Podcasts about Authorization

  • 733PODCASTS
  • 1,763EPISODES
  • 51mAVG DURATION
  • 1WEEKLY EPISODE
  • Aug 29, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about Authorization

Show all podcasts related to authorization

Latest podcast episodes about Authorization

Skagway Borough Assembly Meetings
Borough Assembly: Special Meeting - August 28, 2025

Skagway Borough Assembly Meetings

Play Episode Listen Later Aug 29, 2025 9:09


5. Executive Session:To discuss matters which by law, municipal charter, or ordinance are required to be confidential: Discussion with borough attorney regarding Hosford v Municipality of Skagway6. USACE Cooperation Agreement re: Skagway River Levee; Authorization for Manager to SignMeeting Packet

CCNS Update
New Mexico Environment Department Must Reject LANL's Request for Temporary Authorization to Vent Tritium

CCNS Update

Play Episode Listen Later Aug 28, 2025 4:21


Given the recent data dumps by Los Alamos National Laboratory (LANL) aboutits proposed venting of large quantities of radioactive tritium from four Flanged TritiumWaste Containers, the New Mexico Environment Department must reject LANL'sAugust 22 nd regulatory request for temporary authorization to vent. This Updatedescribes some of the obstacles LANL put in place to obstruct public participation andtimely access to important documents.

Clark County Today News
La Center School District responds to teachers' union strike authorization vote

Clark County Today News

Play Episode Listen Later Aug 23, 2025 2:19


La Center School District addressed a strike authorization vote by the La Center Education Association, saying they expect school to start on schedule. Superintendent Peter Rosenkranz and the Board said progress has been made in negotiations, though salary increases remain unresolved. https://www.clarkcountytoday.com/news/la-center-school-district-responds-to-teachers-union-strike-authorization-vote/ #LaCenter #TeachersUnion #StrikeAuthorization #SchoolDistrict #ClarkCounty #ContractNegotiations #PeterRosenkranz #Education #News #Latest

CISSP Cyber Training Podcast - CISSP Training Program
CCT 272: Confidentiality, Integrity, Availability, Authenticity, and Nonrepudiation (CISSP Domain 1.2)

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Aug 18, 2025 41:58 Transcription Available


Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvThe core principles of cybersecurity aren't just theoretical concepts—they're the practical foundation every security professional needs to master. In this deep-dive episode, Sean Gerber breaks down the critical components of Domain 1.2 of the CISSP exam, unpacking confidentiality, integrity, availability, authenticity, and non-repudiation in clear, actionable terms.Starting with breaking news about Microsoft ending Windows 10 support on October 14th, Sean highlights the urgent security implications for organizations still running this widely-embedded operating system. He emphasizes the importance of comprehensive inventory management—especially for IoT devices that may contain embedded Windows components—and the available extension options for critical systems.The heart of the episode delivers a comprehensive exploration of the CIA triad. Sean walks through each element with real-world examples: confidentiality through encryption and access controls; integrity via change management and validation processes; and availability through redundant systems and business continuity planning. But he doesn't stop there. The discussion expands to cover the DAD triad (Disclosure, Alteration, Destruction) which helps identify security failures, and the AAA framework (Authentication, Authorization, Accounting) that provides essential security controls.What makes this episode particularly valuable is Sean's practical advice drawn from 25 years of cybersecurity experience. He emphasizes the importance of defense-in-depth strategies, network segmentation, and prioritizing critical systems rather than attempting to fix everything at once—"eating the elephant one toenail at a time." His methodical approach helps listeners understand not just the concepts themselves, but how to implement them effectively in real-world environments.Whether you're preparing for the CISSP exam or looking to strengthen your organization's security posture, this episode provides the foundational knowledge and practical strategies you need. Visit CISSP Cyber Training for free study materials, practice questions, and mentoring options to accelerate your cybersecurity career.Support the showGain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Headlines
8/16/25 – Shiur 524 – Steal with a Click? The Halachic Ethics of Downloading Music, Seforim, and Media without authorization

Headlines

Play Episode Listen Later Aug 14, 2025 54:41


Can you own intellectual property? Can it be stolen if it's not tangible and there's no act of theft? Do you have to pay for enjoyment? Dina D'Malcusa Dina Aveida M'Daas And much more..... with Rabbi Yosef Dovid Josilowsky – Dayan, Beis HaVaad – 10:10 with Rabbi Chaim Jachter – Rav of Sha'arei Orah in Teaneck, Dayan on the Elizabeth Beis Din – 32:39 מראי מקומות   

GMS Podcasts
Bangladesh's HKC Implementation: In Conversation with the Director General of BSRB

GMS Podcasts

Play Episode Listen Later Aug 7, 2025 32:37


In this special episode of the GMS Podcast, we speak with ASM Shafiul Alam Talukder, Director General of the Bangladesh Ship Recycling Board (BSRB). In this podcast, Mr. Talukder offers valuable insight into how Bangladesh is implementing the Hong Kong Convention (HKC) following its entry into force on June 26, 2025. Dr. Anand Hiremath, CEO of the Sustainable Ship and Offshore Recycling Program (SSORP), hosts this conversation focused on regulatory progress and industry readiness in one of the world's largest ship recycling hubs. Key points discussed in this episode include: The current status of HKC implementation in Bangladesh Inventory of Hazardous Materials (IHM) requirements and enforcement mechanisms Rollout of DASR (Document of Authorization to conduct Ship Recycling) and the approval process Introduction of a proposed One-Window System for all ship recycling clearances Coordination with the Ministry of Industries, Department of Environment, Customs, and other stakeholders The roadmap to achieving more than 100 HKC-compliant yards by 2030 Improvements in hazardous waste infrastructure and TSDF (Treatment, Storage and Disposal Facility) setup Health, safety, training, and insurance initiatives for workers The role of international support from IMO, JICA, and the Government of Norway Regional alignment and knowledge sharing with India, Pakistan, and Turkey This episode highlights Bangladesh's efforts to align ship recycling regulations with global standards while enhancing environmental performance and worker safety. As one of the most significant recycling destinations globally, Bangladesh's progress is key to the Convention's success. This episode documents a vital step in making responsible and transparent ship recycling a global norm.   Subscribe to the GMS Podcast and follow GMS on LinkedIn for future updates and discussions.

IB Matters
The Journey to PYP Authorization at Smart Innovations School

IB Matters

Play Episode Listen Later Jul 18, 2025 40:00


Send us a textReturning guest, Rezuan Chowdhury and the head of his school's governing board, Rifat Abedin, speak about becoming one of very few PYP schools in Bangladesh. They detail the rationale from the parent's perspective and the process from the PYP coordinator's perspective. We also learn about the training their teachers have undergone and the plans for expansion and even future MYP and DP goals for their very new school. Rezuan has been a regional leader even before his school's authorization. He has hosted free meet-ups with teachers from all over the region and even the world. Use his social links below to connect with him. He's been on the podcast 5 times now and is a great resource.Links:Rezuan's LinkedInRezuan on FacebookEmail IB Matters: IBMatters@mnibschools.orgTwitter @MattersIBIB Matters websiteMN Association of IB World Schools (MNIB) websiteDonate to IB Matters Podcast: Education by Design with host Phil Evans IB Matters T-shirts (and other MNIB clothing) To appear on the podcast or if you would like to sponsor the podcast, please contact us at the email above.

