Uncle Marv interviews Matt Koenig, VP of Channel Sales at Nodeware, discussing continuous vulnerability management, recent updates to Nodeware's services, and the importance of proactive cybersecurity measures for MSPs and their clients.
Uncle Marv and Matt Koenig catch up after a missed meeting at IT Nation Secure. They discuss NodeWare's continuous vulnerability management solution and its recent spin-off as a separate company. Matt highlights Nodeware's compliance with various cybersecurity standards, including the recently updated CIS control version 8.1.
The conversation covers Nodeware's new patch management feature, which allows users to schedule and deploy Windows updates directly from the dashboard. Matt explains the process of selecting and applying patches, emphasizing the importance of giving users notice before reboots.
They discuss the challenges MSPs face in implementing vulnerability management across all clients and Nodeware's efforts to address these concerns. Matt mentions potential partnerships with third-party companies to assist MSPs in managing the initial influx of vulnerability data.
The podcast touches on NodeWare's integrations with various platforms and marketplaces, as well as upcoming features like third-party patching for Windows ecosystem applications and support for Mac and Linux systems.
Uncle Marv and Matt stress the importance of MSPs being proactive in cybersecurity, understanding their clients' cyber liability insurance requirements, and avoiding "willful ignorance" when it comes to security vulnerabilities.
Key Takeaways:
=== Show Information
Website: https://www.itbusinesspodcast.com/
Host: Marvin Bee
Uncle Marv’s Amazon Store: https://amzn.to/3EiyKoZ
Become a monthly supporter: https://www.patreon.com/join/itbusinesspodcast?
One-Time Donation: https://www.buymeacoffee.com/unclemarv
=== Music:
Song: Upbeat & Fun Sports Rock Logo
Author: AlexanderRufire
License Code: 7X9F52DNML - Date: January 1st, 2024
[Uncle Marv]
Hello friends, Uncle Marv here with another episode of the IT Business Podcast powered by NetAlly, the show for IT professionals and managed service providers, where we help you run your business better, smarter, and faster. I guess that's what happens when you don't turn off the looping feature. Today, I am joined by Matt Koenig of NodeWare, and basically what we're doing today is we're playing catch up, because Matt and I were supposed to get together at, I forget which one it was, IT Nation or PAX 8?
IT Nation Secure. IT Nation Secure, and you went and got yourself all sick on me.
[Matt Koenig]
Yeah, it was a pleasant trip, let me tell you what. There's nothing worse than dragging your butt through the airport with a fever to get on a plane.
[Uncle Marv]
Yeah, okay. Mask or no mask?
[Matt Koenig]
Oh, mask. Seems like you get one. I didn't want to get anybody else sick, but I was just miserable.
I mean...
[Uncle Marv]
And people were fond of that, weren't they?
[Matt Koenig]
Oh, I'm sure. I mean, like my whole body ached and everything. I was just like, kill me.
But yeah, no, I got a mask on as soon as I could. I don't want to get anybody else sick.
[Uncle Marv]
Good, good. Well, glad you're feeling better now. So for those of you that may not know, Matt is the vice president of channel sales at NodeWare.
There's another company name in there, but I don't care about that. NodeWare is the name that I go by. It's actually a product that I use.
[Matt Koenig]
It's official now. We've spun it off. It's actually just NodeWare.
[Uncle Marv]
Nice. Does that mean you're going to be bought by somebody else down the road?
[Matt Koenig]
Hopefully a few years from now, so we make money, but nothing right now, no.
[Uncle Marv]
All right. So NodeWare, if you don't know, is continuous vulnerability management. And I actually started using that this year.
I pick one tool a year to add to my stack or remove. This year I added this and I've been using it. And when we were chatting, you mentioned that there's some new things in NodeWare that I was not aware of.
Actually, what's her name? Liz was at your little booth demoing this to somebody and she was going through the features. And I started to help her a little bit as she was going through it.
And then she goes, by the way, we have patch management. I said, what? So I said, Matt, we got to get together and chat about that.
