Sponsored: Nucleus Security on the evolution of vulnerability management - Risky Bulletin

Summary5 min read

Risky Bulletin Podcast Episode Summary: Sponsored Interview with Scott Kufa of Nucleus Security

Podcast Information:

Title: Risky Bulletin
Host/Author: risky.biz
Description: Regular cybersecurity news updates from the Risky Business team.
Episode: Sponsored: Nucleus Security on the Evolution of Vulnerability Management
Release Date: July 27, 2025

1. Introduction to Nucleus Security and Its Mission

In this sponsored episode of Risky Bulletin, host Casey Ellis engages in an insightful conversation with Scott Kufa, co-founder, Chief Product Officer (CPO), and Chief Operating Officer (COO) of Nucleus Security. Scott provides a comprehensive overview of Nucleus Security, highlighting its evolution and mission within the cybersecurity landscape.

Notable Quote:

[00:18] Scott Kufa: "We really got started initially as effectively a counterpoint to the jobs that myself and my two co-founders had. We really wanted to get rid of the vulnerability analyst job because we just like our day in, day out was a horrible experience to live in."

Scott explains that Nucleus was founded to transform the traditional vulnerability management (VM) role, aiming to alleviate the burdens faced by vulnerability analysts by automating and enhancing the VM process.

2. Challenges in Traditional Vulnerability Management

Scott delves into the limitations of conventional vulnerability management, which predominantly equates VM to mere scanning. He emphasizes the need for a more holistic approach that encompasses risk management across the entire technology stack.

Notable Quote:

[01:08] Scott Kufa: "A vulnerability is just a weakness. So we're looking at it and saying, well, it's actually risk management across the entire tech stack."

He identifies key challenges, including data silos, disparate tools, and the complexity of measuring high-level metrics like Mean Time To Resolve (MTTR) across various teams and technologies.

3. Nucleus' Data Aggregation and Risk Unification

Nucleus Security's core strength lies in its ability to aggregate and unify vast amounts of data related to assets, vulnerabilities, and threats. Scott outlines the "three main legs of the stool" essential for effective vulnerability management:

Asset Information: Understanding what assets exist and where they are located.
Vulnerabilities: Identifying and cataloging weaknesses within those assets.
Threat Information: Assessing the potential exploitation and impact of identified vulnerabilities.

Notable Quote:

[04:09] Scott Kufa: "You have to know what you have, where it is and like how bad is it, right? So you unify that data. That's just kind of our bread and butter."

By consolidating data from diverse sources—cloud environments, containers, development networks—Nucleus facilitates a singular workflow, enabling organizations to assess and manage risks more effectively.

4. Real-World Application: Commonwealth of Virginia

Scott shares a compelling case study involving the Commonwealth of Virginia, demonstrating Nucleus Security's practical application in a large-scale, multi-agency environment.

Notable Quote:

[05:14] Scott Kufa: "They had this bigger problem where it wasn't just inside of a single agency, it was actually the same problem, but across 67 sub-agencies. So they used Nucleus to basically monitor all of the risk across all 67 of these state agencies."

Through Nucleus, the Commonwealth of Virginia achieved high-level visibility across thousands to hundreds of thousands of assets within its 67 sub-agencies. This consolidation streamlined risk monitoring and reporting, showcasing Nucleus's capability to handle complex, distributed environments.

5. Enhancing Vulnerability Data with Threat Intelligence

A significant portion of the discussion centers on the enrichment of vulnerability data with threat intelligence. Scott highlights the evolving landscape, particularly the impact of artificial intelligence (AI) on threat intelligence accessibility and quality.

Notable Quote:

[06:36] Scott Kufa: "The threat intel market is like figuring this out and changing the economic dynamics of this market, I think is gonna be kind of one of the defining inflection points for my market."

Nucleus integrates diverse threat intelligence feeds, including proprietary data, to ensure up-to-date and high-fidelity information. This enrichment process allows organizations to prioritize vulnerabilities based on real-time threat landscapes, enhancing their overall security posture.

6. Integration with Bugcrowd and Impact on AppSec Teams

Nucleus Security's integration with platforms like Bugcrowd exemplifies its commitment to proactive risk management. Scott discusses how these integrations enhance workflows for Application Security (AppSec) and infrastructure teams.