Revenue Cycle Optimized
RCMinutes - Avoiding Staff Burnout in Authorization Follow-Up

Revenue Cycle Optimized

Play Episode Listen Later Jul 16, 2025 5:42


Too many teams are overextended chasing payer responses. Here's how smarter routing, automation, and batching can reduce burnout without sacrificing control.

FIVE MINUTE NEWS
Trump gives ICE 'total authorization' in defense of so called ‘THUGS' in violent immigration raids.

FIVE MINUTE NEWS

Play Episode Listen Later Jul 15, 2025 10:30


Trump grants ICE agents ‘total authorization' to defend against ‘THUGS' by ‘Whatever means is necessary'. "ICE is now going to be the largest law enforcement agency in history. Join this channel for exclusive access and bonus content: https://www.youtube.com/channel/UCkbwLFZhawBqK2b9gW08z3g/join Five Minute News is an Evergreen Podcast, covering politics, inequality, health and climate - delivering independent, unbiased and essential news for the US and across the world. Visit us online at http://www.fiveminute.news Follow us on Bluesky https://bsky.app/profile/fiveminutenews.bsky.social Follow us on Instagram http://instagram.com/fiveminnews Support us on Patreon http://www.patreon.com/fiveminutenews You can subscribe to Five Minute News with your preferred podcast app, ask your smart speaker, or enable Five Minute News as your Amazon Alexa Flash Briefing skill. Please subscribe HERE https://www.youtube.com/channel/UCkbwLFZhawBqK2b9gW08z3g?sub_confirmation=1 CONTENT DISCLAIMER The views and opinions expressed on this channel are those of the guests and authors and do not necessarily reflect the official policy or position of Anthony Davis or Five Minute News LLC. Any content provided by our hosts, guests or authors are of their opinion and are not intended to malign any religion, ethnic group, club, organization, company, individual or anyone or anything, in line with the First Amendment right to free and protected speech. Learn more about your ad choices. Visit megaphone.fm/adchoices

Absolute AppSec
Episode 292 - Manual Source Code Review, AI Slop in Bug Bounties, AppSec Authorization

Absolute AppSec

Play Episode Listen Later Jul 15, 2025


Seth and Ken are _back_ to talk through some recent experiences and news across the industry. To start the episode, Seth highlights the edge cases uncovered during manual code review that require context to understand and identify. Inspired by recent a recent post on AI Slop in the curl bug bounty program, the duo addresses the increase of slop across bug bounty reports and why it happens. Finally, a discussion on McDonald's recent authorization flaw that potentially exposed millions of job applicant's data.

Dentists IN the Know
DINKs News: Student Loan Debt, Pre Authorization Medical Insurance, SALT Act

Dentists IN the Know

Play Episode Listen Later Jul 1, 2025 7:19


The Situation with Michael Brown
6-23-25 - 8am - Authorization for Use of Military Force

The Situation with Michael Brown

Play Episode Listen Later Jun 23, 2025 34:18 Transcription Available


Dan Caplis
Kristi Burton-Brown in for Dan; Various opinions from lawmakers and news-breakers on military action against Iran

Dan Caplis

Play Episode Listen Later Jun 20, 2025 35:44 Transcription Available


KBB steps in for Dan on a Friday and breaks down the various opinions from both the left and right, inside and outside of government, and among those in the media on potential strikes against Iran's nuclear reserves by the American military. Will President Trump authorize such action over the next two weeks? Should he?

Sekulow
BREAKING: Hegseth's Alarming Military Authorization

Sekulow

Play Episode Listen Later Jun 12, 2025 49:59


The Secure Developer
Open Authorization In The World Of AI With Aaron Parecki

The Secure Developer

Play Episode Listen Later Jun 10, 2025 36:07


Episode SummaryHow do we apply the battle-tested principles of authentication and authorization to the rapidly evolving world of AI and Large Language Models (LLMs)? In this episode, we're joined by Aaron Parecki, Director of Identity Standards at Okta, to explore the past, present, and future of OAuth.  We dive into the lessons learned from the evolution of OAuth 1.0 to 2.1, discuss the critical role of standards in securing new technologies, and unpack how identity frameworks can be extended to provide secure, manageable access for AI agents in enterprise environments.Show NotesIn this episode, host Danny Allan is joined by a very special guest, Aaron Parecki, the Director of Identity Standards at Okta, to discuss the critical intersection of identity, authorization, and the rise of artificial intelligence. Aaron begins by explaining the history of OAuth, which was created to solve the problem of third-party applications needing access to user data without the user having to share their actual credentials. This foundational concept of delegated access has become ubiquitous, but as technology evolves, so do the challenges.Aaron walks us through the evolution of the OAuth standard, from the limitations of OAuth 1 to the flexibility and challenges of OAuth 2, such as the introduction of bearer tokens. He explains how the protocol was intentionally designed to be extensible, allowing for later additions like OpenID Connect to handle identity and DPoP to enhance security by proving possession of a token. This modular design is why he is now working on OAuth 2.1—a consolidation of best practices—instead of a complete rewrite.The conversation then shifts to the most pressing modern challenge: securing AI agents and LLMs that need to interact with multiple services on a user's behalf. Aaron details the new "cross-app access" pattern he is working on, which places the enterprise Identity Provider (IDP) at the center of these interactions. This approach gives enterprise administrators crucial visibility and control over how data is shared between applications, solving a major security and management headache. For developers building in this space today, Aaron offers practical advice: leverage individual user permissions through standard OAuth flows rather than creating over-privileged service accounts.LinksOktaOpenID FoundationIETFThe House Files PDX (YouTube Channel)WIMSEAuthZEN Working Groupaaronpk on GitHubSnyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

ITSPmagazine | Technology. Cybersecurity. Society
From Fraud to Fixes: Designing Usable Security for Financial Applications | An OWASP AppSec Global 2025 Conversation with Wojciech Dworakowski | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 2, 2025 11:29


In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Sean Martin connects with event speaker, Wojciech Dworakowski, to unpack a critical and underexamined issue in today's financial systems: the vulnerability of mobile-only banking apps when it comes to transaction authorization.Wojciech points out that modern banking has embraced the mobile-first model—sometimes at the cost of fundamental security principles. Most banks now concentrate transaction initiation, security configuration, and transaction authorization into a single device: the user's smartphone. While this offers unmatched convenience, it also creates a single point of failure. If an attacker successfully pairs their phone with a victim's account, they can bypass multiple layers of security, often without needing traditional credentials.The discussion explores the limitations of relying solely on biometric options like Face ID or Touch ID. These conveniences may appear secure but often weaken the overall security posture when used without additional independent verification mechanisms. Wojciech outlines how common attack strategies have shifted from stealing credit card numbers to full account takeover—enabled by social engineering and weak device-pairing controls.He proposes a “raise the bar” strategy rather than relying on a single silver-bullet solution. Suggestions include enhanced device fingerprinting, detection of emulators or rooted environments, and shared interbank databases for device reputation and account pairing anomalies. While some of these are already in motion under new EU and UK regulations, they remain fragmented.Wojciech also introduces a bold idea: giving users a slider in the app to adjust their personal balance of convenience vs. security. This kind of usability-driven approach could empower users while still offering layered defense.For CISOs, developers, and FinTech leaders, the message is clear—evaluate your app security as if attackers already know the shortcuts. Watch the full conversation to hear Wojciech's real-world examples, including a cautionary tale from his own family. Catch the episode and learn how to design financial security that's not just strong—but usable.GUEST: Wojciech Dworakowski | OWASP Poland Chapter Board Member and Managing Partner at SecuRing | https://www.linkedin.com/in/wojciechdworakowski/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Legacy Church
Expectation & Authorization

