Kevin Mandia

We used to be able to bucketize the forensics, Nicole, into very few groups out of China. And then all of a sudden we get an explosion. That's really it. Where the forensic evidence of each intrusion doesn't feel related to any other intrusion, or it's just different enough that we're like, ah, we're not quite sure if it's the same people.

We used to be able to bucketize the forensics, Nicole, into very few groups out of China. And then all of a sudden we get an explosion. That's really it. Where the forensic evidence of each intrusion doesn't feel related to any other intrusion, or it's just different enough that we're like, ah, we're not quite sure if it's the same people.

There's just a dramatic increase in the volume of change, the pace of change on offense.

There's just a dramatic increase in the volume of change, the pace of change on offense.

You know, cyber exploits that have no patch, that's what a zero day is. There's just no way to stop those attacks from working.

You know, cyber exploits that have no patch, that's what a zero day is. There's just no way to stop those attacks from working.

we had 32 zero days in 2019 exploded in the wild. To me, that was a world record. I'm like, we've been tracking this since the nineties, 32 in a year. It was mind blowing. And then all of a sudden we hit 81 in 21. And I'm like, wow, the world's different now. And this is seven times what you'd see in 2010. You know, I mean, it's just, that tells you the art of the game right now that you,

we had 32 zero days in 2019 exploded in the wild. To me, that was a world record. I'm like, we've been tracking this since the nineties, 32 in a year. It was mind blowing. And then all of a sudden we hit 81 in 21. And I'm like, wow, the world's different now. And this is seven times what you'd see in 2010. You know, I mean, it's just, that tells you the art of the game right now that you,

People are finding exploitable code at rates higher than ever before and using it in the wild. Because our numbers, Nicole, are what we assume if we see it, we see it. We're responding to a breach. There's the zero day. And we're seeing that even into today.

People are finding exploitable code at rates higher than ever before and using it in the wild. Because our numbers, Nicole, are what we assume if we see it, we see it. We're responding to a breach. There's the zero day. And we're seeing that even into today.

More zero days than ever before makes no sense to me when code was way less secure 30 years ago, 20 years ago, and 10 years ago than it is today. So we're building the most secure code we've ever built before, and yet there's more zero days than ever before.

More zero days than ever before makes no sense to me when code was way less secure 30 years ago, 20 years ago, and 10 years ago than it is today. So we're building the most secure code we've ever built before, and yet there's more zero days than ever before.

China's brought the A game and they've changed. And usually when you see these kind of shift changes on offense, oh, their doctrine's changing. Something's changing over there. All I know is somebody made a decision to up them a notch. And we have a gradual incrementalism of aggression on offense out of China over the last few years. And it's going up every year.

China's brought the A game and they've changed. And usually when you see these kind of shift changes on offense, oh, their doctrine's changing. Something's changing over there. All I know is somebody made a decision to up them a notch. And we have a gradual incrementalism of aggression on offense out of China over the last few years. And it's going up every year.

Their techniques are far more innovative and improved than even three years ago. China is the winner in innovation. And you see what happens when they win. You get 75 zero days in a year.

Their techniques are far more innovative and improved than even three years ago. China is the winner in innovation. And you see what happens when they win. You get 75 zero days in a year.

We could lock in on the Chinese threat pretty well. And again, between seven to 80 companies a month, sometimes only 30 companies were compromised in a month. And it went down to four or five in August of 2015. And it never comes back up really for a while. And people will say, well, it didn't come back up because China evaded your detection. No, not really. Their behavior changed.

We could lock in on the Chinese threat pretty well. And again, between seven to 80 companies a month, sometimes only 30 companies were compromised in a month. And it went down to four or five in August of 2015. And it never comes back up really for a while. And people will say, well, it didn't come back up because China evaded your detection. No, not really. Their behavior changed.

You know, it's they're not going to change. We've observed them for so long. You know, they change their behavior when they have to. They were told to change their behavior.

You know, it's they're not going to change. We've observed them for so long. You know, they change their behavior when they have to. They were told to change their behavior.