Notable Quote:

[12:03] Scott Kufa: "Nucleus is about proactive risk management. .... For us, when we think about like the levels of priorities, VDPs are in that bucket of like, hey, ... it's really high quality data."

By incorporating high-quality data from Vulnerability Disclosure Programs (VDPs) such as Bugcrowd, Nucleus ensures that vulnerabilities are promptly and accurately addressed. This seamless integration allows security teams to focus on remediation rather than data aggregation, thereby increasing efficiency and reducing response times.

7. Reporting Vulnerability Management to Stakeholders and Boards

Effective communication of vulnerability and risk management to non-technical stakeholders is crucial. Scott shares strategies for making security metrics understandable and actionable for boards and financial decision-makers.

Notable Quote:

[14:36] Scott Kufa: "Frame it up like an engineering problem. ... Here's our business justification. ... Here's our KPI that we believe kind of puts us there."

By aligning security reporting with business-oriented metrics and framing it similarly to engineering problems, Nucleus facilitates clearer communication and better-informed decision-making among stakeholders who may not have a technical background.

8. Future Vision: Automating Remediation and Reducing Human Bottlenecks

Looking ahead, Scott identifies the acceleration of remediation processes as the next critical challenge in vulnerability management. He envisions a future where automation minimizes human intervention, thereby enhancing the speed and effectiveness of vulnerability resolution.

Notable Quote:

[16:58] Scott Kufa: "The big thing... is speed of remediation. ... We really need to learn how to take these human bottlenecks out of the loop."

Nucleus aims to transition vulnerability analysts into roles focused on pipeline management while developing systems capable of self-managing various aspects of vulnerability remediation. This approach seeks to bridge the gap between automated detection and effective remediation, ensuring a more resilient and responsive security infrastructure.

Conclusion

This episode of Risky Bulletin offers an in-depth exploration of the evolving landscape of vulnerability management through the lens of Nucleus Security. Scott Kufa articulates the challenges of traditional VM approaches and presents Nucleus's innovative solutions, emphasizing data unification, threat intelligence enrichment, seamless integrations, effective stakeholder communication, and the future of automated remediation. For cybersecurity professionals seeking to enhance their vulnerability management strategies, this discussion provides valuable insights and actionable perspectives.