So big news there.
[Matt Koenig]
Yeah, no, it's been fantastic. You know, as I've told you in the past, we try to stay in our lane. You know, we want to be the best vulnerability management tool that we can be.
And that's it. We don't want to add a ton of extra features. But patch management just made a lot of sense from a standpoint of one, well, it fixes vulnerabilities.
Two, we were already touching everything. I mean, we were already doing everything we had to do. It was a matter of making it visible to our customers.
So we thought, OK, that that just makes no sense not to. So we made that available and we started with Windows, right? Because that's the big eight million pound gorilla.
And the way it works is you go into a customer, you go to the assets, you hit the patch management button. It sorts everything by operating system. And once it does that, you can pick everything.
You can pick a particular, you know, asset, whatever you want. You create a task for it to install one of the last two patches. So what we do, we go backwards a year.
We tell you what the current patch level installed is. So let's say January 2024. We tell you on that asset that the latest patch available is June 2024.
Then when you go into it, what we do is we always give you the last two updates. The reason for that is maybe you haven't vetted June yet. Maybe you're not comfortable.
Whatever the case may be, you want to go to May next. So we give you May and June. Next month, it'll be June, July.
Pick which one you want. Once you do that, you pick a time to reboot. And what's cool about it, you can pick any time to reboot.
I mean, literally, we said 501, 502, 503. So you can pick whenever in the future or right then that you want to reboot. Once it reboots, it automatically scans immediately again for vulnerabilities to make sure everything that can be cleared up is cleared up by that patch.
So it's a really neat feature, and we'll be adding a lot more to it as time goes on. Like third-party, I'll call it Windows ecosystem batching done by the end of the quarter. And that's stuff like .NET, Adobe, Java, Microsoft App, you know, the things that are just you're using with Windows every day anyway.
[Uncle Marv]
Right. I just I wanted to stop you earlier and say it's not all patching. So it's just the critical patching, anything that would be scannable here.
As a vulnerability. So if you're looking to, you know, to replace all of the patching that you might do with a Ninite or a Chocolaty or something like that, this is not it.
[Matt Koenig]
No, not yet. I mean, we're going to by the end of the year, we should have third-party patching done in general. So QuickBooks, Zoom, Webex, et cetera.
And the plan is by the end of the first quarter, we'll have Mac done. And by the end of the second quarter, Linux. Now, just to clarify, doesn't mean we don't pull the CDEs back and doesn't mean we don't give you the links to go to the patch and fix the problem.
It means that we don't have full on patch management yet where you can say, look, I want you to apply this. Here's the reboot schedule. Go.
[Uncle Marv]
All right, so this is good. So it's still, you know, nowhere is still doing its continuous scanning. So while it's doing that scanning, it's doing the updates on the patches and everything.
And apparently, there's a way to do automated workflows within this, right?
[Matt Koenig]
Well, basically, because you can schedule stuff.
[Uncle Marv]
Okay.
[Matt Koenig]
So the idea is being able to schedule stuff. So what will happen is the patch will be applied whenever it's able to tell it, I want you to go. It'll apply the patch and then it'll sit there until whenever you told it to reboot.
Now, there are a couple of cool features. One is if I reboot my machine before the reboot time, it won't do it again. Two, if I'm going to get rebooted, you get a window in front of you that says your machine is about to get critical patch updates.
It will reboot in 10 minutes. Please save your work. So therefore, if for some reason you've chosen to do this on nights or weekends or whatever, but someone's sitting at their machine, they're going to get a warning.
So they know that it's going to happen.
[Uncle Marv]
Right.
[Matt Koenig]
One of the other unique things is I'm always mobile, as you know. So if you try to push out a patch to me or try to scan me, it is not happening. What's cool is as soon as you've said, I want to do this, as soon as I connect to the internet, it's going to find me, scan me for vulnerabilities and push that patch.
[Uncle Marv]
Now, the question is going to be, is can a user snooze that reboot? If in case, listen, I have lawyers and they hate being interrupted. Even if there's a big thing that says IT is going to reboot your system, they just get frustrated beyond, you know, all hell and high water.
