Podcasts about Access management

  • 281PODCASTS
  • 640EPISODES
  • 32mAVG DURATION
  • 1WEEKLY EPISODE
  • Jun 22, 2026LATEST

POPULARITY

20192020202120222023202420252026


Best podcasts about Access management

Show all podcasts related to access management

Latest podcast episodes about Access management

No Password Required
No Password Required Podcast Episode 74 - Shane Tews

No Password Required

Play Episode Listen Later Jun 22, 2026 51:54


Shane Tews — Non-Resident Senior Fellow at AEI and the person who explained the internet to Capitol Hill No Password Required Season 7: Episode 7 – Shane Tews Shane Tews is a Non-Resident Senior Fellow at the American Enterprise Institute, where she focuses on cybersecurity, privacy, artificial intelligence, and internet governance. She is also President of Logan Circle Strategies, a strategic advisory firm working at the intersection of technology and policy. Before her think tank work, Shane helped introduce modems to the George H.W. Bush White House, walked the halls of Capitol Hill explaining the internet to blank-staring legislators, and spent years at VeriSign helping shape the foundational frameworks of how the internet would be governed. In this episode, Shane traces her unlikely path from the Bush administration to becoming one of Washington's most trusted voices on tech policy. She breaks down why regulating outcomes rather than inputs is the only sensible approach to technology governance, why the US and EU are operating from fundamentally different innovation philosophies, and why a national privacy bill is long overdue. She also explains why most organizations and individuals are far less protected than they think and why nobody knows who to call when something goes wrong. Jack Clabby and co-host Kayley Melton talk with Shane about legacy system vulnerabilities, the cybersecurity implications of agentic AI, and what policymakers absolutely must get right over the next decade. She also reflects on what the CISA reauthorization limbo means for companies that don't even know they've lost liability protection. In the Lifestyle Polygraph, Shane reveals she has 20,000 emails across eight accounts, admits she fakes laughs at bad jokes out of Midwestern politeness, shares her obsession with The Bear and Peaky Blinders, and tells us about her children's book project using Google Omni called "Shane on a Train." Follow Shane on LinkedIn and on X at @ShaneTews. Find her work at AEI.org and TechPolicyDaily.com. No Password Required is presented by ThreatLocker   In this episode: Shane's path from the George H.W. Bush White House to becoming Capitol Hill's go-to internet explainer (00:34 - 02:22) Why the Clinton-era multi-stakeholder model got internet governance right and what that means for policy today (04:40 - 06:13) The case for a national privacy bill and why 50 state standards aren't working (07:24 - 09:27) What AEI covers and how Shane thinks about riding the top of the wave across the entire tech policy stack (09:35 - 11:23) Legacy systems, vendor debt, and why outdated software is the easiest entry point for bad actors (11:30 - 13:34) The gap between how protected people think they are and how exposed they actually are, including a generational perspective on MFA (14:07 - 16:25) The biggest disconnect between everyday cyber reality and the policy world (16:59 - 20:35) Government readiness for a major cyber attack and why most people don't have a plan (20:54 - 22:32) How the US and EU innovation philosophies differ and why Europe's banking system is the real tech problem (22:41 - 25:38) The DeepSeek false narrative and where the US is leading vs. reacting on AI (25:45 - 29:21) The shift from AI features to AI coordination and what agentic AI means for cybersecurity permissions (29:28 - 32:16) What policymakers must get right on AI over the next 10 years (32:25 - 34:11) The Lifestyle Polygraph: inbox chaos, fake laughs, The Bear, and Shane on a Train (00:04 - 12:48)   Timestamp Highlights: (00:34) Shane's origin story: modems at the White House and blank stares on the Hill (04:40) Why the internet got policy right early on and what we can learn from it (07:24) The case for harmonizing breach standards with a national framework (11:30) Legacy systems and vendor debt as the easiest attack vectors (14:07) The real gap between how protected people think they are and how exposed they actually are (20:54) Government cyber readiness: do you know who to call when something goes wrong? (22:41) US vs. EU innovation: why Europe's banking system is the real tech problem (29:28) Agentic AI and the cybersecurity risks of permissions you forgot you gave (32:25) What policymakers must get right on AI over the next decade (06:44) Shane on a Train: using Google Omni to write a children's book series   Resources & Links: AEI.org — Shane's think tank home base TechPolicyDaily.com — Daily tech policy coverage ThreatLocker — Supporter of this podcast Cyber Florida — The Mother Ship  

Breaking Into Cybersecurity
IAM & CEO Journey | Archit Lohokare | BIC

Breaking Into Cybersecurity

Play Episode Listen Later Jun 19, 2026 30:23


IAM & CEO Journey | Archit Lohokare | BICDiscover how to break into cybersecurity by mastering foundational technologies like cryptography and scaling your career from engineer to CEO with Archit Lohokare. In this episode, we explore the mindset required to build secure enterprise systems from the ground up.- How building the RSA algorithm from scratch launched Archit's career.- The evolution of Identity and Access Management (IAM) in enterprise environments.- Transitioning from a founding full-stack engineer to a high-level leader.- Why curiosity is the most critical skill for modern security professionals.- Lessons on building secure, scalable systems in a fast-moving startup.Archit Lohokare is an experienced cybersecurity leader and current CEO with over 22 years of industry expertise. He began his journey as a founding engineer at Incentuate, where he developed deep technical proficiency in identity, access management, and hardware-level security.Sponsored by CPF Coaching LLC - http://cpf-coaching.comThe Breaking into Cybersecurity: It's a conversation about what they did before, why they pivoted into cyber, what the process was they went through, how they keep up, and advice/tips/tricks along the way.The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership, as well as tips/tricks/advice from cybersecurity leaders.Check out our books:

KuppingerCole Analysts
Analyst Chat #303: B2B Identity & Access Management - A New Market Unpacked

KuppingerCole Analysts

Play Episode Listen Later Jun 15, 2026 29:48


Business relationships are complex and traditional IAM wasn't built for them. In this episode, Matthias Reinwarth sits down with Principal analyst John Tolbert, author of KuppingerCole Analysts' first-ever B2B IAM Leadership Compass, to explore why Business-to-Business Identity and Access Management is emerging as its own distinct market and what it takes to get it right. Key Topics:✅ Why B2B IAM sits between workforce IAM and CIAM — and why neither alone is sufficient✅ Delegated administration: handing identity governance to partner and supplier organizations✅ Federation, lifecycle management, and the risks of trusting external HR processes✅ "Know Your Business" — vetting organizations, sanctions screening, and org-level trust✅ Fine-grained authorization: why RBAC falls short and ABAC/RBAC are taking over✅ Agentic AI in B2B IAM: agents acting on behalf of external organizations Supply chains with thousands of partner organizations, freelancers with hour-long access windows, and AI agents acting on behalf of external companies B2B IAM has to handle all of it. KuppingerCole Analysts' first B2B IAM Leadership Compass is out now read it alongside this episode to get the full picture of an emerging market you can't afford to ignore.

KuppingerCole Analysts Videos
Analyst Chat #303: B2B Identity & Access Management - A New Market Unpacked

KuppingerCole Analysts Videos

Play Episode Listen Later Jun 15, 2026 29:48


Business relationships are complex and traditional IAM wasn't built for them. In this episode, Matthias Reinwarth sits down with Principal analyst John Tolbert, author of KuppingerCole Analysts' first-ever B2B IAM Leadership Compass, to explore why Business-to-Business Identity and Access Management is emerging as its own distinct market and what it takes to get it right. Key Topics:✅ Why B2B IAM sits between workforce IAM and CIAM — and why neither alone is sufficient✅ Delegated administration: handing identity governance to partner and supplier organizations✅ Federation, lifecycle management, and the risks of trusting external HR processes✅ "Know Your Business" — vetting organizations, sanctions screening, and org-level trust✅ Fine-grained authorization: why RBAC falls short and ABAC/RBAC are taking over✅ Agentic AI in B2B IAM: agents acting on behalf of external organizations Supply chains with thousands of partner organizations, freelancers with hour-long access windows, and AI agents acting on behalf of external companies B2B IAM has to handle all of it. KuppingerCole Analysts' first B2B IAM Leadership Compass is out now read it alongside this episode to get the full picture of an emerging market you can't afford to ignore.

Oracle University Podcast
Encore: Networking & Security Essentials

Oracle University Podcast

Play Episode Listen Later Jun 5, 2026 17:27


How do all your devices connect and stay safe in the cloud? In this episode, Lois Houston and Nikita Abraham talk with OCI instructors about the basics of how networks work and the simple steps that help protect them. You'll learn how information gets from one place to another, why tools like switches, routers, and firewalls are important, and what goes into keeping access secure. The discussion also covers how organizations decide who can enter their systems and how they keep track of activity.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Radhika Banka, and the OU Studio Team for helping us create this episode.   ---------------------------------------------------------   Episode Transcript:  00:00 Hi there! We're hitting rewind for the next few weeks and bringing back some of our most popular episodes. So, sit back and enjoy these highlights from our archive. 00:12 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:38 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hi everyone! In the last episode, we spoke about local area networks and domain name systems. Today, we'll continue our conversation on the fundamentals of networking, covering a variety of important topics.  01:03 Lois: That's right, Niki. And before we close, we'll also touch on the basics of security. Joining us today are two OCI instructors from Oracle University: Sergio Castro and Orlando Gentil. So glad to have you both with us guys. Sergio, with so many users and devices connecting to the internet, how do we make sure everyone can get online? Can you break down what Network Address Translation, or NAT, does to help with this? Sergio: The world population is bigger than 4.3 billion people. That means that if we were to interconnect every single human into the internet, we will not have enough addresses. And not all of us are connected to the internet, but those of us who are, you know that we have more than one device at our disposal. We might have a computer, a laptop, mobile phones, you name it. And all of them need IP addresses. So that's why Network Address Translation exists because it translates your communication from a private IP to a public IP address. That's the main purpose: translate. 02:18 Nikita: Okay, so with NAT handling the IP translation, how do we ensure that the right data reaches the right device within a network? Or to put it differently, what directs external traffic to specific devices inside a network? Sergio: Port forwarding works in a reverse way to Network Address Translation. So, let's assume that this PC here, you want to turn it into a web server. So, people from the outside, customers from the outside of your local area network, will access your PC web server. Let's say that it's an online store. Now all of these devices are using the same public IP address. So how would the traffic be routed specifically to this PC and not to the camera or to the laptop, which is not a web server, or to your IP TV? So, this is where port forwarding comes into play. Basically, whenever it detects a request coming to port, it will route it and forward that request to your PC. It will allow anybody, any external device that wants to access this particular one, this particular web server, for the session to be established. So, it's a permission that you're allowing to this PC and only to this PC. The other devices will still be isolated from that list. That's what port forwarding is. 03:48 Lois: Sergio, let's talk about networking devices. What are some of the key ones, and what role do they play in connecting everything together? Sergio: There's plenty of devices for interconnectivity. These are devices that are different from the actual compute instances, virtual machines, cameras, and IPTV. These are for interconnecting networks. And they have several functionalities. 04:11 Nikita: Yeah, I often hear about a default gateway. Could you explain what that is and why it's essential for a network to function smoothly? Sergio: A gateway is basically where a web browser goes and asks a service from a web server. We have a gateway in the middle that will take us to that web server. So that's basically is the router. A gateway doesn't necessarily have to be a router. It depends on what device you're addressing at a particular configuration. So, a gateway is a connectivity device that connects two different networks. That's basically the functionality.  04:47 Lois: Ok. And when does one use a default gateway? Sergio: When you do not have a specific route that is targeting a specific router. You might have more than one router in your network, connecting to different other local area networks. You might have a route that will take you to local area network B. And then you might have another router that is connecting you to the internet. So, if you don't have a specific route that will take you to local area network B, then it's going to be utilizing the default gateway. It directs data packets to other networks when no specific route is known. In general terms, the default gateway, again, it doesn't have to be a router. It can be any devices. 05:34 Nikita: Could you give us a real-world example, maybe comparing a few of these devices in action, so we can see how they work together in a typical network? Sergio: For example, we have the hub. And the hub operates at the physical layer or layer 1. And then we have the switch. And the switch operates at layer 2. And we also have the router. And the router operates at layer 3. So, what's the big difference between these devices and the layers that they operate in? So, hubs work in the physical layer of the OSI model. And basically, it is for connecting multiple devices and making them act as a single network segment. Now, the switch operates at the data link layer and is basically a repeater, and is used for filtering content by reading the addresses of the source and destination. And these are the MAC addresses that I'm talking about. So, it reads where the packet is coming from and where is it going to at the local area network level. It connects multiple network segments. And each port is connected to a different segment. And the router is used for routing outside of your local area network, performs traffic directing functions on the internet. A data packet is typically forwarded from one router to another through different networks until it reaches its destination node. The switch connects multiple network segments. And each port of the switch is connected to a different segment. And the router performs traffic directing functions on the internet. It takes data from one router to another, and it works at the TCP/IP network layer or internet layer. 07:34 Lois: Sergio, what kind of devices help secure a network from external threats? Sergio: The network firewall is used as a security device that acts as a barrier between a trusted internal network and an untrusted external network, such as the internet. The network firewall is the first line of defense for traffic that passes in and out of your network. The firewall examines traffic to ensure that it meets the security requirements set by your organization, or allowing, or blocking traffic based on set criteria. And the main benefit is that it improves security for access management and network visibility. 08:23 Are you keen to stay ahead in today's fast-paced world? We've got your back! Each quarter, Oracle rolls out game-changing updates to its Fusion Cloud Applications. And to make sure you're always in the know, we offer New Features courses that give you an insider's look at all of the latest advancements. Don't miss out! Head over to mylearn.oracle.com to get started.  08:48 Nikita: Welcome back! Sergio, how do networks manage who can and can't enter based on certain permissions and criteria? Sergio: The access control list is like the gatekeeper into your local area network. Think about the access control list as the visa on your passport, assuming that the country is your local area network. Now, when you have a passport, you might get a visa that allows you to go into a certain country. So the access control list is a list of rules that defines which users, groups, or systems have permissions to access specific resources on your networks.  It is a gatekeeper, that is going to specify who's allowed and who's denied. If you don't have a visa to go into a specific country, then you are denied. Similar here, if you are not part of the rule, if the service that you're trying to access is not part of the rules, then you cannot get in. 09:49 Lois: That's a great analogy, Sergio. Now, let's turn our attention to one of the core elements of network security: authentication and authorization. Orlando, can you explain why authentication and authorization are such crucial aspects of a secure cloud network? Orlando: Security is one of the most critical pillars in modern IT systems. Whether you are running a small web app or managing global infrastructure, every secure system starts by answering two key questions. Who are you, and what are you allowed to do? This is the essence of authentication and authorization. Authentication is the first step in access control. It's how a system verifies that you are who you claim to be. Think of it like showing your driver's license at a security checkpoint. The guard checks your photo and personal details to confirm your identity. In IT systems, the same process happens using one or more of these factors. It will ask you for something you know, like a password. It will ask you for something that you have, like a security token, or it will ask you for something that you are, like a fingerprint. An identity does not refer to just a person. It's any actor, human or not, that interacts with your systems. Users are straightforward, think employees logging into a dashboard. But services and machines are equally important. A backend API may need to read data from a database, or a virtual machine may need to download updates. Treating these non-human identities with the same rigor as human ones helps prevent unauthorized access and improves visibility and security. After confirming your identity, can the system move on to deciding what you're allowed to access? That's where authorization comes in. Once authentication confirms who you are, authorization determines what you are allowed to do. Sticking with the driver's license analogy, you've shown your license and proven your identity, but that doesn't mean that you can drive anything anywhere. Your license class might let you drive a car, not a motorcycle or a truck. It might be valid in your country, but not in others. Similarly, in IT systems, authorization defines what actions you can take and on which resources. This is usually controlled by policies and roles assigned to your identity. It ensures that users or services only get access to the things they are explicitly allowed to interact with. 12:47 Nikita: How can organizations ensure secure access across their systems, especially when managing multiple users and resources?  Orlando: Identity and Access Management governs who can do what in our systems. Individually, authentication verifies identity and authorization grants access. However, managing these processes at scale across countless users and resources becomes a complex challenge. That's where Identity and Access Management, or IAM, comes in. IAM is an overarching framework that centralizes and orchestrates both authentication and authorization, along with other critical functions, to ensure secure and efficient access to resources.  13:35 Lois: And what are the key components and methods that make up a robust IAM system? Orlando: User management, a core component of IAM, provides a centralized Identity Management system for all user accounts and their attributes, ensuring consistency across applications. Key functions include user provisioning and deprovisioning, automating account creation for new users, and timely removal upon departure or role changes. It also covers the full user account lifecycle management, including password policies and account recovery. Lastly, user management often involves directory services integration to unify user information. Access management is about defining access permissions, specifically what actions users can perform and which resources they can access. A common approach is role-based access control, or RBAC, where permissions are assigned to roles and users inherit those permissions by being assigned to roles. For more granular control, policy-based access control allows for rules based on specific attributes. Crucially, access management enforces the principle of least privilege, granting only the minimum necessary access, and supports segregation of duties to prevent conflicts of interest. For authentication, IAM systems support various methods. Single-factor authentication, relying on just one piece of evidence like a password, offers basic security. However, multi-factor authentication significantly boosts security by requiring two or more distinct verification types, such as a password, plus a one-time code. We also have biometric authentication, using unique physical traits and token-based authentication, common for API and web services. 15:46 Lois: Orlando, when it comes to security, it's not just about who can access what, but also about keeping track of it all. How does auditing and reporting maintain compliance? Orlando: Auditing and reporting are essential for security and compliance. This involves tracking user activities, logging all access attempts and permission changes. It's vital for meeting compliance and regulatory requirements, allowing you to generate reports for audits. Auditing also aids in security incident detection by identifying unusual activities and providing data for forensic analysis after an incident. Lastly, it offers performance and usage analytics to help optimize your IAM system.  16:35 Nikita: That was an incredibly informative conversation. Thank you, Sergio and Orlando, for sharing your expertise with us. If you'd like to dive deeper into these concepts, head over to mylearn.oracle.com and search for the Cloud Tech Jumpstart course. Lois: I agree! This was such a great conversation! Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 16:58 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.  

