Nikhil Mohanlal (00:00)
Hello folks, how's it going? It's been a while to all the listeners globally. I've had a nice little release for this podcast. I know it's been a minute since I released the last episode. Life just gets in the way, but we move. Today's guest is Renze Jongman. He is a fantastic guest and I was really excited to get him on.
We speak about his background in CTI, what it means to him, how he got involved with CTI, how he pivoted from his policing days into CTI in Abu Dhabi. He shares some crazy stories. Renze is also the
The CEO and founder of Liberty 91 a AI based threat intelligence platform. It's really cool stuff. Actually, it's really kind of pushing the needle here And so I'm really excited to get him on have him share the story have him shares experience about not just what it is But what it takes to build a platform like that while still Having a full-time job having a family trying to stay sane at the same time taking part in the cyber community here in UAE This guy works hard. He works his ass off and so
I'm really excited to have you listen to this episode and listen to his story. As always, enjoy.
Nikhil Mohanlal (01:03)
I mean, let's jump into it. Right. So who are you? What is your background? What do do? Who is Renze?
Renze (01:09)
Alright, so
I'm Renze Jongman. That is an unpronounceable name for most people. That's because it's from the Netherlands, which is where I'm from as well. So my background, I started in law enforcement. I joined the Dutch National High Tech Crime Unit, like a long time ago now, and just sort of went after hackers and whatnot. Then joined Europol to do that.
world on international scale. was one of the founding members of the Joint Cybercrime Action Task Force or JCAT, a Europol in The Hague, which β was really cool. I just tried to catch digital bad guys internationally with the group. We had a member of every country, in our team, so one member for every country. So yeah, it was a very cool international.
Nikhil Mohanlal (01:42)
That sounds badass.
Renze (01:59)
environment that we operated in and everyone brought their own experiences and their own background, etc. So that was a really cool team to help build. Then I made the jump to the private sector. So I joined Barclays and I led their strategic threat intel team from the UK for about three years. So that's the financial sector. And then I joined β Mandiant, which ultimately became Google or part of Google.
And that was here in the Middle East. So my job was to lead the Threat Intelligence consulting business from outside the US. So they had a big Intel consulting business already in the US, but not so much outside of it. And that business was growing. So they needed someone to kind of lead that and help that grow. And most of the business was here in the Middle East. So that role was also here in Abu Dhabi, where I now live.
And then about a year ago, I left Google to set up Liberty 91 and also joined the Department of Government Enablement, where I'm now an advisor to their Threat Intel team. So that Threat Intel team does Threat Intel for the government of the Emirates of Abu Dhabi. And I'm advising and helping that set up, which is really cool because there was not really anything. DGE itself is new, right? It's from October 2023 it was set up.
Nikhil Mohanlal (03:05)
Mm.
Yeah.
Renze (03:17)
So the threat Intel team there, threat Intel capability didn't quite exist. That had to be set up as well. So imagine setting something like that from absolutely nothing to having something that can adequately help protect the emirates of Abu Dhabi, the government of the emirates of Abu Dhabi against the type of cyber threats that we tend to experience here in this region. That's pretty advanced stuff. So you need an advanced capability as well. So to help build that out is a really cool mission.
Nikhil Mohanlal (03:35)
Mm.
Nice man. So you actually moved into TI, right? I want ask you about that little bit. why really, why TI, firstly? Because I mean, people come from law enforcement, they attempt to go into like maybe forensics or they'll pick up something around like offensive security and they want to... So what was it about threat intelligence that you said, okay, this is what I want to do, this is what I'm good at, and you pivot into that.
Renze (03:55)
Well.
Ha!
Yeah, that wasn't good at all. Yeah, I wasn't good at it at all. It's
generally it was the job that was offered to me at the time. I was so okay. I was in law enforcement and my wife and I, we've always wanted to live and work abroad internationally, see the world. The Netherlands is just a tiny dot on the world map and we just wanted to see more of the world. But if you are in law enforcement, if you're a policeman, you can only really do that for a country that you're a citizen of. So I mean,
Nikhil Mohanlal (04:23)
Yeah.
Mm.
Renze (04:37)
I had to leave law enforcement to be able to live that international career and life. The first opportunity that came along was with Barclays. Some of my colleagues at Europol were leaving Europol because they were setting up the security practice at Barclays or least were hired to make it better or run it. They were bringing people with them. I was...
Nikhil Mohanlal (04:41)
Mm.
Renze (05:04)
asked to be one of those guys, which is great. And they offered me the Intel job. I think a lot of law enforcement agencies, law enforcement agencies operate under different laws and different structures across the world. And in the UK, for example, there's a lot more, like intelligence is a much bigger part of β police work. That's not necessarily the case in the Netherlands. It works completely differently. So we don't operate based on Intel as much in the Netherlands as we do. So I was much more focused on just doing normal police work and just β
Nikhil Mohanlal (05:16)
Yeah.
Okay.
Mm.
Renze (05:34)
following the evidence and doing investigative work, not necessarily intelligence work. But I think the assumption was a Berkeley stuff because I was in police, I also understood Intel. That was not the case. And also just like law enforcement work and cyber threat intelligence as we know it within a corporate environment, it's just completely different. I had no idea what I was doing honestly. And I, was a steep, steep learning curve for me.
Nikhil Mohanlal (05:45)
Right.
Renze (05:59)
And it was hard, And I took that experience and ended up joining Mandiant. But of course, these guys are like the pinnacle of cyber threat intelligence work in the industry. But so it's not necessarily something that I thought, this is something I'm good at, I'm going to pursue. It's more, it came on my path and I had to learn the hard way to actually do it.
Nikhil Mohanlal (06:07)
Yeah.
Mmm.
Yeah,
that's a really key thing actually, because I mean, a lot of us tend to go through that, right? Whether it's something that you actually are pursuing or you just tend to just fall into it, right? That was same case for me as well. Like when I started studying, I actually wanted to be a sound engineer. So I was like, I want to go to sound engineering, I want to make music and this and that. And I'm like, wait a second, there's no money in that.
So I ended up studying forensic security, right? And then it just, for a long time it was the same thing. I'm like, I don't know anything about this. I just don't get it. I'm just gonna push through and see if something happened. Something should happen off the back of it. And there was a point at that time where I felt, wait a second, this is actually fun. they actually put us in like a simulated crime scene. There was a crime scene like.
Center type thing that they like made a fake city and we worked with the forensic science students And they're there when the whole hazmat suits and everything collecting evidence and all that and so we are the digital forensics team to go there and actually Acquire said evidence and one of the pieces evidence was a USB Drive And so our task or a piece of coursework was to break it to that USB Drive and I thought this is Freaking amazing. What the hell? This is this is this is hacking. This is cool. This is cyber and so there's an element of that that really like kind of
Renze (07:32)
You
Nikhil Mohanlal (07:35)
That will always be my kind of introduction into cyber. think that is how I kind of fell into it, right? I didn't have this deep resonance about, I want to be a hacker. want to watch all the videos and learn how to do all this crazy stuff. just, kind of fell into it. And there was that, that was a moment, right?
