Podcasts about SSO

Identity, AI Agents, and the Session Token Time Bomb | Carey Frey (CSO, TELUS) on Cybersecurity Today In this Cybersecurity Today weekend edition, David Shipley interviews Carey Frey, Chief Security Officer at TELUS, about the evolution of identity security and why it's a growing risk in the age of generative and agentic AI. Frey recounts his career from Canada's Communications Security Establishment to leading TELUS's internal security and managed cybersecurity services, then explains how convenience-driven identity decisions led from PKI's unrealized promise to passwords, bearer/session tokens, and today's widespread session cookie theft. He describes lessons from TELUS's deployment of FIDO2 phishing-resistant tokens, the dangers of long-lived SSO tokens across SaaS ecosystems, and how agentic "auto-browse" could amplify harm via the "lethal trifecta" and ephemeral agents with poor auditability. Frey highlights the Syne/SignNet CISO Identity Handbook and calls for stronger cryptographic roots of trust, proof-based tokens, re-authentication across trust domains, and fine-grained delegation guardrails. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor Message 00:24 Weekend Edition Intro 00:32 Meet Carey Frey 02:07 Carey's Cyber Origin Story 03:47 Telus Security Two Hats 06:22 Identity's Broken Legacy 08:43 Why PKI Didn't Win 11:25 Passkeys Missed Moment 14:10 SSO Tokens Surprise 19:50 Session Theft Reality 23:18 Agentic AI Stakes 24:17 Building Identity Playbook 25:24 Identity Maturity Model 25:49 Fixing OAuth and SAML 27:00 Industry Call to Action 27:37 Where to Find the Handbook 28:06 Not a Vendor Pitch 30:13 Agentic AI Identity Gaps 31:30 Auto Browse Threat Scenario 33:12 Lethal Trifecta Explained 34:31 Ephemeral Agents and Forensics 37:08 Supply Chain Agent Malware 38:20 Crypto Roots of Trust 39:35 Proof Tokens and Reauth 40:17 Delegation Guardrails 42:34 Regulation or Market Forces 44:25 Practical Risk Decisions 46:20 Wrap Up and Next Resources 48:00 Sponsor and Closing Credits

Okta's Dan Hefley (https://www.linkedin.com/in/dan-hefley), Senior Product Manager for Device Access, explains how Platform SSO brings enterprise identity to the Mac. From day-zero Setup Assistant enrollment in macOS 26 to device bound SSO using secure enclave keys, Dan covers what IT teams need to know about deploying Platform SSO with Okta and Jamf. Dan shares his perspective as a former MDM admin turned identity product manager, discusses how device bound SSO prevents session hijacking with hardware-backed keys, and explains why the Shared Signals Framework between Okta and Jamf creates layered security. Hosts Josh Thornton and Kat Garbis explore what this means for organizations managing Apple fleets. 1:44 Meet Dan Hefley - Senior Product Manager at Okta 5:00 What Is Okta? Vendor-Neutral Identity Provider Overview 6:23 Why Identity and Device Security Go Hand in Hand 7:21 What Is Platform SSO? Native macOS Framework Defined 8:07 Evolution from Jamf Connect Basic to Platform SSO 9:15 Why Platform SSO Was 9:47 Platform SSO in Setup Assistant 10:08 Day-Zero Enrollment Flow - ABM to Jamf to Okta MFA 11:43 Solving Enrollment Friction with Separated Device and User Registration 12:18 Password Syncing Benefits 16:40 How Device Bound SSO Prevents Session Hijacking 17:53 Identity Threat Protection and Continuous Authentication 18:06 Shared Signals Framework - Okta and Jamf Working Together 20:40 Okta FastPass and Passwordless Authentication on Mac 21:20 Device Bound SSO Completes the Day-Zero Story 22:30 Getting Started - Requirements and Deployment Considerations 26:26 Okta's Platform SSO Roadmap and Future Direction 27:43 Key Takeaway - Identity and Device Teams Belong in the Same Room RESOURCES: - Mac Admins Slack - Platform SSO Channel: https://macadmins.slack.com - IAMSE Blog - Okta Integration Guides: https://iamse.blog - Jamf Learning Hub: https://learn.jamf.com/ - Jamf and Okta integrations: https://www.jamf.com/integrations/okta/ Subscribe for Apple device management and security insights WHO THIS IS FOR: IT administrators and security teams managing Mac fleets in enterprise environments. Relevant if you're evaluating Platform SSO with Okta, migrating from Jamf Connect Basic, or planning identity integration for zero-touch Mac deployment. #Okta #Jamf #macossecurity #AppleSecurity #DeviceBoundSSO #macOS #IdentityManagement #PlatformSSO #ZeroTouchDeployment #JamfAfterDark #EnterpriseSecurity #MacAdmin #TrustedAccess #podcast

In this episode host Carolyn Woodard is joined by Norwin Herrera, IT Business Manager and Team Lead at Community IT. Together, they walk through a real-world case study of a public charter school that implemented a Single Sign-On (SSO) platform called Clever that can solve cybersecurity and accessibility challenges for adult or child students.Strategic IT Leadership for NonprofitsUnlike a traditional account manager, an IT Business Manager (ITBM) acts as a strategic partner, helping nonprofit leadership understand the technology landscape and make informed decisions that align with their mission. The ITBM role is unique to Community IT and is an example of a commitment to partnering with clients over the long term.In this case, the goal was to find a SSO solution that could handle a complex mix of Chromebooks and Windows devices while remaining user-friendly for both adult students and faculty.The Power of Single Sign-OnSSO acts as one door for all of your doors. By using Clever as an identity manager, the organization was able to:Enhance Cybersecurity: Centralizing access allows for immediate offboarding. If a student or staff member leaves, closing one account automatically secures access to all others, prevents fraud, and saves money.Automate User Provisioning: Through zero intervention integration with the Student Information System (SIS), accounts are created or deactivated automatically based on enrollment status.Improve User Experience: Students no longer need to remember multiple different passwords for Google, Microsoft, Zoom, and Slack for example. One password provides access to all the apps they have access to as a student using a school device.Reduce Administrative Costs: Norwin breaks down the ROI of SSO, comparing a small per-user fee against the hundreds of hours of manual labor required to manage accounts individually.Change Management and Successful ImplementationA successful IT project is about more than just software; it is about people. Norwin explains why this project resulted in zero tickets and no complaints: it started with leadership buy-in and a commitment to clear communication.Whether you are an executive at a school or a volunteer board member at a community nonprofit, this episode offers practical insights into how integrated cybersecurity and strategic IT planning can save your organization time and money.Listen in to learn how your organization can move toward a more secure and efficient digital future by subscribing to the Community IT Innovators Technology Topics podcast. _______________________________Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.