Loading summary

Transcript70 lines

[00:03]
Casey Ellis
Hey, everyone, this is Casey Ellis for the Risky Business podcast. And today we're doing a sponsored interview with Scott Kufa, the co founder, CPO and COO of Nucleus Security. And Scott, I could start this off explaining what I think Nucleus is, but how about you go ahead because you've obviously got a very broad view of what you guys are building there.
[00:19]
Scott Kufa
Absolutely, yeah. And it's obviously great to be here, Kasey, and thanks for having us. But, you know, we've obviously been working with risky biz for a long time. I think we launched originally on our in 2019 on the December version of Snake Oilers. And so the pitch back then was probably very different than it is now in terms of what we do. But a lot of that just comes from learning as we've worked with many customers. Right. So we're very fortunate to get to work with a lot of the biggest companies in the world. And so it's really broadened our perspective of Nucleus. So we really got started initially as effectively a counterpoint to the jobs that myself and my two co founders had. We really wanted to get rid of the vulnerability analyst job because we just like our day in, day out was a horrible experience to live in. And so they really started out as this broader view of vulnerability management. Like, what is vulnerability? What is a vulnerability?
[01:09]
Unknown
Right.
[01:09]
Scott Kufa
And back in those days, everybody was thinking, you know, the VM scanners, right, they said vulnerability management equals scanning. And so that always inherently bothered us at a. At a high level, because a vulnerability is just a weakness. But so we're looking at it and saying, well, it's actually risk management across the entire tech stack. And so if you define it that way, then what is our role and what does a VM analyst do? But an analyst actually just goes through and we have to process, unify huge amounts of data across the entire cloud, containers, development networks. Ot all that, you have to manage all of the data. You can't just manage inside of a singular silo. And you have to be able to unify it into a singular workflow, and then from that workflow, you need to be able to measure at a high level.
[01:49]
Unknown
Right.
[01:49]
Scott Kufa
So it's like, what is mttr? It gets very complicated when you start measuring across teams and across different parts of the tech stack. So at a high level, it's really about aggregating and unifying data about all of your risk so that you can do something with it.
[02:03]
Casey Ellis
Fair enough. And when you talk about the challenges that kind of prompt folk to need aggregation, the siloing that kicks in all that different stuff as a risk based vulnerability management platform that's been at this for a while at a pretty interesting time, I think, in the evolution of that market, because we kind of went from not knowing that we need it to very suddenly really understanding that we need it, but then figuring out how to implement it, I guess. What's an example of how you've seen Nucleus actually break down those silos that tend to pop up?
[02:35]
Scott Kufa
Yeah, well, I would say as an industry folks are, we're still trying to figure out how to solve it. Right. It's a very, very challenging problem.
[02:42]
Casey Ellis
I think we've gotten to the point where we're aware that we're not going to solve all of it. So risk becomes the thing that we need to focus on, right?
[02:48]
Scott Kufa
Absolutely.
[02:48]
Unknown
Yeah.
[02:49]
Scott Kufa
It's kind of like you got to go through the different stages before you can get to acceptance of your cycle there. But so sometimes it is kind of a depressing cycle to be in when it comes to this particular industry. Cause there's just a huge volume. But to answer the question directly, what's interesting about this is that when you think about siloed data, it's very much a similar problem as you have just regular business problem.
[03:10]
Unknown
Right?
[03:11]
Scott Kufa
Regular problems around sales and marketing working together. Obviously you have some familiarity with that.
[03:15]
Unknown
Right.
[03:17]
Scott Kufa
Different teams don't want to talk to each other, and not because they necessarily don't want to, but it's just challenging to create an organization that does. And security is really no different. So we as the vulnerability teams, we actually inherit all of the same communication and business challenges from the business. And it drives a lot of our challenges. Because everyone might be using different tools. Right. I mean, I've been in many places where different teams don't even tell the IT team about the different tools that they have.
[03:44]
Unknown
Right.
[03:44]
Scott Kufa
And so when you think about vulnerability scanners and code scanners and hey, I want to try some new AI PR reviewer thing and I didn't tell anybody about it. It changes the risk surface. But not everybody even knows about it. So when I think about it, I think about it in our context is really two categories. You got the basics, like just what has to happen at the low level. And then you have some of the more advanced systems. And I have a specific customer example I can give here too. But the basics is just, I call it the three main legs of the stool.
[04:09]
Unknown
Right.
[04:09]
Scott Kufa