I mean guess what was that thing for you? What was that like that moment, that trigger, that switch you felt, this is actually sick. You know, I didn't just feel like I fell into it and I had to really, really struggle.
Renze (08:04)
I think when I discovered coding and that you can, if you can code or right now it's probably if you can use AI properly, but back then it's coding. If you can use Python, for example, which is not that difficult to do, you can be a wizard in any field that you operate in. Like in cyber, most people, or at least a lot of people will be able to go to, and I needed to learn quickly to be able to do some of the things that I needed to do in threat Intel. But I guess in most industries,
Nikhil Mohanlal (08:06)
Okay.
Yeah.
Mm.
Renze (08:34)
A lot of people won't be able to code. If you are that one person that can, you can automate a lot of stuff and you can make things a lot easier for lot of people. And then you can be that wizard that can just magically make problems go away with programming. Obviously in Intel, a lot of people can do that already. So it's necessary. It's necessary skills. I enjoyed it and I still love it today. I can just lose myself. I can just start coding and I'm not a professional programmer.
Nikhil Mohanlal (08:39)
Yeah.
Nice.
Renze (09:02)
I'm super messy. I learned organically, I guess, and I need other people to clean up my mess when I code. But I can just start coding and then think, β crap, it's dark outside. And then it's somewhere late at night and I have to sort of make sure that I go home and tell my family why I haven't been responding to texts. And just applying that stuff to security.
Nikhil Mohanlal (09:19)
Yeah.
I'm deep in the IDE,
Renze (09:29)
to security is and being able to sort of find stuff quicker and automate things to make things better and help people do things quicker and better is something that I really enjoyed putting together. And that ultimately is the whole idea behind it's the Intel, isn't it? It's just, I say this a lot. you may have heard me say this before, it's for the Intel is essentially information that helps other people be quicker, better, more efficient at their job.
Nikhil Mohanlal (09:33)
Hmm.
Renze (09:55)
So, and that's what it is, just helping things move along faster and quicker.
Nikhil Mohanlal (09:59)
Yeah,
It's supporting that decision making, it? know, getting that, collecting that right, rightful information from accurate sources, you know, then you can say, hey, this is what's gonna happen based on this information. It's accurate risk taking a business decision is not gonna come through based on, hey, feelings. It's, you know, you have to get the accurate information. β
Renze (10:18)
No, so you'd be surprised how often that happens. But that's the
whole point. In cybersecurity, a lot of people buy a new tool or a new solution based on the person that they've most recently met at GISEC for example, or another conference, because they feel that's the next important thing. And that's either a rumor or something that most people talk about right now, or it's not based in fact, or actual threats or something that you actually need and can demonstrate that you need. β so underlying data to...
Nikhil Mohanlal (10:29)
Mm.
Renze (10:47)
and research to sort of back up a decision like that for a lot of executives is really, really valuable. You may have heard me make the comparison with a marketing team. you're the marketing director for Tesla, you're producing cars, electric cars. So you're going to have a very specific demographic that you're going to want to target with your marketing budgets. So to be able to be as effective as you can be with your marketing budgets, you need market research.
to understand exactly who your target audience is, where they live, what their likes are, what their dislikes are. So you can be as effective with your budget and make the right decisions and buy the right advertisements and the right tools and the right technology, et cetera, to make that happen. The same is true for security. We don't want to make best guess security decisions. We want to base that on proper research and analysis. And that's what threat intelligence is. It just allows you to base your decisions on actual research.
Nikhil Mohanlal (11:16)
Yeah.
Yeah.
Renze (11:40)
not just because it's the reasonable and smart thing to do, but it's also possible defendability of the decisions that you make. So if you're a CISO and your company does get hit with ransomware and everyone is going to want to fire you because that happened under your watch, you can at least sort of go back and say, based on the information that we had at the time, these are the decisions that we made and that was based on reason. So, you know, it gives you sort of backing as well on some of the decisions that you're making.
Nikhil Mohanlal (12:01)
Mmm.
Yeah,
So you mentioned JICEC and that's kind of a good pivoting point, right? You've worked in...
Renze (12:11)
Mm-hmm.
Nikhil Mohanlal (12:12)
many different fields in that or many different countries too. You know, you were in Netherlands, you know, you spent some time in London, in Barclays, in different industries. When you came to UAE, firstly, it was, it must have been a massive decision when you, when you first moved here, had you ever, have you ever visited before? Was this ever first? that, that was your first time? Oh damn. Okay. Fair enough. Damn.
Renze (12:28)
No, no, no, I landed and I was straight to work the next day. Yeah. I no idea where
I was. brought my family with me and they were in the hotel, just waiting to meet me. Yeah, that was cool. That was a big adventure. Seven almost. Yeah. I'll tell you what though, you said London, but it was actually close to Manchester because that's where the technology campus is. That's where I was first before I came to the UAE. That was a lot harder.
Nikhil Mohanlal (12:39)
Wow. So that was like what, three, three or four years ago?
Seven years ago, okay nice, nice.
Okay, yes.
Renze (12:56)
for me and my family to land than I was here in the UAE. And I'll tell you why. Because in Manchester, we were in this sort of closed community, like a small village close to Manchester. Everyone who lived there obviously was a native English speaker. I speak English, but I'm not a native speaker. And trying to be funny, for example, in not your native language is actually quite hard. So you're just not as fast enough to make your jokes, et cetera.
Nikhil Mohanlal (13:09)
Mm. Yeah.
Mmm.
Renze (13:20)
That is really important if you're trying to socialize in an environment where everyone has been there for their entire lives, they have their friends, they don't necessarily need that weird Dutch guy in their new friend group because they're set. And I was trying to inject myself in that community. Obviously I've made some great friends at work. These guys I'm still in touch with and they're awesome and they've really helped me as well land. But I mean, it was hard. It was a hard work to land there with the family. Here in the UAE,
Nikhil Mohanlal (13:34)
Yeah, yeah.
nice.
Renze (13:50)
Everyone is an expat. Everyone is in the same boat. People leave after three to four years. So people are constantly updating their social circles and they are always open to meeting new people. You can meet someone at your neighbor's drinks party on one day. And then the next day you're having the same person over for a barbecue at your place because it's just so easy to build your network and build your friends
Nikhil Mohanlal (13:57)
Mmm, mmm.
Yeah.
Renze (14:15)
even though it's much further away, and obviously it's a completely different culture, and it's really hot in summer, it's actually a lot easier to land here and be comfortable.
Nikhil Mohanlal (14:21)
Yeah.
Yeah, I fully agree with you actually. I have a, my experience is a little bit similar too in that sense. Like, I I grew up here, right? I was born in Sharjah right? but my understanding of UAE only became that in the last, I guess, four or five years-ish when I first moved here for good, right? Because I had an initial understanding of what UAE is like, what the culture is like, but that was just when I was a kid. At that point, I was in the UK, you know? I was working.