Legacy Church

Play Episode Listen Later May 27, 2025 57:47


Send us a textSunday, May 25, 2025, message from Apostle Tommy MillerPart of Heaven Here, Heaven Now 2025 conference weekendAlso part of Governing Contradiction seriesRecoded live from Legacy Church in New Philadelphia, Ohio.#asheis #asheissoareweinthisworld #unveiled #conscience #sons #manifestsons #union #legacychurchoh #newcreation #jesus #church #jesuschrist #gospel #transfigured #revelator #apostle #deathless #immortality #believe #bible #creator #godisgood #grace #hope #sermonshots #sermonclips #holyspirit #love #godislove #kingdom #peace #freedom #facebook #memes #truth #inspiration #motivationalquotes #vibes #positivevibes #christ #jesuslovesyou #russellbrand #jordanbpeterson #joerogan #atm #tommymillerGet more life-changing content and community here:https://linktr.ee/tommymiller Support the show

CISSP Cyber Training Podcast - CISSP Training Program
CT 248: Implementing Authentication Systems (SAML, OpenID, ODIC, Kerberos, RADIUS/TACACS+) - Domain 5.6

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later May 26, 2025 34:21 Transcription Available


Send us a textNavigating the complex landscape of authentication frameworks is essential for any cybersecurity professional, especially those preparing for the CISSP exam. This deep-dive episode unravels the intricate world of authentication systems that protect our digital identities across multiple platforms and services.We begin by examining OAuth 2.0 and OpenID Connect (OIDC), exploring how these token-based frameworks revolutionize third-party authentication without exposing user credentials. When you click "Login with Google," you're experiencing these protocols in action—reducing password reuse while maintaining security across digital services. Learn the difference between authorization flows and how these systems interact to verify your identity seamlessly across the web.The podcast then transitions to Security Assertion Markup Language (SAML), breaking down how this XML-based protocol establishes trust between identity providers and service providers. Through practical examples, we illustrate how SAML enables web single sign-on capabilities across educational institutions, corporate environments, and cloud services—creating that "connective tissue" between disparate systems while enhancing both security and user experience.Kerberos, MIT's powerful network authentication protocol, takes center stage as we explore its ticketing system architecture. Named after the three-headed dog of Greek mythology, this protocol's Authentication Service, Ticket Granting Service, and Key Distribution Center work in concert to verify identities without transmitting passwords across networks. We also discuss critical considerations like time synchronization requirements that can make or break your Kerberos implementation.For remote authentication scenarios, we compare RADIUS and TACACS+ protocols, highlighting their distinct approaches to the AAA (Authentication, Authorization, and Accounting) framework. Discover why network administrators choose UDP-based RADIUS for general network access while preferring the TCP-based TACACS+ for granular administrative control with command-level authorization and full payload encryption.Whether you're studying for the CISSP exam or looking to strengthen your organization's security posture, this episode provides the knowledge foundation you need to implement robust authentication systems in today's interconnected world. Visit CISSP Cyber Training for additional resources to support your cybersecurity journey.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

The Joyce Kaufman Show
Joyce's Thought of the Day 5/22/25 - Supreme Court rejects authorization for first public Christian Charter school

The Joyce Kaufman Show

Play Episode Listen Later May 22, 2025 2:59


Joyce discusses the Supreme court voting 4 to 4 to reject the authorization for the first public Christian charter school.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Oracle University Podcast
Oracle GoldenGate 23ai Security Strategies

