POPULARITY
Saviynt Co-Founder Amit Saha discusses how their AWS partnership has enabled the identity security company to deliver comprehensive identity protection while minimizing organizational friction.Topics Include:Saviynt is leading identity security provider in marketSecures human, non-human, workforce, and privileged access identitiesEliminates friction while automating organizational access management processesBiggest challenge: reducing friction in new access processesSecond challenge: visibility into accumulated technical debt problemsLost business context makes access permissions difficult to unwindSaviynt provides quick visibility to prioritize identity risksShadow IT creates ungoverned workloads and cloud applicationsNeed integration with asset management and cloud providersMust derive intelligence from multiple disconnected information sourcesAWS partnership provides access to prolific customer baseAWS security owners are same buyers for SaviyntEleven-year AWS relationship with early security competencyISV Accelerate program connects with sellers and architectsRising Star program helps stand out in crowded marketplaceFind mutual customers for successful AWS partnership storiesGenAI in bad actors' hands compromises customer securityProduct engineering uses GenAI tools for better qualityAgentic AI creates new paradigm between human/non-human identitiesAgentic AI requires dynamic, fluid access management approachesAI agents can generate their own bots needing accessZero trust principles needed at broader scale for AINext twelve months: getting ahead of GenAI curveNew AWS services launch daily in GenAI spaceContributing to new standards like MCP and A2A protocolsAWS Marketplace simplifies procurement and buyer discovery processesEDP program and migration incentives benefit ISV transactionsAWS developer-friendly startup programs accelerate time to marketCloud-native approach enables predictable scaling and AWS integrationAWS-Saviynt partnership aims for once-in-generation security impactParticipants:Amit Saha – Co-Founder and Chief Growth Officer, SaviyntSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.They explore what it means to be a mission-driven CISO, how to build trust from the boardroom to the front lines, and why identity has always been the true perimeter. Marene also reflects on her post-CISO chapter and the evolving role of cybersecurity leaders in a rapidly evolving threat landscape.
Tune in here to this Friday’s edition of the Brett Winterble Show! Brett kicks off the program with Pete Kaliner for this edition of The Hangover as they discuss the slower pace of summer news cycles and the challenge of generating meaningful content during quieter months. The conversation begins lightheartedly with observations about seasonal radio topics, but it quickly transitions into a more substantive discussion about personality, loyalty, and political theater. Later, Brett discusses the challenges facing modern American patriotism and whether the current generation would defend the country in the event of a major global conflict. He questions the influence of institutions and academia on young Americans' views of national service and loyalty. Brett criticizes what he sees as a dangerous shift in values, highlighting comments from Boston Mayor Michelle Wu and Congressman Hakeem Jeffries that he believes undermine ICE agents and public safety. Listen here for all of this and more on The Brett Winterble Show! For more from Brett Winterble check out his YouTube channel. See omnystudio.com/listener for privacy information.
Ping Identity helps some of the largest enterprises in the world secure the logins of their employees and customers, helping to keep systems secure, prevent fraud, and decrease friction as companies undergo their digital transformation. In this episode of Behind the Deal, Thoma Bravo Founder and Managing Partner, Orlando Bravo, and Partner, Chip Virnig, sit down with Ping Identity Founder & CEO, Andre Durand, to discuss the $2.8 billion take-private transaction and the strategic rationale behind combining Ping with ForgeRock to create a leading identity security platform for some of the world's largest organizations For more information on Thoma Bravo's Behind the Deal, visit https://www.thomabravo.com/behindthedeal Learn more about Thoma Bravo: https://www.thomabravo.com/ Visit Ping's website: https://www.pingidentity.com/en.html To learn more about listener data and our privacy practices visit: https://www.audacyinc.com/privacy-policy Learn more about your ad choices. Visit https://podcastchoices.com/adchoices
This episode is sponsored by Duo. Visit duo.com to learn more.Join Jim McDonald and Jeff Steadman on this sponsored episode of the Identity at the Center Podcast, brought to you by Duo! We welcome back Matt Caulfield, VP of Duo and Identity at Cisco, to discuss the ongoing "identity crisis" in security, where 60% of attacks have identity as a key component. Matt introduces Duo's new Security-First IAM, a revolutionary approach that prioritizes security by making it the default, enabling easy passwordless adoption, and building in phishing resistance from day zero.Discover how Duo is differentiating itself in a crowded market by focusing on end-to-end phishing resistance capabilities and user-centric security. Matt shares insights into Cisco's innovation culture, drawing from his experience as a founder and the integration of acquired technologies like ORT into Duo's identity intelligence, including a new trust scoring mechanism to identify compromised accounts.We also delve into the powerful insights from Cisco Talos, whose research on identity-based attacks directly influences Duo's product development, and how customer feedback is shaping the future of identity security. Explore the exciting innovations in authentication, including Duo's proximity verification for phishing-resistant, passwordless access, and the continuous authentication capabilities powered by Duo Desktop and Identity Intelligence.Finally, Matt discusses the impact of AI on identity security, both in enabling attackers and enhancing defense mechanisms like the new Duo AI assistant for administrators. The conversation concludes with a look into the future of identity, including the challenges