Cloud Do You Do?
The real problem with Shadow AI at work

Cloud Do You Do?

Play Episode Listen Later May 29, 2026 27:37


What your team uses when you aren't looking? What apps and AI tools are people at work using without telling the IT team? In this episode of the Cloud Do You Do podcast, Revolgy's Ashley Saunders talks with Chase Doelling from our partner, JumpCloud, about unapproved software and Shadow AI. People want to get their tasks done faster, so they try out new AI tools without checking first with their IT department. The risk is that they might be putting private company information directly into public systems. Chase explains why unapproved AI is different from older software issues, and why blocking websites doesn't solve the problem. What you'll find in the episode: Data risk: AI learns from whatever information you type into it, which creates security gaps that regular software doesn't. Hidden costs: How companies end up paying for the same software multiple times because different teams might buy their own tools. A better approach than blocking: Why it works better to guide people toward safe options instead of just blocking access. Getting a clear view: How JumpCloud tracks browser use and login paths to show exactly what apps are running. We are Revolgy - a global cloud partner. Our cloud engineers and architects provide professional and managed services for your projects on GCP and AWS. In a nutshell, we help to make life digital-native companies, SMBs and corporates in the cloud easier. Check our website revolgy.com for more information.Make sure to follow Revolgy on Spotify, Linkedin, and X.Thanks a lot for listening, and see you next time!

Paul's Security Weekly
AppSec Conversations on Agents, LLMs, and OWASP from RSAC - Merritt Maxim, Scott Clinton, Janet Worthington - ASW #384

Paul's Security Weekly

Play Episode Listen Later May 26, 2026 59:40


We showcase recordings from this year's RSAC. At RSAC Conference 2026, Scott Clinton, Co-Chair and co-founder of the OWASP GenAI Security Project, shares insights from the project's latest research, including new landscape guides and evolving approaches to securing generative and agentic AI systems. The conversation explores critical gaps in GenAI data security, the rise of AI-assisted development, and the immense growth of the OWASP community and sponsor ecosystem. Looking ahead, he outlines the most urgent risks and priorities shaping AI and agentic security in 2026. Then Merritt Maxim discusses how AI is affecting Identity and Access Management. Expect to hear this topic a lot throughout 2026, especially as the industry tries to figure out what's different or special about securing agent identities. We close with a chat with Janet Worthington about the impact of agents on the SDLC and how orgs are updating their controls to deal with code generated by humans and LLMs alike. Segment Resources: https://genai.owasp.org https://genai.owasp.org/resources/ https://www.scworld.com/podcast-episode/3905-keeping-up-with-the-owasp-genai-project-scott-clinton-asw-381 This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-384

Paul's Security Weekly TV
AppSec Conversations on Agents, LLMs, and OWASP from RSAC - Scott Clinton, Janet Worthington, Merritt Maxim - ASW #384

Paul's Security Weekly TV

Play Episode Listen Later May 26, 2026 59:40


We showcase recordings from this year's RSAC. At RSAC Conference 2026, Scott Clinton, Co-Chair and co-founder of the OWASP GenAI Security Project, shares insights from the project's latest research, including new landscape guides and evolving approaches to securing generative and agentic AI systems. The conversation explores critical gaps in GenAI data security, the rise of AI-assisted development, and the immense growth of the OWASP community and sponsor ecosystem. Looking ahead, he outlines the most urgent risks and priorities shaping AI and agentic security in 2026. Then Merritt Maxim discusses how AI is affecting Identity and Access Management. Expect to hear this topic a lot throughout 2026, especially as the industry tries to figure out what's different or special about securing agent identities. We close with a chat with Janet Worthington about the impact of agents on the SDLC and how orgs are updating their controls to deal with code generated by humans and LLMs alike. Segment Resources: https://genai.owasp.org https://genai.owasp.org/resources/ https://www.scworld.com/podcast-episode/3905-keeping-up-with-the-owasp-genai-project-scott-clinton-asw-381 This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more about them! Show Notes: https://securityweekly.com/asw-384

Application Security Weekly (Audio)
AppSec Conversations on Agents, LLMs, and OWASP from RSAC - Merritt Maxim, Scott Clinton, Janet Worthington - ASW #384

Application Security Weekly (Audio)

Play Episode Listen Later May 26, 2026 59:40


We showcase recordings from this year's RSAC. At RSAC Conference 2026, Scott Clinton, Co-Chair and co-founder of the OWASP GenAI Security Project, shares insights from the project's latest research, including new landscape guides and evolving approaches to securing generative and agentic AI systems. The conversation explores critical gaps in GenAI data security, the rise of AI-assisted development, and the immense growth of the OWASP community and sponsor ecosystem. Looking ahead, he outlines the most urgent risks and priorities shaping AI and agentic security in 2026. Then Merritt Maxim discusses how AI is affecting Identity and Access Management. Expect to hear this topic a lot throughout 2026, especially as the industry tries to figure out what's different or special about securing agent identities. We close with a chat with Janet Worthington about the impact of agents on the SDLC and how orgs are updating their controls to deal with code generated by humans and LLMs alike. Segment Resources: https://genai.owasp.org https://genai.owasp.org/resources/ https://www.scworld.com/podcast-episode/3905-keeping-up-with-the-owasp-genai-project-scott-clinton-asw-381 This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-384

Hybrid Identity Protection Podcast
Where Gartner Sees Identity Security Heading with Mark Diodati, Managing VP of IAM at Gartner

Hybrid Identity Protection Podcast

Play Episode Listen Later May 26, 2026 45:22


This episode features Mark Diodati, Managing Vice President for Identity and Access Management at Gartner.Mark has spent two decades shaping how the industry thinks about authentication, privileged access, and cloud identity, working with renowned companies like Ping Identity, CA, RSA, and now, Gartner. Today, he leads Gartner's global IAM for Leaders analyst team and sets its research agenda across the full identity stack.In this episode, Mark explains how Gartner's research model works and what his team is prioritizing across identity verification, authorization, ITDR, and decentralized identity. He also breaks down what AI means for identity right now and why securing AI agents is harder than most teams realize.This episode is a deep dive into where identity is heading from someone whose job is to listen to everyone.Guest Bio Mark Diodati is the Managing Vice President for Identity & Access Management at Gartner.Mark is a longtime identity pioneer who helped shape the way the industry thinks about authentication, privileged access management, and cloud identity. He leads a large team of analysts, sets the global IAM research agenda, and rigorously reviews every document to keep the bar high. Before that, he guided Gartner's IAM research for technical professionals, chaired major industry conferences like Catalyst Europe and the Cloud Identity Summit, and drove triple-digit growth in attendance and sponsorships. Earlier in his career, he held key leadership roles at CA, RSA, and Ping Identity, influencing product strategy and partnerships that many identity practitioners rely on today.Guest Quote " One thing we're critically aware of at Gartner is that nobody knows everything. It's impossible.”Time stamps (02:11) Meet Mark Diodati: Identity Analyst and IAM Research Leader (06:00) Inside Gartner: Research, Conferences, and Consulting (09:18) Hiring and Training the Gartner Analyst (15:26) How the Inquiry Process Works (24:07) Gartner Research Products for Identity Professionals (28:02) IAM Research Priorities Right Now (32:31) AI and Identity: Opportunity and Risk (39:35) A Musical Moment with Mark (44:26) Conclusion and Final ThoughtsSponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world's leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more.LinksConnect with Mark on LinkedInConnect with Sean on LinkedInDon't miss future episodesLearn more about Semperis

Application Security Weekly (Video)
AppSec Conversations on Agents, LLMs, and OWASP from RSAC - Scott Clinton, Janet Worthington, Merritt Maxim - ASW #384

Application Security Weekly (Video)

Play Episode Listen Later May 26, 2026 59:40


We showcase recordings from this year's RSAC. At RSAC Conference 2026, Scott Clinton, Co-Chair and co-founder of the OWASP GenAI Security Project, shares insights from the project's latest research, including new landscape guides and evolving approaches to securing generative and agentic AI systems. The conversation explores critical gaps in GenAI data security, the rise of AI-assisted development, and the immense growth of the OWASP community and sponsor ecosystem. Looking ahead, he outlines the most urgent risks and priorities shaping AI and agentic security in 2026. Then Merritt Maxim discusses how AI is affecting Identity and Access Management. Expect to hear this topic a lot throughout 2026, especially as the industry tries to figure out what's different or special about securing agent identities. We close with a chat with Janet Worthington about the impact of agents on the SDLC and how orgs are updating their controls to deal with code generated by humans and LLMs alike. Segment Resources: https://genai.owasp.org https://genai.owasp.org/resources/ https://www.scworld.com/podcast-episode/3905-keeping-up-with-the-owasp-genai-project-scott-clinton-asw-381 This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more about them! Show Notes: https://securityweekly.com/asw-384

Hybrid Identity Protection Podcast
Why Identity Security Needs Its Own Program with Angie Klein, IAM Business Technology Manager at Federated Insurance

Hybrid Identity Protection Podcast

Play Episode Listen Later May 12, 2026 38:05


This episode features Angie Klein, IAM Business Technology Manager at Federated Insurance.Angie brings over a decade of experience spanning systems development and identity security leadership, holding CISSP, CIDPRO, and CISM certifications and working hands-on with CyberArk, SailPoint IDN, and Active Directory in a regulated environment.In this episode, Angie dives into the organizational and cultural work that most identity programs skip. She shares why identity deserves its own program, how to apply OCM to bring resistant stakeholders on board, and why governance must come first. Angie's core argument is that if identity security creates too much friction, people will route around it, and that's where the real risk lives.This episode makes the case that the hardest part of identity security isn't the technology, it's getting people to trust it enough to stop working around it.Guest Bio As the IAM Business Technology Manager at Federated Insurance, Angie is dedicated to advancing our Identity and Access Management program and the industry as a whole. With over 10 years of experience and currently leading a team of Security Engineers and Identity and Access Analysts, Angie is passionate about IAM and love to see "ah ha" moments when colleagues understand that security is everyone's job.Angie bring over a decade of experience as a Systems Developer, providing extensive technical expertise in the Identity Security domain. I hold certifications, including CISSP, CIDPRO, and CISM. Additionally, she has experience working in the insurance industry and am skilled in CyberArk, Active Directory, SailPoint IDN, Analytical Skills, Project Management, and Public Speaking.Guest Quote "Identity security is ultimately about trust. People have to trust that you are doing the things that will help them do their job securely and not stop them from doing their job."Time stamps 01:45 Meet Angie Klein: Expert IAM Practitioner 01:22 Why Identity Needs Its Own Program 04:30 Why Identity Programs Stall 07:27 Organizational Change Management (OCM) Explained 12:51 OCM in Action 17:08 How to Gain Buy-In for an Identity Security Program 25:05 First Steps for Standing Up a Program 30:22 The Core Pillars of Identity Security 35:00 Conclusion and Final ThoughtsSponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world's leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more.Links Connect with Angie on LinkedInConnect with Sean on LinkedInDon't miss future episodesLearn more about Semperis

New Work. New Rules.
#125 New Work. New Threats. | Wie verändert die neue Arbeitswelt unsere IT-Sicherheit?

New Work. New Rules.