So can they snooze that?
[Matt Koenig]
You can change, you can change the date on it. You can't particularly snooze it, but you can change when you want the reboot to occur.
[Uncle Marv]
You mean us or the end user?
[Matt Koenig]
No, you.
[Uncle Marv]
Okay.
[Matt Koenig]
We don't give the end user any capabilities because one, they shouldn't see it. But two, most importantly, they'd snooze it every time for eternity.
[Uncle Marv]
Well, I mean, yeah, but I'd like to give them one option. You can snooze this, you know, and then that's it. It's going to restart.
[Matt Koenig]
But no, I like that. That's a good feature request. Giving the end user the ability to snooze once.
I will write that down.
[Uncle Marv]
Actually, here we go. A recommendation from Uncle Mar. Okay.
And it's only because, for instance, like I said, the law forms, you know, where I've got an attorney that's in the middle of prepping for trial late Saturday afternoon or Monday, and I schedule, you know, a restart, which I normally wouldn't, but even if I schedule it at midnight, some attorney is up and working and it's just frustrating.
[Matt Koenig]
No, I get it. No, I like that. And that, you know, and for those of you that don't know, I think I told you this, we have a very specific process we go through.
First thing is it doesn't go into a black hole. Any suggestions sent in anywhere, we put it in the internal support queue and it gets reviewed once a week. Second thing, if multiple people have asked for it, or we think it's a really good idea, it goes to what we call the whiteboard and that means it's absolutely something we're going to do.
And then at some point it gets assigned to a sprint, right? It actually happens. So that's our dev process.
And I will definitely put this one in there because I know with the amount of people, you know, as well, that if you're thinking it, then there's probably a bunch of people thinking it.
[Uncle Marv]
Yeah. If I've thought of it, I'm sure other people have thought of it well before me. So, all right.
So that's a pretty big news. Of course, most of your news happened last year. You guys were a part of Pitch It.
You guys received that certified PSA integration from ConnectWise. A couple of other big things. Anything else that...
[Matt Koenig]
Well, we're working on our Autotask integration now. We just finally got access to the sandbox and we'll be natively integrated to them shortly. Hopefully everything goes well.
You know, we're natively integrated, if you didn't know, to ControlMap, VCL Toolbox, Compliance RISC, Tim Golden's platform, Security Studio, and, you know, we're working on a bunch of others right now that I don't know if I can announce at this point, but as far as integrating to their platforms, as well as being on some of those marketplaces.
[Uncle Marv]
Well, we can announce whoever's on your website, right? Like Augment, DataStream, Agile Blue.
[Matt Koenig]
Yep. They're all partners right now. Augment is more of a marketing partner.
And the reason why is, it's a beautiful thing. If you want to look at it as a sandwich, they sit right on top of us and where we leave off, they pick up. So it's a beautiful thing where you're using both of us together.
We actually have some stuff put together from a marketing standpoint called Better Together, because it really gives a complete picture. They pick up onto the 365 platform, right? Active Directory, getting into if mailboxes haven't been used in a while or other security features like that.
[Uncle Marv]
Nice. Now for people that obviously want to look at NodeWare, if you don't have vulnerability scanning yet, of course, NodeWare.com, but you can also, folks, and I didn't realize this before and I didn't prepare Matt for this. So you can actually get this through preferred distribution partners.
So if you do a lot of purchasing through Ingram or TD SYNNEX, NodeWare is available on those platforms.
[Matt Koenig]
Yep. We just added a few more. We've got the AWS marketplace now.
We've got ring networks. We've got, we just inked a deal with Blue Chip out of Australia, and they're going to help you sales as well as first level support. So it's done specifically in their time zone.
So yeah, we've, we've got a few things going on where you have alternatives where you can buy, and we want you to buy wherever it's easiest for you. Doesn't matter to us, whatever makes the most sense for you and your company, that's where you should buy.
[Uncle Marv]
All right. Very nice. So reaching out to our friends over in Australia.