and opportunities presented by machine and agentic AI identities, and the critical need for advanced authorization solutions.Don't forget to visit duo.com for more information!Chapter Timestamps:00:00:00 - Introduction to the Identity Crisis and Security First IAM00:02:22 - Welcome to the Identity at the Center Podcast & Sponsored Episode Introduction00:03:00 - Introducing Matt Caulfield and His Journey at Duo/Cisco00:04:35 - Defining the Digital Identity Crisis00:06:04 - Understanding Security-First IAM00:07:17 - Differentiating Duo's Identity Solution00:08:36 - Cisco's Acquisition Strategy and Continued Innovation00:10:55 - The Impact of Cisco Talos Intelligence00:14:39 - Customer Insights and Challenges in Identity00:16:50 - Is Authentication Solved? Innovation in Phishing Resistance00:19:32 - AI's Impact on Identity Security and Future Threats00:21:55 - How Duo is Leveraging AI Internally and for Customers00:24:00 - Duo's Repositioning: From MFA to Identity and Access Management00:25:27 - Shifting Metrics of Success for Duo Customers00:27:44 - Workforce, Extended Workforce, and B2B Use Cases for Duo IAM00:29:48 - Deep Dive into Proximity-Based Authentication00:32:31 - The Importance of Phishing Resistance in Duo's Strategy00:35:57 - Continuous Authentication and Shared Signals Framework00:39:07 - Identity as a Core Pillar of SASE00:40:32 - Why Shared Signals Framework is a Key Investment for Duo00:43:25 - Future Outlook for Identity Practitioners: Passwordless and AI00:46:27 - Agentic AI and the Future of Authorization00:48:53 - Jim's Swag Tips for Identiverse00:51:57 - Final Thoughts from Matt CaulfieldConnect with Matt: https://www.linkedin.com/in/mcaulfie/Learn more about Duo: https://duo.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com#idac #IdentitySecurity #Cybersecurity #DuoSecurity
RSA 2025 revealed a shift: identity is now a primary threat vector in cloud security. In this episode, Jason Kikta breaks down the key takeaways from the conference—why identity has overtaken malware, how threat actors exploit service accounts and IDPs, and what this means for modern defense strategies. Plus, Jason shares observations on the evolving risk landscape and whether Black Hat will follow RSA's lead.Whether you're a CISO, CTO, or security architect, this episode is your briefing on where the industry is headed.
Send us a textIn this episode, Matt interviews Bel Lepe, CEO and co-founder of Cerby, discussing the challenges and opportunities in identity security. They explore the significance of disconnected applications, the impact of shadow IT, and the importance of automation and AI in enhancing security practices. Bel shares insights from his previous experience at Ooyala and the lessons learned in building Cerby, including the recent Series B funding and future plans for the company.TakeawaysDisconnected applications pose significant risks in identity management.Shadow IT is becoming a major part of the IT landscape, not just a side issue.The startup journey involves learning from past experiences and adapting strategies.The human element remains a critical factor in cybersecurity incidents.
In this episode of Security Matters, host David Puner welcomes Kevin Bocek, CyberArk SVP of Innovation, for an insightful discussion on the critical role of machine identity in modern cybersecurity. As digital environments become increasingly complex, securing machine identities has never been more crucial.According to the CyberArk 2025 Identity Security Landscape, machine identities now outnumber human identities by more than 80 to 1. As organizations scale cloud workloads and automation, these identities are becoming a critical part of the cybersecurity frontline. From TLS certificate outages to API key exposures, failures in machine identity management can lead to outages, breaches, and cascading system failures. In this episode of Security Matters, Kevin Bocek explains why this moment is pivotal for getting machine identity right—and how Zero Trust principles, automation, and visibility are essential to building cyber resilience.We also explore the future of identity security—from AI kill switches and agentic AI to quantum threats—and how identity can serve as both a safeguard and a kill switch in the age of autonomous systems.Whether you're a cybersecurity professional or simply interested in the latest security trends, this episode offers valuable insights into the importance of machine identity in safeguarding our digital world. Don't forget to subscribe, leave a review, and follow Security Matters for more expert discussions on the latest in cybersecurity.
In this compelling episode, Dr. Dave Chatterjee is joined by Damon Fleury, Chief Product Officer, SpyCloud to dissect one of cybersecurity's most exploited and least understood attack surfaces—identity. With nearly three decades of experience in security, Damon shares real-world insights into how identity compromises serve as the entry point for major breaches, why a holistic approach to identity security is urgent, and how organizations can move from reactive defense to proactive resilience. The discussion underscores the convergence of people, processes, and technology in building durable identity security frameworks.To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-86-holistic-identity-security-shifting-the-paradigm-from-reactive-to-proactive/Connect with Host Dr. Dave Chatterjee and Subscribe to the PodcastPlease subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks. Connect with Dr. Chatterjee on these platforms: LinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712Latest Publications & Press Releases:“Meet Dr. Dave Chatterjee, the mind behind the CommitmentPreparedness-Discipline method for cybersecurity,” Chicago Tribune, February 24, 2025."Dr. Dave Chatterjee On A Proactive Behavioral Approach To Cyber Readiness," Forbes, February 21, 2025.Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparednessDr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness, Yahoo!Finance, Dec 16, 2024Dr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness, Marketers Media, Dec 12, 2024.Cybersecurity Readiness Podcast by Dr. Dave Chatterjee Reaches 10,000 Downloads Globally, Business Insider/Markets Insider, Dec 10, 2024.