On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They cover: Palo Alto threat researchers want to attribute to China, but management says shush An increasing proportion of ransomware is data extortion. Is this good? Cambodia says it's going to dismantle scam compounds CISA sufferers through yet another shutdown Google Gemini's training secrets are being systematically harvested to improve other LLMs Academics assess SaaS password managers' resilience against a malicious server This episode is sponsored by SSO-firewall integration vendor Knocknoc. Chief exec Adam Pointon joins to talk about the latest in defences… which is to say Knocknoc for Solaris/Sparc and HPUX on PA-RISC?! Okay also that other little known OS… Windows. This episode is also available on Youtube. Show notes Data-only extortion grows as ransomware gangs seek better profits | Cybersecurity Dive Arctic Wolf Threat Report 2026 Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say Risky Bulletin: Cambodia promises to dismantle scam networks by April - Risky Business Media Age of the ‘scam state': how an illicit, multibillion-dollar industry has taken root in south-east Asia | Cybercrime | The Guardian Critical flaw in BeyondTrust Remote Support sees early signs of exploitation | Cybersecurity Dive CISA Navigates DHS Shutdown With Reduced Staff - SecurityWeek Kimwolf Botnet Swamps Anonymity Network I2P – Krebs on Security BADIIS to the Bone: New Insights to a Global SEO Poisoning Campaign — Elastic Security Labs Over 500,000 VKontakte accounts hijacked through malicious Chrome extensions | The Record from Recorded Future News Password managers' promise that they can't see your vaults isn't always true - Ars Technica Zero Knowledge (About) Encryption: A Comparative Security Analysis of Three Cloud-based Password Managers Google finds state-sponsored hackers use AI at 'all stages' of attack cycle | CyberScoop Google: Gemini hit with 100,000+ prompts in cloning attempt Proofpoint acquires Acuvity to tackle the security risks of agentic AI | CyberScoop Cisco Redefines Security for the Agentic Era with AI Defense Expansion and AI-Aware SASE Sophos Acquires Arco Cyber to Bring CISO-Level, Agentic AI-Powered Expertise to Every Organization Dave Kennedy on X: "Regarding this, there was a couple questions on does the pacemaker continue to advertise - most BLE implantable devices go into a sleep type mode. In this case, we are lucky - it does not. We know based on law enforcement answers that she is using a more modern pacemaker with" / X Clash Report on X: "BIG: Dutch Defence Minister Gijs Tuinman hints that software independence is possible for F-35 jets. He literally said you can “jailbreak” an F-35. When asked if Europe can modify it without US approval: “That's not the point… we'll see whether the Americans will show https://t.co/f11cGvtYsO" / X Dutch police arrest man who refused to delete confidential files shared by mistake | The Record from Recorded Future News

China Government Turns APPS into SPY Tools | Ex FBI Agent Explainsew Episode

Sumbits is back. MBA experts Sean Cawby, Eric Schaitel, and Ryan Cockrem sit down (this time with coffee-instead-of-whiskey energy) and catch up on what's been happening while the microphones were off, then get into what's new in PowerSchool since they last joined us. They talk AI (from skepticism to daily tool), the new UI and navigation, security and SSO, data dictionary changes, page permissions, development workflows - along with a few opinions on what's genuinely helpful versus what's just different. The beards might be a little more gray, but the commits are still green.Sumbits is brought to you by MBA. At MBA, we enhance the power of #PowerSchool with plugins, customizations and professional development, transforming your PowerSchool #SIS experience without creating more administrative overhead. Learn more at MBA-link.com

This week, while ⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) is out at a conference, hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are joined by friend of the show Michele Kellerman, as they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start with some follow-up on Joe's egg story, including his latest update and a brief detour into unexpected “big chicken news.” Joe's story is on a massive USDA loan fraud scheme where Nikesh Patel fabricated fake government-backed farm loans, duped investment firms out of hundreds of millions of dollars, and continued running similar scams under aliases and even from prison, ultimately earning decades more in sentencing. Michele's story is on a breaking report about the ShinyHunters group using targeted voice phishing and custom phishing kits to abuse Okta SSO, steal MFA credentials, and gain privileged access for data theft and extortion. Dave's story is on LastPass warning users about an active phishing campaign impersonating the company, designed to steal master passwords and potentially expose all credentials stored in affected vaults. Our catch of the day comes from the Reddit, where two people we're approached by scammers through text messaging and both dealt with their scammers in different ways. Resources and links to stories: Sticky Fingers: USDA Fraudster Steals $200M in Stunning Scam Formerly Married Couple Sentenced For Multi-Million Dollar Fraud Schemes A new wave of ‘vishing' attacks is breaking into SSO accounts in real time LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

In this episode of SurgOnc Today, Drs. Shelley Hwang and Mediget Teshome are joined by international leaders Drs. Wonshik Han and Jeong Eon Lee to reflect on key insights from the 2025 Global Breast Cancer Conference and look ahead to future directions. The conversation highlights evolving trends in breast cancer care, including surgical de-escalation, care of younger and premenopausal patients, emerging technologies, and opportunities for continued global collaboration between the SSO and partners across Asia.

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerability, using a non-working AI slop exploit https://isc.sans.edu/diary/Odd%20WebLogic%20Request.%20Possible%20CVE-2026-21962%20Exploit%20Attempt%20or%20AI%20Slop%3F/32662 Fortinet Patches are Rolling Out Fortinet is starting to roll out patches for the recent SSO vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-060 SolarWinds Web Helpdesk Vulnerability Another set of vulnerabilities in SolarWinds Web Helpdesk may result in unauthenticated system access https://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/

Automatic Script Execution In Visual Studio Code Visual Studio Code will read configuration files within the source code that may lead to code execution. https://isc.sans.edu/diary/Automatic%20Script%20Execution%20In%20Visual%20Studio%20Code/32644 Cisco Unified Communications Products Remote Code Execution Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b Zoom Vulnerability A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to execute remote code on the MMR via network access. https://www.zoom.com/en/trust/security-bulletin/zsb-26001/ Possible new SSO Exploit (CVE-2025-59718) on 7.4.9 https://www.reddit.com/r/fortinet/comments/1qibdcb/possible_new_sso_exploit_cve202559718_on_749/ SANS SOC Survey The 2026 SOC Survey is open, and we need your input to create a meaningful report. Please share your experience so we can advocate for what actually works in the trenches. https://survey.sans.org/jfe/form/SV_3ViqWZgWnfQAzkO?is=socsurveystormcenter

Italijanski senat, zgornji dom parlamenta, je z veliko večino odobril reformo deželnega statuta Furlanije – Julijske krajine, ki uvaja t.i. širše lokalne uprave in s tem vrača pred desetimi leti ukinjene pokrajine. Spremembo deželnega statuta je novembra lani podprl že spodnji dom parlamenta. Reformo je predlagala vladajoča desna koalicija. Deželni svetnik stranke Slovenska skupnost (SSk) Marko Pisani je ocenil, da se je z ukinitvijo pokrajin zmanjšala možnost za aktivno soupravljanje območja, na katerem živi slovenska manjšina. Svet slovenskih organizacij SSO izraža zadovoljstvo ob ponovni ustanovitvi pokrajin v Furlaniji-Julijski krajini. Predsednik Walter Bandelj meni, da gre za velik dosežek za Slovence v Italiji ter za pomembno pridobitev, zlasti za manjše občine na obmejnem območju.