Oracle University Podcast

Play Episode Listen Later May 20, 2025 16:13


GoldenGate 23ai takes security seriously, and this episode unpacks everything you need to know. GoldenGate expert Nick Wagner breaks down how authentication, access roles, and encryption protect your data.   Learn how GoldenGate integrates with identity providers, secures communication, and keeps passwords out of storage. Understand how trail files work, why they only store committed data, and how recovery processes prevent data loss.   Whether you manage replication or just want to tighten security, this episode gives you the details to lock things down without slowing operations.   Oracle GoldenGate 23ai: Fundamentals: https://mylearn.oracle.com/ou/course/oracle-goldengate-23ai-fundamentals/145884/237273 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   --------------------------------------------------------------   Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services.  Nikita: Welcome, everyone! This is our fourth episode on Oracle GoldenGate 23ai. Last week, we discussed the terminology, different processes and what they do, and the architecture of the product at a high level. Today, we have Nick Wagner back with us to talk about the security strategies of GoldenGate. 00:56 Lois: As you know by now, Nick is a Senior Director of Product Management for GoldenGate at Oracle. He's played a key role as one of the product designers behind the latest version of GoldenGate. Hi Nick! Thank you for joining us again. Can you tell us how GoldenGate takes care of data security? Nick: So GoldenGate authentication and authorization is done in a couple of different ways. First, we have user credentials for GoldenGate for not only the source and target databases, but also for GoldenGate itself. We have integration with third-party identity management products, and everything that GoldenGate does can be secured. 01:32 Nikita: And we must have some access roles, right? Nick: There's four roles built into the GoldenGate product. You have your security role, administrator, operator, and user. They're all hierarchical. The most important one is the security user. This user is going to be the one that provides the administrative tasks. This user is able to actually create additional users and assign roles within the product. So do not lose this password and this user is extremely important. You probably don't want to use this security user as your everyday user. That would be your administrator. The administrator role is able to perform all administrative tasks within GoldenGate. So not only can they go in and create new extracts, create new replicats, create new distribution services, but they can also start and stop them. And that's where the operator role is and the user role. So the operator role allows you to go in and start/stop processes, but you can't create any new ones, which is kind of important. So this user would be the one that could go in and suspend activity. They could restart activity. But they can't actually add objects to replication. The user role is really a read-only role. They can come in. They can see what's going on. They can look at the log files. They can look at the alerts. They can look at all the watches and see exactly what GoldenGate is doing. But they're unable to make any changes to the product itself. 02:54 Lois: You mentioned the roles are hierarchical in nature. What does that mean? Nick: So anything that the user role does can be done by the operator. Anything that the operator and user roles can do can be done by the administrator. And anything that the user, operator, and administrator roles do can be done by the security role. 03:11 Lois: Ok. So, is there a single sign-on available for GoldenGate? Nick: We also have a password plugin for GoldenGate Connections. A lot of customers have asked for integration with whatever their single sign-on utility is, and so GoldenGate now has that with GoldenGate 23ai. So these are customer-created entities. So, we have some examples that you can use in our documentation on how to set up an identity provider or a third-party identity provider with GoldenGate. And this allows you to ensure that your corporate standards are met. As we started looking into this, as we started designing it, every single customer wanted something different. And so instead of trying to meet the needs for every customer and every possible combination of security credentials, we want you to be able to design it the way you need it. The passwords are never stored. They're only retrieved from the identity provider by the plugin itself. 04:05 Nikita: That's a pretty important security aspect…that when it's time to authenticate a user, we go to the identity provider. Nick: We're going to connect in and see if that password is matching. And only then do we use it. And as soon as we detect that it's matched, that password is removed. And then for the extract and replicats themselves, you can also use it for the database, data source, and data target connections, as well as for the GoldenGate users. So, it is a full-featured plugin. So, our identity provider plugin works with IAM as well as OAM. These are your standard identity manager authentication methods. The standard one is OAuth 2, as well as OIDC. And any Identity Manager that uses that is able to integrate with GoldenGate. 04:52 Lois: And how does this work? Nick: The way that it works is pretty straightforward. Once the user logs into the database, we're going to hand off authentication to the identity provider. Once the identity provider has validated that user's identity and their credentials, then it comes back to GoldenGate and says that user is able to log in to either GoldenGate or the application or the database. Once the user is logged in, we get that confirmation that's been sent out and they can continue working through GoldenGate. So, it's very straightforward on how it works. There's also a nice little UI that will help set up each additional user within those systems. All the communication is also secured as well. So any communication done through any of the GoldenGate services is encrypted using HTTPS. All the REST calls themselves are all done using HTTPS as well. All the data protection calls and all the communication across the network when we send data across a distribution service is encrypted using a secure WebSocket. And there's also trail file encryption at the operating system level for data at REST. So, this really gives you the full level of encryption for customers that need that high-end security. GoldenGate does have an option for FIPS 140-2 compliance as well. So that's even a further step for most of those customers. 06:12 Nikita: That's impressive! Because we want to maintain the highest security standards, right? Especially when dealing with sensitive information. I now want to move on to trail files. In our last episode, we briefly spoke about how they serve as logs that record and track changes made to data. But what more can you tell us about them, Nick? Nick: There's two different processes that write to the trail files. The extract process will write to the trail file and the receiver service will write to the trail file. The extract process is going to write to the trail file as it's pulling data out of that source database. Now, the extract process is controlled by a parameter file, that says, hey, here's the exact changes that I'm going to be pulling out. Here's the tables. Here's the rows that I want. As it's pulling that data out and writing it to the trail files, it's ensuring that those trail files have enough information so that the replicat process can actually construct a SQL statement and apply that change to that target platform. And so there's a lot of ways to change what's actually stored in those trail files and how it's handled. The trail files can also be used for initial loads. So when we do the initial load through GoldenGate, we can grab and write out the data for those tables, and that excludes the change data. So initial loads is pulling the data directly from the tables themselves, whereas ongoing replication is pulling it from the transaction logs. 07:38 Lois: But do we need to worry about rollbacks? Nick: Our trail files contain committed data only and all data is sequential. So this is two important things. Because it contains committed data only, we don't need to worry about rollbacks. We also don't need to worry about position within that trail file because we know all data is sequential. And so as we're reading through the trail file, we know that anything that's written in a prior location in that trial file was committed prior to something else. And as we get into the recovery aspects of GoldenGate, this will all make a lot more sense. 08:13 Lois: Before we do that, can you tell us about the naming of trail files? Nick: The trail files as far as naming, because these do reside on the operating system, you start with a two-letter trail file abbreviation and then a nine-digit sequential value. So, you almost look at it as like an archive log from Oracle, where we have a prefix and then an affix, which is numeric. Same kind of thing. So, we have our two-letter, in this case, an ab, and then we have a nine-digit number. 08:47 Transform the way you work with Oracle Database 23ai! This cutting-edge technology brings the power of AI directly to your data, making it easier to build powerful applications and manage critical workloads. Want to learn more about Database 23ai? Visit mylearn.oracle.com to pick from our range of courses and enroll today! 09:12 Nikita: Welcome back! Ok, Nick. Let's get into the GoldenGate recovery process. Nick: When we start looking at the GoldenGate recovery process, it essentially makes GoldenGate kind of point-in-time like. So on that source database, you have your extract process that's going to be capturing data from the transaction logs. In the case of Oracle, the Oracle Database is actually going to be reading those transaction logs from us and passing the change records directly to GoldenGate. We call them an LCR, Logical Change Record. And so the integrated extract and GoldenGate, the extract portion tells the database, hey, I'm now going to be interested in the following list of tables. And it gives a list of tables to that internal component, the log mining engine within the database. And it says, OK, I'm now pulling data for those tables and I'm going to send you those table changes. And so as the extract process gets sent those changes, it's going to have checkpoint information. So not only does it know where it was pulling data from out of that source database, but what it's also writing to the trail file. The trail files themselves are all sequential and they have only committed data, as we talked about earlier. The distribution service has checkpoint information that says, hey, I know where I'm reading from in the previous trail file, and I know what I've sent across the network. The receiver service is the same thing. It knows what it's receiving, as well as what it's written to the trail file and the target system. The replicat also has a checkpoint. It knows where it's reading from in the trail file, and then it knows what it's been applying into that target database.  This is where things start to become a little complicated. Our replicat process in most cases are parallel, so it'll have multiple threads applying data into that target database. Each of those threads is applying different transactions. And because of the way that the parallelism works in the replicat process, you can actually get situations where one replicat thread might be applying a transaction higher than another thread. And so you can eliminate that sequential or serial aspect of it, and we can get very high throughput speeds to the replicat. But it means that the checkpoint needs to be kind of smart enough to know how to rebuild itself if something fails. 11:32 Lois: Ok, sorry Nick, but can you go through that again? Maybe we can work backwards this time?  Nick: If the replicat process fails, when it comes back up, it's going to look to its checkpoint tables inside that target database. These checkpoint tables keep track of where each thread was at when it crashed. And so when the replicat process restarts, it goes, oh, I was applying these threads at this location in these SCNs. It'll then go and read from the trail file and say, hey, let me rebuild that data and it only applies transactions that it hasn't applied yet to that target system. There is a synchronized replicat command as well that will tell a crashed replicat to say, hey, bring all your threads up to the same high watermark. It does that process automatically as it restarts and continues normal replication. But there is an option to do it just by itself too. So that's how the replicat kind of repairs and recovers itself. It'll simply look at the trail files. Now, let's say that the replicat crashed, and it goes to read from the trail files when it restarts and that trail profile is missing. It'll actually communicate to the distribution, or excuse me, to the receiver service and say, hey, receiver service, I don't have this trail file. Can you bring it back for me? And the receiver service will communicate downstream and say, hey, distribution service, I need you to resend me trail find number 6. And so the distribution service will resend that trail file so that the replicat can reprocess it. So it's often nice to have redundant environments with GoldenGate so we can have those trail files kind of around for availability. 13:13 Nikita: What if one of these files gets corrupted? Nick: If one of those trail files is corrupt, let's say that a trail file on the target site became corrupt and the replicat can't read from it for one reason or another. Simply stop the replicat process, delete the corrupt trail file, restart the replicat process, and now it's going to rebuild that trail file from scratch based on the information from the source GoldenGate environment. And so it's very recoverable. Handles it all very well. 13:40 Nikita: And can the extract process bounce back in the same way? Nick: The extract process can also recover in a similar way. So if the extract process crashes, when it restarts itself, there's a number of things that it does. The first thing is it has to rebuild any open transactions. So it keeps all sorts of checkpoint information about the oldest transaction that it's keeping track of, any open transactions that haven't been committed, and any other transactions that have been committed that it's already written to the trail file. So as it's reprocessing that data, it knows exactly what it's committed to trail and what hasn't been committed. And there's a number of ways that it does this.  There's two main components here. One of them is called bounded recovery. Bounded recovery will allow you to set a time limit on transactions that span a certain length of time that they'll actually get flushed out to disk on that GoldenGate Hub. And that way it'll reduce the amount of time it takes GoldenGate to restart the extract process. And the other component is cache manager. Cache manager stores uncommitted transactions. And so it's a very elegant way of rebuilding itself from any kind of failure. You can also set up restart profiles so that if any process does crash, the GoldenGate service manager can automatically restart that service an x number of times across y time span. So if I say, hey, if my extract crashes, then attempt to restart it 100 times every 5 seconds. So there's a lot of things that you can do there to make it really nice and automatic repair itself and automatically resilient.  15:18 Lois: Well, that brings us to the end of this episode. Thank you, Nick, for going through the security strategies and recovery processes in such detail. Next week, we'll look at the installation of GoldenGate. Nikita: And if you want to learn more about the topics we discussed today, head over to mylearn.oracle.com and take a look at the Oracle GoldenGate 23ai Fundamentals course. Until next time, this is Nikita Abraham… Lois: And Lois Houston signing off! 15:44 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Agent Survival Guide Podcast
How Plan Crosswalks Work in the ACA Marketplace