Play Episode Listen Later May 9, 2026 67:33


New Work klingt nach Freiheit: Arbeiten von überall, flexible Zeiten, maximale Effizienz.  Doch genau diese Freiheit hat eine zweite Seite – und die wird oft unterschätzt.     In dieser Folge von New Work. New Rules. tauchen wir tiefer ein in eine Realität, die viele noch nicht vollständig greifen: Grenzen verschwimmen, klassische Sicherheitskonzepte verlieren an Wirkung – und Angriffe passieren längst nicht mehr nur „von außen“.    Gemeinsam mit Ewald von KOM4TEC, Stefan und Nick von Obrela sowie Tim von Microsoft ordnen wir ein, was diese Entwicklung konkret bedeutet – und warum genau jetzt ein Umdenken notwendig ist.    Ohne Panikmache, aber mit klarem Blick zeigen wir, wo die größten Risiken entstehen – und warum viele Unternehmen genau dort angreifbar sind, wo sie sich eigentlich am sichersten fühlen.    Und vielleicht die wichtigste Frage: Sind wir auf diese neue Realität wirklich vorbereitet?    Eine Folge für alle, die verstehen wollen, was hinter der Oberfläche von New Work passiert – und warum IT-Sicherheit heute neu gedacht werden muss.    Proudly sponsored by @vonwinning mit dem besten WIN WIN Riesling & @kaffeebraun mit einzigartig gutem Espresso aus Aschaffenburg!       Zitate aus der Folge    Stefan  Wenn ich meine Arbeitskultur verändere, verändert sich automatisch auch meine Angriffsfläche – und genau deshalb geht es heute darum, diese so gezielt wie möglich zu reduzieren. Entscheidend ist zu verstehen, was es bedeutet, Daten lokal zu betreiben oder in die Cloud zu verlagern. Es ist nicht besser oder schlechter – es ist anders, und jede neue Art zu arbeiten bringt ihre eigenen Risiken mit sich.      Nick  Unternehmerisches Risiko im Bereich IT-Sicherheit zu quantifizieren, ist extrem schwierig – und genau deshalb entsteht das Budget oft erst, wenn bereits etwas passiert ist. Ich habe selbst erlebt, wie nach einem Angriff plötzlich ganz konkret gerechnet wurde, welchen Schaden man daraus ableiten kann. In solchen Momenten wird klar, dass Risiken oft erst dann greifbar werden, wenn sie Realität sind.    Tim   Ich denke stark aus der Perspektive von Identity – mit einem klaren Fokus auf Identity & Access Management. Mein Hintergrund im Endpoint Management stammt aus der Zeit, in der wir angefangen haben, ernsthaft über New Work zu sprechen und viele neue Faktoren von außen dazukamen. Am Ende haben wir bei Microsoft einen gemeinsamen Nenner gefunden: die Identität.    Ewald    Es gibt heute viele verschiedene Szenarien – und mit jedem neuen steigt auch das Risiko. Gleichzeitig sind interne IT-Abteilungen oft schon am Limit, und IT-Security läuft dann noch nebenbei mit. Umso wichtiger ist es, einen starken Partner an der Seite zu haben, der genau dort unterstützt, wo es kritisch wird.      In den kommenden Podcast-Folgen bekommst du:    Infos und Tipps rund um die M365-Welt und ihre Anwendungen wie Power BI und Power Apps  Inspiration und praktische Tipps für den Kulturwandel für dich oder dein Unternehmen, um immer einen Schritt voraus zu sein  Wertvolle Impulse für ein bewusstes Mindset  Tipps zu praktischen Tools, die deinen Change unterstützen können, egal ob persönlich oder als Unternehmen  Viele weitere Einblicke in die Welt des New Work    Let's connect  Du hast Ideen, Themenvorschläge oder Anregungen zum Thema, dann teile gerne deine Gedanken mit uns und schick uns eine Nachricht an podcast@kom4tec.de oder auf Instagram @kom4tec  Wir freuen uns von dir zu hören.   Follow us!   Facebook | https://www.facebook.com/KOM4TEC/   Instagram | https://www.instagram.com/kom4tec/   LinkedIn | https://www.linkedin.com/company/10407066/        

Dark Rhino Security Podcast
S19 E03 Identity Attacks Are the #1 Threat

Dark Rhino Security Podcast

Play Episode Listen Later Apr 29, 2026 51:26


Jasson Casey is the  CEO & Co-Founder of Beyond Identity, the first and only identity security platform built to make identity-based attacks impossible. With 20+ years in security and networking, Jasson has built enterprise solutions that protect global organizations from credential-based threats. 00:00 Intro02:00 Our Guest10:37 The Identity and Access Management field is crowded16:11 How does your MFA know?45:34 What does the future look like for AI?49:48 Claude and Ceros

What's Next|科技早知道
OpenClaw 内部视角:一线维护者看到的问题、风险和下一步 | 硅谷徐老师 S10E05

What's Next|科技早知道

Play Episode Listen Later Apr 1, 2026 52:08


春节之后,OpenClaw 毫无疑问是最出圈的开源项目。短短几周之内,它迅速吸引了大量开发者、创业者和大公司关注,也让更多人第一次直观感受到:Agent 不再只是一个“帮你聊天”或“帮你写几行代码”的工具,而是一个真的可以持续运行、替你执行任务的系统。与此同时,相关的安全问题开始变得更具体,也更难回避。比如,Agent 在获得更多权限之后,边界该怎么设定?Prompt Injection、恶意 skills、权限失控、误操作,或者企业内部的数据泄露,这些风险到底是怎么产生的?哪些是模型本身还没有解决的问题,哪些又是产品和系统设计可以提前防范的? 这期节目,我们请到的嘉宾是 George Zhang,他是 OpenClaw 的 maintainer,也是这个开源项目中少数负责核心代码与方向维护的人之一。同时,我们也请来了徐老师,他长期从事安全相关工作,对企业和消费者场景下的安全问题都有很多一线观察。两位嘉宾分别从开源项目维护者和安全从业者的角度,帮助我们一起拆解:为什么 OpenClaw 会在这么短时间内爆火,也聊到了 Agent 安全最核心的风险到底在哪里,企业和个人用户现在最需要警惕什么,以及它把 Agent 推向下一阶段的同时,也带来了哪些新的挑战。 本期人物 丁教 Diane,「声动活泼」联合创始人、「科技早知道」主播 硅谷徐老师 Howie,硅谷高管、投资人、安全AI浏览器Norton Neo创始人。小红书:硅谷徐老师 George Zhang,OpenClaw Maintainer,Stealth Startup Cofounder,X 账号:https://x.com/odysseus0z 主要话题 [04:39] OpenClaw 的起源:想用手机控制编程 最初只是想解决一个痛点——出门吃饭时怎么用手机继续控制电脑上的 Claude Code 没有宏大叙事,纯粹的 hacker 精神 [07:13] Capability Overhang:模型明明很强,为什么表现不行? Peter 的核心贡献是把每个工具的 token 效率极致优化,用户日开销从七十美金降到一两美金 工具齐了、效率上去了,模型才能真正发挥出已有的能力 [13:28] 拿掉紧箍咒:OpenClaw 到底做对了什么? Anthropic 给 AI 安全加了三重限制:默认审批、低代理的系统提示词、工具层面的读写管控 OpenClaw 去掉限制,强调主观能动性的表达替换,模型表现立刻飞跃 本质不是 OpenClaw 做了什么,而是它"不做什么",让模型能力自然释放 [23:18] Prompt Injection:一个极具挑战的 AI 原生安全难题 Agent 打通了企业各部门的墙,但出事的杀伤力也成倍放大 传统企业层层审批,Agent 时代这套机制几乎失效 既不能锁死又不能放飞,怎么加"恰到好处的紧箍咒"是最核心的产品问题 [28:54] Agent 时代的"安全卫士":四五十年的安全史要重来一遍 传统软件命令和数据分层清晰,LLM 时代所有信息混在同一个 prompt 里,没有权限区分 国内模型厂在安全投入严重不足,简单技巧就能诱导生成危险内容 [46:00] Agent 时代的"安全卫士":四五十年的安全史要重来一遍 从静态扫描到行为分析,PC 时代和云时代做过的事情 Agent 时代要全部重做 Agent 被骗的概率和频率远超人类,anti-scam 的紧迫性倍增 [37:05] CEO 用 Agent 15 分钟部署上线,三周后被黑 让 OpenClaw 直接改代码、测试、提交审核,全流程 15-20 分钟搞定 三周后公司被入侵,部分资产被盗——能力越强,攻击面也越大 [40:08] Token 烧钱问题:先粗暴地跑起来,再慢慢优化 OpenClaw 的开发理念是"先有再优化",早期实现可能极其低效但先验证需求 新推出的 ACPX 协议大幅减少无关信息传输,效率显著提升 更深层优化需要整个行业转向 Agent Native 设计思路 [44:15] 开源的终局:谁是 Agent 时代的 Google? 名词解释 Prompt Injection LLM 特有的安全漏洞,因模型无法区分"命令"和"数据",外部内容(如网页文本)可能被当作指令执行 Capability Overhang 模型实际能力与可用能力之间的差距,因工具不足或人为限制导致模型无法发挥全部潜力 ACPX(Agent Communication Protocol) 由 Zed 编辑器团队提出、OpenClaw 采用的新通信协议,大幅提升 Agent 间通信效率 IAM(Identity and Access Management) 身份与访问管理,企业级权限控制体系,用于管理 Agent 作为"员工"的权限边界 ATH(Agent Trust Hub) GEN Digital 发布的 Agent 安全框架,从恶意攻击和非恶意误操作两个维度保护 Agent 使用安全 Knock Knock 世界 上周「Knock Knock 世界」更新了「海平面数据」话题:超过 99% 的海平面研究都算错了?全球平均少算了 24 到 27 厘米,东南亚甚至少算 1 米多,这意味着什么?欢迎点击这里收听

Risky Business News
Sponsored: What is Extended Identity Access Management?

Risky Business News

Play Episode Listen Later Mar 22, 2026 10:39


In this Risky Business sponsored interview, Casey Ellis chats to Fletcher Heisler, founder and CEO of open source identity provider, Authentik. They chat about Extended Identity Access Management (XIAM), the company's new acronym that has been seven years in the making. Show notes

KuppingerCole Analysts
Analyst Chat #289: From 100 to Zero - Fixing Access Recertification the Right Way

KuppingerCole Analysts

Play Episode Listen Later Mar 2, 2026 23:23


Access recertification is one of the most disliked processes in Identity & Access Management, and for good reason. In this episode, Matthias Reinwarth and Martin Kuppinger challenge the way organizations approach access reviews. Instead of endlessly optimizing broken campaigns, they ask a more fundamental question: What if we eliminated most of recertification altogether? Key topics:✅ Why traditional access certification campaigns fail✅ How overengineered role models create complexity and “rubber stamping”✅ Why 80–90% of entitlements can be automated via policy✅ How time-limited access dramatically reduces review effort✅ Where AI and usage analytics can safely remove unused permissions✅ Why static entitlements and standing privileges are the real root cause✅ How modern authorization (e.g., externalized policy models) changes the game The discussion also touches on the 50-year legacy of IBM RACF and why we still haven’t fully embraced externalized authorization — despite knowing better since 1976. If you struggle with 70-page access review PDFs, role explosion, or endless recertification campaigns, this episode offers practical, implementable guidance — much of it possible with capabilities you already have in place.

KuppingerCole Analysts Videos
Analyst Chat #289: From 100 to Zero - Fixing Access Recertification the Right Way

KuppingerCole Analysts Videos

Play Episode Listen Later Mar 2, 2026 23:23


Access recertification is one of the most disliked processes in Identity & Access Management, and for good reason. In this episode, Matthias Reinwarth and Martin Kuppinger challenge the way organizations approach access reviews. Instead of endlessly optimizing broken campaigns, they ask a more fundamental question: What if we eliminated most of recertification altogether? Key topics:✅ Why traditional access certification campaigns fail✅ How overengineered role models create complexity and “rubber stamping”✅ Why 80–90% of entitlements can be automated via policy✅ How time-limited access dramatically reduces review effort✅ Where AI and usage analytics can safely remove unused permissions✅ Why static entitlements and standing privileges are the real root cause✅ How modern authorization (e.g., externalized policy models) changes the game The discussion also touches on the 50-year legacy of IBM RACF and why we still haven’t fully embraced externalized authorization — despite knowing better since 1976. If you struggle with 70-page access review PDFs, role explosion, or endless recertification campaigns, this episode offers practical, implementable guidance — much of it possible with capabilities you already have in place.

Identity At The Center
#401 - Sponsor Spotlight - PlainID

Identity At The Center

Play Episode Listen Later Feb 11, 2026 52:11


This episode is sponsored by PlainID. Visit plainid.com/idac to learn more.In this sponsored episode, Jim McDonald and Jeff Steadman talk with Gal Helemski, CTO and co-founder of PlainID, about the evolving landscape of authorization. The conversation covers the transition from traditional roles and attributes to a modern policy-based access control (PBAC) approach. Gal explains how PlainID helps organizations centralize authorization logic, improve security posture, and simplify the management of access across complex hybrid and multi-cloud environments. The discussion also touches on the importance of visibility into who has access to what and the role of standards like Cedar and Rego in the future of authorization.Connect with Gal: https://www.linkedin.com/in/gal-helemski-b9542231/Learn more about PlainID: plainid.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comTimestamps:00:00 Introduction to the Sponsor Spotlight02:15 Meet Gal Helemski from PlainID05:30 The shift from RBAC to PBAC10:45 Challenges with traditional authorization methods15:20 How PlainID centralizes authorization logic22:10 Integrating with existing identity providers28:45 The role of visibility and auditing in authorization35:30 Discussion on authorization standards: Cedar and Rego42:15 Future trends in identity and access management50:00 Final thoughts and where to learn moreKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, PlainID, Authorization, Policy-Based Access Control, PBAC, RBAC, Cybersecurity, IAM, Access Management, Gal Helemski, Identity Security

Oracle University Podcast
What is Oracle Database@AWS?