You have to have some asset information, you have to have your vulnerabilities themselves and then you have to have some amount of threat Information or exploitation information, like at a very high level just to remediate stuff, you have to know what you have, where it is and like how bad is it, right? So you unify that data. That's just kind of our bread and butter, you know, you just kind of throw data at Nucleus and that's what we do. But where I think the most interesting part of this is the more advanced use cases where it's the context around that. So who owns what systems? Like how do you integrate HR organizational hierarchies into your remediation workflows? How do you get human context like identities and how do those tie to different systems? And like who has access to what and how do you tie the links together between those? That's where, you know, a tool like Nucleus becomes really helpful. Like you can do some of that basic stuff with a SQL database or a siem, like a splunk or whatever, but you want to start doing some of these higher end automations on top of just crazy, crazy types of data structures. That's where you start to need some specialized tools. So, hey, happy to give an example.
[05:12]
Casey Ellis
But yeah, please do, for sure.
[05:15]
Scott Kufa
So we obviously, for those that don't know, we come from the US federal government and one of our customers is actually a state agency, so it's the Commonwealth of Virginia. So right there up in the Northern Virginia area. But they had this bigger problem where it wasn't just inside of a single agency, it was actually the same problem, but across 67 sub agencies. So they used Nucleus to basically monitor all of the risk across all 67 of these state agencies. And each one had to basically build their own processes to basically get the data to the CISO's office. The CISO needed to be able to do these call, you know, data calls and whatnot. And so that was where we really started to see this kind of blow our minds. Where because we were thinking about it originally as, okay, we're an enterprise service, it's cool, but now, oh, now we're managing multiple different sub agencies that are all large in their own right. Thousands of assets, tens of hundreds of thousands of assets. And so being able to just take the basics and roll it up to a high level of visibility is fascinating. Just that on its own is hugely, hugely valuable.
[06:16]
Casey Ellis
That's awesome. And on top of that, my understanding is that you've got this kind of aggregation component, but then there's data decoration kind of mapping. I mean, you mentioned before, like, what is it, where is it and how bad is it? But then this whole idea of how risky is it, how much do I care from a threat, a potential threat standpoint. You want to talk about that a bit?
[06:37]
Scott Kufa
Yeah. This is the one topic that's like probably the most interesting to me right now because I feel like it's the core question that's actually changing the fastest in kind of the if, you know, obviously I can't get through an entire interview without talking about AI and.
[06:52]
Unknown
Right.
[06:52]
Scott Kufa
I feel like it's a sin not to talk about it now. But this market, the threat intel market is like figuring this out and changing the economic dynamics of this market, I think is gonna be kind of one of the defining inflection points for my market for the like the vulnerability management, risk management market. Because access to data is so crucial. But like the idea that we can continue to like actually resolve vulnerabilities where like all of your high quality data is behind these centralized systems with paywalls that are pretty, pretty high end. Right. You think about entry point 75k, 100k a year for some data, it's like, that's not really accessible. But what we're seeing is that with tools like Perplexity and just the mass trading of data across the Internet and the ability to scrape consistently, we actually think that we're going to start to see kind of a fundamental shift in how the economics of that market are done.
[07:46]
Unknown
Right.
[07:46]
Scott Kufa
And so that, that in itself is going to change this minute by minute. You know, a new threat actor started doing a new thing. It's going to pop up somewhere and then that data is going to become accessible a lot faster and easier to the market.
[08:00]
Casey Ellis
Okay, so how do you, I guess, how would you consume that? I mean data, data without analysis and without fidelity is just data. It's not intelligence. Right. So you want to speak to that a bit?
[08:12]
Scott Kufa
Yeah, I don't, I don't think that we're going to like it's going to completely disappear.
[08:16]
Unknown
Right.
[08:16]
Scott Kufa
So it's not a scenario where, okay, hey, we, you know, just like all the analysts go away.
[08:22]
Unknown
Right.
[08:22]
Scott Kufa
I think it's more of a scenario where hey, we have a data volume problem across the board. And so how do we build the systems around the data to get the right data to the right people so that it can have further analysis as necessary and those types of things and just making it so like I think about refresh rate is a perfect example of one of the challenges that we have with current threat intel providers. It's like, okay, I might do a vulnerability analysis. You even look at nvd, and they can't keep up.
[08:47]
Unknown
Right?
[08:47]
Scott Kufa
We have this vulnerability comes in and, okay, we're not gonna look at it for two years, right? We're not gonna reassess it for two years because it has. We haven't seen any indicators, but the data is now out of date. And it's important for the broader prioritization market, stuff like that. You don't necessarily need a human to go back and look at it because it's a little lower risk to do that, but you want to be able to refresh it. So something simple like that, all of a sudden the data becomes fresher, higher quality, you know that it's. It's real. It's not real as of two years ago, three years ago, things like that.
[09:14]
Casey Ellis
Got it. Got it. So in terms of, like, in terms of how Nucleus is attacking that, because we're talking a little bit about this kind of leading up into it, like the enrichment side, right? You've got all of this kind of vulnerability intelligence, but then you've got the ability to enrich it with some of this kind of threat insight that you guys have got. How does. How does that work? And I guess, how do you. How do you ensure fidelity of that? Because, you know, as you mentioned, it's. It's an interesting sort of data source to work with in the first place, right?