In this series "evidence today and tomorrow", the HPB disease site working group of the SSO explores current gaps in HPB surgical oncology, highlighting existing evidence and ongoing work aimed at filling those gaps. In this episode, Drs. Julie Hallet and Patricio Polanco, chair and vice-chair of the HPB disease site working group are joined by Drs. Ajay Maker, Rebecca Snyder, and Giovanni Marchegiani to review evidence in the management of pancreatic cystic neoplasms.

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

Conversation with Spokane Symphony Principal Bassoonist Lynne Feller-Marshall and Principal Horn Clinton Webb about the next SSO chamber concert.

Discussion of the next SSO concert

Die aktuelle Protestwelle ist die heftigste seit Jahren. Der deutsche Kanzler glaubt, dass die Mullahs am Ende sind. Es seien »die letzten Tage und Wochen«. Gut möglich, dass er sich irrt. Hunderttausende protestieren in mehreren Städten Irans gegen das Regime. Polizeifahrzeuge brennen, Sicherheitskräfte schießen scharf, Aktivisten sprechen von mehr als 2.500 Toten. Das Regime hat das Internet tagelang weitgehend abgeschaltet, auch Mobilfunk- und Festnetzdienste waren eingeschränkt. In dieser Ausgabe von »Acht Milliarden«, dem Auslandspodcast des SPIEGEL, spricht Host Juan Moreno mit dem SPIEGEL-Reporter Christoph Reuter. Er sieht die Lage nicht so optimistisch wie Kanzler Merz. Was müsste passieren, damit das Regime tatsächlich fällt? Und welche Rolle spielen dabei die knallharten ökonomischen Interessen der iranischen Eliten? Mehr zum Thema: (S+) »Sie töten die Menschen direkt vor ihrer Haustür«https://www.spiegel.de/ausland/iran-proteste-sie-toeten-die-menschen-direkt-vor-ihrer-haustuer-a-3026522e-1937-406e-9df3-1a616a8084c5 (S+) So könnte Trump Iran angreifen:https://www.spiegel.de/ausland/donald-trump-und-iran-so-koennte-der-us-praesident-das-regime-in-teheran-angreifen-a-055eea9d-39f7-4348-905d-c44e1af83f44 Abonniert »Acht Milliarden«, um die nächste Folge nicht zu verpassen. Wir freuen uns, wenn ihr den Podcast weiterempfehlt oder uns eine Bewertung hinterlasst.+++ Alle Infos zu unseren Werbepartnern finden Sie hier. Die SPIEGEL-Gruppe ist nicht für den Inhalt dieser Seite verantwortlich. +++ Den SPIEGEL-WhatsApp-Kanal finden Sie hier. Alle SPIEGEL Podcasts finden Sie hier. Mehr Hintergründe zum Thema erhalten Sie mit SPIEGEL+. Entdecken Sie die digitale Welt des SPIEGEL, unter spiegel.de/abonnieren finden Sie das passende Angebot. Informationen zu unserer Datenschutzerklärung.

In this episode of Reboot IT, host Dave Coriale sits down with Mike Robichaud, IT Director at the Brewers Association, to explore how his organization is embracing AI to enhance staff productivity and deliver greater value to members. Mike shares insights on their two-pronged AI strategy, internal adoption challenges, and how they're building trust and security around proprietary data. This conversation is packed with practical ideas for associations looking to move beyond AI experimentation and into meaningful implementation.Themes and Topics:Crafting an AI StrategyTwo-pronged approach: internal staff tools and member-facing AI agent. Focus on augmentation, not job replacement. Aligning AI initiatives with organizational goals and member success.Driving Staff Adoption71% of staff were already using AI before rollout; 66% used ChatGPT. Use cases include brainstorming, data analysis, and document creation. Idea-sharing through informal showcases to inspire broader adoption.Enhancing Member ValueAI agent trained on proprietary “BAMO” data for personalized support. Enables conversational access to complex resources like regulations. Goal: make finding information easier and more intuitive for members.Building Trust and SecurityStrong vetting of platforms for data privacy and compliance (GDPR, SOC 2). Clear boundaries: proprietary data stays internal and is not used to train external models. Legal review and communication plan to address staff concerns.Tools and Technology ChoicesInternal: ChatGPT Enterprise for staff workflows. Member-facing: Chatbase integrated with ChatGPT-5 for custom training. Features like SSO, connectors, and compliance were key selection criteria.Looking AheadSoft launch internally; member-facing tool in testing phase. Refining tone and personality of AI agent for better engagement. Marketing plans and use cases to drive member adoption.

Izvršni odbor Sveta slovenskih organizacij SSO je Walterja Bandlja znova izvolil za predsednika te krovne organizacije naše narodne skupnosti v Italiji. S tem je potrdil zaupanje v njegovo dosedanje delo - predsednik je že deset let in začrtano smer delovanja organizacije. Pod vodstvom Bandlja je SSO okrepil sodelovanje med slovenskimi organizacijami, zastopal njihove skupne interese ter prispeval k utrjevanju vloge slovenske skupnosti v širšem družbenem prostoru. Svet slovenskih organizacij bo letos praznoval 50-letnico. Povezuje ustanove, organizacije in društva, ki so se zgledovala po vrednotah slovenstva, krščanstva in demokracije