Oracle University Podcast

Play Episode Listen Later Feb 10, 2026 16:36


In this episode, hosts Lois Houston and Nikita Abraham take you inside how Oracle brings its industry-leading database technology directly to AWS customers.   Senior Principal OCI Instructor Susan Jang unpacks what the OCI child site is, how Exadata hardware is deployed inside AWS data centers, and how the ODB network enables secure, low-latency connections so your mission-critical workloads can run seamlessly alongside AWS services.   Susan also walks through the differences between Exadata Database Service and Autonomous Database, helping teams choose the right level of control and automation for their cloud databases.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -------------------------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services.  Lois: Hi there! Last week, we talked about multicloud and the partnerships Oracle has with Microsoft Azure, Google Cloud, and Amazon Web Services. If you missed that episode, do listen to it as it sets the foundation for today's discussion, which is going to be about Oracle Database@AWS.  00:59 Nikita: That's right. And we're joined by Susan Jang, a Senior Principal OCI Instructor. Susan, thanks for being here. To start us off, what is Oracle Database@AWS?  Susan: Oracle Database@AWS is a service that allows Oracle Exadata infrastructure that is managed by Oracle Cloud Infrastructure, or OCI, to run directly inside an AWS data center.   01:25 Lois: Susan, can you go through the key architecture components and networking relationships involved in this?    Susan: The AWS Cloud is the Amazon Web Service. It's a cloud computing platform. The AWS region is a distinct, isolated geographic location with multiple physically separated data center, also known as availability zone. The availability zone is really a physically isolated data center with its own independent power, cooling, and network connectivity.  When we speak of the AWS data center, it's a highly secured, specialized physical facility that houses the computing storage, the compute servers, the storage server, and the networking equipment. The VPC, the Virtual Private Cloud, is a logical, isolated virtual network.  The AWS ODB network is a private user-created network that connects the virtual private cloud network of Amazon resources with an Oracle Cloud Infrastructure Exadata system. This is all within an AWS data center. The AWS-ADB peering is really an established private network connection that's between the Oracle VPC, the Virtual Private Cloud, and the Oracle Database@AWS network. And that would be the ODB.  Within the AWS data center, you have something that you see called the child site. Now, an OCI child site is really a physical data center that is managed by Oracle within the AWS data center. It's a seamless extension of the Oracle Cloud Infrastructure. The site is hosting the Exadata infrastructure that's running the Oracle databases.  The Oracle Database@AWS service brings the power as well as the performance of an Oracle Exadata infrastructure that is managed by Oracle Cloud Infrastructure to run directly in an AWS data center.  03:57 Nikita: So essentially, Oracle Database@AWS lets you to run your mission-critical Oracle data load close to your AWS application, while keeping management simple. Susan, what advantages does Oracle Database@AWS bring to the table?  Susan: Oracle Database@AWS offers a powerful and flexible solution for running Oracle workloads natively within AWS. Oracle Database@AWS streamlines the process of moving your existing Oracle Database to AWS, making migration faster as well as easier.  You get direct, low latency connectivity between your application and Oracle databases, ensuring a high performance for your mission-critical workloads.   Billing, resource management, and operational tasks are unified, allowing you to manage everything through similar tools with reduce complexity. And finally, Oracle Database@AWS is designed to integrate smoothly with your AWS environments' workloads, making it so much easier to build, deploy, and scale your solutions.  05:15 Lois: You mentioned the OCI child site earlier. What part does it play in how Oracle Database@AWS works?   Susan: The OCI child site really gives you the capability to combine the physical proximity and resources of AWS with the logical management and the capability of Oracle Cloud Infrastructure. This integrated approach allows us to enable the ability for you to run and manage your Oracle databases seamlessly in your AWS environment while still leveraging the power of OCI, our Oracle Cloud Infrastructure.  06:03 Did you know that Oracle University offers free courses on Oracle Cloud Infrastructure for subscribers! Whether you're interested in multicloud, databases, networking, security, AI, or machine learning, there's something for everyone. So, what are you waiting for? Pick your topic and get started by visiting mylearn.oracle.com.   06:29 Nikita: Welcome back! Susan, I'm curious about the Exadata infrastructure inside AWS. What does that setup look like?  Susan: The Exadata Infrastructure consists of physical database, as well as storage servers. That is deployed-- the database and the storage servers are interconnected using a high-speed, low-latency network fiber, ensuring optimal performance and reliable data transfer.  Each of the database server runs one or more Virtual Machines, or VMs, as we refer to them, providing flexible compute resources for different workloads. You can create, as well as manage your virtual machine, your VM clusters in this infrastructure using various methods. Your AWS console, Command-Line Interface, CLI, or Application Program Interface, that's your API, giving you various options, several options for automating, as well as integrating your existing tools.  When you're creating your Exadata Infrastructure, there are a few things you need to define and set up. You need to define the total number of your database servers, the total number of your storage server, the model of your Exadata system, as well as the availability zone where all these resources will be deployed.  This architecture delivers a high-performance resiliency and flexible management capability for running your Oracle Database on AWS.  08:18 Lois: Susan, can you explain the network architecture for Oracle Database deployments on AWS?   Susan: The ODB network is an isolated network within the AWS that is designed specifically for Exadata deployments. It includes both the client, as well as the backup subnet, which are essential for securing and efficient database operations.  When you create your Exadata Infrastructure, you need to specify the ODB network as you need the connectivity. This network is mapped directly to the corresponding network in the OCI child site. This will enable seamless communication between AWS, as well as the Oracle Cloud Infrastructure.  The ODB network requires two separate CIDR ranges. And in addition, the client subnet is used for the Exadata VM cluster, providing connectivity for database operations. Well, you do also have another subnet. And that subnet is the backup subnet. And it's used to manage database backups of those VM cluster, ensuring not only data protection, but also data recovery.  Within your AWS region and availability zone, the ODB network contains these dedicated client, as well as backup subnet. It basically isolates the Exadata traffic for both the day-to-day access, and that would be for the client, as well as the backup operations, and that would be for the backup subnet. This network design supports secure, high performance, and connectivity in a reliable backup management of the Oracle Database deployments that is running on AWS.  10:23 Nikita: Since we're on the topic of networking, can you tell us about ODB peering within the Oracle Database architecture?  Susan: The ODB peering establishes a secure private connection between your AWS Virtual Private Cloud, your VPC, then the Oracle Database, the ODB network that contains your Exadata Infrastructure.  This connection makes it possible for application servers that's running in your VPC, such as your Amazon EC2 instances to access your Oracle databases that is being hosted on Exadata within your ODB network. You specify the ODB network when you set up your infrastructure, specifically the Exadata Infrastructure. This network includes dedicated client, as well as backup subnets for an efficient and secure connectivity.  If you wish to enable multiple VPCs to connect to the same ODB network and access the Oracle Database@AWS resources, you can leverage AWS Transit Gateways or even an AWS Cloud WAN for scalable and centralized connectivity.   The virtual private cloud contains your application server, and that's securely paired with the Oracle Database network, creating a seamless, high-performance path to your application to interact with your Oracle Database.  ODB peering simplifies the connectivity between the AWS application environments and the Oracle Exadata Infrastructure, thus supporting a flexible, high performance, and secure database access.  12:23 Lois: Now, before we close, can you compare two key databases that are available with Oracle Database@AWS: Oracle Exadata Database Service and Oracle Autonomous Database Service?  Susan: The Exadata Database Service offers a fully managed and dedicated infrastructure with operational monitoring that is handled by you, the customer. In contrast, the Autonomous Database is fully managed by Oracle, taking care of all the operational monitoring.  Exadata provides very high scalability though resources, such as disk and compute, must be sized manually. Where in the Autonomous Database, it offers high scalability through automatic elastic scaling. When we speak of performance, both service deliver strong results. Exadata offers ultra-low latency and Exadata-level performance, while the Autonomous Database delivers optimal performance with automation.  Both services provide high migration capability. Exadata offers full compatibility and the Autonomous Database includes a robust set of migration tools. When it comes to management, Exadata requires manual management and administration. And that's really in a way to provide you the ability to customize it in the manner you desire, making it meets your very specific business needs, especially your database needs.  In contrast, the Autonomous Database is fully managed by Oracle, including automated administration tasks, optimal self-tuning features to further reduce any management overhead. When we speak of the feature sets, the Exadata delivers a full suite of Oracle features, including the RAC application cluster, or the Real Application Cluster, RAC, whereas the Autonomous offers a complete feature set, but specifically that is designed for optimized Autonomous operations.  Finally, when we speak of integration, integration for both of this service integrates seamlessly with AWS service, such as your EC2, your network, the VPC, your policies, the Identity and Access Management, your IAM, the monitoring with your CloudWatch, and of course, your storage, your SC, ensuring a consistent experience within your AWS ecosystem.  15:21 Nikita: So, you could say that the Exadata Database Service is better for customers who want dedicated infrastructure with granular control, while the Autonomous Database is built for customers who want a fully automated experience. Thank you, Susan, for taking the time to talk to us about Oracle Database@AWS.  Lois: That's all we have for today. If you want to learn more about the topics we discussed, head over to mylearn.oracle.com and search for the Oracle Database@AWS Architect Professional course. In our next episode, we'll find out how to get started with the Oracle Database@AWS service. Until then, this is Lois Houston…  Nikita: And Nikita Abraham, signing off!  16:06 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Identity At The Center
#399 - Navigating Identity Security in the Age of AI with Jeff Margolies

Identity At The Center

Play Episode Listen Later Feb 5, 2026 56:55


Jim McDonald is joined by Jeff Margolies, Chief Product and Strategy Officer at Saviynt, to discuss the intersection of artificial intelligence and identity security. Jeff shares his decades of experience in the industry, from building the IAM practice at Accenture to his current leadership role at Saviynt. The conversation covers how AI is making manually intensive identity tasks more efficient, the emergence of Identity Security Posture Management (ISPM), and the critical need to govern identities for AI agents. Jeff also provides his perspective on the future of the identity practitioner and why he remains an optimist in a rapidly changing technological landscape.Connect with Jeff Margolies on LinkedIn: https://www.linkedin.com/in/jmargolies/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comTimestamps:00:00:00 - Introduction and Gartner Identity Conference Recap00:02:11 - Jeff Margolies' Career Journey in Identity and Security00:04:36 - Returning to Identity and Joining Saviynt00:06:13 - How AI is Impacting Identity Security and Governance00:09:56 - The Future of Identity Services in an AI World00:13:58 - Will AI Disrupt the SaaS Model for Identity?00:19:50 - The Impact of AI on the Identity Practitioner Job Market00:26:16 - Identity for AI: Governing Agents and Delegated Authority00:32:00 - Combating Deepfakes and Proving What is Real00:34:40 - The Rise of Identity Security Posture Management (ISPM)00:41:46 - Comparing Posture Management and ITDR00:44:17 - Advice for CISOs: Why Posture Should Come First00:49:35 - The Secret to Saviynt's Success and Future Outlook00:52:19 - Lighter Note: Why Jeff Chose a Tesla for His DaughterKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Jeff Margolies, Saviynt, IAM, Identity and Access Management, AI, Artificial Intelligence, ISPM, ITDR, Cybersecurity, Identity Governance, SaaS, IGA

CISSP Cyber Training Podcast - CISSP Training Program
CCT 321: From BIOS Passwords To ABAC - Practice CISSP Questions

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Feb 5, 2026 22:24 Transcription Available


Send us a textA surprising number of security leaders admit they're flying blind on hardware and firmware. We start by exposing how shared BIOS passwords, slow maintenance cycles, and careless e‑waste practices create avoidable risk, then lay out the fixes: privileged vaulting, disciplined asset disposition, and practical ways to repurpose gear without leaking data. That real-world foundation sets the stage for a focused tour through CISSP Domain 5—Identity and Access Management—built for practitioners who want clarity over jargon.We break down least privilege in plain terms and show how to reduce the initial friction with cleanly defined roles and entitlement catalogs. From there, we compare RBAC and ABAC: when baseline roles are enough, and when context-aware attributes like device, location, and data sensitivity should drive policy. Authentication gets the same treatment. Multi-factor authentication, biometrics, and phishing-resistant methods raise the bar, while single sign-on and identity federation streamline access across cloud apps using standards like OAuth, OpenID Connect, and SAML. In modern cloud environments, token-based models win for scalability and security, and we explain why.Governance ties it all together. We walk through identity proofing for solid onboarding, separation of duties to curb fraud, and IGA workflows that make approvals, recertifications, and audits far less painful. Regular access reviews emerge as the unsung hero that prevents privilege creep before it becomes an incident. If you're prepping for the CISSP—or just tightening your IAM program—this episode gives you the why behind the what, with steps you can apply today.Enjoyed the conversation and want more deep dives? Subscribe, share with a teammate who needs a quick IAM refresher, and leave a review to help others find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

The Future of ERP
Episode 80: Who Owns What? Clarifying IAM Roles in Cloud ERP with Infosys

The Future of ERP

Play Episode Listen Later Feb 4, 2026 14:00


Discover how identity and access management (IAM) is reshaping cybersecurity in cloud ERP, enabling businesses to be safer, faster, and more compliant with clarity in roles and responsibilities.=====In this insightful episode of the Future of ERP podcast, Aditya Thakurdesai from Infosys dives deep into the vital topic of identity and access management (IAM) in cloud ERP environments. He explains why understanding "who owns what" in IAM is non-negotiable to ensure security, compliance, and operational efficiency amid today's complex hybrid IT infrastructures. Aditya shares compelling customer stories- rom a global pharmaceutical company safeguarding sensitive research data to a large retailer accelerating seasonal workforce onboarding - highlighting how the shared responsibility model brings clarity and confidence in managing cloud security. The discussion further explores how AI is revolutionizing IAM, with intelligent threat detection, adaptive access control, and proactive governance transforming traditional security roles. This episode is a must-listen for any business navigating cloud security risks and looking to leverage AI for smarter, faster, and safer ERP management. Tune in and learn how to stay ahead in the evolving cybersecurity landscape.⁠⁠⁠Download Episode Transcript⁠⁠⁠Useful Links:Learn how the shared responsibility model for SAP Cloud ERP Private defines roles, streamlines operations, and improves security and compliance: Operate your cloud ERP with confidence and control SAP Cloud ERPInfosysFollow Us on Social Media!⁠⁠⁠SAP Cloud ERP - LinkedIn⁠⁠⁠=====Guest: Aditya Thakurdesai, Director – Enterprise Security , InfosysAditya is a seasoned SAP Security and GRC professional, currently serving as Director – Enterprise Security at Infosys. With nearly two decades of experience, he has delivered transformative security solutions that seamlessly integrate deep domain expertise with emerging technologies. In his current role, Aditya heads the Manufacturing and Communications, Media & Technology segments within Infosys' Enterprise Risk Management Services group. He also drives strategic Centre of Excellence initiatives focused on security transformation, intelligent automation, and AI innovation. His current passion lies in Agentic AI, where he has developed pioneering solution that introduce new levels of agility, compliance, and scalability to enterprise security operations.Host 1: Richard Howells, SAPRichard Howells has been working in the Supply Chain Management and Manufacturing space for over 30 years. He is responsible for driving the thought leadership and awareness of SAP's ERP, Finance, and Supply Chain solutions and is an active writer, podcaster, and thought leader on the topics of supply chain, Industry 4.0, digitization, and sustainability.Follow Richard Howell on ⁠⁠⁠LinkedIn⁠⁠⁠ and ⁠⁠⁠X⁠⁠⁠Host 2: Oyku Ilgar, SAPOyku Ilgar is a marketer and thought leader specializing in SAP's digital supply chain and ERP solutions since 2017. As a marketer, blogger, and podcaster, she creates engaging content that highlights innovative SAP technologies and explores key topics including business trends, AI, Industry 4.0, and sustainability.She holds dual bachelor's degrees in Finance & Accounting and English Translation, along with a master's degree in Business Administration and Foreign Trade, specializing in marketing. With her background in digital transformation, Oyku communicates technology trends and industry insights to help professionals navigate the evolving business landscape.Oyku's LinkedIn and SAP Community=====Key Topics: Identity Management, Access Management, Cloud ERP, Shared Responsibility, Compliance, Security, Artificial Intelligence, AI, Threat Detection, Case Studies

No Password Required
No Password Required Podcast Episode 68 — Rob Hughes

No Password Required

Play Episode Listen Later Jan 20, 2026 44:51


Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

Identity At The Center
#395 - Sponsor Spotlight - Redblock

Identity At The Center

Play Episode Listen Later Jan 14, 2026 55:09


#395 - Sponsor Spotlight - RedblockThis episode is sponsored by Redblock. Visit redblock.ai/idac to learn more.Jeff and Jim come to you live from the Gartner IAM Summit in Grapevine, Texas, for a special Sponsor Spotlight with Redblock. They sit down with CEO Indus Khaitan to discuss how Redblock uses AI and computer vision to solve the "last mile" problem in identity management: disconnected applications.Indus explains how Redblock acts as an "agentic" layer, using screen recordings to learn administrative tasks for apps that lack APIs. The conversation covers the origin of the company name, the urgency of securing the "long tail" of applications, and how they build trust and guardrails around AI execution. They also discuss the "DoorDash" analogy for identity fulfillment and wrap up with a fun chat about Indus's passion for flying planes.Connect with Indus: https://www.linkedin.com/in/khaitan/Learn more: redblock.ai/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at [idacpodcast.com](http://idacpodcast.com)Timestamps00:00 Introduction from Gartner IAM Summit00:46 Guest Introduction: Indus Khaitan of Redblock01:40 Indus's Journey into Identity02:41 The Origin of the Name "Redblock"04:20 The Underserved Market: Services vs. Software07:34 The Urgency of Securing Disconnected Apps09:19 Why Traditional IGA and PAM Aren't Enough11:35 The DoorDash Analogy: Where Redblock Fits14:30 What Makes Redblock Unique? (Agentic Process Automation)16:15 Trusting AI with Security Tasks18:50 Onboarding Apps via Video Recording21:23 Deployment: Running Air-Gapped on Customer Cloud22:17 Handling UI Changes and "Full Self-Driving" Analogy25:40 Integration with SailPoint and Governance Tools27:13 Speed of Integration: Days vs. Years32:00 How the "Headless Browser" Works33:35 Limitations: Web Apps vs. Thick Clients36:58 Redblock's 2025 Milestones and Future Outlook39:48 Call to Action: Solving Disconnected Apps40:27 Impressions of the Gartner IAM Summit44:26 Are We in an AI Bubble?46:46 Indus's Hobby: Flying PlanesKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Redblock, Indus Khaitan, AI, Artificial Intelligence, IAM, Identity and Access Management, Disconnected Apps, Agentic AI, Computer Vision, Gartner IAM Summit, RPA, IGA, Cybersecurity