Bristol, Bournemouth, whatever, and that was my upbringing. But I fully agree with you, man, because when I was in UK, it was tough to network, it was tough, especially in work, I just, couldn't get on board with it. Moving to UAE though, like you said, your network is super, it's quick to develop. If you put that one ounce of effort in, it's like, it's just gonna come up. You're gonna meet the right people, you're gonna start talking a lot more because
everyone's on the same sort of page when it comes to professionalism, right? The ethic stays the same. There's no prejudgment so much as is somewhere else. And it's great, I that's how I met you, you know? That's how I met everyone else in the group, in the communities, and it's amazing.
Renze (15:33)
I couldn't
agree more. It's not like everyone in England is like anti-social and doesn't want to meet people. That's of course not true. I know a lot of great British people. just that in that, and probably it's probably different in London to be honest with but that's not where I lived. But it's just in, that's not an international community. That was a set existing community that I tried to become a part of. And here it's just very international and very open from that perspective. different.
Nikhil Mohanlal (15:38)
Yeah.
Yeah, man, it's great
though. I there's the positive side to it as well, but there's also, there's always two sides to every story, correct? So when you did first come here, Especially, because you mentioned you jumped straight to work. You didn't have that grace period of getting used to the country, the network, the culture. You just straight to work. What was that like?
Renze (16:03)
Mm-hmm.
Yeah, I guess it wasn't that bad to be honest. wasn't like I had to... So my first client was a secure location where you needed to have security clearance. I didn't have security clearance yet, so I couldn't enter the building. And remote working wasn't a thing there either. So essentially I had to wait for security clearance, which took three weeks. So I wasn't that busy, which is great because that gave me an opportunity to find a house, get a car, get the Emirates ID sorted, all of that stuff.
Nikhil Mohanlal (16:39)
Yeah.
Renze (16:43)
So it was actually a really soft landing for me.
Nikhil Mohanlal (16:45)
Okay, nice.
But when it comes to cyber security industry in that sense, how would you compare it? Because I'm sure there's a lot of folks in the same boat as you They're coming from UK, they're coming from different cultures and environments that they're very much used to β into UAE. Because UAE is growing, there's a lot of investment coming in, there's a lot of companies starting to partner up with government entities and things like that. And so off the back of that, there will be a lot more expats coming in.
Renze (16:53)
Mm-hmm.
Nikhil Mohanlal (17:11)
despite us saying it's a bubble. what would you compare the work culture like here? What's your thought on that? Because I think a lot of people need to understand that it's not going to be the same as UK whatsoever. There are some tough elements to working in this industry here.
Renze (17:12)
Yep.
Well, sure. you're either going to be working for a vendor or you're going to be working for an Emirati government entity or an enterprise entity. So those are the two differences. Probably if you're working for a vendor, it's very likely that you're either in sales or you're going to be client facing and on site. So ultimately at the end of the day, you're going to be part of that Emirati culture and you're going to be exposed to it at least.
Nikhil Mohanlal (17:49)
Mm.
Renze (17:56)
It's different. It has ups and downs. It's a lot more based on relationships. I guess, and this is a mistake I made in the UK as well. In the Netherlands, things operate very flat. It's, β we call it poldere, which probably doesn't mean anything in any other language, but it means that you can essentially be a dick to your manager and disagree with everything all the time. it's, I just vent your opinion.
Nikhil Mohanlal (18:09)
Mm.
Nice. β
Renze (18:23)
which isn't necessarily appreciated in other cultures than the Dutch one. I made that mistake in the UK where I learned the hard way that I just don't need to vent my opinion about everything all the time. You have to sort of respect the fact that your manager has other ideas than you, which is fine. I think that's even more the case here. We operate more in an advisory capacity rather than actually running things.
Nikhil Mohanlal (18:30)
Mmm.
Mmm.
Renze (18:50)
And that makes sense as well, that's fair. And I think that's important to remember as well. And if you're comfortable with that, then I think you can thrive here.
Nikhil Mohanlal (19:01)
Nice. I felt the same way as well. It took me a lot of time to understand that attitude, know, because I'm very much against hierarchy. I was for a long time at least. I was like, screw this, I don't want to get involved with this type of attitude. Why is this guy talking down to me? I was very much anti that. But then I felt personally attacked by that. And that was my problem.
Renze (19:22)
Yeah.
Nikhil Mohanlal (19:28)
It's not a personal attack from anyone. It is just the work culture here. There is a hierarchy. Typically there is a hierarchy at least. And it is to be respected. There is a flow. As you said, every culture has its way of working and I think that flow is to be respected.
Renze (19:30)
Hmm.
Yeah, well, in larger organizations specifically, that's also kind of necessary. You need to have a certain, I guess, of command to make things flow. I'll you one thing that we're going through right now is, for example, β we're sending out threat alerts to our colleagues directly around us, the SOC, for example, and their manager levels. But then also, on a much higher level, they're also very interested in what we're seeing, and they want to receive those alerts as well.
Nikhil Mohanlal (19:55)
Mm.
Renze (20:15)
So we send them to β executive levels as well, so they receive it at the same time. So that means that the SOC are the ones that typically have to fix the stuff that we alert people to, but they are thrown off balance because their boss's boss's boss already is alerted at the same time and they haven't had a chance to...
Nikhil Mohanlal (20:19)
Mm.
Renze (20:36)
to even read up or do anything. so that kind of stuff is something that we have to take into account. How do we make sure that we inform, that we respect the chain of commands from the top to the bottom, but also at the same time make sure that people are in a position to prepare themselves, to take action based on things. Because at the top level, they want to know, okay, apparently this is a threat, but what are we doing about it? And what have we already done? Which is fair. You don't just want to know the problem, you also want to know the solution.
Nikhil Mohanlal (20:37)
Right.
Mm-hmm.
Yeah.
Renze (21:05)
But
no one has had time to think of the solution or implement the solution. we have to go through, that's why a chain of command like that is important. So it means delaying, I guess, a little bit the reporting up to the chain, because that then gives other people in that chain the opportunity to actually do something about it.
Nikhil Mohanlal (21:22)
Yeah, yeah, that's a good point as well because I think there is a sense of cynicism that's brought along with this process, right? Of like, oh, why did this process taking so long? I've got this IOC ready to process. got, you know, I don't want to pass it up. I need to the response now, right? But I think having that in place, like you mentioned, it's a people problem ultimately, right? And.
Renze (21:39)
Hmm.
Nikhil Mohanlal (21:46)
when that information gets passed up the chain of command, everyone's aligned. There's an alignment that's happening and that is what's important there. Because that inevitably will push that decision to be, that decision that's made afterwards, it's going to be, again, it's calculated, it's accurate, it's not, everyone's on the same page, there's not any disparity anywhere. β But again, there's the pros and cons with that, right? It's time consuming, but it could mean it's well informed.
