have vulnerability in our software. Now, you know, guess what? Humans write bad code sometimes.

Yeah.

Surprise, surprise. So what AI is doing is discovering that bad code and we've been testing our products and so is everybody else in the industry and every company does that and you know on average we used to find four or five issues every month and we'd go build a patch and we'll fix you know 108 products we'll fix the patch every every month and put a patch out there. What we found in the last 6 weeks was would have taken us five to seven years to find right so a huge deluge of vulnerabilities. Now of course we have people we redirected them we patched them we had to put out a bigger patch and go patch all of our customers. So, and the the point of that is that there'll be a lot of testing happening in the next 3 to 6 months. There already is with Opus 4.8 or so, you know, OpenAI 5.5 and other models out there. There's a lot of testing going on in the industry across the board. Everybody's testing their code. All that code is going to get patched in the next few weeks, months, that's what have you. Now, there'll be huge influx of patches to every IT department because you got to patch everything right away cuz everybody showed up with all these patches. So, it's going to be bumpy, but I think what we're going to be doing in the next 3 to 6 months is paying off a lot of technical debt we've accumulated over the last many years.

Mhm.

It's bumpy, but it's a better starting point 6 months from now than it is today.

Mhm.

So, I'm an optimist. I think if you're a better starting point 6 months from now, the next model is going to find a lot fewer things than the last one found because we had to deal with all the stuff that we found.

Will the next one find something? I'm sure it will,

right? But it may go back to finding five. And we seem to have survived in a in a world where there were five vulnerabilities found every month by software vendors.

Yeah.

Now the second problem like you said is AI might be able to concatenate them or daisy chain them and find a way to attack them faster.

Yeah.

For that it's a different problem. You know the vulnerabilities already always exist. When somebody attacks you the question becomes how quickly can you find it and shut it down?

Mhm. Now, that is a slightly longer term problem because that requires to have a much more modern stack. Requires you to have way more data to analyze anomalous behavior and be able to defend against it. But we'll get there.

Pay down all the technical debt. Start building technical equity. I like to hear it. Um,

well, it's I mean like this is why AI is so exciting. You can do five to seven years of work in a month.

Months. Yeah.

It's amazing. I think it's amazing. The only thing we have is we have to find a way of getting 21,000 people transformed without AI psychosis to amazing leveragers of AI so they're using it in the day-to-day life and trying to treat it as their assistant as opposed to be afraid of it.

Yeah. Yeah.

I love it. Uh last question. Um uh I don't want to get too uh geopolitical but I want to know about uh America's compute advantage or the AI race in the context of cyber security because there has been this debate over our are our our data centers the nuclear bombs or are the weights the nuclear bombs if the if the weights were stolen by a North Korean hacker firm uh they could wreak havoc but I don't know if that's real because I think you have to actually go and inference these massive models you millions of times and test every little system to find the actual exploits to actually do the hacking. And so uh another maybe white pill for you know America and the American internet remaining secure is that as we build more infrastructure, more data centers, more uh GPU racks, we are able to do more of good guy inference, more cyber security, more testing and our systems become more secure relative to the nearpeer competitors that might want to hack us but are have not invested enough in energy and compute capacity. Well, let's back up. Like look, we're all internal technology optimists, right? We all Silicon Valley, we hang out here.

99% of use cases we talk about AI are good use cases. AI is doing amazing things. It's going to do drug discovery. It's going to do a whole bunch of positive stuff. It's going to get rid of mundane things that we don't have to do. So, generally being an AI optimist is a good thing.

Does America has an advantage? Yes. We are building on the last lead in the technological revolution from last round go around. Right? Where all the hyperscalers live? Where do all the large consumer tech companies live? Where do all the cyber security companies live? 90% live in the United States. Right? So, we have the core of building the next wave of technology on the back of the last amount of success we've had. And I think all the efforts you're seeing, whether you're seeing it from the recent executive order on cyber security, whether you're seeing it around investment in chips, whe you're seeing it around investment in electricity, everything else, we are trying to build the underpinnings of building an amazing future with AI in with us. Now does it mean there will be an edge case of you know single-digit percentage where people will try and use for bad things?

Sure.

Every technology every invention has had people using it for bad things.

U can we protect cases? Yes, we will have protection. Will there be some notable mishaps? Most likely you know it's happened. We have 2,000 ransomware attacks a year. Why don't we move on? We go solve them. Life moves on. We fix them and we move through it. So I think you have to take an optimistic outlook. Now can models be distilled? Yes. Can weights get reappropriated? Doesn't look like you need to because every 3 months somebody seems to build the same capability open source. They're picking it out. So, and do they need the three month advantage or not? I think they'll get the advantage. I think the key is going to be is we have to keep sort of marching along and making sure that our infrastructure is up to speed so we can actually match sort of defense with the speed at which offense can happen. And it's always been an asymmetric battle. Cyber security always had to be right 100% of the time and the bad guys have right once. They don't need a lot of compute. They can go rent compute and come after an enterprise if they so choose to do so. And this game of cat and mouse will continue.

Last question. How much of your time is spent on quantum?

A lot. So what's interesting is we launched a capability where we can assess people's quantum cryptography readiness.

Yeah. And we built capability where we can wrap your traffic with quantum secure keys. So even if you haven't upgraded your infrastructure to quantum yet, there's a fear that quantum is succumbing and there are nation states who might be collecting data which they're going to harvest later when quantum becomes reality hoping they can hang on to classified data and break the keys afterwards. So we're already wrapping the traffic now.

Yes,

that's really cool.

If you know there's classified data and you can start sucking the data. I don't know what's in it, but it's classified, but I'm going to break it as soon as quantum's ready. And I'm pretty sure nation states will have quantum capability much before it's commercially available.

Wow, that's amazing. I I love that you're already working on that. That's so

We have a quantum rapper. You can buy a wrapper from us. You can go look at do full cryptographic inventory. We can encrypt the traffic with quantum secure today across your sort of traffic nodes and make sure that your data can be intercepted.

I love it. Thank you. Thank you for doing that. And then also thank you for coming on the show. It's fantastic to catch up with you. Congratulations on all the progress and thank you for cancelling the SAS apocalypse. At least in cyber security. We're going to cancel a SAS apocalypse everywhere. We're going to cancel all apocalypses eventually.

Sounds sounds like a plan.

Have a great rest of your day. Thank you so much. We'll talk to you soon. Goodbye. Speaking of a company that canled the SAS apocalypse, we got Bigma. Meet agents. Meet the canvas. Your AI agents can now create and modify your Figma files with design system context. And we got a timeline post here somewhat related to Figma design. Teddy said he couldn't decide on art to hang on his apartment walls, so he built a drawing machine to decide for him. This is a very cool little hack project, I guess, that uh it will move the weights so that it can draw on an X and Y axis. It can generate an image and then it can draw it with a pencil or a pen that you reload uh and it can pick an image and draw uh a different thing every day. Thought that was

calling it a generative pen train transformer.