[Matt Koenig]
Yeah.
[Uncle Marv]
I got a lot of listeners in Australia. I didn't realize how many I had on there.
[Matt Koenig]
So yeah, we have a bunch of customers now. We're tightly integrated into Wayne's group, S N B I T pro. And as a matter of fact, we've been over there a couple of times.
And at the end of August, we're going over for a couple of weeks and we're presenting at a couple of those quarterly meetings, but we plan on having dinners in Adelaide, Sydney, and Melbourne. And we invite anybody that wants to come out to those dinners to sit down with us, whether you're a customer or a potential customer and sit down with us. Have a great meal.
There's no presentation. It's not a sales pitch, but you can ask us any questions you want. And see if Node works right for you.
We look forward to having you and you can reach out to me directly.
[Uncle Marv]
All right. I was going to say, when you say we, does that mean you yourself are going over?
[Matt Koenig]
That means me and Frank are going over. Okay. Frank Ramondi and I are going over to cause some trouble.
[Uncle Marv]
All right. Um, yeah, stay out of trouble. You're not doing a walkabout while you're out there.
Are you? No, no.
[Matt Koenig]
I don't like spiders. I don't like spiders and snakes and any of that.
[Uncle Marv]
You probably won't see any of that.
[Matt Koenig]
Oh, if I, if I do a walkabout in the bush, I might.
[Uncle Marv]
You see a lot worse than snakes and spiders.
[Matt Koenig]
I was going to say, I'm, I'm, I'm staying in the cities where the worst predators are people. Nice, nice, nice.
[Uncle Marv]
All right. So, uh, lots of good things happening with nowhere. Listen.
Um, I know I try to be neutral on here and if I didn't like a product, I would say it. Uh, but this has worked well for me so far. So thank you for, thank you for being patient.
First of all, let me say that cause you're not one of those vendors that, you know, hounded me after every single conference and say, when are we going to get a demo? So I appreciate that.
[Matt Koenig]
You know, we have a very strong culture with my sales team that says, first of all, if you contact someone in under five days after a conference, you will be let go because you don't need to be hammered and bothered. And the second thing is if you send an email or a phone call more than every two weeks, right? Cause we got to follow up.
That's our job, but then we're going to have a problem. We want your business and we really want to work with you, but we also don't want to be a pain in the butt and send you 5,000 emails that you care less about and bombard you.
[Uncle Marv]
Yep. I appreciate that. So, uh, the timing was right.
I was looking for a product and you guys came up and right now, as far as I'm concerned, a product that does what it says it's going to do. Uh, as you say, stay in your lane. Uh, that works for me, but you're adding the additional features that need to be added.
Patching is perfect, um, to be integrated into this so that from the dashboard, Oh, I got an issue. All right. Let me clear that up right now.
Sweet.
[Matt Koenig]
And one of the things I learned, which I don't know if everybody knows is windows patching is now cumulative, which I didn't know. Cause it used to be, you have to install 20 different patches to get up to date.
[Uncle Marv]
Yeah.
[Matt Koenig]
So if you install the latest patch, we've seen it take care of a hundred vulnerabilities all at the same time. So it's really nice. The other thing I will talk about, even though it's not official yet, so I'll probably get in trouble, but that's okay.
[Uncle Marv]
You know, this is going out today.
[Matt Koenig]
Yeah, I know. We've had a lot of MSPs that have come to us and said, look, I don't want to roll this out to all my customers. And I said, I don't understand it's vulnerability management.
You thought it was important. Why would you not roll it out to all your customers because of the amount of information that it brings back? And I'm like, okay, that's fair.
It brings back a lot, especially if you haven't been doing vulnerability management, but you not protecting your customers is not a good excuse, right? You need to know what's there and you need to create a plan of action to address it. But I started thinking, you know, time is a big deal for all of us.
And you know, time is always an objection. I can't overcome because I can't help if it brings back 200 vulnerabilities because it is what it is, nothing to do with my software. So I'm working with a couple of third parties right now to try to put in place something where if someone gets nowhere and they're worried about that, that one of these companies will come in.