In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security. Push has built an identity security platform that collects identity information and events from your users' browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account that a user has spun up. It's extremely difficult to bypass. That's because when you're in the browser it doesn't matter how a phishing link arrives, or how a threat actor has concealed it from your detection stack – if the user sees it, Push sees it. There are solutions for protecting your users SSO credentials, like passkeys. But what about all the SaaS in your environment? Even if it's enrolled into your SSO, are you sure that's how your users are authenticating to it? What about the automation platforms your developers and admins use? What about data platforms like Snowflake? Are your using setting up passkeys for those accounts? How would you know, and what problems can it cause if those accounts are vulnerable? This is a fun one! This episode is also available on Youtube. Show notes
In this episode of Security Matters, host David Puner sits down with Eric Olden, co-founder and CEO of Strata Identity, and a pioneer in modern identity management. Eric shares his career journey, from founding Simplified to leading Oracle's global identity division, and discusses the critical importance of resilience in identity systems.Discover how organizations can eliminate single points of failure, test their backup plans and ensure their digital operations remain robust even in the face of unexpected outages. Eric also delves into the concept of identity orchestration, explaining how it can unify multiple identity systems and enhance security.Tune in to learn about the latest trends in identity management, including the intersection of AI and identity, and gain insights into how businesses can proactively assess and mitigate risks associated with identity outages.Don't miss this engaging conversation filled with practical advice and forward-thinking strategies to help safeguard your organization's identity infrastructure.
Eve Maler returns to Identity at the Center for her seventh episode, bringing her signature insight and humor to a deep conversation about the state of digital identity. Jeff and Jim explore the gap between lagging IAM programs and next-gen technologies with Eve, who dives into her research on non-human identities, the power of identity services as products, and how martech and adtech intersect with customer IAM. Plus, get a preview of her EIC talk and the latest on Identi-Squabble, the identity game show set for Identiverse. Don't miss this packed and playful discussion!Timestamps:00:00 - Assume breach, assume tracking02:03 - Jim's IAM theory and gap analysis10:00 - Identi-Squabble game show preview13:00 - Eve joins, talks SXSW experience18:00 - Non-traditional Venn diagrams & stakeholder models22:00 - Personhood credentials and digital death27:00 - MarTech, AdTech, and the identity connection35:00 - Consent is dead: what it means for IAM47:00 - Treating identity as a product50:00 - Identity's role in organizational silos53:00 - Identity Security: what is it really?59:00 - Is “identity” big enough to hold all these qualifiers?01:00:00 - Lighter note: would you rather meet past or future self?Connect with Eve: https://www.linkedin.com/in/evemaler/Venn Factory: https://www.vennfactory.com/Conference Discounts!Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:Eve Maler, IAM, Identity at the Center, Identiverse, Identisquabble, Martech, Adtech, Personhood Credentials, Identity Security, Consent Management, Non-Human Identity, Identity as Product, Digital Identity, Venn Factory, Identity Governance, IAM Strategy, South by Southwest Identity, Privacy by Design
In this episode of Campus Technology Insider Podcast Shorts, host Rhea Kelly covers the key tech stories in higher education. Highlights include Fortinet's report on the critical role of identity in cloud security, Meta's launch of a standalone AI app featuring Llama 4, and a Cloudera survey revealing data privacy as a top concern for AI adoption. Tune in for more insights on these stories and their implications for the education sector. 00:00 Introduction and Host Welcome 00:17 Critical Security Perimeter in Cloud Services 00:48 Meta Platforms Launches Standalone AI App 01:21 Cloudera Survey on AI Agents and Data Privacy 01:57 Conclusion and Further Resources Source links: Report: Identity Has Become a Critical Security Perimeter for Cloud Services Meta Launches Stand-Alone AI App Study: Data Privacy a Top Concern as Orgs Scale Up AI Agents Campus Technology Insider Podcast Shorts are curated by humans and narrated by AI.
Identity management attracts significant investment as startups secure over $300 million, and a major eyeball-scanning service launches in the U.S. Persona leads a Series D funding round with $200 million to enhance identity verification tools amid rising AI trends. Veza follows with $108 million in Series D funding, focusing on identity security tailored for an AI-dominant environment. The U.S. launches World, co-founded by Sam Altman, offering iris scan-based identity verification across five locations, raising $244 million to develop tech that distinguishes humans from AI. Numerous identity security startups garner substantial investments, with Aura raising over $660 million and Semperis close to $500 million. Public interest grows, evident in Okta's $20 billion market cap and CyberArk's $17 billion valuation. The identity management market projects to exceed $24 billion this year, driven by remote work and cloud reliance. Anticipated growth in biometric authentication takes shape as AI bot traffic is expected to represent around 90% of online activity by the decade's end, creating challenges for businesses to identify genuine users versus malicious bots.Learn more on this news visit us at: https://greyjournal.net/news/ Hosted on Acast. See acast.com/privacy for more information.
Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405
Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405
Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Show Notes: https://securityweekly.com/esw-405
In this episode of the Security Matters podcast, host David Puner sits down with Lior Yaari, CEO and co-founder of Grip Security, for a discussion that covers the concept of identity debt and its implications for modern cybersecurity. Lior shares insights from his experience in Israel's elite Unit 8200 and explains why identity is now the new security perimeter. They delve into the challenges organizations face in managing SaaS applications, the impact of generative AI on cybersecurity and the importance of proactive identity governance. Tune in for tips on how to protect your organization from within and stay ahead of evolving threats.