Oracle University Podcast
Getting to Know Oracle Cloud Infrastructure

Oracle University Podcast

Play Episode Listen Later Jan 6, 2026 19:07


Every system depends on reliable infrastructure behind the scenes. Oracle Cloud Infrastructure (OCI) delivers that reliability with speed, flexibility, and built-in security.   Join Lois Houston and Nikita Abraham as they speak with Oracle Cloud experts David Mills and Tijo Thomas about what makes OCI different and how it drives real results for businesses of every size.   Cloud Business Jumpstart https://mylearn.oracle.com/ou/course/cloud-business-jumpstart/152957 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -----------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Communications and Adoption with Customer Success Services, and with me is Nikita Abraham, Team Lead: Editorial Services with Oracle University. Nikita: Hi everyone, and welcome to a brand-new season of the podcast! We're really excited about this one because we'll be diving into how Oracle Cloud Infrastructure is transforming the way businesses innovate, stay secure, and drive results.  00:55 Lois: And to help us with this, we've got two experts who know this space inside out—David Mills, Senior Principal PaaS Instructor, and Tijo Thomas, Principal OCI Instructor, both from Oracle University. Hi David! For those who might not be familiar, could you explain what Oracle Cloud Infrastructure is? David: OCI, as we call it, is Oracle's enterprise grade cloud platform, built from the ground up to run the systems that matter most to business. It provides the infrastructure and platform services businesses need to build, run, and scale applications securely, globally, and cost effectively. To provide more context, all of Oracle's SaaS applications such as NetSuite, Customer Experience, Human Capital Management, Supply Chain Management, as well as Enterprise Resource and Enterprise Performance Management, they all run on OCI. But OCI isn't just for Oracle's own apps. It's a full featured cloud platform used by thousands of customers to run their own applications, data, and services. OCI includes platform services such as databases, integration, analytics, and many others, and of course, the infrastructure services, such as compute, networking, and storage, which comprise the core of OCI. Bottom line, if something is running on Oracle Cloud, OCI is behind it. OCI includes over 100 services across numerous categories like compute, storage, networking, database, containers, AI, developer tools, integration, security, observability, and much more. So, whether you're lifting and shifting legacy workloads or building new apps in the cloud, OCI has the building blocks. 03:02 Lois: David, who was OCI designed for? David: OCI was built from scratch to address the limitations of first-generation clouds. No patchwork of legacy acquisitions, just a clean, modern, high-performance foundation designed for real enterprise workloads. OCI was designed for businesses that can't compromise financial services, health care, retail, governments, customers with strict regulations, global scale, and mission-critical systems. These are the companies choosing OCI not just because it works, but because it works under pressure. 03:42 Nikita: What else makes OCI different from other cloud platforms? David: Oracle's network and storage architecture delivers low latency results consistently. Then there's pricing—simple, predictable, and often much lower than our competitors. OCI was designed with governance and security in every layer. OCI supports all types of cloud strategies: public cloud, hybrid deployments, multi-cloud environments, and even a dedicated cloud we can install inside your own data center. We call all that distributed cloud, and that's where OCI really shines. OCI gives you everything you need to modernize your technology stack, run securely at scale, and build for the future without giving up control or blowing your budget. 04:37 Lois: Now, Tijo, we've covered what OCI is, who it's for, and what makes it unique. Let's switch gears a bit and talk about cloud regions. For anyone who doesn't know, a cloud region is just a specific geographic location where Oracle, or any cloud provider, runs its own data centers. Why does the choice of region matter for businesses, and what should they think about when picking one? Tijo: Many businesses are required by law to keep their data within national borders, whether it is GDPR in Europe or local privacy laws in Australia or Singapore, choosing the right region would help you to stay compliant.  The closer your applications are to your users, the faster they perform. Running in a nearby region means lower latency, faster response times, and better customer experience. Then there is disaster recovery and high availability. Regions are the building blocks for setting up failover strategies. By deploying workloads in multiple regions, businesses can protect themselves from outages and keeping their systems in running state. Some businesses also need to meet industry-specific compliance requirements. Think of sectors like health care, government, or finance. They often require that the infrastructure and the data should stay within the national or regional boundaries. If your business is growing into new markets, regions allow you to deploy apps and services closer to your customers and without having the need to build new data centers. Regions also enable local integrations and partnerships, whether it is connecting with ISPs, local service providers, or complying with in-country partner requirements. Having a region nearby makes that integrations and operations smoother. Regions are not just about geography. They are a critical part of how the businesses would stay compliant, resilient, and responsive across the globe. Oracle runs a fast-growing global network of cloud regions, and each OCI region is fully independent and fully isolated. You choose your regions, and your data stays there. 07:06 Nikita: And are there different types of cloud regions? Tijo: There are several commercial regions, sovereign regions, government regions, and multi-cloud regions. Even with a wide range of cloud regions, some organizations cannot move their workloads and its data to the public cloud. Those workloads may need to stay in their own on-premises data center, but at the same time, they still want to leverage the benefits of OCI. 07:42 Take your cloud skills to the next level with the new Oracle Database@AWS course. Master provisioning, migration, security, and high availability for Oracle Database on AWS. Then validate your experience with an industry-recognized certification. Stand out in the multicloud space and accelerate your career. Visit mylearn.oracle.com for more information. 08:09 Nikita: Welcome back! We were talking about workloads and how some companies may have to keep their workloads on-premises. Why would they need to do that, Tijo? Tijo: First, data sovereignty. Let's say there may not be a list of public cloud region that the organization is looking for, or maybe the business need to set up a disaster recovery strategy within that specific location. Then there is security and control. Some industries have very strict regulations, and they require physical access and oversight of their infrastructure. And finally, there are latency-sensitive workloads. These are applications that cannot afford the delay of going back and forth to a remote cloud region. They need cloud services right next to their physical data center.  08:59 Nikita: So, how does Oracle help with that? Tijo: To address these requirements, Oracle introduces a set of offerings. The first one is called dedicated region, and the second one is called Cloud@Customer services. Through both these offerings, you get OCI services right in your data center and all behind your firewall, while achieving the benefits of flexibility and automation.  09:24 Nikita: So, what's a dedicated region? Tijo: Dedicated region is a completely managed cloud region that brings all the OCI services and Oracle Fusion SaaS applications within your data centers. Along with deploying the full stack OCI, you would receive support for Oracle Fusion SaaS applications and also gain a consistent experience with the same SLAs, APIs, and the tools available in Oracle Cloud. 09:53 Lois: Ok and what about Cloud@Customer? Tijo: While dedicated region is ideal for large scale enterprise needs, with full stack OCI and SaaS, some organizations just require a lighter footprint. And that's where Cloud@Customer comes in. And to begin with, we'll talk about Compute Cloud@Customer. It is a fully managed rack scale infrastructure that allows you to use the core OCI services, like the OCI compute, OCI storage, and OCI networking services at your on-premises. With Compute Cloud@Customer, you can run applications and middleware systems to provide consistent user experience and simplify IT administration across your distributed cloud architecture. We can plan to run the same application stack everywhere and centrally manage them without needing experts in every location.  10:52 Nikita: Is there a way to make running your Oracle databases easier and more cost-effective? Tijo: That's why Oracle offers you Oracle Exadata Cloud@Customer. Oracle Exadata Cloud@Customer combines the performance of Oracle Exadata with the simplicity, flexibility, and affordability of a managed database service delivered through customer data centers. It is the simplest way to move your current Oracle databases to the cloud, because it provides full compatibility with existing Exadata systems and Exadata Database services in Oracle Cloud Infrastructure. You could also run the fully-managed Oracle Autonomous Database on Exadata Cloud@Customer that would combine all the benefits of having Exadata, along with the simplicity of an autonomous cloud service. And when Compute Cloud@Customer is combined with Exadata Cloud@Customer, you can run full stack applications completely in your own data center. Applications will use the same high performance OCI compute and database services you get in the cloud, so you don't have to change the way you architect or deploy them.  12:09 Nikita: So, what you're saying is that Oracle dedicated region and Cloud@Customer bring OCI services into your data center. Tijo: It enables you to run applications faster using the same high-performance capabilities and autonomous operations. You get all of this while maintaining complete control of your data so that you can address data residency, security, and connectivity concerns.  12:35 Lois: Ok. We've talked about where OCI runs. Now David, let's get into what it actually does. David: OCI compute lets you run business applications on demand without buying or managing physical servers. You choose the type and size of the virtual machine you want, and OCI handles the rest. Need more power for peak traffic? OCI can automatically add capacity and scale it back down after. In addition to virtual machines, bare metal servers are also available for ultra high performance jobs like simulations, AI, or high speed trading. Every business stores data, but not all data needs the same kind of storage. OCI gives you options, fast block storage for your compute servers. It works just like a hard drive for your home computer. Shared file storage for applications and microservices. Large scale object storage for backups, videos, or other data, and low-cost long-term storage for object archives. The system even moves rarely used data to cheaper storage automatically.  13:51 Lois: Given Oracle's expertise in databases, what are some of the database options businesses can access with OCI? David: Oracle Autonomous Database automatically patches, tunes, and scales itself. Need raw power? Use Oracle Exadata, or go open source with MySQL HeatWave, which can be used for real time analytics. With these and many other database options, you get high performance automation and reliability all on demand.  14:24 Nikita: With so many database options, how is everything kept connected and running smoothly on OCI? David: Every cloud service relies on a fast, secure network. OCI's Virtual Cloud network acts like your own private data highway. You control how traffic flows between your apps, your people, and your regions. Need private direct connections to your data center or office? Use OCI FastConnect to bypass the public internet. OCI networking provides high speed performance with enterprise grade security designed for global business. 15:05 Lois: And what security service does Oracle provide? David: OCI doesn't treat this as an optional add on. When you sign up for OCI, your environment is isolated, your data is encrypted, and admin actions are logged. And there are so many security services. Identity and Access Management for handling users and permissions, Cloud Guard to detect threats and misconfigurations, OCI Vault for managing your encryption keys, Data Safe to monitor sensitive data access, as well as many others. You can leverage to meet any government or business compliance requirement. All of these are included in OCI, no need to stitch together third-party tools. 15:55 Lois: What if I want to see what's going on in my environment? David: OCI has monitoring services for metrics, logging services for real-time insights, tracing for distributed applications, and alarms to notify you when things go sideways. All of these services are integrated. So you can see what matters when you need it without all the noise. 16:23 Nikita: David, let's say someone wants to build and deploy an app. What services does OCI offer them?  David: OCI provides numerous developer services for your teams to build apps or digital tools. OCI DevOps supports automated builds and deployments. OCI Container Engine for Kubernetes helps run microservices. OCI Functions supports serverless code that runs on demand. All of this works with familiar languages and frameworks. In short, OCI gives developers what they need to build, test, and deliver quickly without having to manage infrastructure. 17:03 Nikita: How does OCI make it easier for companies to bring their apps together and use AI, even if they don't have a dedicated AI team? David: Modern businesses run dozens of apps, and OCI helps you to connect them with Oracle Integration Cloud. With OIC, you can integrate SaaS applications as well as on-premise apps and systems, automate business processes and workflows, route and transform messages, and you can even expose key services as APIs so partners and systems can interact securely. OCI integration is the glue that holds modern IT together. OCI helps you turn data into decisions without needing an AI team. Use ready-made AI tools for language translation, image recognition, document understanding, speech transcription, and more. Or build your own models with data science and data flow services. It's all designed to bring machine learning into reach for every business. 18:10 Lois: Thank you, David and Tijo, for joining us on this episode of the Oracle University Podcast. If you want to learn more about OCI, visit mylearn.oracle.com and search for the Cloud Business Jumpstart course.  Nikita: Next week, we'll look at why businesses choose OCI and how they're using OCI services to create real outcomes. Until then, this is Nikita Abraham… Lois: And Lois Houston signing off! 18:38 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

UBC News World
What Is CIAM? Customer Identity & Access Management Software Explained

UBC News World

Play Episode Listen Later Dec 22, 2025 10:15


Discover how Customer Identity and Access Management software combines smooth login experiences with strong security, helping businesses build customer trust while managing millions of identities. Learn why CIAM is reshaping online interactions and how leading solutions compare. Read more at https://www.loginradius.com/blog/identity/customer-identity-and-access-management LoginRadius City: Vancouver Address: 450 SW Marine Drive, Floor 18 Website: https://www.loginradius.com/

Identity At The Center
#392 - Identiverse DC - Majority Rules

Identity At The Center

Play Episode Listen Later Dec 17, 2025 28:43


Join hosts Jeff Steadman and Jim McDonald for a special live episode recorded on location at Identiverse DC! In this interactive session, Jeff and Jim host a game of "Majority Rules," where the audience competes not to answer correctly, but to guess the most popular answer in the room.The game covers a wide range of topics, from the trivial (worst conference swag and the official uniform of an IAM architect) to the technical (securing API keys, the biggest bottlenecks in IGA, and the primary causes of role explosion).Things get intense halfway through with the introduction of the Battle Royale rules, where picking the minority answer sends a player's score back to zero. Watch to see who survives the explosions and takes home the grand prize.Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapter Timestamps00:00 Intro to Identity at the Center Live00:36 Explaining the Rules of Majority Rules04:25 Question 1: The Worst Conference Swag06:00 Question 2: Replying to Access Denied07:05 Question 3: AI in Identity Management08:40 Question 4: Favorite MFA Method10:12 Question 5: Least Favorite Auth Factor11:15 Turning up the Heat: Battle Royale Mode12:10 Question 6: Why RBAC is Difficult at Scale13:30 Question 7: The IAM Architect Uniform14:50 Question 8: Best Place to Hide a Secret16:15 Question 9: Protocols You Secretly Miss17:25 Question 10: Most Hated Specialized Key18:40 Question 11: Conference Responsibilities20:00 Question 12: Securing API Keys21:20 Question 13: Secrets to Surviving Keynotes22:55 Question 14: The Biggest Bottleneck in IGA24:45 Question 15: Causes of Role Explosion25:50 Question 16: What Breaks First After a Schema Update26:40 Final Question: Fastest Way to Confuse a User27:40 Crowning the WinnerKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Identiverse, Identiverse DC, IAM, Identity and Access Management, Cybersecurity, InfoSec Game Show, Live Podcast, Majority Rules, MFA, IGA, API Security, RBAC, Role Explosion, Tech Humor, Cyberrisk Alliance

Fraud in the Office
Health Care Gone Wild

Fraud in the Office

Play Episode Listen Later Dec 9, 2025 34:37


In this week's episode, Matthew and Mark dive into a shocking wave of new fraud stories that all hit the headlines this week—and every one of them exposes the same weak points: identity, responsibility, and accountability.We break down the latest GAO report revealing massive vulnerabilities in Obamacare Marketplace plans—fake identities getting approved, stolen Social Security numbers used in dozens of applications, brokers making unauthorized changes, and taxpayers footing the bill for millions in bogus subsidies. Then we travel to Minnesota, where Medicaid and COVID-era relief fraud has surged past the $1 billion mark, with new cases showing how nonprofits, brokers, and even ghost companies exploited programs designed to help real families.And yes… in case you missed it, Taylor Swift and Travis Kelce just announced their upcoming wedding. The tabloids call it the love story of the decade—but the Fraud Bros ask: “Is it romance… or the greatest marketing campaign ever conceived?”As always, we connect the thread: fraud happens wherever identity is weak and accountability is missing—whether in healthcare systems, government programs, or even corporate operations. Identity management, internal controls, and segregation of duties aren't just audit words… they're the guardrails that keep taxpayer dollars, patient data, and entire programs from going off the rails.Support the showFind us on all streaming platforms! Check out our sponsor 1Trooper on LinkedIn @1Trooper And don't forget to subscribe!