They will work with you to find out what's there, what needs to be done to fix it, get your buy-in and permission to apply, and they will take care of initial remediation and patching for you and hand you back a clean plate that you can then work with. Or if you'd like, they'll continue to do that service ongoing because a lot of SOCs don't want to get down to that level, right? Because it's the blocking and tackling.
And I get it, I totally get it. But you know, a lot of MSPs also don't have the time to do this kind of stuff, especially if it's new for them. And we want to give them every opportunity to protect their clients as well as they can, while also allowing them to grow their business rather than doing, if you will, all the mopping of the floor and emptying the trash cans and stuff like that, which to me, yes, this is very important, but it's still basic blocking and tackling every day.
[Uncle Marv]
But all right, I'm going to bring up something here, didn't plan on this either. So I like to deploy stuff slowly and I may pick a handful of customers to start with before I roll it out to everybody. And case in point, my second client that I rolled this out to, probably within 30, 45 minutes of me rolling it out, I started getting reports that, hey, we're having slowness issues.
Now I had already rolled this out to 90 assets before that, similar network, servers, NAS's, workstations, laptops. And I'm thinking, okay, this, this can't be right. I've not had this issue yet.
But I basically went in and started, you know, flipping stuff. First thing I did was turn it off. And they were like, yep, that was it.
And then I had to dig deeper into, okay, what was really slow? Because, you know, customers they'll say slow and it's one thing, but they'll blame the entire network. And it was just simply to their file server.
So I, all I did was I figured out I didn't do a support ticket. I went through the help center and realized that I could, you know, exclude IP addresses. And which is what I did, turned it back on, haven't had a complaint since.
Yeah, perfect. So I get that. Whereas if you just do a blanket deployment and noise like that starts popping up.
[Matt Koenig]
Oh, no, it's not so much a blanket deployment. It's, they don't necessarily want to even roll it out over time.
[Uncle Marv]
Oh, that's different.
[Matt Koenig]
No, that's what I'm talking about. I don't expect someone to push it out if they, especially if they've got 30 customers, 40, whatever, and just install Node work. Go!
To me, if they don't, but if they're buying it and their thought process is not to roll it out to all their customers at all, it makes me just kind of go, huh? You know, why wouldn't you want to provide that for all your customers?
[Uncle Marv]
Well, I, I kind of get that a little bit. I've got clients that I know we have to deal with compliance. And then I've got a couple of clients that are just retail idiots.
And that's not, shouldn't have said it that way. But they're like, we don't need anything. All we want to do is call you when we have an issue.
And I'm like, no, that's not how it works. We're going to put stuff on and protect you all the time. You don't have to call us, but we're going to protect you and us.
And we'll put stuff on there. And I could see, and like I said, I've got probably three of those customers that I just, I don't put stuff on just because.
[Matt Koenig]
But I could understand that they're not a true managed services customer. I'm talking about someone you you're supplying security to, right? You've got a security stack.
You are responsible for their security. Look, I wasn't going to share this, but I won't name names. I've actually had some MSPs tell me and I quote, and more than one, I don't want to roll this out to all my customers because of the amount of information that comes back.
Now I quote, my wife was in this home office the day it happened. I don't want to know, so I am not liable for knowing about that and not fixing. And my head blew off my body.
My wife, who's a lawyer, sat next to me. She never pays attention to anything when we share a home office, anything. She started writing sticky notes and handing to me saying that she lost her mind.
You know, and it goes to some of the things that we've seen on Facebook and talked about in groups and stuff like that, which is, guess what? If you haven't explicitly said what you're responsible for and what your customers are responsible for, and even then it could be a problem. It's reasonable to say you're responsible for that.
So not knowing is called legally willful ignorance. And guess what? It isn't a defense.
I wrote a two-part blog on it. So, you know, my thing isn't even about NodeWare at that point. Because as you know, I've been doing this a really long time.