This episode is sponsored by Permiso. Visit permiso.io/idac to learn more.In this sponsored episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Paul Nguyen, co-founder and co-CEO of Permiso, to discuss the critical role of identity security in modern information security. Paul shares insights into the history of identity threats, the rise of identity-focused attacks like Scattered Spider and LLM Jacking, and the importance of real-time identity monitoring for both human and non-human identities across cloud and on-prem environments. The episode explores how Permiso is positioned in the market to provide comprehensive identity threat detection and response (ITDR) and identity security posture management (ISPM), offering advanced visibility and proactive measures against emerging threats.Chapters00:00 Introduction to Security Vendors00:50 Welcome to the Identity at the Center Podcast01:30 Sponsored Spotlight: Permiso02:14 Meet Paul Nguyen, Co-Founder of Permiso03:34 The Importance of Identity in Security05:35 Permiso's Unique Approach to Identity Security07:36 Real-Time Monitoring and Threat Detection09:23 Challenges and Solutions in Identity Security15:16 Modern Attacks and Identity Threats25:56 The Role of Honeypots in Security Research26:49 Challenges of Maintaining Security27:15 Honeypots and Breach Detection27:46 Dwell Time and Reconnaissance28:34 Password Complexity and Monitoring Gaps29:24 Roles and Responsibilities in Identity Security29:49 Unified Identity Security Teams30:57 Emerging Threats and Joint Efforts32:49 Permiso's Role in Identity Security34:10 Detection and Response Strategies36:11 Managing Identity Risks36:51 Combining Prevention and Detection39:44 Real-World Applications and Challenges51:17 Personal Insights and Final ThoughtsConnect with Paul: https://www.linkedin.com/in/paulnguyen/Learn more about Permiso: https://permiso.io/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.com and watch at idacpodcast.tvKeywords:identity security, real-time monitoring, IAM, cybersecurity, identity exploitation, modern attacks, insider threats, honeypots, organizational structure, Non-Human Identities, Identity Security, Permiso, Risk Management, Insider Threat, Shadow IT, Identity Graph, ITDR, ISPM, Cybersecurity
In this episode of the Other Side of the Firewall podcast, the hosts discuss the critical role of identity management in cybersecurity. They emphasize the importance of access control, risk management, and the need for proper onboarding and offboarding procedures to mitigate insider threats. The conversation also highlights the necessity of integrating IT and HR processes to enhance security measures and ensure effective cyber hygiene. Article: Identity: The New Cybersecurity Battleground https://thehackernews.com/2025/03/identity-new-cybersecurity-battleground.html Please LISTEN
SailPoint (SAIL) returns to the public markets for a second time – CEO Mark McClain shares why now is the right time to re-debut after going private in 2022. He says their first outing was a “good run”, and that they use the time in the private markets to restructure more easily. But, he says, the “market backdrop” made it appealing to re-list. He discusses how SAIL leverages A.I. for cybersecurity.======== Schwab Network ========Empowering every investor and trader, every market day.Subscribe to the Market Minute newsletter - https://schwabnetwork.com/subscribeDownload the iOS app - https://apps.apple.com/us/app/schwab-network/id1460719185Download the Amazon Fire Tv App - https://www.amazon.com/TD-Ameritrade-Network/dp/B07KRD76C7Watch on Sling - https://watch.sling.com/1/asset/191928615bd8d47686f94682aefaa007/watchWatch on Vizio - https://www.vizio.com/en/watchfreeplus-exploreWatch on DistroTV - https://www.distro.tv/live/schwab-network/Follow us on X – https://twitter.com/schwabnetworkFollow us on Facebook – https://www.facebook.com/schwabnetworkFollow us on LinkedIn - https://www.linkedin.com/company/schwab-network/About Schwab Network - https://schwabnetwork.com/about
In the inaugural episode of the Security Matters podcast, host David Puner dives into the world of AI security with CyberArk Labs' Principal Cyber Researcher, Eran Shimony. Discover how FuzzyAI is revolutionizing the protection of large language models (LLMs) by identifying vulnerabilities before attackers can exploit them. Learn about the challenges of securing generative AI and the innovative techniques used to stay ahead of threats. Tune in for an insightful discussion on the future of AI security and the importance of safeguarding LLMs.What's Security Matters? Check out the show trailer to learn more. Make us your top cybersecurity podcast.Links referenced in this episode:FuzzyAI GitHub pageFuzzyAI Discord Community