Renze (21:50)
Mm hmm. Yeah.
Mm-hmm.
Exactly, absolutely. The last thing you want to do is just throw problems over the fence. And say, here's a problem, fix them. And then even throwing that over their boss's boss's boss's fence as well. they essentially are exposed and are β already behind the curve with fixing it. No one loves Intel if Intel is only making problems.
Nikhil Mohanlal (22:28)
Mm.
So I want to take a quick step away from TI a little bit, more focused a little bit more on the, status of cybersecurity, especially online, right? You've been in this industry for some time now, and you've noticed some trends go up and down, whether it's training or not, Lately, I'm seeing a lot more...
YouTube videos and TikTok, whatever, coming up, talking about getting people introduced to cybersecurity, right? It's amazing because quote unquote gap exists. But I think off the back of that, you know, there is a lot of glorification happening, right? So I want to kind of get your thoughts on this. what are some of the, negative experiences that people should know about in this industry that doesn't get shared that often?
Renze (23:26)
man, I don't know. β Negative experiences in cybersecurity. I don't know, I guess if you don't expect, you've just shared this as well, you don't expect to be a hacker with a hoodie that's just going to hack stuff all the time. Because yeah, that's just not the reality of it. Ultimately, you're operating in a government, in a corporate environment where just a lot of processes exist and you have to β follow policies and be happy to play office politics as well.
Nikhil Mohanlal (23:29)
Mm-hmm.
Renze (23:54)
And that you can't be above that if you want to any career progression. So you have to be sort of be able to play that game. with any type of job and not just in cybersecurity. In my opinion, it's very rare to turn your hobby into your job and then do the thing you love all day, every day, and then sort of expect to be there to be no admin or overheads or
Nikhil Mohanlal (24:10)
Mm.
Renze (24:18)
politics or around it. So that just doesn't happen. a wise man once told me that if you turn your hobby into your job, that it stops being your hobby. And I think there's a lot of truth in that as well. So just treat your job as a job and be mindful of the fact that it comes with a lot of, like every job comes with overhead and policies and politics and stuff and admin and you'll be fine.
Nikhil Mohanlal (24:38)
Mm.
Renze (24:43)
Then you get to do what you love 20 % of the time.
Nikhil Mohanlal (24:46)
Yeah, no, I actually resonate with that a lot because I was off that mind for a long time like make it your passion. You have to very much, you know, live the life and it is the case at times. But I think you're right. You know, if you turn your hobby into a job, it's no longer a hobby. That's a really good way to look at it because you lose touch. You you lose the essence of what makes it a hobby or makes it fun almost. Right. β And even with the job itself, with cyber, right?
Renze (24:54)
Yeah.
Nikhil Mohanlal (25:15)
If you make it into a passion, sure you'll love it, sometimes if you're not used to the office politics, if you're not used to playing the game, it's business at end of the day. If you do, for example, get let go for whatever reason, it might feel like a personal thing, but it's not personal to the guy who made that decision, right? It's a business decision at end of the day. think keeping that in mind.
Renze (25:36)
or viper.
Depends on your personality, but yeah, Yes.
Nikhil Mohanlal (25:38)
Yeah. β Man.
I want to pick on you a little bit now. I'll take a little step back away from work so much, you know, why cyber? Why was it cyber? Why not something else? Why? you were a policeman before that, and you spent some time on that. β
Renze (25:45)
Alright.
Yes, that's a terrible story actually.
So this goes back to 2020, no 2010, I think around about that. I was a normal policeman. I was doing drugs investigations, human trafficking type of investigations. I didn't know anything about computers. This was the time where we were copying CD-ROMs from each other.
to play a game, you know, and I didn't know how to do that. So I had to ask my neighbor to help me burn CD-ROMs or DVDs. So I didn't know anything. But there was a child protection case, a really big one. was very nasty. was in Amsterdam. It was a β daycare center where one of the leaders abused like 80 plus of the kids that were going to the daycare center. Obviously it was a massive...
Nikhil Mohanlal (26:31)
I know that feeling still.
Renze (26:52)
the stir in the country and turned into a really big investigation that investigation, because this guy was sharing all of his, he was filming it and he was sharing that material over a TOR the TOR network, which no one has heard of. But he was doing it and a lot of it was encrypted. the normal police team that you would normally have investigated, they didn't know how to deal with that.
Nikhil Mohanlal (27:05)
Mm-mm.
Renze (27:14)
that was spun into two investigations. One was just the investigation on this guy and all the bad things that he did. And then an investigation into his network, the people across the world where he was sharing material with. And that was all on these encrypted drives but it needed specialist police investigation. So that was run under the high tech crime units, but that was such a massive investigation, such a big thing that they couldn't run it alone. So they were just bringing on board lots of new people. And I was just one of those people who's fresh from police academy.
Nikhil Mohanlal (27:27)
Mm-hmm.
Mm.
Renze (27:41)
And β yeah, I was interested, so I put my hand up and they onboarded me on that investigation. And that's how I ended up with Team Hi Tech Crime. And I did a lot of, I did that case, which was awesome because I mean, catching like 20, 30 of these type of guys across the world is really rewarding. that's, that just, you go to bed at night feeling good about yourself because you saved some kids from really bad situations. That has a...
Nikhil Mohanlal (28:04)
Yeah. Yeah.
Renze (28:09)
downside as well because you can't save everyone. There's a ton of stuff that we ended up seeing that we just couldn't identify who was behind it and we had to sort of let that go. That is a terrible feeling. So, yeah, two sides to that medallion. Ultimately, I had to sort step away from that child protection case because there's only so much you can take. Like you're looking at that material every day. So I pivoted to, I guess, cybercrime cases. That's what's when...
Nikhil Mohanlal (28:31)
Yeah, yeah.
Renze (28:38)
Ransomware started to become a thing. So I started doing ransomware investigations and online fraud was part of it as well. So that's how I gradually started learning about these things. yeah, just, my career happened to me, man. It's β just, I put my hand up on the right moments, I guess. I've been a bit lucky. I just worked hard and tried to learn the things that I needed to learn.
Nikhil Mohanlal (28:39)
Yeah.
Renze (29:05)
to be able to do my job and then the rest is history. It's kind of how it happened.
Nikhil Mohanlal (29:09)
Wow, that's intense man. It's not easy. I've spoken to one of my friends, he's again, he's same similar background, he's ex-copper as well from London. And he shared some intense stories, man. I could never imagine going through something like that. Just even being on a case like that because...
Like you said, you're dealing with that type of information so frequently and it takes toll. It can take a toll for sure.
Renze (29:38)
Yeah. 100%. But listen,
some of the cool things, I mean, obviously that's terrible. And you develop a really dark side, a dark humor with the team, But that's also, so one of the cases that we dealt with, for example, there was this video that we had to watch. It this guy, was doing all sorts of terrible stuff. But it was also on his hard drive, there was another video of the same guy on his lawn outside. Now there wasn't a lot we could see, it was dark, but we could see that the type...