Yeah, I'd love you to buy NodeWare, but I have hundreds and hundreds of MSP owners that are my friends. And I just want them to understand, I don't care if you use NodeWare. I don't care if you use this one, that one, whatever.
Willful ignorance is not a defense. Don't do that to yourself.
[Uncle Marv]
So the way I look at it is this. Bradley Gross and I did a show back at the beginning of 22, where the phrase fiduciary duty came up. And it was one of those things where hiding behind the defense of, let's say, ignorance.
If I didn't know about it, I can't be held responsible for it. The problem is part of our job is to know about it and to be responsible for it. Especially if the customer falls under some sort of compliance.
Or let's just go a little further. If you've got a state law or some sort of law that says you have a duty to protect your customer's information, regardless of which security guideline it might be. You need to know.
[Matt Koenig]
Well, go simple. Insurance. There's a breach and insurance doesn't pay out.
Your responsibility to know what the insurance requirements are and to make sure you're implementing the proper protocols to make sure they get paid. Meaning you're not responsible for them getting paid, but at least you're part to make sure that things are done the right way so that they can get paid. Right now, the law would say, yes, you're responsible for that.
And again, I talked to so many MSPs where I'm like, have you looked at their insurance documents? No. Well, do they have insurance?
I'm not sure. I'm like, please, please, please, for the love of God, ask them about their cyber liability insurance if you haven't. Get a copy of that document.
Make sure that you're letting them know. It's gone as far, and I know you know this, is I've talked to some people in insurance companies. They will send out another MSP if the customer says, well, I don't know if we meet these standards.
[Uncle Marv]
Oh, yeah, yeah.
[Matt Koenig]
And hasn't talked. So again, take NodeWare completely out of the equation. I beg you, my friends, please don't make these mistakes.
If you make these mistakes, you're going to have a world of hurt, and I would hate to see that for you. Now, can NodeWare help? Absolutely.
But again, whether you buy NodeWare or not, please do these things, pretty please.
[Uncle Marv]
So here's the other side of it. Those same insurance companies that are giving out the cyber insurance, they have software and they have tools that they're going to recommend if you don't have it. Yep.
So there's our invitation to the game. If we don't do it, somebody else will. And then all that's going to do is push you further and further away from the table to where it's going to be, you know what?
You won't have that customer anymore.
[Matt Koenig]
Exactly. Well, you know, it's funny. I'll give one plug for NodeWare here.
CIS 8.1, as it just came out, it specifically states continuous vulnerability management and asset inventory control. Guess what? We are the only truly continuous vulnerability management solution on the market.
And the reason I know this is one, well, I know my product. And two, we have a patent on it. Nobody else can claim that.
So we meet or exceed CIS, NIST, GDPR, PCI, HIPAA, CMMC, FTC safeguards, FFIEC, Australian Essential Aid, all of those standards we meet or exceed in those categories.
[Uncle Marv]
Yep, there it is. CIS control version 8.1 just released June 26th. Is that right?
[Matt Koenig]
Yep.
[Uncle Marv]
Wow, there it is.
[Matt Koenig]
Yep. So I went through that with a fine tooth comb, read everything just to make sure, because we had mapped it before, but just to make sure on the changes that we still met specifics.
[Uncle Marv]
So new governance security function, updated asset clause. Yep. The security function mappings have been updated, enhanced clarity, streamlined implementation.
Okay.
[Matt Koenig]
By the way, what do you think in New York of the new standards that you must have a VCSO on staff now or outsourced? Have you heard that?
[Uncle Marv]
I have not heard that, but I have heard rumblings of it. Listen, there are a lot of things that are kind of in the works or in the talks about how to either be an IT department or managed service provider. And we may be in a world of hurt if these things happen.
And what is that? The IT NSIP, I forget the name.
[Matt Koenig]
Yeah, yeah, yeah. Carl Pavlicek.
[Uncle Marv]
Yeah. The NTIS IT, whatever. But that organization, I haven't heard much from them either in terms of, are they keeping up with this kind of thing?