Luke 4:3 (ESV) The devil said to him, “If you are the Son of God…TITLE: Identity Crisis SecurityLuke 4:1–2 (ESV) And Jesus, full of the Holy Spirit, returned from the Jordan and was led by the Spirit in the wilderness for forty days, being tempted by the devil. And he ate nothing during those days. And when they were ended, he was hungry.THE Attack (TEMPTING) ON Jesus...Luke 4:3 (ESV) The devil said to him, “If you are the Son of God, command this stone to become bread.”Luke 4:5–7 (ESV) And the devil took him up and showed him all the kingdoms of the world in a moment of time, and said to him, “To you I will give all this authority and their glory, for it has been delivered to me, and I give it to whom I will. If you, then, will worship me, it will all be yours.”Luke 4:9-11 (ESV) And he took him to Jerusalem and set him on the pinnacle of the temple and said to him, “If you are the Son of God, throw yourself down from here, for it is written, “ ‘He will command his angels concerning you, to guard you,' and “ ‘On their hands they will bear you up, lest you strike your foot against a stone.' ”THE Attack (TEMPTING) ON MANKIND…Genesis 3:4–6 (ESV) But the serpent said to the woman, “You will not surely die. For God knows that when you eat of it your eyes will be opened, and you will be like God, knowing good and evil.” So when the woman saw that the tree was good for food, and that it was a delight to the eyes, and that the tree was to be desired to make one wise, she took of its fruit and ate, and she also gave some to her husband who was with her, and he ate.EVERY ATTACK (TEMPTATION) YOU EXPERIENCE WILL BE FOCUSED ON YOUR IDENTITY.THE FOUNDATION OF YOUR IDENTITY:CONCEIVED - What God Thinks/SaysBELIEVED - What You ThinkPROJECTED - What You SayPERCEIVED - What Others Think/SayJESUS: IDENTITY SECURITYCONCEIVED - What God Thinks/SaysLuke 3:22 (ESV) and the Holy Spirit descended on him in bodily form, like a dove; and a voice came from heaven, “You are my beloved Son; with you I am well pleased.”BELIEVED - What You ThinkJohn 8:58 (ESV) Jesus said to them, “Truly, truly, I say to you, before Abraham was, I am.PROJECTED - What You SayLuke 8:56 (ESV) And her parents were amazed, but he charged them to tell no one what had happened.PERCEIVED - What Others Think/SayJohn 2:24–25 (ESV) But Jesus on his part did not entrust himself to them, because he knew all people and needed no one to bear witness about man, for he himself knew what was in man.WHO ARE YOU?CONCEIVED - What God Thinks/SaysBELIEVED - What You ThinkPROJECTED - What You SayPERCEIVED - What Others Think/SayProverbs 23:7 (KJV) For as he thinketh in his heart, so is he.2 Corinthians 11:3 (ESV) But I am afraid that as the serpent deceived Eve by his cunning, your thoughts will be led astray from a sincere and pure devotion to Christ.John 12:46 (ESV) I have come into the world as light, so that whoever believes in me may not remain in darkness.
Welcome to Security Matters, the next evolution of CyberArk's podcast. Previously known as Trust Issues, this show has always brought expert insights into the world of identity security.Hosted by David Puner, Senior Editorial Manager at CyberArk, Security Matters refines its focus to emphasize a proactive approach to cybersecurity. The podcast will delve into the principle of "Think like an attacker," highlighting the importance of staying ahead of threats rather than merely reacting to them.Each episode will feature deep insights, expert perspectives, and actionable strategies to help empower listeners to defend and protect their organizations and the digital world. Topics will include securing the entire spectrum of identities—both human and machine—protecting hybrid and multi-cloud environments and analyzing the latest attack methods.Join Security Matters to explore why how you approach security truly matters.Coming mid-Feb. 2025 to this stream and most major podcast platforms.
Join us for an insightful conversation with Ceora Ford about the intersection of security, development, and community building. We explore why managing identity security is more complex than simple authentication, examine the trade-offs of Next.js's App Router in enterprise applications, and uncover strategies for effective technical content creation. Ceora shares her experience transitioning from digital marketing to developer advocacy, offering practical advice for building a presence across platforms like TikTok, Twitter, and LinkedIn.SponsorConvex is the backend for founders. Convex is the backend application platform for product-obsessed founders.Chapter Marks00:00 - Intro01:14 - Identity Security Discussion05:25 - Evolution of React and Next.js08:33 - Documentation and Developer Experience15:43 - Sponsor: [Convex](https://convex.dev)16:20 - Authentication in the App Router21:31 - Content Creation and Marketing Strategy27:50 - Social Media Platform Strategy34:51 - Analytics and Tool Discussion41:08 - Picks and PlugsBradPick: His dog Roman (who they had to say goodbye to at age 17)Plug: Social media accountsBrad on TwitterBrad on BlueSkyBrad on YouTubeBekahPick: "The Game" podcast with Alex HormoziPlug: Open Sauce (opensauced.pizza) and her team's upcoming feature launchCeoraPick: "The Good Place" (TV show on Netflix)Plug: Social media accountsCeora on LinkedInCeora on TwitterCeora on BlueSkyCeora on TikTokLinksAuth0 by OktaNext.jsAuth0 documentation for Next.js integrationGatsbyAstroConvexJekyllGraphQLOpen SaucedMark Techson
In this episode, Trust Issues host David Puner wraps up 2024 with a conversation with Red Hat's Field CTO Ambassador E.G. Nadhan about the future of cybersecurity. They discuss the importance of cloud security principles, the impact of emerging technologies like AI and quantum computing, and the challenges of managing machine identities. Nadhan emphasizes the need for organizations to prepare for future security challenges by understanding the attacker mindset and taking proactive steps today to protect for tomorrow. The conversation also touches on collaboration within the open source community and the role of Red Hat's Field CTO organization in driving innovation and addressing market opportunities.