In this holiday-themed episode of The Identity Jedi Show, we delve into major developments in the identity security industry. Host David kicks things off with holiday greetings before diving into significant recent events, including a whopping $700 million series B funding, a billion-dollar acquisition, and an $11 billion buyout. He also emphasizes the importance of staying plugged into The Identity Jedi community. Later, David introduces special guest Lee Header for a no-holds-barred interview about the state of the identity and access management industry—discussing the persistent challenges and necessary improvements. David and Lee cover everything from the 'enterprise SSO tax' to the gaps in standards adoption, and the role of AI in the future of identity security. Don't miss this insightful and honest discussion, plus tips on how the industry can better serve both security experts and end-users. Stay tuned and let's make the most of this festive season!https://saviynt.com/press-release/saviynt-raises-700m-in-kkr-led-round-to-establish-identity-security-as-the-foundation-for-the-ai-erahttps://newsroom.ibm.com/2025-12-08-ibm-to-acquire-confluent-to-create-smart-data-platform-for-enterprise-generative-aihttps://veza.com/company/press-room/servicenow-to-expand-security-portfolio-with-acquisition-of-vezas-leading-ai-native-identity-security-platform/00:00 Holiday Greetings and Show Introduction00:24 Upcoming Topics Teaser01:55 Housekeeping and Announcements02:53 Big News in Identity Security06:37 IBM's Strategic Acquisition11:40 Interview with Lee Tschetetter14:37 Enterprise SSO Tax Discussion37:20 Exploring the Higher Ed Ecosystem38:26 The Role of Grad Students in Higher Ed Projects39:00 Shared Signals Framework and Its Importance39:38 Challenges in Information Sharing40:56 The Need for Human-Friendly Standards42:15 The Complexity of Security Standards49:58 Real-World Examples of Security Mishaps55:25 The Importance of User-Friendly Security01:09:47 The Future of Identity and Security01:11:47 Final Thoughts and Reflections

https://www.loginradius.com/Discover why managing customer access demands a completely different approach than employee access. This episode unpacks the differences between CIAM and IAM, revealing how security priorities, scalability needs, and user experience expectations diverge - plus practical guidance on selecting the right SSO provider. LoginRadius City: Vancouver Address: 450 SW Marine Drive, Floor 18 Website: https://www.loginradius.com/

Jack Harrington sits down with Tanner Linsley to talk about the evolution of TanStack and where it's headed next. They explore how early projects like React Query and React Table influenced the headless philosophy behind TanStack Router, why virtualized lists matter at scale, and what makes forms in React so challenging. Tanner breaks down TanStack Start and its client-first approach to SSR, routing, and data loading, and shares his perspective on React Server Components, modern authentication tradeoffs, and composable tooling. The episode wraps with a look at TanStack's roadmap and what it takes to sustainably maintain open source at scale. We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey (https://t.co/oKVAEXipxu)! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabeth.becz@logrocket.com (mailto:elizabeth.becz@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Check out our newsletter (https://blog.logrocket.com/the-replay-newsletter/)! https://blog.logrocket.com/the-replay-newsletter/ Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Chapters 01:00 – What is TanStack? Contributors, projects, and mission 02:05 – React Query vs React Table: TanStack's origins 03:10 – TanStack principles: headless, cross-platform, type safety 03:45 – TanStack Virtual and large list performance 05:00 – Forms, abandoned libraries, and lessons learned 06:00 – Why TanStack avoids building auth 07:30 – Auth complexity, SSO, and enterprise realities 08:45 – Partnerships with WorkOS, Clerk, Netlify, and Cloudflare 09:30 – Introducing TanStack Start 10:20 – Client-first architecture and React Router DNA 11:00 – Pages Router nostalgia and migration paths 12:00 – Loaders, data-only routes, and seamless navigation 13:20 – Why data-only mode is a hidden superpower 14:00 – Built-in SWR-style caching and perceived speed 15:20 – Loader footguns and server function boundaries 16:40 – Isomorphic execution model explained 18:00 – Gradual adoption: router → file routing → Start 19:10 – Learning from Remix, Next.js, and past frameworks 20:30 – Full-stack React before modern meta-frameworks 22:00 – Server functions, HTTP methods, and caching 23:30 – Simpler mental models vs server components 25:00 – Donut holes, cognitive load, and developer experience 26:30 – Staying pragmatic and close to real users 28:00 – When not to use TanStack (Shopify, WordPress, etc.) 29:30 – Marketing sites, CMS pain, and team evolution 31:30 – Scaling realities and backend tradeoffs 33:00 – Static vs dynamic apps and framework fit 35:00 – Astro + TanStack Start hybrid architectures 36:20 – Composability with Hono, tRPC, and Nitro 37:20 – Why TanStack Start is a request handler, not a platform 38:50 – TanStack AI announcement and roadmap 40:00 – TanStack DB explained 41:30 – Start 1.0 status and real-world adoption 42:40 – Devtools, Pacer, and upcoming libraries 43:50 – Sustainability, sponsorships, and supporting maintainers 45:30 – How companies and individuals can support TanStack Special Guest: Tanner Linsley.

Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvHeadlines say the talent shortage is easing, yet nearly half of UK businesses still lack basic cyber skills. That disconnect sets the stage for a frank, practical tour through what actually reduces risk—no buzzwords required. We open with real takeaways from the UK's international cyber skills initiatives and move quickly to the daily decisions that shape resilience: encryption in the cloud, least privilege by default, and how to keep role-based access control from collapsing under credential creep.We make the identity layer tangible. Single sign-on can simplify life and lower password reuse, but it also centralizes risk. We share how to counterbalance SSO with MFA, conditional access, and strong monitoring. Cloud-based IAM accelerates deployment and gives flexibility, yet brings ongoing costs and integration challenges with legacy systems; outsourcing introduces a loss of control that must be offset by airtight requirements, auditability, and vendor transparency. Phishing remains the most reliable social engineering vector, so security awareness training isn't optional—it's the routine that turns policy into behavior.Zero trust becomes manageable when you stop treating it like a switch and start treating it like a program. We outline a phased path: define protect surfaces, segment by sensitivity, apply continuous verification where the impact is highest, and expand deliberately. Vendor access deserves the same precision: NDAs for legal guardrails, least privilege for scope, monitoring for assurance, and scheduled reviews to remove stale permissions. Along the way, we talk mentorship, pro bono work, and competitions as concrete ways to grow talent while delivering real security outcomes.We also road-test your knowledge with a focused Domain 1.9 CISSP question set, reinforcing the core ideas with scenario-based reasoning. If you're preparing for the CISSP or leading a security program, you'll walk away with a clear playbook: encrypt by default, minimize access, verify continuously, and measure what matters. If this resonates, subscribe, share with a teammate, and leave a review so others can find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