[09:40]
Scott Kufa
Yeah, it's a great question, right. I can't tell you the number of arguments I've gotten into with different vendors about, like, should we mark something as exploited or not? Right? Because of this guy saw it and these guys didn't. Right? Like, just, just. That is fun in its own. Right, but maybe I just like to argue. Kasey. I don't know.
[09:59]
Casey Ellis
I mean, it's an occupational hazard, right?
[10:00]
Scott Kufa
It is, yeah, I think so. I think so. Especially as founders, we just like to. We like to like to dig in. But, yeah, so for the way that we look at it, so we have. We kind of view Nucleus as a data platform itself that we build products on top of. And the different products are, you know, different user experiences, but one of the user experiences is enrichment. And so, you know, we have this platform that can consume data consistently, and then we have to build a product on top of that to make. Manage what that means. Like, so something changed. Where do we get the data from? And, like, what happens when it changes are kind of the two main questions. How we get the data? We actually have a mixture of a bunch of different partnerships with a lot of these different threat intel providers that you just get kind of out of the box if you buy the subscription to Nucleus. We also are more and more building our own tech on top of that, and also our own collection capabilities. So we actually have our own vulnerability and threat feed right now. It's very focused on kind of CVE centric today because that's obviously the area that we play in. But a lot of that is being informed through some of these other newer technologies out there. But it gives us an opportunity to make sure that, hey, we kind of have full coverage across the. Across kind of the ecosystem as it stands, which we're really excited about. And then we. Basically, the question is, well, what happens then?
[11:11]
Unknown
Right?
[11:11]
Scott Kufa
So something comes in, it changes. How do you know it's right? So there's a whole kind of system that we have built in place. A lot of our proprietary tech is around that. And then once we've confirmed that it's right, then it needs to trigger some sort of action. So that's where it feeds in as another data point into your risk system. And it's like, great. I had a cve, it was medium before. Hey, it showed up on the Sysak EV list today and therefore something different should happen to it. And then the rest of our system, our core console, kind of just manages the rest of that.
[11:39]
Casey Ellis
That makes a lot of sense. So, I mean, when you. When you're talking about integrations, like, I know that you've got a integration with bugcrowd with, you know, some of the other, you know, bugs, Bug Bounty and VDP platforms. Apparently there's others that exist out there but won't go into that. How does that kind of integration, I guess, enhance the workflow for AppSec and infrastructure teams? And like, what feedback have you gotten back from customers around the impact of that type of thing?
[12:03]
Scott Kufa
Yeah, couldn't come on here and not talk about our bug crowd integration. So for those at home that don't actually know, Casey was the very first person in the industry that heard about Nucleus because we were a different company first. And we went to a conference in like the middle, like, it was like Atlanta, Georgia and like in October. And Casey just was like, hey, it seems like a good idea. You should do something with this. And then, yeah, a year later, we launched Nucleus. So Casey is like, been around since me, so we couldn't not build a bug crowd integration is like one of our first things that we did.
[12:35]
Casey Ellis
I mean, you could have not built one, but yeah, I do appreciate.
[12:38]
Scott Kufa
Absolutely. Yeah.
[12:39]
Casey Ellis
But go.
[12:40]
Scott Kufa
So. So I think about it is Like Nucleus is about proactive risk management.
[12:44]
Unknown
Right.
[12:44]
Scott Kufa
And so when I think about like all these things are just different data points and there's like high signal data feeds, there's low signal data feeds, there's. And you want to handle these all differently. And so we're not a GRC where like we're looking at, hey, you know, there could be a risk of a hurricane. Therefore X, Y or Z, it's all about this technical vulnerability type of, type of risk.
[13:02]
Unknown
Right.
[13:03]
Scott Kufa
And so when we think about vulnerability operations, we feel like VDPs themselves are in that category of very high signal data. And so the highest part of the value here is that you have these really good services. Actually we are a bug crowd customer as well. So like from that perspective it's like it's really high quality data. Obviously they will do triage for you oftentimes as well. So you know what's very much, by the time it gets to Nucleus, it's something you really have to respond to.
[13:31]
Unknown
Right.
[13:31]
Scott Kufa
And so it's. Then it becomes all about managing the response to it. And so for us, when we think about like the levels of priorities, VDPs are in that bucket of like, hey, if you're doing full pen testing like you would, you would rate those higher than you would just like an NMAP scan type of things or just even like a wiz scan. You know, some of that stuff is all automated versus okay, you have a real person look at a real thing with confirmation and then it feeds into the pipeline in a very different way. So we get, we get great feedback on that.
[13:59]
Casey Ellis