In this special episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Hed Kovetz, CEO and co-founder of Silverfort, at the Gartner IAM Summit in Texas. Hed shares insights on the evolution of identity security, the interplay between legacy and modern IT systems, and the importance of securing non-human identities. They also delve into the role of AI in cybersecurity and the challenge of maintaining innovation in a growing company. Tune in for a thought-provoking conversation about the future of identity security and the booming impact of AI. 00:00 The Importance of Identity in Modern Security 01:23 Welcome to the Identity of the Center Podcast 01:44 Live from the Gartner IAM Summit 03:08 Interview with Hed Kovetz, CEO of Silverfort 03:48 Silverfort's Recent Achievements and Innovations 05:15 Challenges and Insights in Identity Security 08:00 The Evolution of Identity Security 21:20 Securing Legacy and Modern IT Systems 29:52 The Rise of Service Account Protection 30:31 Challenges in Securing Non-Human Identities 31:02 Real-World Examples and Governance Issues 31:40 Strategies for Securing Non-Human Identities 32:56 The Evolution of Identity Security 45:49 The Role of AI in Identity Security 50:33 The Future of Identity Security 53:44 Personal Insights and Reflections 01:01:25 Conclusion and Final Thoughts Connect with Hed: https://www.linkedin.com/in/hed-kovetz-910ba5b9/ Learn more about Silverfort: https://www.silverfort.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com
In this episode of the Identity at the Center podcast, hosts Jeff and Jim dive into the concept of Identity Security Posture Management (ISPM) with Henrique Teixeira, Senior Vice President of Strategy at Saviynt and former Gartner analyst. Henrique explains ISPM as an Apple Watch for your identity program, focusing on preventive measures before an attack occurs. The discussion also covers the upcoming Gartner IAM Summit, AI's impact on identity management, and the anticipated trends for 2025. Additionally, they explore the differences between AI copilot, agent, and bot, and the future of non-human identity management. Henrique shares insights on balancing ITSM front ends with IGA systems and emphasizes the importance of continuous security investment. Tune in for a comprehensive look at ISPM, AI, and the evolving identity security landscape. Chapters 00:00 Welcome to the Podcast 01:47 Gartner IAM Summit Preview 04:48 Guest Introduction: Henrique Teixeira 05:28 Henrique's Career Transition 10:12 Conference Experiences and Insights 14:10 Understanding ISPM and ITDR 29:16 AI in Identity Management 35:58 Debating the Future of AI in IGA Systems 37:09 Evolution of Access Request Systems 37:59 The Rise of ChatOps in Identity Management 40:26 Multi-Channel Identity and Access Management 45:54 Influencers and Inspirations in Identity Strategy 49:06 Reflecting on 2024: Trends and Predictions 54:31 Looking Ahead: Identity and AI in 2025 01:02:50 Boxing Talk: Mike Tyson vs. Jake Paul 01:08:17 Wrapping Up: Final Thoughts and Farewells Connect with Henrique: https://www.linkedin.com/in/bernardes Learn more about Saviynt: https://saviynt.com/ Prevention + ITDR Venn Diagram - https://www.linkedin.com/posts/rezasoltani_identitysecurity-ispm-itdr-activity-7203522819014500353-8Kv_/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Digital Identity, AI, Artificial Intelligence, ISPM, ITDR, IGA, Gartner IAM Summit, Cybersecurity, Cloud Security, Machine Identity, Non-Human Identity, Podcast, Interview, Saviynt, Henrique Teixeira, Jim McDonald, Jeff Steadman
In this episode of the Trust Issues podcast, host David Puner sits down with Andrew Shikiar, the Executive Director and CEO of the FIDO Alliance, to discuss the critical issues surrounding password security and the innovative solutions being developed to address them. Andrew highlights the vulnerabilities of traditional passwords, their susceptibility to phishing and brute force attacks, and the significant advancements in passwordless authentication methods, particularly passkeys. He explains how passkeys, based on FIDO standards, utilize asymmetric public key cryptography to enhance security and reduce the risk of data breaches. The conversation also covers the broader implications of strong, user-friendly authentication methods for consumers and organizations, as well as the collaborative efforts of major industry players to make the internet a safer place. Additionally, Andrew highlights the importance of identity security in the context of these advancements, emphasizing how robust authentication methods can protect personal and organizational data. Tune in to learn about the future of authentication and the steps being taken to eliminate the reliance on passwords.
We speak with Venafi's Chief Innovation Officer, Kevin Bocek following the acquisition by Cyberark, effective as 1 October, 2024.Given Kevin's role over a decade with Venafi, he gives insight into what the acquisition of Venafi means for the customers of both companies and the market.We also discuss how the IAMs compliment each other and reflect the preference of customers to reduce the number of vendors, as well as responding to the state of play in terms of companies securing machine identities, and reflecting on the last 10 years how this will develop over the short to medium term.We also consider the emergence of Quantum and recent news that scientists have cracked a shortened RSA encryption.Recorded at Impact World Tour in Sydney, an identity security event, where, importantly Kevin has a key message for customers in APAC and Australia.#mysecuritytv #venafi #cyberark #impact2024 #iam #pam #identitysecurity
In this episode of the Identity at the Center podcast, Jim McDonald is joined by guest David Mahdi, CIO at Transmit Security and former Gartner analyst. The discussion delves into the challenges of identity security and the necessity of transitioning from IAM to identity security to mitigate privacy, fraud, and scam risks. They explore the convergence of cybersecurity and identity, the rise of non-human identities, and the importance of cyber resilience. David shares insights from his global experiences and highlights the importance of behavior-based monitoring for both human and non-human identities. The episode wraps up with a lighter note as they discuss the perfect trail mix ingredients. 00:00 Welcome to the Identity at the Center Podcast 01:12 Guest Introduction: David Mahdi 02:35 The Evolution of Identity Security 04:13 The Importance of Identity Security 05:26 David Mahdi's Journey in Identity Security 07:20 Challenges in Identity and Access Management 10:10 The Role of Machine Learning in Identity Security 12:19 The Future of Identity Security 22:52 The Need for Convergence in Identity and Security Teams 33:01 Non-Human Identities and Their Management 41:00 Defining Roles and Responsibilities 41:46 Ignoring Non-Human Accounts 42:38 Emerging Threats and Risk Management 44:33 The Importance of Identity Security 46:46 Cyber Resilience in Modern Organizations 49:24 Cloud Services and Backup Plans 51:26 Ransomware and Data Access Governance 54:27 The Future of Identity Security 01:07:53 Trail Mix and Lighter Notes 01:14:32 Closing Remarks and Upcoming Events Connect with David: https://www.linkedin.com/in/dmahdi/ Learn more about Transmit Security: https://transmitsecurity.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Cyber Resilience, Machine Identity, Non-Human Identity, Digital Transformation, Cloud Security, Zero Trust, Data Breach, Risk Management, ITDR, MFA Fatigue, Deepfakes, Gen AI, Copilot, Claude AI, Decentralized Identity, Quantum Computing, Ransomware, Data Access Governance, Transmit Security, Gartner IAM Summit, FIDO Authenticate Conference.