Nikhil Mohanlal (29:43)
Yeah.
Renze (30:05)
of grass on his lawn was apparently, I didn't know this, of a particular type that only grows in certain places in the US. So we rang up the FBI. And so they took it and they sort of tried to identify the sound on the TV that they were hearing in the background because it was running an episode of a specific...
series that was only aired in a specific time frame, in a specific area. So the combination of the outside of the house, the type of grass and the exact moment that that episode was aired on TV in that area, allowed them to pinpoint the location. And that's how they found the suspect and be able to arrest him. So that type, that's how we ended up finding some of these guys. And that was, it's really cool if it comes together in a way like that. That's really awesome.
Nikhil Mohanlal (30:29)
Wow.
Yeah, yeah.
Man, those kind of stories make me want to keep learning this kind of thing, Dad, that's... Yeah. Get some geologists on your team. Man, that's intense, Honestly, in those moments, must be like, so you have to be super focused, right? You can't just be like, I'm part of the team. You just got to bum around and whatnot. And I think that's what keeps it engaging, keeps it fun.
Renze (30:58)
It's a little bit of a grass.
Good.
Nikhil Mohanlal (31:19)
I mean, quote, quote fun, like obviously. β
Renze (31:19)
Yeah. Well, sure.
mean, yeah. I mean, rewarding, I guess. You're making a difference.
Nikhil Mohanlal (31:24)
Rewarding, yeah. Yeah, yeah.
I want to talk a little bit about on the learning point about it, because you said, right, when you first joined this team, was quite difficult to learn. You picked things up as and when you went about it. β How is that translated how has there been anything that you learned at that stage in your life that's kind of persisted throughout to where you are now?
Renze (31:39)
Yep.
Nikhil Mohanlal (31:49)
What type of skill did you pick up to learn new techniques or new skills that you're still using to this day?
Renze (31:55)
Well, I think the most important thing is to sort of recognize what skills you need in your job or the job that you want after this or whatever you want to move into. So for example, when I moved to Barclays and I didn't know anything about threat Intel, obviously you start to go online and you download, what is threat intelligence from Recorded Future? They have this kind of, so just at least you know where you're starting. But obviously as you are landing in a job and you find yourself losing experience,
β lacking experience in certain areas, the only way to gain the experience is to learn about it. Ideally do it even better. You just go into courses and get certificates and leaving it there is not enough. You have to sort build up the experience and practice it in the real world. See why things don't work because if you learn something during the course and you try and apply it in your job, it will probably not work the first time and it will break and you'll learn why. And then you can sort of...
Nikhil Mohanlal (32:38)
Mm-hmm.
Renze (32:51)
pivot from there and start making sure that it does work in your particular situation. And that's how you apply skills. And you have to be able to sort of repeat that as well and just grow from there. You have to have that bandwidth. Sometimes you're just stuck in a grind and you don't actually have the time or bandwidth to learn and explore and expand. And that's fine. But I mean, ultimately that's kind of how I think you grow.
If you take a step back, you start a new job, Most people will not be qualified to do their job from day one. If you are qualified to do your job from day one, you're going to be bored from day one as well. So you need to learn and it's going to be hard. That first year, you're going to have to build up experience and learn from the people around you and trust that they know this stuff better than you and learn from that. And then in your second year, maybe you're sort of consolidating on that experience. And then in the third year,
Nikhil Mohanlal (33:25)
Thank
Yeah.
Renze (33:44)
if you're lucky a little bit sooner, you'll have some bandwidth. You can do your job easily and you'll have the mental bandwidth to explore. Okay, how can I do this better? How can I do this more efficiently? What can I learn? What are people around me talking about? How do I use the ChatGPT API to make this thing go quicker? I don't know. And that helps. so that's kind of just use the bandwidth you have and don't...
Nikhil Mohanlal (33:49)
Yeah.
Yeah.
Renze (34:10)
lean back and relax when I can do my job easily. I'm done. I can sit, I can write this out. As soon as you find yourself being comfortable, start challenging yourself with the new stuff that you think is useful in your job.
Nikhil Mohanlal (34:24)
Yeah, damn, I I can't say that any better than that. It's amazing. And I think it's important to keep that in mind as well, especially with cybersecurity, like...
Renze (34:29)
This is. β
Well, also because
if you're at beginning of your career especially, that's how you get noticed too. If you're the guy who sort of expands beyond his own role and is able to... You always have this one guy in a SOC who just does more, who's running DNS twists on the side to the phishing domains. know, that guy, he is essentially overqualified for his job and he's doing side projects. That's how you get noticed, that's how you...
Nikhil Mohanlal (34:46)
Yeah.
Yeah.
Renze (35:01)
career progress as well or move into things that are more interesting for you.
Nikhil Mohanlal (35:04)
Yeah, yeah,
on that exact point like it's People will look at that and think okay because he's running these commands because he's doing these particular things I have to do the same thing. It's not that case It's the fact that he's thinking ahead of what he has to do right now. He's saying okay I'm looking at logs right now. I'm looking on the SIEM tool He's curious to know what's gonna come what's gonna come next right because that is what the job asks of him, right? He knows that the mission isn't just to look at logs. The mission is to actually block the thing or
Renze (35:17)
Exactly.
Nikhil Mohanlal (35:31)
Identify what how to tune the rules and there's a bigger picture at hand. I think it take it does take time to Find that mission or understand that mission initially, which is why people get confused and be like, I gotta I have to run Kali Linux all the time and I have to understand Maltego because that's what OSINT asked me to do and it's like no It's not like first understand the the concept and the application and that takes time it takes time because you do have to grind it out, right and
Renze (35:40)
Yeah.
Absolutely. First,
just make sure that you're doing your job right. If that is a grind, then you just do the grind and then you'll have, once you've got the hang of that, then you've got the bandwidth to do the other stuff and have more fun.
Nikhil Mohanlal (36:01)
Yeah.
Exactly on that point actually like you know mean you you're you have a track record of working your ass off. swear to God Just going on your LinkedIn. You just see everything there. It's you know, it's crazy and it's it's impressive It's really really impressive because you know, there are a lot of people who want to do the same thing and think They'll they'll see this and think okay I have to grind it out really bust my ass to do this thing but and which you did but you obviously have downtime you have to figure out that that life balance and so
Renze (36:17)
Okay.
Nikhil Mohanlal (36:39)
What is it for you? Like, what's your thing outside of cybersecurity, outside of the job that keeps you sane? That's just like, you know what? I don't want to do cyber today.