The Agile World with Greg Kihlstrom
#780: Third-party partner experience and security with Haider Iqbal, Thales

The Agile World with Greg Kihlstrom

Play Episode Listen Later Dec 5, 2025 28:34


What if the biggest threat to your brand's agility and security isn't a competitor, but the welcome mat you lay out for your own partners?Agility requires not just the ability to move quickly, but the confidence to do so securely. It's about building a foundation of trust that enables seamless collaboration without introducing unnecessary risk.Today, we're going to talk about a critical, yet often overlooked, aspect of brand agility: the digital experience we provide to our third-party partners. From marketing agencies to technology vendors, these relationships are essential, but the very processes meant to enable them—like onboarding and system access—can often be the source of massive friction, security risks, and a fundamental breakdown of trust.To help me discuss this topic, I'd like to welcome, Haider Iqbal, Director, Identity & Access Management at Thales. About Haider Iqbal Haider is a technology leader and strategist with a career that spans consulting, sales, acquisitions, and product marketing across multiple regions. He has guided multimillion-dollar sales efforts, played a key role in a $100 million identity-sector acquisition, and now leads product marketing for Thales's IAM business. With roots in management consulting and a track record of translating complex technology into business growth, Haider brings both breadth and depth of expertise. Driven by a mindset of constant learning and unlearning, he is passionate about building technology that is inclusive, trustworthy, and safe for future generations. Outside of work, Haider can often be found on a cricket pitch, volleyball court, or golf course, with very occasional success. Haider Iqbal on LinkedIn: https://www.linkedin.com/in/haideriqbal/ Resources Thales: https://www.thales.com The Agile Brand podcast is brought to you by TEKsystems. Learn more here: https://www.teksystems.com/versionnextnow Catch the future of e-commerce at eTail Palm Springs, Feb 23-26 in Palm Springs, CA. Go here for more details: https://etailwest.wbresearch.com/ Connect with Greg on LinkedIn: https://www.linkedin.com/in/gregkihlstromDon't miss a thing: get the latest episodes, sign up for our newsletter and more: https://www.theagilebrand.showCheck out The Agile Brand Guide website with articles, insights, and Martechipedia, the wiki for marketing technology: https://www.agilebrandguide.com The Agile Brand is produced by Missing Link—a Latina-owned strategy-driven, creatively fueled production co-op. From ideation to creation, they craft human connections through intelligent, engaging and informative content. https://www.missinglink.company Hosted on Acast. See acast.com/privacy for more information.

The Agile World with Greg Kihlstrom
#780: Third-party partner experience and security with Haider Iqbal, Thales

The Agile World with Greg Kihlstrom

Play Episode Listen Later Dec 5, 2025 31:04


What if the biggest threat to your brand's agility and security isn't a competitor, but the welcome mat you lay out for your own partners? Agility requires not just the ability to move quickly, but the confidence to do so securely. It's about building a foundation of trust that enables seamless collaboration without introducing unnecessary risk. Today, we're going to talk about a critical, yet often overlooked, aspect of brand agility: the digital experience we provide to our third-party partners. From marketing agencies to technology vendors, these relationships are essential, but the very processes meant to enable them—like onboarding and system access—can often be the source of massive friction, security risks, and a fundamental breakdown of trust. To help me discuss this topic, I'd like to welcome, Haider Iqbal, Director, Identity & Access Management at Thales. About Haider Iqbal Haider is a technology leader and strategist with a career that spans consulting, sales, acquisitions, and product marketing across multiple regions. He has guided multimillion-dollar sales efforts, played a key role in a $100 million identity-sector acquisition, and now leads product marketing for Thales's IAM business. With roots in management consulting and a track record of translating complex technology into business growth, Haider brings both breadth and depth of expertise. Driven by a mindset of constant learning and unlearning, he is passionate about building technology that is inclusive, trustworthy, and safe for future generations. Outside of work, Haider can often be found on a cricket pitch, volleyball court, or golf course, with very occasional success. Haider Iqbal on LinkedIn: https://www.linkedin.com/in/haideriqbal/ Resources Thales: https://www.thales.com The Agile Brand podcast is brought to you by TEKsystems. Learn more here: https://www.teksystems.com/versionnextnow Catch the future of e-commerce at eTail Palm Springs, Feb 23-26 in Palm Springs, CA. Go here for more details: https://etailwest.wbresearch.com/ Connect with Greg on LinkedIn: https://www.linkedin.com/in/gregkihlstromDon't miss a thing: get the latest episodes, sign up for our newsletter and more: https://www.theagilebrand.showCheck out The Agile Brand Guide website with articles, insights, and Martechipedia, the wiki for marketing technology: https://www.agilebrandguide.com The Agile Brand is produced by Missing Link—a Latina-owned strategy-driven, creatively fueled production co-op. From ideation to creation, they craft human connections through intelligent, engaging and informative content. https://www.missinglink.company

Purrfect.dev
5.10 - How to Secure AI - Identity Access Management for Agents

Purrfect.dev

Play Episode Listen Later Nov 21, 2025 42:43


Curious about AI identity and MCP servers? Join us as Tobin South breaks down securing agents, fine-grained access, and the future of AI identity. Share your thoughts below!https://codingcat.dev/podcast/identity-access-management-for-agents-with-tobin-south00:00 Meet Tobin South06:11 MCP Security Challenges13:28 Agent to Agent Future24:28 MCP Server Setup33:12 Real-World Orchestration40:53 MCP Protocol Updates42:15 Closing Thoughts

Oracle University Podcast
Networking & Security Essentials

Oracle University Podcast

Play Episode Listen Later Nov 11, 2025 17:25


How do all your devices connect and stay safe in the cloud? In this episode, Lois Houston and Nikita Abraham talk with OCI instructors Sergio Castro and Orlando Gentil about the basics of how networks work and the simple steps that help protect them.   You'll learn how information gets from one place to another, why tools like switches, routers, and firewalls are important, and what goes into keeping access secure.   The discussion also covers how organizations decide who can enter their systems and how they keep track of activity.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. -------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hi everyone! In the last episode, we spoke about local area networks and domain name systems. Today, we'll continue our conversation on the fundamentals of networking, covering a variety of important topics.  00:50 Lois: That's right, Niki. And before we close, we'll also touch on the basics of security. Joining us today are two OCI instructors from Oracle University: Sergio Castro and Orlando Gentil. So glad to have you both with us guys. Sergio, with so many users and devices connecting to the internet, how do we make sure everyone can get online? Can you break down what Network Address Translation, or NAT, does to help with this? Sergio: The world population is bigger than 4.3 billion people. That means that if we were to interconnect every single human into the internet, we will not have enough addresses. And not all of us are connected to the internet, but those of us who are, you know that we have more than one device at our disposal. We might have a computer, a laptop, mobile phones, you name it. And all of them need IP addresses. So that's why Network Address Translation exists because it translates your communication from a private IP to a public IP address. That's the main purpose: translate. 02:05 Nikita: Okay, so with NAT handling the IP translation, how do we ensure that the right data reaches the right device within a network? Or to put it differently, what directs external traffic to specific devices inside a network? Sergio: Port forwarding works in a reverse way to Network Address Translation. So, let's assume that this PC here, you want to turn it into a web server. So, people from the outside, customers from the outside of your local area network, will access your PC web server. Let's say that it's an online store. Now all of these devices are using the same public IP address. So how would the traffic be routed specifically to this PC and not to the camera or to the laptop, which is not a web server, or to your IP TV? So, this is where port forwarding comes into play. Basically, whenever it detects a request coming to port, it will route it and forward that request to your PC. It will allow anybody, any external device that wants to access this particular one, this particular web server, for the session to be established. So, it's a permission that you're allowing to this PC and only to this PC. The other devices will still be isolated from that list. That's what port forwarding is. 03:36 Lois: Sergio, let's talk about networking devices. What are some of the key ones, and what role do they play in connecting everything together? Sergio: There's plenty of devices for interconnectivity. These are devices that are different from the actual compute instances, virtual machines, cameras, and IPTV. These are for interconnecting networks. And they have several functionalities. 03:59 Nikita: Yeah, I often hear about a default gateway. Could you explain what that is and why it's essential for a network to function smoothly? Sergio: A gateway is basically where a web browser goes and asks a service from a web server. We have a gateway in the middle that will take us to that web server. So that's basically is the router. A gateway doesn't necessarily have to be a router. It depends on what device you're addressing at a particular configuration. So, a gateway is a connectivity device that connects two different networks. That's basically the functionality.  04:34 Lois: Ok. And when does one use a default gateway? Sergio: When you do not have a specific route that is targeting a specific router. You might have more than one router in your network, connecting to different other local area networks. You might have a route that will take you to local area network B. And then you might have another router that is connecting you to the internet. So, if you don't have a specific route that will take you to local area network B, then it's going to be utilizing the default gateway. It directs data packets to other networks when no specific route is known. In general terms, the default gateway, again, it doesn't have to be a router. It can be any devices. 05:22 Nikita: Could you give us a real-world example, maybe comparing a few of these devices in action, so we can see how they work together in a typical network? Sergio: For example, we have the hub. And the hub operates at the physical layer or layer 1. And then we have the switch. And the switch operates at layer 2. And we also have the router. And the router operates at layer 3. So, what's the big difference between these devices and the layers that they operate in? So, hubs work in the physical layer of the OSI model. And basically, it is for connecting multiple devices and making them act as a single network segment. Now, the switch operates at the data link layer and is basically a repeater, and is used for filtering content by reading the addresses of the source and destination. And these are the MAC addresses that I'm talking about. So, it reads where the packet is coming from and where is it going to at the local area network level. It connects multiple network segments. And each port is connected to a different segment. And the router is used for routing outside of your local area network, performs traffic directing functions on the internet. A data packet is typically forwarded from one router to another through different networks until it reaches its destination node. The switch connects multiple network segments. And each port of the switch is connected to a different segment. And the router performs traffic directing functions on the internet. It takes data from one router to another, and it works at the TCP/IP network layer or internet layer. 07:22 Lois: Sergio, what kind of devices help secure a network from external threats? Sergio: The network firewall is used as a security device that acts as a barrier between a trusted internal network and an untrusted external network, such as the internet. The network firewall is the first line of defense for traffic that passes in and out of your network. The firewall examines traffic to ensure that it meets the security requirements set by your organization, or allowing, or blocking traffic based on set criteria. And the main benefit is that it improves security for access management and network visibility. 08:10 Are you keen to stay ahead in today's fast-paced world? We've got your back! Each quarter, Oracle rolls out game-changing updates to its Fusion Cloud Applications. And to make sure you're always in the know, we offer New Features courses that give you an insider's look at all of the latest advancements. Don't miss out! Head over to mylearn.oracle.com to get started.  08:36 Nikita: Welcome back! Sergio, how do networks manage who can and can't enter based on certain permissions and criteria? Sergio: The access control list is like the gatekeeper into your local area network. Think about the access control list as the visa on your passport, assuming that the country is your local area network. Now, when you have a passport, you might get a visa that allows you to go into a certain country. So the access control list is a list of rules that defines which users, groups, or systems have permissions to access specific resources on your networks.  It is a gatekeeper, that is going to specify who's allowed and who's denied. If you don't have a visa to go into a specific country, then you are denied. Similar here, if you are not part of the rule, if the service that you're trying to access is not part of the rules, then you cannot get in. 09:37 Lois: That's a great analogy, Sergio. Now, let's turn our attention to one of the core elements of network security: authentication and authorization. Orlando, can you explain why authentication and authorization are such crucial aspects of a secure cloud network? Orlando: Security is one of the most critical pillars in modern IT systems. Whether you are running a small web app or managing global infrastructure, every secure system starts by answering two key questions. Who are you, and what are you allowed to do? This is the essence of authentication and authorization. Authentication is the first step in access control. It's how a system verifies that you are who you claim to be. Think of it like showing your driver's license at a security checkpoint. The guard checks your photo and personal details to confirm your identity. In IT systems, the same process happens using one or more of these factors. It will ask you for something you know, like a password. It will ask you for something that you have, like a security token, or it will ask you for something that you are, like a fingerprint. An identity does not refer to just a person. It's any actor, human or not, that interacts with your systems. Users are straightforward, think employees logging into a dashboard. But services and machines are equally important. A backend API may need to read data from a database, or a virtual machine may need to download updates. Treating these non-human identities with the same rigor as human ones helps prevent unauthorized access and improves visibility and security. After confirming your identity, can the system move on to deciding what you're allowed to access? That's where authorization comes in. Once authentication confirms who you are, authorization determines what you are allowed to do. Sticking with the driver's license analogy, you've shown your license and proven your identity, but that doesn't mean that you can drive anything anywhere. Your license class might let you drive a car, not a motorcycle or a truck. It might be valid in your country, but not in others. Similarly, in IT systems, authorization defines what actions you can take and on which resources. This is usually controlled by policies and roles assigned to your identity. It ensures that users or services only get access to the things they are explicitly allowed to interact with. 12:34 Nikita: How can organizations ensure secure access across their systems, especially when managing multiple users and resources?  Orlando: Identity and Access Management governs who can do what in our systems. Individually, authentication verifies identity and authorization grants access. However, managing these processes at scale across countless users and resources becomes a complex challenge. That's where Identity and Access Management, or IAM, comes in. IAM is an overarching framework that centralizes and orchestrates both authentication and authorization, along with other critical functions, to ensure secure and efficient access to resources.  13:23 Lois: And what are the key components and methods that make up a robust IAM system? Orlando: User management, a core component of IAM, provides a centralized Identity Management system for all user accounts and their attributes, ensuring consistency across applications. Key functions include user provisioning and deprovisioning, automating account creation for new users, and timely removal upon departure or role changes. It also covers the full user account lifecycle management, including password policies and account recovery. Lastly, user management often involves directory services integration to unify user information. Access management is about defining access permissions, specifically what actions users can perform and which resources they can access. A common approach is role-based access control, or RBAC, where permissions are assigned to roles and users inherit those permissions by being assigned to roles. For more granular control, policy-based access control allows for rules based on specific attributes. Crucially, access management enforces the principle of least privilege, granting only the minimum necessary access, and supports segregation of duties to prevent conflicts of interest. For authentication, IAM systems support various methods. Single-factor authentication, relying on just one piece of evidence like a password, offers basic security. However, multi-factor authentication significantly boosts security by requiring two or more distinct verification types, such as a password, plus a one-time code. We also have biometric authentication, using unique physical traits and token-based authentication, common for API and web services. 15:33 Lois: Orlando, when it comes to security, it's not just about who can access what, but also about keeping track of it all. How does auditing and reporting maintain compliance? Orlando: Auditing and reporting are essential for security and compliance. This involves tracking user activities, logging all access attempts and permission changes. It's vital for meeting compliance and regulatory requirements, allowing you to generate reports for audits. Auditing also aids in security incident detection by identifying unusual activities and providing data for forensic analysis after an incident. Lastly, it offers performance and usage analytics to help optimize your IAM system.  16:22 Nikita: That was an incredibly informative conversation. Thank you, Sergio and Orlando, for sharing your expertise with us. If you'd like to dive deeper into these concepts, head over to mylearn.oracle.com and search for the Cloud Tech Jumpstart course. Lois: I agree! This was such a great conversation! Don't miss next week's episode, where we'll continue exploring key security concepts to help organizations operate in a scalable, secure, and auditable way. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 16:56 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.  