In this episode, Todd and Jon discuss the latest AI agreements, updates to the Apple ecosystem (OS 26.2), and the history of PowerShell. The core discussion focuses on the "overcomplication issue" facing tech enthusiasts and offers hardware and software tips to simplify daily workflows. AI & Industry News Disney & OpenAI: The Walt Disney Company has reached an agreement to license characters to OpenAI's Sora. Google Labs: Todd joined the waitlist for "Google Disco," a tool that uses "GenTabs" to create interactive web apps and complete tasks using natural language without coding. Visual Podcasting: Todd discussed using "Nano Banana Pro" and Gemini to create visual whiteboard summaries for podcast notes. Apple OS 26.2 Updates watchOS 26.2: Features updates to Sleep Scores, which Jon notes can feel "judgmental" regarding sleep quality. iPadOS 26.2: Reintroduces multitasking features like slide over and enables "Auto Chapters" for podcasts. macOS 26.2: Introduces "Edge Light" (a virtual ring light for video calls) and "low latency clusters" for local AI development on M5 Macs. Tech History PowerShell Origins: Jeffrey Snover, creator of PowerShell, revealed in a blog post that "cmdlets" were originally named "Function Units" (FUs), reflecting the "Unix smart-ass culture" of the era. Discussion: Simplifying the Tech Stack The hosts discuss the tendency to overcomplicate setups, such as using Docker for RSS feeds or complex SSO for home use. They recommend the following simplifications: Hardware KableCARD: A credit-card-sized kit containing multiple adapters, a light, and a phone stand to replace carrying multiple cables. Presentation Remotes: Use a simple dedicated remote ($20–$30) or repurpose a Surface Pen via Bluetooth instead of relying on complex software solutions. Software Pythonista (iOS/macOS): Run simple local scripts (e.g., GPA calculators) rather than paying for dedicated subscription apps. Homebridge: A lighter-weight alternative to Home Assistant for connecting IoT devices (like Sonos) to Apple HomeKit. Troubleshooting Tip Pixel Tablet YouTube Glitch: If the YouTube app on the Pixel Tablet displays unusable, giant thumbnails, the fix is to clear both the app's cache and storage/memory.

News On The Flipside Trump new pole numbers more pic with Epstein seems democrats not thru digging there own graves . Aliens Are Probably Out There, NASA Scientist Says—But There's a Dreadful Reason They Never Call King Charles' Cancer Is Not in Remission, Palace Clarifies: Treatment Moving into ‘Precautionary Phase' Archaeologists Found a Lost Temple in the Sand That Solves a Major Historical Puzzle Christmas brawl erupts in wealthy Massachusetts enclave during holiday celebration McDonald's pulls controversial Christmas commercial within days of being uploaded: 'Offensive from every angle' Entire Russian column destroyed entering Pokrovsk North Korean armored vehicles appear on the Ukrainian frontline Giant 250,000-mile X-ray cloud found around 3i/Atlas, and experts admit they don't understand it yet Trump's signature tax laws could let millions of Americans pay $0 in federal income tax. Here's who can eliminate their 2025 bill completely US sides with Russia and North Korea on UN resolution Israel unleashes Iron Beam laser weapon NASA confirms comet 3I/ATLAS is speeding up in new data Giant structure discovered deep beneath Bermuda is unlike anything else on Earth Russia strikes ports of Odesa and Chornomorsk with ballistic missiles, Turkish cargo ship hit Something weird is orbiting Neptune - and it shouldn't be SSO and Russian partisans cripple two Russian military cargo vessels

Microsoft Patch Tuesday Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550 Adobe Patches Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon. https://helpx.adobe.com/security.html Ivanti Endpoint Manager Patches Ivanti patched four vulnerabilities in End Point Manager. https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024?language=en_US Fortinet FortiCloud SSO Vulnerability Due to a cryptographic vulnerability, Forinet s FortiCloud SSO authentication is bypassable. https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ruby-saml vulnerability Ruby fixed a vulnerability in ruby-saml. The issue is due to an incomplete patch for another vulnerability a few months ago. https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-9v8j-x534-2fx3

In this episode, Dr. Jeffrey E. Gershenwald discusses the critical role surgical oncologists play in advancing evidence-based public policy. Using the FDA's black-box warning on indoor tanning for minors as a case study, Dr. Gershenwald highlights the science behind melanoma risk in adolescents and why advocacy is essential to protecting the next generation. Tune in to explore how policy action, prevention, and oncology expertise intersect, and why your voice as an SSO member matters beyond the operating room.

We weigh the promise and peril of the AI agent economy, pressing into how overprovisioned non-human identities, shadow AI, and SaaS integrations expand risk while go-to-market teams push for speed. A CMO and a CFO align on governance-first pilots, PLG trials, buyer groups, and the adoption metrics that sustain value beyond the sale.• AI adoption surge matched by adversary AI• Overprovisioned agents and shadow AI in SaaS• Governance thresholds before budget scale• PLG trials, sandbox, and POV sequencing• Visualization to reach the aha moment• Buying groups, ICP, and economic buyer alignment• Post‑sales usage, QBRs, NRR and churn signals• Zero trust limits and non-human identities• Breach disclosures as industry standards• Co-sourcing MSSP with in-house oversightSecurity isn't slowing AI down; it's the unlock that makes enterprise AI valuable. We dive into the AI agent economy with a CMO and a CFO who meet in the messy middle. The result is a practical blueprint for moving from hype to governed production without killing momentum.We start by mapping where controls fail: once users pass SSO and MFA, agents often operate beyond traditional identity and network guardrails. That's how prompts pull sensitive deal data across Salesforce and Gmail, and how third‑party API links expand the attack surface. From there, we lay out an adoption sequence that balances trust and speed. Think frictionless free trials and sandboxes that reach an immediate “aha” visualization of shadow AI and permissions, then progress to a scoped POV inside the customer's environment with clear policies and measurable outcomes. Along the way, we detail the buying group: economic buyers who sign and practitioners who live in the UI, plus the finance lens that sets pilot capital, milestones, and time-to-value expectations.We also challenge sacred cows. Zero trust is essential, but attackers increasingly log in with valid credentials and pivot through integrations, so verification must include non-human identities and agent-to-agent controls. Breach disclosures, far from being a greater threat than breaches, are foundational to ecosystem trust and faster remediation. And while MSSPs add critical scale, co-sourcing—retaining strategic oversight and compliance ownership—keeps accountability inside. If you care about ICP, PLG motions, PQLs, NRR, or simply reducing AI risk while driving growth, this conversation turns buzzwords into a playbook you can run.Vamshi Sriperumbudur: https://www.linkedin.com/in/vamsriVamshi Sriperumbudur was recently the CMO for Prisma SASE at Palo Alto Networks, where he led a complete marketing transformation, driving an impact of $1.3 billion in ARR in 2025 (up 35%) and establishing it as the platform leader.  Chithra Rajagopalan - https://www.linkedin.com/in/chithra-rajagopalan-mba/Chithra Rajagopalan is the Head of Finance at Obsidian Security and former Head of Finance at Glue, and she is recognized as a leader in scaling businesses. Chithra is also an Investor and Advisory Board member for Campfire, serving as the President and Treasurer of Blossom Projects.Website: https://www.position2.com/podcast/Rajiv Parikh: https://www.linkedin.com/in/rajivparikh/Sandeep Parikh: https://www.instagram.com/sandeepparikh/Email us with any feedback for the show: sparkofages.podcast@position2.com