In this episode of Trust Issues, host David Puner interviews James Imanian, Senior Director of the U.S. Federal Technology Office at CyberArk. They discuss the critical topic of election security, focusing on the recent 2024 U.S. presidential election. Drawing from his extensive background in cybersecurity including a career in the Navy and a stint at the U.S. Department of Homeland Security, James brings a wealth of experience to the conversation, which explores AI's impact on election security—highlighting how AI has transformed the landscape by increasing the scale, speed and sophistication of misinformation and disinformation campaigns. James explains the differences between misinformation, disinformation and malinformation and their roles in the information environment surrounding elections.He also highlights the importance of public-private partnerships in securing election infrastructure and the role of international collaboration in countering nation-state threats. The episode examines the challenges of maintaining trust in the digital age and the potential of identity verification technologies to enhance information trustworthiness.Finally, the discussion touches on the parallels between election security and enterprise cybersecurity, emphasizing the need for critical thinking and proactive measures to uphold the integrity of both elections and organizational security.For more insights from James Imanian on election security, check out his blog, "Six Key Measures for Upholding Election Security and Integrity."
In this episode of CSP, we sit down with Dr. Sean Murphy, the CISO of BECU, one of Seattle's largest credit unions, to discuss the shifts in identity security brought on by the COVID-19 pandemic. Dr. Murphy highlights how Zero Trust architecture became crucial for verifying internal users, especially as remote work became the norm. He shares insights on the unique challenges of securing a remote workforce in the banking sector and underscores the importance of a robust identity security framework in protecting both members and employees in today's evolving threat landscape. This segment is sponsored by CyberArk. Visit https://cisostoriespodcast.com/cyberark to learn more about them! This segment is sponsored by Saviynt. Please visit https://cisostoriespodcast.com/saviynt to learn more and get a free demo! This segment is sponsored by Liminal. Visit https://cisostoriespodcast.com/liminal to learn more about them! Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-201
In this episode of the Identity at the Center podcast, hosts Jim McDonald and Jeff Steadman delve into the significance of shared signals in identity and access management (IAM). Featuring Mike Kiser, Director of Strategy and Standards at SailPoint, the discussion spans Kiser's career journey from IBM to SailPoint, the importance of standards and security in IAM, and the influence of AI on authenticity. The episode highlights the Shared Signals Framework, drawing parallels to cooperative dolphins and fishermen, and underscores the benefits of a standardized approach to signal sharing. The conversation also touches on the challenges and potential of event-based architectures and the evolving role of identity in cybersecurity. 00:00 Introduction and Initial Thoughts 02:50 Conference and Discount Codes 05:33 Guest Introduction and Background 11:31 AI and Authenticity 15:21 Shared Signals Framework 25:40 Decentralized Identity Management 26:28 Real-Time Identity Data Sharing 27:55 Developing Identity Standards 29:19 Vendor Collaboration and Challenges 31:28 Event-Based Identity Architectures 33:03 The Role of Big Tech in Identity Security 39:22 Customer Demand for Identity Solutions 40:49 Identity Security and Digital Identity 42:47 Technology vs. Humanity: A Musical Perspective 48:41 Conclusion and Final Thoughts Connect with Mike: https://www.linkedin.com/in/mike-kiser/ Learn more about SailPoint: https://www.sailpoint.com/ SailPoint Navigate 2024 London - Use code IDAC for a £300 discount - https://www.sailpoint.com/navigate/london Semperis' Hybrid Identity Protection Conference (HIP Conf) - Use code IDACpod for 20% off: https://www.hipconf.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com
In this episode of the Trust Issues podcast, host David Puner and David Lee, aka “The Identity Jedi,” delve into the evolving landscape of identity security. They discuss the critical challenges and advancements in securing both human and machine identities. Lee shares insights on the fear and misconceptions surrounding AI, drawing parallels to pop culture references like Marvel's Jarvis. They explore the potential of autonomous AI in monitoring and managing security tasks, emphasizing the need for real time data analysis and context understanding. The conversation highlights the importance of providing context on both human and machine sides to enhance security measures. They also touch on the role of investors in the identity security space and the need for better storytelling in the industry.