Identity At The Center
#383 - Navigating Identity and AI with IDPro at Authenticate 2025

Identity At The Center

Play Episode Listen Later Nov 3, 2025 52:07


Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with Dr. Tina Srivastava, an IDPro board member and co-founder of Badge Inc., for a crucial discussion on the rapidly evolving landscape of identity and authentication.Tina shares her insights on the conference, the evolution from physical hacks to sophisticated AI-driven threats like supercharged phishing, and the current challenges facing the industry. The conversation delves into the complexities of synced Passkeys, the critical vulnerability of account recovery processes, and the slow pace of regulation in keeping up with technology.As a board member for IDPro, Tina highlights the immense value of the practitioner-focused community, the supportive culture within its Slack channels, and makes an exciting announcement about the creation of new member-driven committees to shape the future of the organization. They explore the concept of the "AI arms race" and why identity professionals cannot afford to wait for the next big thing, emphasizing that collaboration and information sharing through communities like IDPro are essential to staying ahead of adversaries.Connect with Tina: https://www.linkedin.com/in/tina-s-8291438a/Find out more about IDPro: https://www.idpro.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Introduction and Greetings00:16 Highlights from Authenticate 202501:39 FIDO Feud Rematch Discussion03:17 Guest Introduction: Tina Srivastava03:46 Conference Insights and AI Challenges06:16 Regulatory Environment and Passkeys09:11 Phishing and AI Supercharged Attacks12:28 QR Codes and Accessibility Issues13:09 The Importance of Phishing Resistant Authentication22:24 IDPro Community and Practitioner Support25:18 Community Support and Engagement26:26 IDPro's Role in Identity Events27:48 Future Directions for IDPro29:19 Introducing Committees in IDPro30:39 AI and Identity Verification37:07 The Importance of Information Sharing45:35 Public Speaking and Personal Growth50:58 Conclusion and Final ThoughtsKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Tina Srivastava, IDPro, Authenticate 2025, Passkeys, AI, Artificial Intelligence, Cybersecurity, Phishing, Deepfakes, Authentication, Account Recovery, Biometrics, Identity and Access Management, IAM, NIST, Regulation, Identity Verification, Synced Passkeys, FIDO Alliance

Identity At The Center
#382 - Sponsor Spotlight - HYPR

Identity At The Center

Play Episode Listen Later Oct 29, 2025 48:22


This episode is sponsored by HYPR. Visit hypr.com/idac to learn more.In this episode from Authenticate 2025, Jim McDonald and Jeff Steadman are joined by Bojan Simic, Co-Founder and CEO of HYPR, for a sponsored discussion on the evolving landscape of identity and security.Bojan shares his journey from software engineer to cybersecurity leader and dives into the core mission of HYPR: providing fast, consistent, and secure identity controls that complement existing investments. The conversation explores the major themes from the conference, including the push for passkey adoption at scale and the challenge of securely authenticating AI agents.A key focus of the discussion is the concept of "Know Your Employee" (KYE) in a continuous manner, a critical strategy for today's remote and hybrid workforces. Bojan explains how the old paradigm of one-time verification is failing, especially in the face of sophisticated, AI-powered social engineering attacks like those used by Scattered Spider. They discuss the issue of "identity sprawl" across multiple IDPs and why consolidation isn't always the answer. Instead, Bojan advocates for a flexible, best-of-breed approach that provides a consistent authentication experience and leverages existing security tools.Connect with Bojan: https://www.linkedin.com/in/bojansimic/Learn more about HYPR: https://www.hypr.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comChapter Timestamps:00:00 - Introduction at Authenticate 202500:23 - Sponsored Episode Welcome: Bojan Simic, CEO of HYPR01:11 - How Bojan Simic Got into Identity and Cybersecurity02:10 - The Elevator Pitch for HYPR04:03 - The Buzz at Authenticate 2025: Passkeys and Securing AI Agents05:29 - The Trend of Continuous "Know Your Employee" (KYE)07:33 - Is Your MFA Program Enough Anymore?09:44 - Hackers Don't Break In, They Log In: The Scattered Spider Threat11:19 - How AI is Scaling Social Engineering Attacks Globally13:08 - When a Breach Happens, Who's on the Hook? IT, Security, or HR?16:23 - What is the Right Solution for Identity Practitioners?17:05 - The Critical Role of Internal Marketing for Technology Adoption22:27 - The Problem with Identity Sprawl and the Fallacy of IDP Consolidation25:47 - When is it Time to Move On From Your Existing Identity Tools?28:16 - The Role of Document-Based Identity Verification in the Enterprise32:31 - What Makes HYPR's Approach Unique?35:33 - How Do You Measure the Success of an Identity Solution?36:39 - HYPR's Philosophy: Never Leave a User Stranded39:00 - Authentication as a Tier Zero, Always-On Capability40:05 - Is Identity Part of Your Disaster Recovery Plan?41:36 - From the Ring to the C-Suite: Bojan's Past as a Competitive Boxer47:03 - How to Learn More About HYPRKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Bojan Simic, HYPR, Passkeys, Know Your Employee, KYE, Continuous Identity, Identity Verification, Authenticate 2025, Phishing Resistant, Social Engineering, Scattered Spider, AI Security, Identity Sprawl, Passwordless Authentication, FIDO, MFA, IDP Consolidation, Zero Trust, Cybersecurity, IAM, Identity and Access Management, Enterprise Security

Identity At The Center
#381 - Beyond Human: Taming the Wild West of Non-Human Identities with Steve Rennick

Identity At The Center

Play Episode Listen Later Oct 27, 2025 74:36


In this episode, Jim McDonald and Jeff Steadman are joined by Steve Rennick, Senior Leader for IAM Architecture at Ciena, for a wide-ranging discussion on the most pressing topics in identity today.The conversation kicks off with a practical look at vendor demos, sharing best practices for cutting through the slideware and getting to the heart of a product's capabilities. From there, they dive deep into the complex world of Non-Human Identities (NHI). Steve shares his practitioner's perspective on why NHIs are such a hot topic, the challenges of managing them, and the risks they pose when left unchecked.The discussion covers:Why traditional IAM approaches fail for non-human identities.The importance of visibility and creating a standardized process for NHI creation.The debate around terminology: NHI vs. machine identity vs. service accounts.The reasons for NHI's current prominence, including threat actors shifting focus away from MFA-protected human accounts.Practical, actionable advice for getting a handle on legacy service accounts.The emerging challenge of IAM for AI and the complexities of managing agentic AI.The critical role of authorization and the future of policy-based access control.Whether you're struggling with service account sprawl, preparing for an AI-driven future, or just want to run more effective vendor demos, this episode is packed with valuable insights.Connect with Steve: https://www.linkedin.com/in/steven-rennick/ARIA (Agent Relationship-Based Identity & Authorization) LinkedIn Post from Patrick Parker: https://www.linkedin.com/posts/patrickparker_ai-agent-authorization-activity-7335265428774031360-braE/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comCHAPTER TIMESTAMPS:00:00:10 - Introduction & The Art of the Vendor Demo00:08:02 - Steve Rennick's Take on Vendor Demos00:12:39 - Formal Introduction: Steve Rennick00:14:45 - Recapping the Identiverse Squabble Game Show00:17:22 - The Hot Topic of Non-Human Identities (NHI)00:22:22 - Is NHI a Joke or a Serious Framework?00:26:41 - The Controversy Around the Term "NHI"00:30:24 - How to Simplify NHI for Practitioners00:34:06 - First Steps for Getting a Handle on NHI00:37:20 - Can Active Directory Be a System of Record for NHI?00:45:08 - Why is NHI a Hot Topic Right Now?00:51:19 - The Challenge of Cleaning Up Legacy NHIs00:58:00 - IAM for AI: Managing a New Breed of Identity01:03:33 - The Future is Authorization01:06:22 - The Zero Standing Privilege Debate01:10:39 - Favorite Dinosaurs and OutroKEYWORDS:NHI, Non-Human Identity, Machine Identity, Service Accounts, Vendor Demos, IAM for AI, Agentic AI, Authorization, Zero Trust, Zero Standing Privilege, Secrets Management, IAM Strategy, Cybersecurity, Identity and Access Management, Steve Rennick, Ciena, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

Trust Issues
EP 17 - Privilege creep and the machine identity surge: Securing the modern enterprise

Trust Issues

Play Episode Listen Later Oct 9, 2025 49:57


In this episode of Security Matters, Chris Schueler, CEO of Cyderes, joins host David Puner for a dive into the evolving challenges of enterprise security. The conversation explores the dangers of privilege creep, the explosion of machine identities, and why accountability at every point of interaction is essential for building resilient teams and systems. Chris shares insights on the risks of unmanaged access, the impact of AI and automation on both defense and attack strategies, and practical advice for CISOs and boards on managing identity risk while enabling business transformation. Whether you're a security leader, practitioner, or simply interested in the future of cybersecurity, this episode delivers actionable guidance and fresh perspectives on safeguarding your organization's reputation, continuity, and trust.

Security Unfiltered
Cloud, AI, and the Future of Identity Access Management

Security Unfiltered

Play Episode Listen Later Sep 22, 2025 45:18 Transcription Available


Send us a textArt Poghosyan shares his journey from IT security consultant to CEO of Britive, a cloud-native identity and access management company. His experience during economic downturns shaped his understanding of how cybersecurity services remain resilient through various market cycles.• Started in IT security right after completing a master's in technology risk management• Worked with early IAM solutions including LDAP directories, SSO, and authentication systems• Founded Advanced Technology Solutions focusing on IAM implementation services• Identified growing challenges with traditional IAM solutions in cloud environments• Created Britive to address cloud-native identity management challenges• Witnessed explosion of machine identities in cloud environments creating security risks• Now focused on securing new identity types including AI and agentic identities• Cybersecurity consulting proves relatively recession-proof as security needs persist in both growth and contraction• Capital One AWS breach highlighted risks of excessive privileges in cloud environments• Current focus includes securing agent-to-agent interactions in AI systemsConnect with Art on LinkedIn or email him at art@britive.com to learn more about Britive's solutions for cloud and AI identity challenges. 

Matrix Moments by Matrix Partners India
217: How Scalekit is Revolutionizing Access Management for Agents | Zero to Infinity

Matrix Moments by Matrix Partners India

Play Episode Listen Later Sep 17, 2025 30:23


In the near future, less than 10% of access will come from humans, the rest will be agents? What happens when your next user isn't human? In this episode of the #ZeroToInfinity podcast, Pranay Desai sits down with Satya Devarakonda and Ravi Madabhushi, founders of ScaleKit, to decode a fundamental shift in software: the rise of agents as first-class users. Humans log in and out with predictable patterns. Agents are transient, transactional, and unpredictable, hitting systems hundreds of times a minute. ScaleKit's modular approach is built for this new reality, where AI agents, not humans, dominate usage. Satya and Ravi bring rare scar tissue and foresight. From PipeMog in 2013, to FreshID at Freshworks, to now ScaleKit, they've spent a decade solving identity and access at scale, and are rethinking it for an agent-first world. The duo also shares what it means to build again as second-time founders: why distribution matters more than product, what they've unlearned from Freshworks, and how agents are evolving from assistants into colleagues who accelerate productivity.

Identity At The Center
#368 - Sponsor Spotlight - P0 Security

Identity At The Center

Play Episode Listen Later Aug 20, 2025 51:37


This episode is sponsored by P0 Security. Visit p0.dev/idac to learn why P0 is the easiest and fastest way to implement just-in-time, short-lived, and auditable access to your entire infrastructure stack, like servers, databases, Kubernetes clusters, cloud consoles, and cloud services, for users as well as non-human identities.In this sponsor spotlight episode, Jim and Jeff are joined by Shashwat Sehgal, CEO and founder of P0 Security, to discuss the evolving challenges of privileged access management in modern, cloud-native environments. Shashwat explains how traditional PAM solutions often create friction for developers, leading to over-provisioning and security risks, and how P0 is tackling this problem with a developer-first, just in time (JIT) access model. The conversation covers the core problems with developer productivity, how P0's use of technologies like eBPF provides deep visibility and control without agents, the "Priority Zero" philosophy, and how a JIT approach simplifies audits and compliance. They also discuss the competitive landscape and what sets P0 Security apart from traditional and open-source solutions.Learn more about P0: https://www.p0.dev/idacConnect with Shashwat: https://www.linkedin.com/in/shashwatsehgal/Chapter Timestamps:00:00 - Podcast Intro00:29 - Sponsor Introduction: P0 Security01:38 - What is the problem P0 Security is trying to solve?03:52 - Defining "Just-in-Time" (JIT) Access06:21 - The challenge with traditional PAM for developers08:23 - How P0 provides access without agents using eBPF12:15 - What does the user experience look like?15:58 - Supporting various infrastructure and access protocols19:15 - How does P0 handle session recording and auditing?22:20 - Is this a replacement for Privileged Access Management (PAM)?26:40 - The story behind the name P0 Security29:20 - Who is the ideal customer for P0?33:15 - Handling break-glass scenarios36:04 - Discussing the competitive landscape42:30 - How is P0 deployed? (Cloud vs. On-prem)46:50 - The future of P0 and the "Priority Zero" philosophy50:32 - Final thoughts: "Access is our priority zero."Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:P0 Security, Shashwat Sagal, Privileged Access Management, PAM, Just-in-Time Access, JIT, Developer Security, Cloud-Native Security, Hybrid Cloud, eBPF, Kubernetes, IAM, Identity and Access Management, Cybersecurity, Zero Trust, Ephemeral Access, Developer Experience, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

ITSPmagazine | Technology. Cybersecurity. Society
Access Roulette: How to Stop Betting Your Security on Standing Privileges | A Brand Story with Ofir Stein, CTO and Co-Founder of Apono | A Black Hat USA 2025 Conference On Location Brand Story