Renze (36:49)
I love the outdoors here. This is one thing I love about the UAE is that we've got an ocean and we've got a desert. So we've got a small boat and I love to do some wakeboarding behind it or go fishing. So that's spear fishing or snorkeling. β Love to do that. And the desert. we've got a Jeep that we take out into the dunes and go camping or barbecuing or dune bashing. Those are just outdoorsy stuff, That's what we're hiking in the mountains in the Ras Al Khaimah
Nikhil Mohanlal (36:57)
Nice.
Amazing.
Renze (37:17)
beautiful stuff there as well. There's a hike, if you've not done it and you're interested in this stuff, there's the Hidden Oasis. That is the best hike, very accessible, it has a little bit of everything. I can highly recommend it. That's the kind of stuff I really enjoy. coding is just a hobby of mine as well. just love it. And that's how Liberty 91 grew as well. was just coding on the side and it became a thing. But I just enjoy doing that. β
Nikhil Mohanlal (37:17)
Mm.
Mm.
Nice. mean, that's
good. You kind of setting yourself up for the inevitable goal of most cyber professionals is to just own a farm, just not be in tech anymore. β But I mean, still and you're still doing the thing on the side, right? You're making that money. You're you're running that business, but you're no longer in tech, tech, tech. β Nice. That's really cool, actually, because I think for a lot of folks as well, they're like, you know, I have to be.
The hacker, I have to do that thing to make it my hobby. I have to make that my hobby and therefore they become that person. But like for me, man, like...
I don't like cyber that much all the time. I'm going to admit, even though this is a cybersecurity podcast, right? It's I like cyber because I like the people in it. I like doing some of the techie stuff. I like helping other people out and I like growing in it, too. But it's not my life. You know, my life is music. I play in a band like I love jumping on stage and when I did have long hair, throwing my long hair around. So but yeah, I think that's important to stay sane on that. Right. And yeah, man.
Renze (38:26)
Good.
β That's awesome.
Absolutely. β I couldn't agree
more.
Nikhil Mohanlal (38:50)
I want to pivot into Liberty 91 now. This is the burger, the cheese, the meat and potatoes off this podcast. Why Liberty 91? What is this? To those who don't know what Liberty 91 is.
Renze (39:05)
Okay, sure. So it's a platform and the purpose of it is to help threat intel teams. And it started well before I joined Manny and Tiven. It's something that we start seeing that a lot of people struggle with is even if you have a tip, the threat intelligence platform, anomaly, example, or threat queue or a threat connect, that will bring a lot of technical data together. But usually it's not from a content perspective, it's to actually understand.
what's being written and what's being researched in the threat landscape that doesn't come together. So a lot of people struggle to keep an overview of what's going on in the threat landscape. There's a lot being written in security blog posts, vendor reporting, vulnerability databases, vendor portals as well. to keep track of all that is a lot of work. And what would very often happen with a threat intel team is the CISO will come in and say, hey, have you seen this latest report on this vulnerability about this technology here?
Friday report, have it on my desk by the end of the afternoon. And then no one had any idea what he was talking about because they haven't seen it yet. Does he see something first and you're the Intel team? It's kind of embarrassing. You want to tell him instead of the other way around or her. So that was the first use case. Just having something to put on the big screen that SOCs sometimes have on the wall that just refreshes like fancy RSS feeds. That was the first thing and it was called Discovery at the time. It wasn't called Liberty 91 yet.
Nikhil Mohanlal (40:12)
Mm-hmm. Yeah.
Renze (40:34)
So we were collecting all of the data from all of the sources for the people that were using that platform as open source. But then AI happened. And that gave us an opportunity because AI, you can train and now we can look at that data, we can train that AI on the threat profile of an organization and their assets and their attack surface and on the MITRE attack framework and on extracting IOCs and on threats from China, threats from Iran, for example.
We get lots of those AI agents that know how to write reports as well, chapters of reports, and they all work together. And that stack of AI agents is different for every customer organization, and it monitors everything that's going on in the threat landscape for all of their sources. So private sources, if you have them, but also open source, most of open source, that comes in in real time. It monitors for you, and then it checks if anything relevant is happening that you should know about, because if you have Ivanti in your technology stack, and there's a new...
you want to zero day, as soon as someone talks about it, you get a report and your product owner gets a report. So that's the absolute fastest way. People sometimes ask us, do you do zero days, which by definition, no, that's the... But I mean, as soon as it becomes an N day or a one day or whatever you want to call it, we'll be able to pick it up and then inform you of whatever you need to do. So it's the fastest way to sort of look at that from that perspective.
Nikhil Mohanlal (41:35)
Nice.
Mmm.
Nice.
Renze (41:57)
is looking at the threat landscape reactively with humans. All of that material is just very inefficient. Analysts want to focus on picking apart the latest APT34 campaign and understanding how that works technically. They don't want to write the daily reports on what Hacker News is writing about. But also, at the same time, they do want to know if they are focused on APT34, that if Hacker News writes about APT34, that they are immediately aware and that...
Nikhil Mohanlal (42:00)
Yeah.
Yeah.
Renze (42:27)
They understand how that impacts their own understanding of that threat actor and how it impacts their organization. So it's, I think, a really useful, practical way of leveraging AI to make the lives of threat intelligence analysts, security analysts, easier, faster, more efficient. On average, this turns four days into seven minutes, which I think is a massive time saver for analysts and allows them to focus on the most important things.
Nikhil Mohanlal (42:32)
Yeah.
Holy crap. Of course, yeah.
Yeah, that's interesting actually that you that you pivoted into AI using that because I think you really did make an opportunity in that case because That is the main thing there your time saving especially when you're looking through multiple logs You're looking to multiple reports, know blogs posts everything you're multiple sources. You're not just reading this information You're reading as an analyst and you're you're you're consolidating and you're and you're trying to create context based on your existing organization And what's what's going on?
Renze (43:22)
Yeah, exactly. I
and it's not perfect. AI will hallucinate sometimes and it will make mistakes. So they will never actually be able to replace or maybe something they will, I don't know. But I mean, right now, at least they're not replacing actual human analysts. You need that for us. You need an extra check to make sure that what's written is actually relevant. But it saves so much time because all of the collection is done. The initial storing is done. The initial analysis is done. The production is done. All you need is that review at the end.
Nikhil Mohanlal (43:26)
Yeah.
Yeah.
Yeah. Yeah.
Renze (43:49)
and then send it out, that's your seven minutes. So that's, think,
is really valuable. Another thing is turning things into detection rules. And you're being able to take a report and then understanding how you can detect that threat that's being written about in your environment. If you're a Microsoft shop, then you want the KQL rules, for example. To being able to extract that, I think just saves so much time.
Nikhil Mohanlal (44:07)
Mm-mm.
Of course, yeah. mean, that's again, another element of being that analyst is like, you're not just writing your logs, you're actually creating these rules, supporting the SOC team on that front, right? I think as well, when you're working with AI, and this is kind of my messaging around as well, when I talk to my trainees or in my sessions, we tend to have discussions around using AI. And part of one of my certifications was covering off AI in incident response, It's very common to look at...