Agent Survival Guide Podcast

Play Episode Listen Later May 5, 2025 11:38


What are plan crosswalks in the Affordable Care Act Marketplace? Find out what this means for your clients and how agents can help in the process.    Read the text version    Register with Ritter: https://app.ritterim.com/public/registration/   Contact the Agent Survival Guide Podcast! Email us ASGPodcast@Ritterim.com or call 1-717-562-7211 and leave a voicemail.   Resources: Everything Agents Need to Know About Selling in Sate-Based Marketplaces: https://ritterim.com/blog/everything-agents-need-to-know-about-selling-in-state-based-marketplaces/   Everything You Need to Know About the ACA OEP: https://ritterim.com/blog/everything-you-need-to-know-about-the-aca-oep/    FAQs About Selling On-Exchange & Off-Exchange Under-65 Plans: https://ritterim.com/blog/faqs-about-selling-on-exchange-off-exchange-under-65-plans/ How to Help Clients Navigate ACA Marketplace Subsidies & Taxes: https://lnk.to/qzlRwV Knight School: https://ritterim.com/knight-school/ Steps to Get Ready for OEP: Federal Exchange States & State-Based Exchanges: https://lnk.to/SyqM9T The Ritter Blog: https://ritterim.com/blog/ Meet Your Sales Team: https://ritterim.com/meet-your-sales-team/  Under-65 Health: https://ritterim.com/products/under-65/ What the Inflation Reduction Act Means for Your Medicare & ACA Clients: https://ritterim.com/blog/what-the-inflation-reduction-act-means-for-your-medicare-aca-clients/   References: “2025 Marketplace Integrity and Affordability Proposed Rule.” CMS.Gov, Centers for Medicare & Medicaid Services, https://www.cms.gov/newsroom/fact-sheets/2025-marketplace-integrity-and-affordability-proposed-rule. Accessed 10 Apr. 2025. “ECFR :: 45 CFR 164.512 -- Uses and Disclosures for Which an Authorization or Opportunity to Agree or Object Is Not Required.” Code of Federal Regulations, https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-B/part-155/subpart-D/section-155.335. Accessed 8 Apr. 2025. “Low Cost Marketplace Health Care, Qualifying Income Levels.” HealthCare.Gov, https://www.healthcare.gov/lower-costs/. Accessed 8 Apr. 2025.   Follow Us on Social!  Ritter on Facebook, https://www.facebook.com/RitterIM Instagram, https://www.instagram.com/ritter.insurance.marketing/ LinkedIn, https://www.linkedin.com/company/ritter-insurance-marketing TikTok, https://www.tiktok.com/@ritterim X, https://x.com/RitterIM and YouTube, https://www.youtube.com/user/RitterInsurance     Sarah on LinkedIn, https://www.linkedin.com/in/sjrueppel/ Instagram, https://www.instagram.com/thesarahjrueppel/ and Threads, https://www.threads.net/@thesarahjrueppel  Tina on LinkedIn, https://www.linkedin.com/in/tina-lamoreux-6384b7199/   Not affiliated with or endorsed by Medicare or any government agency.

Scams & Cons
Scammers begin work without authorization - and make the victim pay

Scams & Cons

Play Episode Listen Later Apr 17, 2025 16:34


Send us a textWe'll tell you the story of con artists who preyed on the elderly with home remodeling scams. One was  brazen enough to outright tell the homeowner what needed to be done and begin work.

Software Engineering Radio - The Podcast for Professional Software Developers
SE Radio 664: Emre Baran and Alex Olivier on Stateless Decoupled Authorization Frameworks

Software Engineering Radio - The Podcast for Professional Software Developers

Play Episode Listen Later Apr 15, 2025 51:54


Emre Baran, CEO and co-founder of Cerbos, and Alex Olivier, CPO and co-founder, join SE Radio host Priyanka Raghavan to explore “stateless decoupled authorization frameworks. The discussion begins with an introduction to key terms, including authorization, authorization models, and decoupled frameworks. They dive into the challenges of building decoupled authorization, as well as the benefits of this approach and the operational hurdles. The conversation shifts to Cerbos, an open-source policy-based access control framework, comparing it with OPA (Open Policy Agent). They also delve into Cerbos's technical workings, including specification definitions, GitOps integration, examples of usage, and deployment strategies. The episode concludes with insights into potential trends in the authorization space. This episode is sponsored by Penn Carey Law school

KuppingerCole Analysts
Analyst Chat #248: Zero Trust and Beyond - Dynamic Authorization in 2025

KuppingerCole Analysts

Play Episode Listen Later Apr 7, 2025 24:31


Join Matthias Reinwarth in this special episode of the KuppingerCole Analyst Chat as he welcomes not one but two expert guests: Nitish Deshpande, Research Analyst at KuppingerCole, and Martin Kuppinger, Principal Analyst and Co-Founder of KuppingerCole. Together, they explore the evolution of modern authorization, discussing how far the industry has come since the early days of static entitlements and XML-based policies. From early insights shared back in 2009 to today’s dynamic, AI-enhanced, signal-driven authorization models, this episode unpacks the what, why, and how of modern access control systems.