Because that's the type of stuff we want to be involved with.
[Matt Koenig]
Yeah.
[Uncle Marv]
Having a seat at the table. And listen, is it a nice thing to have that person on staff? Sure.
But come on, 90% of MSPs are not big enough to have that type of person and probably can't charge enough to cover it.
[Matt Koenig]
Right. Well, and the reality also is as New York State's requiring it for their customers, right? For their businesses.
This is a huge opportunity for MSPs. Huge.
[Uncle Marv]
Well, in that regard, yes. Because then, hey, you don't have one, let us be that for you.
[Matt Koenig]
Exactly. But to your point, as an MSP, you have to go learn. You have to understand what a VC suit does.
And you have to be able to provide that service effectively. I mean, look, I don't run my own business on purpose. I've been a CEO.
I didn't like it. So God bless you all that do run your own business. Hard as heck.
And I have a lot of respect for you. So it's easy for me to preach from here. I understand.
But there are so many opportunities out there right now. Even with things getting harder, they're still presenting so many opportunities for you to grow if you just pick the right ones.
[Uncle Marv]
There is a ton of opportunity for us out there. And it's just, we've got to grab it. We've got to make ourselves want to do it.
We've got to educate our customers.
[Matt Koenig]
Yeah, absolutely.
[Uncle Marv]
Because they'll still fight.
[Matt Koenig]
I mean, I just put together a presentation about discovery for MSPs. Presentation I'll be giving or recording I'll be doing coming up. Just did two, how to hire a salesperson or when, and how to do appropriate discovery.
But one of the questions I asked in there that blew away the focus group that I went through it with was, you know, Mr. Customer, tell me the three most important things you learned on your last QBR. And people were like, why would you ask that? I said, well, tells you a few things.
First of all, do they pay attention? Because if they had a QBR, do they remember anything? Two, if they did remember 30 things, that means those are the things that are important to them.
Ding, ding, ding, ding, ding. But finally, without you saying anything bad about their current MSP, if they go, what's a QBR? What does that tell you?
So, I mean, it's like, if you're not having regular QBRs, there was a cartoon someone sent me a little while ago and I forget who sent it to me, but basically it said, everything is perfectly quiet. Why do I need you? Everything is falling apart.
Why do I need you? It's a no-win situation. So you have to communicate so they know what you're up to.
[Uncle Marv]
That is true. And it's amazing how many problems go away if you just talk.
[Matt Koenig]
Yeah. Yep. It is.
It's amazing how the understanding. Also, it's amazing how you stop someone else from coming in because if they did entertain someone else and they go, well, this, this, this, oh, well, they talked to me about that last month. Here's what we're doing about it.
Yeah.
[Uncle Marv]
Yeah. We're covered. We're good.
So, all right. Well, Matt, it was good hanging out with you and like to let you go because for those that don't know, we are recording the day before a holiday.
[Matt Koenig]
Yeah. Well, it may be a holiday, but I'm on the phone with Australia tomorrow morning. So no holiday for me.
That's too bad. You know what? It's Friday their time.
I have a philosophy about Australia that I don't think a lot of my counterparts do. And I don't mean it nowhere. I'm looking for their business, not vice versa, which means I'm going to do business in their time zone, not expect them to deal with recordings or, you know, get answers in the middle of the night.
I mean, I don't know. Last time I checked, I wanted their business. So, you know, I have this weird philosophy.
[Uncle Marv]
That's not weird. It's just how doable is it is, is the key.
[Matt Koenig]
It just depends on whether you can stay up to 2 a.m., which I do very easily. I don't sleep.
[Uncle Marv]
All right. We're going to end it right there because we don't need to get on that sidetrack. So, Matt, thank you very much.
And those of you listening, thank you for tuning in. That was Matt Koenig with NodeWare, now a separate company. Absolutely.
And check them out for their continuous vulnerability scanning. You can now do patching directly from the dashboard and many, many more things to come down the road. So on behalf of Matt, thank you all.
And that's going to do it. We'll see you next time. Holla.