Renze (44:20)
Mm-hmm.
Nikhil Mohanlal (44:39)
tools like GPT or any LLMs to say, do this thing for me, right? You know, I have code, read this code for me, okay? What does it do? Great. But again, you mentioned hallucination, right? That is when the AI just doesn't respond accordingly. It doesn't give you that context. It doesn't give you accurate information, but it doesn't tell you that it's inaccurate. It just does the thing, right? And so having that human intervention is key, and I think.
Renze (45:00)
Yeah.
Nikhil Mohanlal (45:06)
you know, tools you are using, need to understand that these tools are supplementary. they're not meant to replace the human. They're meant to make things faster, but it doesn't mean you don't do the job, You create the context. You look at the rules. You look at the threat feeds. You look at, you know, the analysis that the Liberty 91 is giving you, right? And you correlate. You still think, okay, I have all this information now. This is why it's good.
And then you base, you make your decision based on that. Yeah. Open AI man, looking for a job. So, I mean, with Liberty 91, how, what was it that made you feel like, firstly, were there any iterations of Liberty 91? Because you said there was, it was called, what was it? Discovery, right? Yeah.
Renze (45:32)
Sure, couldn't say better, man. That sounds pretty spot on to me.
Discovery. Discovery. But there's so many tools that are called Discovery that it wasn't
really sustainable. So I had to sort of change that name. It was a little ill-inspired. needed something else. But I couldn't think of anything else. Liberty 91 really doesn't make a lot of sense from a naming perspective either. It's actually based on the license plate of my first car, which is LB RT 91. So we called the car Liberty 91. And I that is actually quite a cool name for a company as well. Yeah, that's how that happened.
Nikhil Mohanlal (45:57)
Mm-mm.
Nice
That's actually sick, actually, yeah. Yeah, I liked it.
Renze (46:21)
And the logo, it's a bull, it's a cow, says, which is Dutch. It's an orange cow as well. it's, that's, that's sort of a reference to my background as well. that's, yeah, that's kind of how it is. Yeah. So iterations, yeah, it moved from just a fancy RSS feed to something that's, that had a thread library and automated extraction of IOCs and matching against, you know, thread actors that you have in your threat library. That already was quite useful. If you're an analyst and you have to write a report about APT 45.
Nikhil Mohanlal (46:26)
Mm-mm. Yeah.
Mm-mm.
Yeah.
Renze (46:51)
you're going to spend at least half a day finding the most recent reporting around ABT 45, and Lazarus, and any other alias that that particular threat actor has. And with Liberty 91 you just have to go to the threat card, it's already there, all of it, it's already collected. And then you click on analyze and get a summary of all of that stuff. it it saves so much time just to have this collection and storing already done. And then the AI just, and we...
Nikhil Mohanlal (47:02)
Nice.
Mm-mm.
Renze (47:13)
You mentioned hallucination and that's something that we focus on every day and it's getting a lot better. Not just our own engineers, but also AI in general. think the hallucination, you use it correctly, if you know how to do that, you can weed out 95 % of that. There are still going to be cases where that's the case, but it's better every day. And I think we're really focused on that because you don't want to bad information, especially not in threat Intel.
Nikhil Mohanlal (47:34)
Mm.
Yeah.
Renze (47:43)
So it's
something that we focus on every day.
Nikhil Mohanlal (47:46)
Nice. So what was it like building Liberty 91, right? Is it a solo project? Do you have multiple team members and like, yeah.
Renze (47:53)
No, we do know, but it started solo. So yeah, I built
it myself and just did Django and Python and just organically. As I said, I'm not a software engineer. I don't actually know what I'm doing. I'm just sort of throwing some code together and then it kind of works. Someone else that needs to clean it up. So that's kind of where we are now is we have a team that actually like they're proper software engineers. They know what they're doing, but I still involve myself and mess things up for them all the time.
Nikhil Mohanlal (48:09)
Mm-hmm.
Nice.
Renze (48:19)
β So by throwing in my organic, I should probably learn how to do this more more effectively. their biggest job is to clean up my mess. But that's kind of how it works now. It's grown organically and it's a lot more professional now.
Nikhil Mohanlal (48:20)
You
Nice.
Yeah, I mean, if you look at a site, it's really sick actually. Compared to most other SaaS applications I've seen that come out, it's clear, it's concise, you understand what it is. It's not just some, it's not like a GPT wrapper or anything like that. There is intention behind it and that's really nice to see, β especially in the cyber field.
Renze (48:55)
Awesome. Yeah, thanks. Yeah, that's the idea. I think in a lot of cases, you'll see that applications that already exist and then AI happens, so they had to also have AI. β And it's kind of bolted on in a way that's extra, but not the core purpose. It's just fine. I completely understand that people are looking to use AI and they don't want to be left behind and they want to β make it part of their products. It makes a lot of sense. I think we're kind of starting from that standpoint where we're really using it to take data and...
Nikhil Mohanlal (49:04)
Yeah. Yeah.
Mm.
Renze (49:24)
turn it into something that's really useful and just save people a of time to focus on things that are more fun, more important, more interesting, and more scary as well.
Nikhil Mohanlal (49:25)
Yeah.
Yeah, yeah,
nice. So what's coming next for Liberty 91? Like what's next on the horizon? or what's the approach?
Renze (49:41)
Yeah, so I think one of the things that we're now doing is we're making it much more flexible. So we're integrating with a lot of tools. the integration part is important because, for example, we plug in with a lot of attack service management tools. That means that the AI knows what your attack service looks like, and that is dynamic. So it constantly updates and it knows what your vulnerabilities are and knows what the technologies that you're exposing to the internet. So if anyone talks about that.
You don't even have to tell it. It will know and give you the information that you need to know. So we're now able to say, hey, this vulnerability is relevant to you, even though you don't know it. And here are your vulnerable assets. And this is what you have to do. So we can tell our customers about things that they're not even aware of that they need to know. that's, think that's pretty cool. But also β for MSSP's for example, MSSP's that we work with.
Nikhil Mohanlal (50:09)
Hmm.
That's key. That is.
Renze (50:35)
What they struggle with is their customers are going to want threat intel. But they are, those customers are all different. So you can't really write custom threat intel reports with humans for all of those different customers that are relevant to them as well at the same time, based on their geography, their sector, their assets, their attack services. It could just go too much. You need a lot of analyst capacity for that, but that's where Liberty 91 comes in. So you can now have AI profiles for all of those customer organizations and every day give them a customer tailored.
Threat intelligence reports exactly tailored to those customer organizations and tell them what they need to know. So it makes it and put like with zero effort as well. So you don't need your analyst, you need your analyst to proofread. But ultimately the work is already done. So you can scale your ability to serve your MSSP clients with Intel dramatically. And that's really powerful. So those are the things that we're working on now.
Nikhil Mohanlal (51:08)
As they wanted, yeah.
No.