Latent Space: The AI Engineer Podcast — CodeGen, Agents, Computer Vision, Data Science, AI UX and all things Software 3.0

Today's guests, David Soria Parra and Justin Spahr-Summers, are the creators of Anthropic's Model Context Protocol (MCP). When we first wrote Why MCP Won, we had no idea how quickly it was about to win. In the past 4 weeks, OpenAI and now Google have now announced the MCP support, effectively confirming our prediction that MCP was the presumptive winner of the agent standard wars. MCP has now overtaken OpenAPI, the incumbent option and most direct alternative, in GitHub stars (3 months ahead of conservative trendline): For protocol and history nerds, we also asked David and Justin to tell the origin story of MCP, which we leave to the reader to enjoy (you can also skim the transcripts, or, the changelogs of a certain favored IDE). It's incredible the impact that individual engineers solving their own problems can have on an entire industry. Timestamps 00:00 Introduction and Guest Welcome 00:37 What is MCP? 02:00 The Origin Story of MCP 05:18 Development Challenges and Solutions 08:06 Technical Details and Inspirations 29:45 MCP vs Open API 32:48 Building MCP Servers 40:39 Exploring Model Independence in LLMs 41:36 Building Richer Systems with MCP 43:13 Understanding Agents in MCP 45:45 Nesting and Tool Confusion in MCP 49:11 Client Control and Tool Invocation 52:08 Authorization and Trust in MCP Servers 01:01:34 Future Roadmap and Stateless Servers 01:10:07 Open Source Governance and Community Involvement 01:18:12 Wishlist and Closing Remarks

Wizards of Amazon
#396 - Is Reselling On Amazon Dead?

Wizards of Amazon

Play Episode Listen Later Apr 2, 2025 29:32


On today's episode, we have Chris McCabe, founder and CEO of Ecommercechris.com has saved more Amazon brands from the seedier side of working with Amazon than anybody I know.  Today we dive into the world of resellers on Amazon and discuss the recent changes.  Chris shared valuable insights including what resellers should do to save their Amazon business.   Tune in to learn more and be up to date!   In This Episode: [00:15] Introducing Chris McCabe [02:50] Resellers must know. [06:25] Letter of Authorization [09:15] First sale doctrine [12:35] Amazon's motivation for LOA [16:40] Replenishing inventories   Guest Links and References: Website: https://www.ecommercechris.com/ Instagram: https://www.instagram.com/amznchris/ Linkedin profile: https://www.linkedin.com/in/chris-mccabe-2646555/ Youtube channel: https://www.youtube.com/@ecommerceChris Email: chris@ecommercechris.comLinks and References: Wizards of Amazon:  https://www.wizardsofecom.com/ Wizards of Amazon Courses:  www.wizardsofecom.com/academy Wizards of Amazon Meetup:  https://www.meetup.com/South-Florida-FBA/ Wizards of Amazon on Facebook:  https://www.facebook.com/groups/WizardsofAmazon/ Wizards of Amazon on Instagram:  https://www.instagram.com/wizardsofecom/

The Secure Developer
Authentication, Authorization, And The Future Of AI Security With Alex Salazar

The Secure Developer

Play Episode Listen Later Apr 1, 2025 38:36


Episode SummaryIn this episode of The Secure Developer, host Danny Allan sits down with Alex Salazar, founder and CEO of Arcade, to discuss the evolving landscape of authentication and authorization in an AI-driven world. Alex shares insights on the shift from traditional front-door security to back-end agent interactions, the challenges of securing AI-driven agents, and the role of identity in modern security frameworks. The conversation delves into the future of AI, agentic workflows, and how organizations can navigate authentication, authorization, and security in this new era.Show NotesDanny Allan welcomes Alex Salazar, an experienced security leader and CEO of Arcade, to explore the transformation of authentication and authorization in AI-powered environments. Drawing from his experience at Okta, Stormpath, and venture capital, Alex provides a unique perspective on securing interactions between AI agents and authenticated services.Key topics discussed include:The Evolution of Authentication & Authorization: Traditional models focused on front-door access (user logins, SSO), whereas AI-driven agents require secure back-end interactions.Agentic AI and Security Risks: How AI agents interact with services on behalf of users, and why identity becomes the new perimeter in security.OAuth and Identity Challenges: Adapting OAuth for AI agents, ensuring least-privilege access, and maintaining security compliance.AI Hallucinations & Risk Management: Strategies for mitigating LLM hallucinations, ensuring accuracy, and maintaining human oversight.The Future of AI & Agentic Workflows: Predictions on how AI will continue to evolve, the rise of specialized AI models, and the intersection of AI and physical automation.Alex and Danny also discuss the broader impact of AI on developer productivity, with insights into how companies can leverage AI responsibly to boost efficiency without compromising security.LinksArcade.dev - Make AI Actually Do ThingsOkta - IdentityOAuth - Authorization ProtocolLangChain - Applications that Can ReasonHugging Face - The AI Community Building the FutureSnyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

The Mobility Standard
Postponed: ETIAS Travel Authorization System Won't Become Mandatory Until 2027

The Mobility Standard

Play Episode Listen Later Mar 26, 2025 3:59


The EU aims to partially enforce ETIAS in April 2027, while the system would become fully mandatory in October.View the full article here.Subscribe to the IMI Daily newsletter here.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Monday Mar 24th: Critical Next.js Vulnerability; Microsoft Trust Signing Platform Abuse

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Mar 24, 2025 7:10


Critical Next.js Vulnerability CVE-2025-29927 A critical vulnerability in how the x-middleware-subrequest header is verified may lead to bypassing authorization in Next.js applications. https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw https://www.runzero.com/blog/next-js/ Microsoft Trust Signing Service Abused Attackers abut the Microsoft Trust Signing Service, a service meant to help developers create signed software, to obtain short lived signatures for malware. https://www.bleepingcomputer.com/news/security/microsoft-trust-signing-service-abused-to-code-sign-malware/

Direct U.S. Immigration
Episode 185: Employment Authorization Document Application Guide in 2025

Direct U.S. Immigration

Play Episode Listen Later Mar 22, 2025 3:56


Before applying, it's crucial to understand if you're eligible for an Employment Authorization Document, or more commonly referred to as an EAD. Generally, individuals eligible to apply include those with pending asylum applications, DACA recipients, and certain students, spouses of certain workers, among others. Each category has specific criteria, so be sure to verify your eligibility before proceeding.   

Clark County Today News
IBR Program requests NMFS authorization to potentially harm & harass Columbia River marine life over five-year period

Clark County Today News

Play Episode Listen Later Mar 21, 2025 1:18


Environmental concerns are rising over the Interstate Bridge Replacement Project. Neighbors for a Better Crossing is urging the public to comment on its potential harm to marine life before the April 14 deadline. Read more at https://www.clarkcountytoday.com/news/ibr-program-requests-nmfs-authorization-to-potentially-harm-harass-columbia-river-marine-life-over-five-year-period/ on www.ClarkCountyToday.com #localnews #ClarkCountyWa #IBR #ColumbiaRiver #MarineMammals

More Human More Resources - HR for Entrepreneurs
Tips For Dealing With Work Authorization And ICE

More Human More Resources - HR for Entrepreneurs

Play Episode Listen Later Mar 13, 2025 9:45


In this episode, you'll learn how to protect your business from costly mistakes in I-9 compliance and ICE audits. Discover how to stay ahead with proactive audits, avoid common pitfalls, and handle ICE visits with confidence. Whether you're hiring your first employee or managing a growing team, this episode gives you the tools to stay compliant and safeguard your business..Link:https://www.uscis.gov/i-9-central/form-i-9-resources/handbook-for-employers-m-274 InvitationUse the link below to learn more and become an Idomeneo insider. You'll get info to help you unleash your team's engagement, protect your people investment, and grow your leadership muscle.  I can't wait to continue the conversation.https://idomeneoinc.com/welcome/

Wizards of Amazon
#396 - Is Reselling On Amazon Dead?