Michael Assraf is building Flamingo, an open-source and AI-powered operating system for managed service providers. After exiting Vicarious in May 2024, he spent seven months on market research before writing a single line of code—conducting 15+ MSP interviews, mapping their complete tool stack economics, and testing distribution channels with a free community product. The research revealed a structural margin crisis: MSPs operate on 10-15% margins with 30% of revenue flowing to vendor payouts and 25-30% to technician labor. Meanwhile, private equity consolidation drives customer pricing down while legacy vendors raise prices. Michael closed a $2.2 million pre-seed in February 2025, built OpenMSP as a lead-gen vehicle that generated 1,000+ waitlist signups, and launched Open Frame with 70% of capital still in the bank. In this launch-day conversation, he breaks down why the $380 billion MSP market remains massively underinvested, how Facebook ads outperformed LinkedIn 5:1, and why he's giving away the core product while charging for hosted deployment. Topics Discussed: The seven-month research phase: 15+ MSP interviews, mapping 19 tool categories with pricing data, evaluating open source project maturity through commit frequency and VC backing MSP margin compression mechanics: 30% vendor payouts, 25-30% labor costs, 10-15% net margins being crushed by PE-driven consolidation and vendor price increases Building OpenMSP as distribution validation: four months before alpha, generated 1,000 waitlist signups and 200 Slack members while testing paid acquisition channels Why Facebook delivered 40%+ of leads at $6-8 CPL while outbound completely failed with IT-busy MSPs aged 25-50 in central US markets Launching with 70% of $2.2M pre-seed still in bank by solving for distribution and product-market fit before scaling headcount Open Frame's architecture: unified control plane over open source tools (RMM, SSO, zero trust) with dual AI agents—one for end users, one for technicians Offering both self-hosted (free, GitHub) and commercial SaaS (per-seat pricing starting January 2026) to build trust in an underserved market The MSP category opportunity: $380B market, 12% annual growth, 30-40K US MSPs, minimal VC-backed innovation against 20-year-old incumbents GTM Lessons For B2B Founders: Build lead-gen infrastructure before you have a product to sell: Four months before launching Open Frame, Michael shipped OpenMSP—a free tool that analyzes MSP tech stacks and suggests open source replacements. It wasn't a waitlist landing page; it delivered standalone value while capturing intent data. This generated 1,000 qualified signups and 200 Slack community members while simultaneously validating paid acquisition channels. By launch, he knew Facebook cost $6-8 per lead while outbound failed completely. Most founders build product first, then scramble for distribution. Michael inverted the sequence. Fire fast on sales hires in early stage, or don't hire them at all: Michael fired three VP Sales at Vicarious before learning the lesson: "The moment to bring salespeople is not when you are able to sell your product, is when someone else is able to sell your product." The critical test isn't whether the founder can close deals—founders sell vision and relationship. The test is whether a marketing person, SDR, or non-sales hire can generate revenue. Only then do salespeople accelerate an already-working motion. Hiring VP Sales at $50K ARR because the board wants "someone to own revenue" burns 12+ months and $200K+ learning this. Spend 6-12 months researching before building in unfamiliar markets: Michael conducted 15+ MSP interviews, mapped all 19 tool categories they use with pricing, evaluated open source alternatives by analyzing GitHub commit frequency and pull requests, identified which projects had VC backing for long-term viability, and tested multiple marketing channels before alpha deployment. This allowed him to launch with product-market fit indicators already validated and 70% of his $2.2M still in the bank. The alternative—build fast, iterate with customers—works when you deeply understand the market. When you don't, research is cheaper than pivots. Target categories where lack of innovation creates adoption momentum: MSPs represent 30-40K companies in the US alone, part of a $380B global market growing 12% annually. Yet VCs historically avoided the space assuming low ACV and high churn. The dominant platforms—ConnectWise, Datto, Asea—have existed 20+ years with minimal AI adoption or architectural modernization. Michael specifically chose MSPs because "in cyber security you would never get traction that we're getting right now unless you're spending millions of dollars." In crowded categories, distribution cost kills you. In starved categories, any credible innovation gets attention. Architect your product so adoption mechanically improves customer unit economics: Open Frame attacks both sides of MSP margin compression simultaneously. The open source tool suite eliminates the 30% of revenue paid to commercial vendors. The dual AI agent system (end-user self-service + technician orchestration) reduces the 25-30% spent on labor. Michael didn't find a problem and then figure out monetization—he reverse-engineered a solution where product adoption directly expands customer margins. When your product makes customers structurally more profitable, adoption isn't a marketing problem. // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co   //   Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here: https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

At the Crexendo UGM, Mike Somers, Founder and COO of Beetexting, sat down with Doug Green, Publisher of Technology Reseller News, to discuss Beetexting's newest integrations and AI innovations for compliance and customer engagement. Beetexting provides a corporate texting platform designed to help teams move beyond email, offering shared inboxes, automation, and collaboration features that streamline customer communication. “We built Beetexting to help teams communicate faster and more effectively,” said Somers. “It's about enabling businesses to connect with their customers in a modern, compliant way.” At the Crexendo UGM, Somers announced that Beetexting has launched a direct integration with NetSapiens, making it easier for Crexendo resellers to provision and manage accounts. “Partners can now log in via SSO, set up accounts, and monitor onboarding success—all within a unified dashboard,” he explained. Somers also revealed a new partnership with Phone.com and several AI-driven tools that address one of the industry's biggest challenges: 10DLC compliance. Beetexting's TCR Agent uses conversational AI to guide businesses through the 10DLC registration process in minutes, while its AI-powered Compliance Agents monitor outgoing messages to ensure adherence to company policies and regulations, including FINRA and HIPAA. “The Compliance Agent is like a hall monitor for messaging,” Somers said. “It helps users stay compliant in real time, prevents issues before they happen, and continuously learns company-specific policies.” With Beetexting's innovations, resellers and service providers can deliver a fully white-labeled, compliant business texting solution that adds measurable value to their communications offerings. To learn more about Beetexting, visit www.beetexting.com.

In this episode, Eric and Brian kick off the week with a look at the SPX options market, recent price action, and key gamma levels heading into FOMC week. Eric recaps his recent put credit spread trades from Alpha Crunching, discusses how he's managing new positions into record highs, and explains how he's balancing bullish exposure with call credit spreads and discretionary hedges. The conversation also covers upcoming events—including major tech earnings from Apple, Microsoft, and Google—and how they might influence market sentiment.Brian shares a practical example of a LEAPS diagonal trade on AVGO that's been profitable even without much price movement, illustrating how selling weekly calls can generate consistent income against a long-dated call. The two also discuss covered call timing, hedging approaches, and using instruments like SSO to gain leveraged exposure with less capital.