AB sits down with Matt Caulfield, VP of Identity and Duo, Cisco Security, to talk about the vision and strategy for Cisco's identity portfolio. This insightful conversation spans various topics, including multi-factor authentication (MFA), social engineering, and the integration of artificial intelligence (AI) in identity security technologies.
AB sits down with Matt Caulfield, VP of Identity and Duo, Cisco Security, to talk about the vision and strategy for Cisco's identity portfolio. This insightful conversation spans various topics, including multi-factor authentication (MFA), social engineering, and the integration of artificial intelligence (AI) in identity security technologies.
Generative AI has been the talk of the technology industry for the past 18+ months. Companies are seeing its value, so generative AI budgets are growing. With more and more AI agents expected in the coming years, it's essential that we are securing how consumers interact with generative AI agents and how developers build AI agents into their apps. This is where identity comes in. Shiven Ramji, President of Customer Identity Cloud at Okta, will dive into the importance of protecting the identity of AI agents and Okta's new security tools revealed at Oktane that address some of the largest issues consumers and businesses have with generative AI right now. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-helps-builders-easily-implement-auth-for-genai-apps-secure-how/ Today, there isn't an identity security standard for enterprise applications that ensures interoperability across all SaaS and IDPs. There also isn't an easy way for an app, resource, workload, API or any other enterprise technology to make itself discoverable, governable, support SSO and SCIM and continuous authentication. This lack of standardization is one of the biggest barriers to cybersecurity today. Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta, joins Security Weekly's Mandy Logan to discuss the need for a new, comprehensive identity security standard for enterprise applications, and the work Okta is doing alongside other industry players to institute a framework for SaaS companies to enhance the end-to-end security of their products across every touchpoint of their technology stack. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-openid-foundation-tech-firms-tackle-todays-biggest-cybersecurity/ https://www.okta.com/press-room/press-releases/okta-is-reducing-the-risk-of-unmanaged-identities-social-engineering/ This segment is sponsored by Oktane, to view all of the CyberRisk TV coverage from Oktane visit https://securityweekly.com/oktane. Show Notes: https://securityweekly.com/asw-305
In this special episode of the Identity at the Center podcast, recorded live from the SailPoint Navigate 2024 conference in Orlando, hosts Jeff and Jim engage with Andrew Moore, VP of Product Management at SailPoint. The conversation spans a variety of critical themes, including the management of identity platforms, product development, and the importance of customer feedback. Andrew details his career journey, including his transition from Under Armour to SailPoint, and shares insights into the development of connected products, data-driven design, and user experience enhancements. The episode also introduces the latest innovations, such as Privileged Task Automation and Machine Identity Security, emphasizing their potential to address productivity and security risks. Furthermore, the speakers discuss the transformative role of AI in Identity Governance and Administration (IGA), highlighting the importance of explainable AI and maintaining strong security standards. This episode is a deep dive into the dynamic landscape of identity governance and the strategies driving continuous innovation. 00:00 Welcome to the Identity at the Center Podcast 01:55 Conference Insights and Future Plans 03:38 Introducing Andrew Moore 03:52 Andrew Moore's Journey into Identity 06:48 Product Management at SailPoint 16:48 Innovative Projects and Customer Feedback 23:17 Exploring Low Code and No Code Identity Automations 23:53 Understanding Customer Feedback and Research Techniques 24:41 Balancing Positive and Negative Feedback 00:24 Dealing with Critical Feedback 29:34 Announcing the Product Roadmap 30:37 Privileged Task Automation: A Game Changer 39:11 Machine Identity Security: New Innovations 42:33 The Future of AI in Identity Governance 47:12 Addressing Concerns About AI in IGA 50:40 Conclusion and Final Thoughts Connect with Andrew: https://www.linkedin.com/in/richardandrewmoore/ Learn more about SailPoint: https://www.sailpoint.com/ SailPoint Navigate 2024 London - Use code IDAC for a £300 discount - https://www.sailpoint.com/navigate/london Semperis' Hybrid Identity Protection Conference (HIP Conf) - Use code IDACpod for 20% off: https://www.hipconf.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com
In this episode of the Trust Issues Podcast, host David Puner sits down with CyberArk's resident technical evangelist, white hat hacker and transhuman, Len Noe. They dive into Len's singular journey from a black hat hacker to an ethical hacker, exploring his identity reinvention and the fascinating world of subdermal microchip implants and offensive security. Len shares insights from his new book, "Human Hacked: My Life and Lessons as the World's First Augmented Ethical Hacker," which releases on October 29. They also discuss the relevance of Len's transhuman identity to his work in identity security.
In this episode from 2011 I was joined by Jim Miller to discuss how to keep your information and identity safe in our modern age were information is more vulnerable than any time in our history. Today’s episode of Friday … Continue reading →
In this episode of the Trust Issues podcast, host David Puner sits down with Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral guidance on identity-centric security strategies to help organizations reduce the risk of identity-related attacks. They explore the evolution of digital identity, discussing how it has transformed from simple identifiers to complex, multifaceted digital identities for both humans and machines. In today's threat landscape, the number and types of identities, attack methods and environments have dramatically increased, making it more challenging to secure identities. Jeff discusses the challenges and efforts in creating sustainable, interoperable digital identity hubs for cross-border applications, the future of digital passports and the importance of encryption and multi-factor authentication (MFA) for securing sensitive data. The conversation also highlights the significance of thought leadership and maintaining a vendor-agnostic approach in identity security.