Wizards of Amazon

Play Episode Listen Later Mar 12, 2025 52:30


On today's episode, we have Chris McCabe, founder and CEO of Ecommercechris.com has saved more Amazon brands from the seedier side of working with Amazon than anybody I know. Today we dive into the world of resellers on Amazon and discuss the recent changes.  Chris shared valuable insights including what resellers should do to save their Amazon business.   Tune in to learn more and be up to date!   In This Episode: [00:15] Introducing Chris McCabe [02:50] Resellers must know. [06:25] Letter of Authorization [09:15] First sale doctrine [12:35] Amazon's motivation for LOA [16:40] Replenishing inventories   Guest Links and References: Website: https://www.ecommercechris.com/ Instagram: https://www.instagram.com/amznchris/ Linkedin profile: https://www.linkedin.com/in/chris-mccabe-2646555/ Youtube channel: https://www.youtube.com/@ecommerceChris Email: chris@ecommercechris.com Links and References: Wizards of Amazon:  https://www.wizardsofecom.com/  Wizards of Amazon Courses:  www.wizardsofecom.com/academy Wizards of Amazon Meetup:  https://www.meetup.com/South-Florida-FBA/ Wizards of Amazon on Facebook:  https://www.facebook.com/groups/WizardsofAmazon/ Wizards of Amazon on Instagram:  https://www.instagram.com/wizardsofecom/  

Christian Heritage Church in Tallahassee Florida - Pastor Steve Dow - Sermons, Teaching and Inspiration from CHC Today!

AUTHORITY Luke 7:1-10 March 2, 2025 1. AUTHOR OF AUTHORITY: Luke 7:7-8 (NASB) Authority: - Official, Legal Right to Rule. - Freedom Of Choice. - It's An Authorization to Make Decisions Within A Particular Jurisdiction Name Genesis 1:26 (NKJV) "Let Us make man in Our image," "Elohim" Nature 2. RECEIPINTENTS OF AUTHORITY: Genesis 1:28 (NKJV) Dominion- “To Tread Upon” Genesis 2:19 "...whatever the man called each living creature, that was its name." 3. ENEMY OF AUTHORITY: Genesis 3:4-5 4. POWER OF AUHTORITY Luke 10:19 (NLT) "I have given you authority over all the power of the enemy," "exousa" +++++++ You can find our service times on our website: https://www.anctally.com/ You can find sermon highlights on Twitter here: https://x.com/allnationstally

The VA TourismPodcast
Is Electronic Travel Authorization the Key to Seamless Travel in Africa? Travisory's Sam Munda Bares it All

The VA TourismPodcast

Play Episode Listen Later Feb 14, 2025 23:27


In this episode, Sam Munda, Managing Director for Kenya and VP of Africa at Travisory, delves into the evolving landscape of Africa's border security and digital travel solutions. With over 30 years of experience in aviation ICT and transport security, Sam shares insights on seamless border management, visa accessibility, and the future of hassle-free travel across the continent. Sam Munda joined Travizory in 2020 and is the Managing Director for the Kenya Office. He leads the company's commercial strategy across Africa, supporting governments in digitizing borders to enhance security, efficiency, and traveler experience. His work also enables real-time data access for better decision-making. With over 30 years of experience in ICT, aviation, and transport security, Sam has held leadership roles in Africa with a major global aviation ICT provider. He is an Electronics Engineer, having graduated from ENAC (École Nationale de l'Aviation Civile) in Toulouse, France, and holds an MBA from the University of South Africa (UNISA).

KPFA - The Pacifica Evening News, Weekdays
Trump shuts US foreign aid agency; UC workers voting on strike authorization, citing staffing crisis – February 3, 2025

KPFA - The Pacifica Evening News, Weekdays

Play Episode Listen Later Feb 3, 2025 59:58


Comprehensive coverage of the day's news with a focus on war and peace; social, environmental and economic justice. Trump's Mexico tariffs delayed for a month, president says Americans may “feel some pain” from tariffs Trump/Musk shutdown of US foreign aid agency USAID sparks chaos, Democrats call it illegal power grab “A Day Without an Immigrant” demonstrations draw tens of thousands across country in protest of Trump immigration policies Major hospitals in several states cutting transgender care for youths under Trump funding threat University of California health, research, technical workers voting on strike authorization, citing staffing crisis at medical centers Rebels declare ceasefire in Congo fighting, as 1 in 4 people face acute hunger The post Trump shuts US foreign aid agency; UC workers voting on strike authorization, citing staffing crisis – February 3, 2025 appeared first on KPFA.

City of Redding Podcast
City Council Meeting – January 21, 2025

City of Redding Podcast

Play Episode Listen Later Jan 24, 2025 131:34


City Council Meeting – January 21, 2025In this episode, hear the key discussions and decisions from the January 21, 2025, Redding City Council meeting. Topics include updates to public safety, infrastructure, and community development. Highlights include:Approval of additional body-worn cameras for the Redding Police Department.Updates on emergency sewer and pavement repairs along Placer Street.Progress on a new mental health and chemical dependency treatment facility and a proposed medical school in Redding.A look at the Redding Electric Utility's 2026 Strategic Plan.Approval of the Community Wildfire Protection Plan to improve wildfire preparedness.Authorization to apply for grants to fund transportation and infrastructure projects, including the South Bonnyview Diverging Diamond Interchange.Updates to zoning ordinances for adult businesses in Redding.Stay informed about the latest decisions shaping our city!Meeting Agenda >>Watch the Council meeting online >>Contact the City of Redding Podcast Team Email us at podcast@cityofredding.org Connect with us on Facebook, Twitter and Instagram Visit the City of Redding website Love the podcast? The best way to spread the word is to rate and review!

Identity At The Center
#327 - Sponsor Spotlight - Andromeda Security

Identity At The Center

Play Episode Listen Later Jan 22, 2025 58:57


This episode is sponsored by Andromeda Security. Learn more at https://www.andromedasecurity.com/idac⁠ Join Jeff and Jim on the Identity at the Center podcast as they chat with Ashish Shah, co-founder and Chief Product Officer of Andromeda Security. In this sponsored episode, Ashish dives deep into the importance of solving identity security problems, especially in cloud and SaaS environments. He explains how Andromeda's AI-powered platform focuses on both human and non-human identities, offering use case-driven solutions for security maturity. The discussion covers challenges, AI and machine learning applications, and practical insights into permissions management, risk scoring, just-in-time access, and more. Stay tuned for interesting takes on identity security and some fun recommendations for your reading/listening list. Chapters 00:00 Introduction to Identity as a Data Problem 00:41 Overview of Andromeda's Capabilities 01:27 Welcome to the Identity at the Center Podcast 02:03 Meet Ashish Shah, Co-Founder of Andromeda 02:37 The Genesis of Andromeda 03:33 Addressing Identity Security Challenges 05:29 Andromeda's Approach to Identity Security 09:44 Measuring Success with Andromeda 12:21 Andromeda's Market Position and Ideal Customers 18:35 The Rise of Non-Human Identities 28:42 Understanding Identity and Accounts in AWS 28:54 The Concept of Incarnations in Identity Management 29:42 Human and Non-Human Identities 32:13 Challenges in Authorization and Access Control 32:44 Implementing Zero Trust and Least Privilege 35:10 Role of AI and Machine Learning in Identity Management 36:21 Risk Scoring and Behavioral Analysis 39:04 Customer Data and Model Training 41:08 Explainability and Security of AI Models 46:14 Customer Influence on Model Tuning 49:03 Andromeda's Offer and Final Thoughts 51:34 Book Recommendations and Closing Remarks Connect with Ashish: https://www.linkedin.com/in/ashishbshah/ Learn more about Andromeda: https://www.andromedasecurity.com/idac⁠ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast Keywords: Identity security, IAM, cybersecurity, artificial intelligence, AI, machine learning, ML, non-human identities, NHI, just-in-time access, JIT, IGA, privileged access management, PAM, identity threat detection and response, ITDR, cloud security, SaaS security, Andromeda Security, Ashish Shah, IDAC, Identity at the Center, Jim McDonald, Jeff Steadman