In this sponsored podcast Patrick Gray chats with Knocknoc CEO Adam Pointon about why true Zero Trust architectures never really got there. Spinning up ZTNA access to core applications and slapping SSO prompts on everything else is great, but if we're honest, it's not really Zero Trust. So, how and why did we get here? Show notes

Mukund Jha is CEO of Emergent, an agentic vibe-coding platform. They've raised $23M from Lightspeed, Y Combinator, Together Fund, and Prosus. He was previously the cofounder and CTO of Dunzo, a hugely popular ecommerce company in India.Mukund's favorite books: The Hard Thing About Hard Things (Author: Ben Horowitz)(00:01) Intro(00:07) State of vibe-coding and where we are today(01:42) Emergent in plain English: what the product delivers(03:07) From prototype to traction: the first 90 days(06:03) What changed in the last 24 months (models + infra)(08:13) Early infra bets that enabled speed(12:07) Precision vs. control: editing and debugging without code(14:21) One-click to production: the unglamorous infra behind it(15:55) Points of failure across prompt → plan → code → test → deploy(17:53) Models division of labor: planning, codegen, tests, commits(20:05) What “reasoning” means and how they evaluate it(22:13) Context & memory strategy (beyond naive RAG)(24:22) Representing large codebases so agents don't hallucinate structure(27:03) Orchestration walkthrough: adding SSO end-to-end(29:40) Agent coordination protocols (how agents talk)(31:05) Debugging long-running agents and trace observability(32:37) Company-building lessons from Dunzo to Emergent(36:10) Philosophy: offloading decisions to models(36:57) Rapid Fire Round--------Where to find Mukund Jha: LinkedIn: https://www.linkedin.com/in/mukund-jha-a1596413/--------Where to find Prateek Joshi: Newsletter: https://prateekjoshi.substack.com Website: https://prateekj.com LinkedIn: https://www.linkedin.com/in/prateek-joshi-infiniteX: https://x.com/prateekvjoshi 

Send us a textArt Poghosyan shares his journey from IT security consultant to CEO of Britive, a cloud-native identity and access management company. His experience during economic downturns shaped his understanding of how cybersecurity services remain resilient through various market cycles.• Started in IT security right after completing a master's in technology risk management• Worked with early IAM solutions including LDAP directories, SSO, and authentication systems• Founded Advanced Technology Solutions focusing on IAM implementation services• Identified growing challenges with traditional IAM solutions in cloud environments• Created Britive to address cloud-native identity management challenges• Witnessed explosion of machine identities in cloud environments creating security risks• Now focused on securing new identity types including AI and agentic identities• Cybersecurity consulting proves relatively recession-proof as security needs persist in both growth and contraction• Capital One AWS breach highlighted risks of excessive privileges in cloud environments• Current focus includes securing agent-to-agent interactions in AI systemsConnect with Art on LinkedIn or email him at art@britive.com to learn more about Britive's solutions for cloud and AI identity challenges. 

This week on The Business of Open Source, I spoke to Or Weis, the CEO and co-founder of Permit.io. Or is a serial entrepreneur who has had a long career in developer tools. We talked about Permit's relationship with open source, including of course the open source projects that they create and maintain. One thing to note is that none of Permit's open source projects are branded as “Permit.” They are all separate from the permit.io brand. On the other hand, Or talked about the essential balancing act for open source companies… figuring out the balance between what goes in the open source project and what goes in the commercial offering. “Companies that get it wrong die, and companies that get it right end up flourishing,” he said. Or Weiss has a theory about open source businesses that he calls ‘open foundations.' He thinks that this model is better than open core — to be honest I think open foundations is a type of open core, but I think that Or's argument about how to do open core are fundamentally correct. Permit's primary open source project is OPAL, and the way that Or puts it is that Permit uses OPAL, but it is not OPAL. The two pieces of software are different and have different value propositions. He also talked about how important it is for everyone to understand what features belong in the project and what belongs in the product… by ‘everyone' he means product managers in your team but also members of the open source community. We also talked about how you have to have a moat for your product, and especially with AI coding tools a lot of models do not have a moat anymore. Which is why he doesn't think that just SSO and a fancy UI are enough of a difference between project and product anymore. If you are interested in having more conversations about building open source businesses, join us next May in Paris at Open Source Founders Summit! 