Yeah, that's awesome. Jumping into the board reporting, I guess two questions. One is the idea of being able to make security and vulnerability management, risk management explainable to a board and to like financial non security stakeholders who don't understand any of what we were just talking about, but do understand that it is a thing that they need to be conscious of and are on the hook for the risk that it creates. Like what's the, I guess the experience and the benefit of Nucleus's approach to that? And then probably last thing would be like, what's your vision for where this all kind of goes in the future? Because obviously it's moving pretty quickly.
[14:37]
Scott Kufa
Absolutely, it is. Yeah. So this is actually a really tough question for everybody to answer. And the unfortunate part is I have to say it depends a little bit. So I'm going to caveat some of this with it depends. But part of this is that as Nucleus, we didn't build the product originally to do stakeholder reporting.
[14:52]
Unknown
Right.
[14:52]
Scott Kufa
Our whole thesis originally was, hey, we want to automate ourselves out of a job. There's all these BI tools already out there.
[14:58]
Casey Ellis
We'll just, we'll.
[14:59]
Scott Kufa
We'll have Nucleus run the program for you and then it'll just report up to the existing reporting tools. But that was probably the worst assumption we ever made at Nucleus and kind of our original thesis here, because there's a whole bunch of reasons, right? Just the BI tools don't want to deal with it. You got BI teams and that and nobody. There's this translation that needs to happen. So the hard part, I've had the fortune of being able to talk in some of these board meetings about this, but really the thing that I've learned kind of makes it the most effective is to frame it up like an engineering problem. Right. And so if you can kind of tack on and be similar to how the CTO is reporting, then it will help because they understand velocity, they understand things like quality, they understand some of these other things that are happening that lead to the business. And so if you can kind of frame it up similar like an OKR type of thing, where it sort of feeds in. Here's our business justification. Sometimes that could be as simple as a threat model. Our risk is around here. Here's the KPI that we believe kind of puts us there and then here's our sub KPIs that kind of are leading indicators of this KPI. Sometimes it's just churn rate would be an example of one that we see like how many new risks are coming in versus how many are we resolving?
[16:08]
Unknown
Right.
[16:08]
Scott Kufa
Kind of like your standard, sort of like agile scrum type of things. Sometimes it's around risk levels. I've seen some folks say, hey, our threat model is actually just that we want to fix all vulnerabilities that look like this within some period of time. We want to map it directly to a business process and that's our kind of response risk threshold. And then we can measure SLAs. So it really does depend on how the business likes to report. But anchoring it to something they understand helps a lot.
[16:34]
Casey Ellis
Yeah, I love that idea of just like borrowing the language that already works and then trying to get as adjacent to that as possible and introducing some new concepts in the process, but actually working with what you've already got. That's awesome. So yeah, just to the last one, what comes next? Where does this all go from an industry standpoint, I guess when it comes to vulnerability management and Then obviously Nucleus's place in that.
[16:59]
Scott Kufa
Yeah, I think that the big thing for me that really needs to be solved, that's it's coming is speed of remediation.
[17:06]
Unknown
Right.
[17:07]
Scott Kufa
We've gone through this cycle for probably 15 years where it's like, oh, let's just prioritize the vulnerabilities that matter. And you know, hey, we can only fix one out of every ten. We'll just fix the one out of every ten that matter. But we're quickly approaching a point where two out of every ten really matter. Three out of every ten really, really matter. And so you're going to start seeing a discrepancy between what we can fix. Even if we prioritize the absolute best, we're not going to be able to make progress against the risk posture. That's postures that we want. And we're seeing this already start to happen. It's just kind of this undercurrent that nobody's talking about. So for me, that is probably the number one biggest problem we need to solve as an industry. And then we want as Nucleus to have a very large place in that. Our approach is always about how do we automate the systems. So right now, vulnerability remediation is a really weird process because you have all these automated tools like detecting stuff all the time and then you basically have the equivalent of like some guys like taking a bucket and like filling it up in the faucet and then like carrying it over to people over here and like pouring little bits out and it's like pouring it on top of them maybe. Yeah, exactly.
[18:12]
Unknown
Right.
[18:12]
Scott Kufa
So what we need is we need the vulnerability analyst team to turn more into like people that build pipelines and manage pipelines and the system is able to self manage in a more cohesive way. And that doesn't mean auto patch everything, right? There's, there's got to be limits to that. But we really need to learn how to take these human bottlenecks out of the loop. Because we've got machines on one end, we've got theoretically machines on the other end and then we have like a bunch of people with stages and meetings. A lot of meetings. We have a lot of meetings in the middle of the process. And so how do we remove that? That's where, you know, Nucleus, we believe, is really going to fit into the larger, larger process.
[18:48]
Casey Ellis
That's fantastic. Well, look, thank you for your time today, Scott. It's been great to catch up. It's exciting to hear what you guys are working on. Fun to jam on it as well. It's very, very pleasing to see the progress of the company over the past, what is it now, seven years. This has been a sponsored interview with Scott Kufa from Nucleus. Thank you, Scott.
[19:05]
Unknown
Great. Thanks, everybody.