Well, nice. That's actually impressive, actually. β The way you talk about this is it's really nice to see because you're ingrained into this product. It's not just like, I'm trying to do a money grab or anything like that. This is you, you know? And so it's really nice to see that because that is clearly what shows, it shows like this is gonna grow really nicely. It's gonna grow organically. You're putting a lot of effort into it, right?
Renze (51:39)
Ha ha.
Thanks.
Well, I mean,
you're saying money grab and that's definitely not what it is because one of the what I think AI should be able to do is make things more affordable as well, because you don't need that many analysts. You can do it with machines. It should make things more affordable and accessible. So Intel historically has been a government thing, a three letter acronym NSA type thing. That was what Intel was. They had access to Intel. Then it became financial institutions. They set up Intel teams. Now,
Nikhil Mohanlal (51:57)
Mm.
Yeah.
Yeah.
Renze (52:23)
If you are a mid-sized business, you don't really have to compete, maybe one person in a security team, or maybe a couple, but maybe one Intel analyst, if that, you don't have access to it. You have to buy it from a vendor and then you probably think of Intel just as an IOC feed, which is fine because a lot of people do that, but there's lots more to it,
Nikhil Mohanlal (52:45)
Yeah.
Renze (52:48)
What I'm really passionate about is the fact that with Liberty 91, we now make it so much more accessible and affordable to this large part of sectors where the mid-market essentially where people sort of haven't had access to threat Intel, but now can have tailored targeted custom threat intelligence every day in their inbox. And I think that's important. And I think that's where AI has a lot of potential as well.
Nikhil Mohanlal (53:14)
Yeah,
you've leveraged it really nicely. For sure. I I need to use a demo now. I need to get on this demo. Nice, man. So before you wrap things up, want get your advice on this for listeners who are new to entrepreneurship or new to cybersecurity. Was this your first ever kind of...
Renze (53:17)
Thanks.
We'll set something up for you.
Mm-hmm.
Nikhil Mohanlal (53:41)
entrepreneurial project or what you're involved in other things before in the past? First one, right? Cyber. There you go.
Renze (53:45)
That's my first cyber. I
used to be a voice over talent back in the Netherlands.
Nikhil Mohanlal (53:55)
What is with cyber guys and voiceover man? My friend Joan also, he's a voice actor. My friend Joan Vidal, was on a previous episode. β He's a proper voice actor. He's still doing it. Yeah.
Renze (54:05)
really? β
really? Okay. I gave
my microphone away, it's yeah, I used to do that in the Netherlands. I was the Dutch voice for Microsoft for a while. Yeah. It's a long time.
Nikhil Mohanlal (54:14)
you
Damn, fair enough, you can tell it's your voice now. So
I wanted to ask you for your advice on this, right? So because Liberty Night One is your first entrepreneurial cyber project, right, in UAE and let alone, like, what is some of the things and some of the learning points that you would give someone trying to do the same thing, right?
Renze (54:39)
important thing is it's very easy. And I make this mistake still every single day is just to get down in products and make the products as awesome as it can be. β and forget about marketing, forget about networking, forget about sales. And this is a mistake I made and I still have to remind myself not to make every day because my favorite thing in the world is just go grab my laptop and make something better that I think still doesn't work quite well. β but I mean,
Nikhil Mohanlal (55:03)
Yeah.
Renze (55:04)
A product will always need development. can always be better. At some point you're going to have to get out, have a minimum viable product and just find people who are willing to take a chance with you and start your client base from there. And I've been lucky that I've been able to work with people who trusted me to work with me and gave us a chance and β started the journey from there.
Nikhil Mohanlal (55:17)
Yeah.
Renze (55:31)
And that's been amazing. Without those people, I wouldn't have been able to do that. I would recommend just seek out those people and make sure that people know about you and know about your products and what it can do. That's important. Don't lose yourself in the product itself.
Nikhil Mohanlal (55:40)
Yeah.
Yeah, no, for sure. think a good product really does sell itself. You know, don't need to get too dug deep into marketing and things like that, which is my problem,
Last last question before I wrap up. What's next for Renze man?
Renze (56:00)
Thanks.
I don't know, I think I'm continuing what we're doing now, focusing on building out that threat intel capability for the Emirates of Abu Dhabi. That's an awesome mission. I'm really enjoying that. And we've got a great team there. So it's just a lot of fun to build out. And building out Liberty91 at the same time as well. And we'll just see where it takes us. Right now, I'm enjoying where I am in life and the things that I get to do. that's trying to...
they could last for as long as I can. What about you? Yeah.
Nikhil Mohanlal (56:31)
Of course, nice. Myself,
just trying to grow my own thing on the side as well. Like obviously grow CyBytes as a podcast, you know, I'm trying to hopefully reach out to some people to sponsor this, β get some more guests on. β this is a whole interesting journey because I initially started CyBytes as a blog post. It was a blog, right? I just write a, it was called That Cyber Trainer on Substack.
It was cool. I had some blogs going, but I just didn't have the commitment to write on it. You know, like typing away. need, I need to talk to people. I realized, wait, wait a minute, let me do, let me do this podcast and let me see how it works. Cause I'm in this community. I talked with you guys quite frequently and you have a lot to share and it's, it's really helped me a lot. So thought, let me just take this and help others in the same situation and see how it goes. And it's been great, man. Response has been awesome. And so I just want to keep building this up, you know, having Anya on the podcast, have a couple of my friends, Jumaa and Chris and
Renze (57:21)
Thank you.
Nikhil Mohanlal (57:26)
and Joan yourself, got, you know, because I went to GISEC and got a bunch of folks who are keen to join, yeah man, side by side, and hopefully do my own thing on the side as well, maybe like a training program of sorts, that's what I'm gonna have to bandwith But yeah man.
Renze (57:42)
Awesome, that
sounds amazing man. It's been great to be on here with you. It's been great.
Nikhil Mohanlal (57:51)
Likewise man, thank you for joining. if someone wants to reach out to you and have a conversation or get some tips and pointers, what's the best way they can reach you?
Renze (57:58)
Sure.
Contact @ Liberty91.com or Renze Jongman, but that is a lot harder. @ Liberty91.com would also work.
Nikhil Mohanlal (58:08)
Awesome. Sick, man.
I'll put all that in the show notes afterwards so people can reach out and whatnot. without further ado, thank you for joining Renze
Renze (58:11)
Appreciate it. β
Alright, thank you very much and let's stay in touch. Cool, see you.
Nikhil Mohanlal (58:19)
Are sure?
Nikhil Mohanlal (58:22)
A massive thank you to Renze for joining this episode today. Honestly, it was so much fun having him on. He had so much information and so many crazy stories to tell. β And obviously, check out Liberty 91 for your threat intel needs. β As always, you can find my details and Renze's details in the show notes in Spotify or YouTube or wherever you're listening or watching this. β Please get in touch, let us know. Let's have a chat, let's get in conversation. Until next time, bye now.