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 15, 2025 18:19


At Black Hat 2025, Sean Martin sits down with Ofir Stein, CTO and Co-Founder of Apono, to discuss the pressing challenges of identity and access management in today's hybrid, AI-driven environments. Stein's background in technology infrastructure and DevOps, paired with his co-founder's deep cybersecurity expertise, positions the company to address one of the most common yet critical problems in enterprise security: how to secure permissions without slowing the pace of business.Organizations often face a tug-of-war between security teams seeking to minimize risk and engineering or business units pushing for rapid access to systems. Stein explains that traditional approaches to access control — where permissions are either always on or granted through manual processes — create friction and risk. Over-provisioned accounts become prime targets for attackers, while delayed access slows innovation.Apono addresses this through a Zero Standing Privilege approach, where no user — human or non-human — retains permanent permissions. Instead, access is dynamically granted based on business context and automatically revoked when no longer needed. This ensures engineers and systems get the right access at the right time, without exposing unnecessary attack surfaces.The platform integrates seamlessly with existing identity providers, governance systems, and IT workflows, allowing organizations to centralize visibility and control without replacing existing tools. Dynamic, context-based policies replace static rules, enabling access that adapts to changing conditions, including the unpredictable needs of AI agents and automated workflows.Stein also highlights continuous discovery and anomaly detection capabilities, enabling organizations to see and act on changes in privilege usage in real time. By coupling visibility with automated policy enforcement, organizations can not only identify over-privileged accounts but also remediate them immediately — avoiding the cycle of one-off audits followed by privilege creep.The result is a solution that scales with modern enterprise needs, reduces risk, and empowers both security teams and end users. As Stein notes, giving engineers control over their own access — including the ability to revoke it — fosters a culture of shared responsibility for security, rather than one of gatekeeping.Learn more about Apono: https://itspm.ag/apono-1034Note: This story contains promotional content. Learn more.Guest:Ofir Stein, CTO and Co-Founder of Apono | On LinkedIn: https://www.linkedin.com/in/ofir-stein/ResourcesLearn more and catch more stories from Apono: https://www.itspmagazine.com/directory/aponoLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, ofir stein, apono, zero standing privilege, access management, identity security, privilege creep, just in time access, ai security, governance, cloud security, black hat, black hat usa 2025, cybersecurity, permissions

Apple @ Work
Solving access management and control for small businesses

Apple @ Work

Play Episode Listen Later Jul 29, 2025 25:09


Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, Sergio Sousa and Alcyr Araujo join the show to discuss the challenges small businesses face with access control and management for apps and services, and why they launched AccessMule. Show Notes SMB Survey on Access Management Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

Identity At The Center
#363 - Sponsor Spotlight - Natoma

Identity At The Center

Play Episode Listen Later Jul 23, 2025 50:03


This episode is sponsored by Natoma. Visit https://www.natoma.id/ to learn more.Join Jeff from the IDAC Podcast as he dives into a deep conversation with Paresh Bhaya, the co-founder of Natoma. In this sponsored episode, Paresh shares his journey into the identity space, discusses how Natoma helps enterprises accelerate AI adoption without compromising security, and provides insights into the rising importance of MCP and A2A protocols. Learn about the challenges and opportunities at the intersection of AI and security, the importance of dynamic access controls, and the significance of ensuring proper authentication and authorization in the growing world of agentic AI. Paresh also delights us with his memorable hike up Mount Whitney. Don't miss out!00:00 Introduction and Sponsor Announcement00:34 Guest Introduction: Paresh Bhaya from Natoma01:14 Paresh's Journey into Identity04:04 Natoma's Mission and AI Security06:25 The Story Behind Natoma's Name09:29 Natoma's Unique Approach to AI Security18:32 Understanding MCP and A2A Protocols25:20 Community Development and Adoption25:56 Agent Interactions and Security Challenges27:19 Navigating Product Development29:17 Ensuring Secure Connections36:10 Deploying and Managing MCP Servers42:40 Shadow AI and Governance44:17 Personal Anecdotes and ConclusionConnect with Paresh: https://www.linkedin.com/in/paresh-bhaya/Learn more about Natoma: https://www.natoma.id/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Natoma, Paresh Bhaya, Artificial Intelligence, AI, AI Security, Identity and Access Management, IAM, Enterprise Security, AI Adoption, Technology, Innovation, Cybersecurity, Machine Learning, AI Risks, Secure AI, #idac

Identity At The Center
#362 - Identiverse 2025 - Diane Vicezar, DIAF Kim Cameron Award Winner

Identity At The Center

Play Episode Listen Later Jul 21, 2025 37:32


In this episode of Identity at the Center, recorded live from Identiverse 2025 in Las Vegas, Jim McDonald and Jeff Steadman are joined by special guests Diane Vicezar and Arynn Crow. Diane is a recent recipient of the Digital Identity Advancement Foundation's (DIAF) prestigious Kim Cameron Award, and Arynn is the Director of Governance and Transparency for DIAF.Join us for a conversation about breaking into the identity and access management (IAM) industry. Diane shares her journey from a college intern at Microsoft to a full-time employee in the identity space, and what her experience has been like as a first-time attendee at Identiverse. Arynn provides valuable insights into the mission of DIAF, which aims to make professional development in identity more accessible through merit-based awards like the Kim Cameron Award for newcomers and the Victoria O'Connor Award for established professionals.The group discusses the critical question of how the industry can attract new talent. Do people choose a career in identity, or does it choose them? They explore the importance of outreach to universities, the power of social media, and reframing the narrative around identity to focus on its mission-driven impact on society. From career ceilings and the role of AI to favorite conference sessions and hallway conversations, this episode is packed with insights for both seasoned professionals and those just starting their identity journey.Chapter Timestamps00:00:10 - Welcome to Identiverse 202500:02:21 - Introducing Diane Vicezar and Arynn Crow00:03:00 - What is the Digital Identity Advancement Foundation (DIAF)?00:05:33 - Diane's Experience as a Kim Cameron Award Winner00:07:26 - The Legacy of Kim Cameron and Vittorio Bertocci00:10:17 - How Did You Get Into Identity?00:12:08 - How to Attract New Talent to the Identity Industry00:16:51 - Reframing the Conversation Around Identity's Mission00:20:27 - Is There a Career Ceiling in Identity?00:22:34 - Advice for Those Starting Their Career in Identity00:27:10 - The Future of AI in the Identity Industry00:28:32 - Favorite Sessions at Identiverse 202500:34:15 - If You Were a Potato, How Would You Be Prepared?00:36:20 - Closing RemarksConnect with Diana: https://www.linkedin.com/in/dianavicezar/Connect with Arynn: https://www.linkedin.com/in/arynn-crow-821761103/Learn more about the Digital Identity Advancement Foundation: https://digitalidadvancement.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Diane Vicezar, Arynn Crow, Digital Identity Advancement Foundation, DIAF, Kim Cameron Award, Identiverse 2025, Identity and Access Management, IAM, Career in Identity, Cybersecurity, Professional Development, Women in Identity, Identity Industry, Microsoft, AI in Identity, FIDO, Passkeys, Verifiable CredentialsHashtags#idac #Identiverse #DigitalIdentity #IAM #Cybersecurity #CareerDevelopment #WomenInTech #DIAF #KimCameronAward

SecureChat Podcast
The IAM Maturity Journey: Balancing Innovation, Complexity & Compliance

SecureChat Podcast

Play Episode Listen Later Jul 21, 2025 19:49


RKON Chief Revenue Officer, Brian Jeffords, sits down with Chief Information Security Officer, Gerard Onorato, and Director of IAM & Zero Trust, Duane Clouse, to unpack how organizations are navigating the growing complexity of Identity and Access Management. Together, they explore the challenges of managing identities across hybrid environments, diverse tools, and expanding user types—while addressing mounting regulatory pressure, evolving cyber threats, and the accelerating pace of technology.

Identity At The Center
#360 - Sponsor Spotlight - Trusona

Identity At The Center

Play Episode Listen Later Jul 9, 2025 53:37


This episode is sponsored by Trusona. Visit trusona.com/idac to learn more.In this episode of the Identity of the Center podcast, Jeff and Jim discuss identity verification challenges with Ori Eisen, the founder and CEO of Trusona. The conversation explores the problems surrounding help desk authentication and how Trusona's new product, ATO Protect, aims to address these issues by confirming caller identities, even in scenarios involving social engineering and advanced AI threats. Ori explains the technology behind document scanning, data triangulation, and geolocation to validate identities. The episode also includes an intriguing hack challenge for listeners to test the robustness of Trusona's solutions. Check out the detailed demo on Trusona's website and join the challenge!Timestamps00:00 Introduction and Episode Excitement01:16 Introducing the Guest: Ori Eisen from Trusona02:11 The Problem with Passwordless Authentication03:53 The Rise of Gen AI and Its Impact on Security04:51 Understanding ATO Protect and Its Importance16:10 How ATO Protect Works: A Step-by-Step Guide27:51 The Puppeteering Scam Unveiled28:24 Fingerprinting the Fraudsters29:11 Real-Time Fraud Detection Demo29:42 Challenges in Penetration Testing30:08 Combating Man-in-the-Middle Attacks30:41 The Ultimate Security Challenge33:44 Verifying Caller Identity41:24 Future Threats in Cybersecurity42:10 AI: The Double-Edged Sword49:08 Issuing the Hack Challenge52:45 Conclusion and Final ThoughtsConnect with Ori: https://www.linkedin.com/in/orieisen/Learn more about Trusona: https://www.trusona.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Trusona, Ori Eisen, Identity Verification, Help Desk Security, Service Desk, Passwordless, Authentication, KBA, Knowledge-Based Authentication, Cybersecurity, Identity and Access Management, IAM, Multi-Factor Authentication, MFA, Zero Trust, Identity Proofing#IDAC #Trusona #Passwordless #Cybersecurity #IdentityManagement #HelpDesk #ZeroTrust

Cloud Security Podcast
Adapting to New Threats, Copilot Risks & The Future of Data (Feat. Matthew Radolec, Varonis)

Cloud Security Podcast

Play Episode Listen Later Jun 3, 2025 39:31


AI is reshaping cybersecurity as we know it. From sophisticated AI-driven phishing attacks to the amplified risk of insider threats using tools like Copilot, the landscape is shifting at an unprecedented pace. How can security leaders and practitioners adapt?Join Ashish Rajan and Matthew Radolec (Varonis) as they explore the critical challenges and opportunities AI presents. Learn why 86% of attacks involve credential misuse and how AI agents are making it easier than ever for non-technical insiders to exfiltrate data.In this episode, you'll learn about:The "Blast Radius": How AI tools can dramatically increase data exposure.From "Breaking In" to "Logging In": The dominance of credential-based attacks.AI-Powered Social Engineering: The rise of "conversational bait".Copilot Use Cases & "Aha!" MomentsData Integrity in AI: The critical, overlooked pillar of AI security.The Enduring Importance of Access Management in an AI World.Transforming Security Operations: AI for incident response, playbooks, and forensics.Guest Socials - ⁠Matt's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(01:57) New Threat Landscape in Cloud & AI(08:08) Use cases for regulated industries(10:03) Impact of Agentic AI in the cybersecurity space(12:22) Blind spots of going into AI(18:06) Shared responsibility for LLM providers(20:56) Lifting up security programs for AI(27:82) How is incident response changing with AI?(29:30) Cybersecurity areas that will be most impacted by AI(34:43) The Fun SectionThank you to our episode sponsor Varonis

Identity At The Center
#352 - Misinformation vs. Disinformation in IAM with Alejandro Leal

Identity At The Center

Play Episode Listen Later Jun 2, 2025 40:29


In this episode of Identity at the Center, Jeff Steadman and Jim McDonald are joined by Alejandro Leal, Senior Analyst at KuppingerCole, live from the EIC 2025 stage in Berlin, Germany.Alejandro delves into the critical distinctions between misinformation and disinformation, exploring their historical context and how they manifest in today's technological landscape, particularly within social media and legacy media. He discusses the intent behind disinformation, often aimed at creating chaos or confusion, versus misinformation, which can be an unintentional spread of false or inaccurate information.Chapters:00:00:00 Defining Misinformation vs. Disinformation & Historical Context00:02:00 Introduction at EIC 2025 & Guest Welcome00:06:14 The Role of Intent, Generative AI, and Countermeasures00:12:15 Impact of Mis/Disinformation on Business, Politics, and Philosophy00:16:02 How Mis/Disinformation Intersects with Identity Management00:18:07 Balancing Anonymity, Privacy, and Truthful Content Online00:23:09 Connecting to Digital Identity, Verification, and Potential Solutions (AI Labeling, VCs)00:26:45 AI Guardrails, Free Speech vs. Hate Speech, and Authenticity00:29:24 Worst-Case Scenarios and the Global Impact of Mis/Disinformation00:31:24 Actionable Advice: Responsibility and Critical Thinking00:35:38 Book Recommendation: "The Question Concerning Technology"00:39:31 Wrapping Up and Final ThoughtsConnect with Alejandro: https://www.linkedin.com/in/alejandro-leal-a127bb153/The Question Concerning Technology (essay): https://bpb-us-e2.wpmucdn.com/sites.uci.edu/dist/a/3282/files/2018/01/Heidegger_TheQuestionConcerningTechnology.pdfConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Alejandro Leal, KuppingerCole, EIC 2025, Misinformation, Disinformation, Identity and Access Management, IAM, Digital Identity, Cybersecurity, Tech Podcast, Technology Ethics, Generative AI, AI Ethics, Truth in Media, Social Media Responsibility, Privacy Rights, Verifiable Credentials, Critical Thinking Skills, Fake News, Online Safety, Political Disinformation, Business Reputation, Philosophical Tech Discussions, Martin Heidegger, The Question Concerning Technology.

Identity At The Center
#351 - Jerome Thorstenson on B2B Identity First Security

Identity At The Center

Play Episode Listen Later May 26, 2025 35:14


In this episode of Identity at the Center, hosts Jeff Steadman and Jim McDonald are joined by Jerome Thorstenson, IAM Architect with Salling Group, live from EIC 2025 in Berlin! Jerome shares his insights on B2B identity, the challenges of managing access for a complex supply chain, and the importance of an identity-first approach.Discover how Salling Group, operating major labels like Target and Starbucks, handles identity for thousands of employees and external partners. Jerome dives into the complexities of balancing security, user experience, and the practicalities of implementing IGA and ABAC.From navigating the challenges of data quality and high employee turnover to the nuances of transitioning between IGA systems, this episode offers valuable insights for identity practitioners.Chapter Timestamps:00:00:00 - B2B Identity Challenges00:02:14 - Welcome to Identity at the Center from EIC 202500:04:14 - Jerome's Journey into Identity00:05:19 - Salling Group Overview00:06:57 - Securing B2B - Jerome's Presentation00:10:54 - Controlling Access in B2B00:11:41 - Identity as a Product00:14:51 - The Role of the IAM Practitioner00:16:31 - ABAC as a Game Changer00:21:00 - Language Considerations in a European Context00:22:33 - Employee Turnover Challenges00:25:07 - IGA Implementation Insights00:29:28 - Identity Fabric Discussion00:31:21 - Jerome's Caribbean Background00:34:06 - Wrap-up and Contact InformationConnect with Jerome: https://www.linkedin.com/in/jetdk/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, EIC 2025, B2B Identity, Identity First Security, IAM, Identity and Access Management, Supply Chain Security, IGA, ABAC, Attribute-Based Access Control, Role-Based Access Control, Identity Fabric, Digital Identity, Cybersecurity, Data Quality, Employee Turnover, Caribbean

Paul's Security Weekly
The Future of Access Management - Jeff Shiner - ESW #404

Paul's Security Weekly

Play Episode Listen Later Apr 28, 2025 120:22


As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He'll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The cause is VERY interesting All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-404