Indianz.Com
Recorded Votes

Indianz.Com

Play Episode Listen Later Jan 22, 2025 4:19


House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

Indianz.Com
Debate on Committee Rules

Indianz.Com

Play Episode Listen Later Jan 22, 2025 48:36


House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

Indianz.Com
Introduction of Committee Membership

Indianz.Com

Play Episode Listen Later Jan 22, 2025 7:18


House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

Indianz.Com
Opening Remarks

Indianz.Com

Play Episode Listen Later Jan 22, 2025 9:29


House Committee on Natural Resources Full Committee Meeting -- Consideration of Committee Rules, Authorization and Oversight Plan, and Staff Resolution Wednesday, January 22, 2025 | 2:00 PM The Natural Resources Committee will meet to organize on Wednesday, January 22, 2025, at 2:00 p.m. in room 1324 Longworth House Office Building. The Committee will consider the Committee Rules, the Authorization and Oversight Plan, and a Committee Resolution appointing Committee staff. The hearing notice and relevant documents can be found on the committee's repository at https://docs.house.gov/Committee/Calendar/ByEvent.aspx?EventID=117781 Committee Notice: https://naturalresources.house.gov/calendar/eventsingle.aspx?EventID=416869

NYC NOW
Evening Roundup: Local Governors Prepare for their State of the State Addresses, Senate Hearing on Lee Zeldin's EPA Nomination, Employment Authorization Checks at NYC's Tin Building and a Community Champion

NYC NOW

Play Episode Listen Later Jan 13, 2025 9:06


New York Gov. Kathy Hocul and New Jersey Gov. Phil Murphy are delivering their respective State of the State Addresses on Tuesday. Plus, New York Rep. Lee Zeldin is set to appear before the Senate this Thursday. Also, WNYC's Sean Carlson and Ryan Kailath uncover why nearly 100 workers lost their jobs at the Tin Building in late December. And finally, we meet a teenager who bakes muffins for a class of English for Speakers of Other Languages (ESOL).

Wasted Memory Prank Call Show
WM Live 2025-01-03 Spaghetti Authorization

Wasted Memory Prank Call Show

Play Episode Listen Later Jan 9, 2025 160:07


Authorization to do spaghetti. Build the spaghetti. I am not going to screw around with toilet paper and just jump in the shower instead. Rub on the floor like a dog. I paid my phone bill and your phone number … Continue reading →

DevOps Paradox
DOP 297: Streamline Access Control Using Cerbos

DevOps Paradox

Play Episode Listen Later Jan 8, 2025 48:42


#297: In today's digital landscape, ensuring secure and efficient access to systems is crucial. Authorization plays a vital role in granting the right access levels — but how can businesses implement it effectively? In this episode, we speak with Alex Olivier, co-founder & CPO at Cerbos, about how Cerbos presents an adaptable solution that streamlines access control and governance by externalizing authorization logic and focusing on policy-driven management.   Alex's contact information:  LinkedIn: https://www.linkedin.com/in/alexolivier/ X (Formerly Twitter): https://x.com/alexolivier   YouTube channel: https://youtube.com/devopsparadox   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/

The Cloudcast
Auth in the Age of AI Agents

The Cloudcast

Play Episode Listen Later Jan 1, 2025 37:05


Jake Moshenko (@jacobmoshenko, CEO of @AuthZed) talks about the challenges of securing AI interactions, as well as authentication best-practices for AI Agents and RAG patterns.  SHOW: 885SHOW TRANSCRIPT: The Cloudcast #885 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNET CLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT OUR OTHER PODCAST: "CLOUDCAST BASICS" SHOW NOTES:Authzed (homepage)SpiceDB - Authorization that scales (GitHub)Google's Zanzibar (research paper)Annotating Zanzibar (by AuthZed)Authzed CEO discusses Auth for AI RAG and Agents (TheCUBE)Topic 1 - Welcome to the show. Tell us about your background and why you decided to start AuthZed.Topic 2 - AuthZed is based on technology from Google called Zanzibar. There's an in-depth research paper, but give us some background on the types of problems it solves and why it was so appealing to you. Topic 3 - Authorization is used for every application, but let's talk about it in the context of AI or AI Agents. This is still a fairly new concept, but what authorization-related challenges do you expect GenAI or AI agents to create for developers and operators?Topic 4 - Is this space moving so fast that people already realize they'll likely need something more modern, like Authzed, or are there mistakes they are making today that are going to cause serious red flags soon? Topic 5 - What is the typical path for companies or teams to adopt Authzed, and is it something that can start small and grow (or merge with other groups), or does it have to be centralized like at Google? Topic 6 - What are some of the more important areas that people building and growing AI systems that need authorization should be keeping an eye on? FEEDBACK?Email: show at the cloudcast dot netBluesky: @cloudcastpod.bsky.socialTwitter/X: @cloudcastpodInstagram: @cloudcastpodTikTok: @cloudcastpod

Extra Hot Great
538: Let's Play Personal Authorization Code

Extra Hot Great

Play Episode Listen Later Nov 27, 2024 55:21


One of the oldest and most venerated game show formats is Password, dating back to well before all your co-hosts were alive. On an entirely unrelated note, for this special episode, we're playing a game called Personal Authorization Code! We've invited our friends Sarah Baker, Robert Krut, Jeff Drake, and Wendy Molyneux to play; since all of them live on the west coast and had to record in the middle of the night, our beloved Joe Reid sat in for Sarah as Tara's partner. Who can do the most with the least...number of words? Listen and learn! GUESTS

Judging Freedom
Larry Johnson: Biden's Insane Authorization.

Judging Freedom

Play Episode Listen Later Nov 18, 2024 27:48


Larry Johnson: Biden's Insane Authorization.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Ron Paul Liberty Report
Israel Opens New War Front Against Lebanon

Ron Paul Liberty Report

Play Episode Listen Later Sep 19, 2024 23:50


In a week that saw Israel launch a bizarre terror attack against Lebanon using weaponized pagers, it now looks as if Israel is going all out to start a war with its northern neighbor. Authorization was granted yesterday to open a northern front and there has been a large uptick in military activity. Will a major regional war break out just weeks before the US election? Also today...some Republican governors are taking a strong stand against the WHO...but where were they during Covid?