Dr. Kathleen Horst, Dr. Rachel Jimenez, and Dr. Yara Abdou discuss the updated guideline from ASTRO, ASCO, and SSO on postmastectomy radiation therapy. They share new and updated recommendations on topics including PMRT after upfront surgery, PMRT after neoadjuvant systemic therapy, dose and fractionation schedules, and delivery techniques. They comment on the importance of a multidisciplinary approach and providing personalized care based on individual patient characteristics. Finally, they review ongoing research that may impact these evidence-based guidelines in the future. Read the full guideline, “Postmastectomy Radiation Therapy: An ASTRO-ASCO-SSO Clinical Practice Guideline” at www.asco.org/breast-cancer-guidelines" TRANSCRIPT This guideline, clinical tools, and resources are available at www.asco.org/breast-cancer-guidelines. Read the full text of the guideline and review authors' disclosures of potential conflicts of interest in the Journal of Clinical Oncology, https://ascopubs.org/doi/10.1200/JCO-25-01747  Brittany Harvey: Hello and welcome to the ASCO Guidelines podcast, one of ASCO's podcasts delivering timely information to keep you up to date on the latest changes, challenges, and advances in oncology. You can find all the shows, including this one, at asco.org/podcasts. My name is Brittany Harvey, and today I am interviewing Dr. Kathleen Horst, expert panel chair from Stanford University; Dr. Rachel Jimenez, expert panel vice chair from Massachusetts General Hospital; and Dr. Yara Abdou, ASCO representative from the University of North Carolina, authors on "Postmastectomy Radiation Therapy: An American Society for Radiation Oncology, American Society of Clinical Oncology, and Society of Surgical Oncology Clinical Practice Guideline." Thank you for being here today, Dr. Horst, Dr. Jimenez, and Dr. Abdou. Dr. Kathleen Horst: Thank you for having us. Brittany Harvey: And then just before we discuss this guideline, I would like to note that ASCO takes great care in the development of its guidelines and ensuring that the ASCO conflict of interest policy is followed for each guideline. The disclosures of potential conflicts of interest for the guideline panel, including Dr. Horst, Dr. Jimenez, and Dr. Abdou who have joined us here today, are available online with the publication of the guideline in the Journal of Clinical Oncology, which is linked in the show notes. Then to dive into the content that we are here today to talk about, Dr. Horst, could you start us off by describing what prompted the update for this joint guideline between ASTRO, ASCO, and SSO, and what is the scope of this 2025 guideline on postmastectomy radiation therapy? Dr. Kathleen Horst: Thank you. This joint guideline was last updated in 2016. Over the past decade, the treatment of breast cancer has evolved substantially. Newer systemic therapy regimens have increasingly personalized treatment based on tumor biology, and local therapy management has explored both the de-escalation of axillary surgery and more abbreviated courses of radiation therapy. Given these advances, it was important to revisit the role of postmastectomy radiotherapy in this modern era of breast cancer therapy. This updated guideline addresses four key questions, including postmastectomy radiation therapy after upfront surgery as well as after neoadjuvant systemic therapy. It also reviews the evolving role of various dose and fractionation schedules and optimal treatment techniques and dose constraints. Brittany Harvey: Excellent. I appreciate that background, Dr. Horst. So then, next, Dr. Jimenez, I would like to review the recommendations of this guideline across those four key questions that Dr. Horst just mentioned. So first, what does the panel recommend for PMRT for patients who received initial treatment with mastectomy? Dr. Rachel Jimenez: The panel provided pretty strong consensus that patients with positive lymph nodes or patients with large tumors involving the skin or the chest wall should receive postmastectomy radiation. However, the panel also recognized that the omission of postmastectomy radiation may be appropriate for select patients who have positive lymph nodes and have an axillary lymph node dissection if they have a low nodal burden and other favorable clinical or pathologic features. For patients without lymph node involvement at the time of surgery and no involvement of the skin or chest wall, postmastectomy radiation was not advised by the panel. Brittany Harvey: Understood. It is helpful to understand those recommendations for that patient population. Following that, Dr. Abdou, what are the key recommendations for PMRT for patients who received neoadjuvant systemic therapy before mastectomy? Dr. Yara Abdou: When we think about PMRT after neoadjuvant treatment, the key point is that the initial stage of presentation still matters a lot. So for example, if a patient comes in with more advanced disease, say a large primary tumor, like a clinical T4, or more extensive nodal disease, like an N2 or N3 disease, those patients should get PMRT, no matter how well they respond to neoadjuvant therapy, because we know it reduces the risk of recurrence and that has been shown pretty consistently. On the other hand, if there are still positive lymph nodes after neoadjuvant treatment, basically residual nodal disease, PMRT is also strongly recommended because the risk of local-regional recurrence is much higher in that setting. The gray area is the group of patients who start with a lower burden of nodal disease, such as N1 disease, but then become node negative at surgery. For those patients, we tend to individualize the decision. So if the patient is young or has triple-negative disease, or if there is a lot of residual disease in the breast even though the nodes are cleared, then radiation is probably helpful. But if everything has melted away with pCR in both the breast and the nodes, then it may be safe to omit PMRT in those patients. For patients with smaller tumors and no nodal involvement to begin with, like a clinical T1-T2 N0, if they are still node negative after neoadjuvant treatment, then PMRT is generally not recommended because their baseline recurrence risk is low. And finally, if the margins are positive and cannot be re-excised, then PMRT is recommended after neoadjuvant therapy. Brittany Harvey: Yes, those distinctions are important for appropriate patient selection. So then, Dr. Horst, we have just reviewed the indications for PMRT, but for those patients who receive PMRT, what are the appropriate treatment volumes and dose fractionation regimens? Dr. Kathleen Horst: The guideline addresses coverage of the chest wall and regional nodes with a specific discussion of the data regarding internal mammary nodal irradiation, which has been an area of controversy over many years. The guideline also reviews the data exploring moderate hypofractionation, or shorter courses of radiation therapy. The task force recommends utilizing moderate hypofractionation for the majority of women requiring postmastectomy radiation, which is likely to have a large impact on clinical practice. This recommendation is based on the evolving data demonstrating that a 3-week course of radiotherapy after mastectomy provides similar oncologic outcomes and minimal toxicity for most patients compared to the standard 5-week treatment course. Brittany Harvey: Thank you for reviewing that set of recommendations as well. So then, Dr. Jimenez, to wrap us up on the key questions here, what delivery techniques are recommended for treating patients who receive PMRT? Dr. Rachel Jimenez: So this portion of the guideline is likely to be most helpful for radiation oncologists because it represents the most technical part of the guideline, but we do believe that it offers some important guidance that has, to this point, been lacking in the postmastectomy radiation setting. So first, the panel recommends that all patients should undergo 3-dimensional radiation planning using CAT scan based imaging, and this includes contouring. So contouring refers to the explicit identification, using a drawing interface on the CAT scan imaging, by the radiation oncologist to identify the areas that are targeted to receive radiation, as well as all of the nearby normal tissues that could receive unintended radiation exposure. And we also provide radiation oncologists in the guideline with suggestions about how much dose each target tissue should receive and what the dose limits should be for normal tissues. Additionally, we make some recommendations regarding the manner in which radiation is delivered. So for example, we advise that when conventional radiation methods are not sufficient for covering the areas of the body that are still at risk for cancer, or where too high of a dose of radiation would be anticipated to a normal part of the body, that providers employ a technique called intensity modulated radiation therapy, or IMRT. And if IMRT is going to be used, we also advise regular 3-dimensional imaging assessments of the patient's body relative to the treatment machine to ensure treatment fidelity. When the treatments are delivered, we further advise using a deep inspiration breath-hold technique, which lowers the exposure to the heart and to the lungs when there is concern for cardiopulmonary radiation exposure, and again, that image guidance be used along with real-time monitoring of the patient's anatomy when those techniques are employed. And then finally, we advise that patients receiving postmastectomy radiation utilize a bolus, or a synthetic substance placed on the patient's skin to enhance radiation dose to the superficial tissue, only when there is involvement of the skin with cancer or other high-risk features of the cancer, but not for every patient who receives postmastectomy radiation. Brittany Harvey: Understood. And then, yes, you just mentioned that section of the guideline is probably most helpful for radiation oncologists, but I think you can all comment on this next question. What should all clinicians, including radiation oncologists, surgical oncologists, medical oncologists, and other oncologic professionals, know as they implement all of these updated recommendations? Dr. Rachel Jimenez: So I think one of the things that is most important when we consider postmastectomy radiation and making recommendations is that this is a multidisciplinary panel and that we would expect and encourage our colleagues, as they interpret the guidelines, to employ a multidisciplinary approach when they are discussing each individual patient with their surgical and medical oncology colleagues, that there is no one size fits all. So these guidelines are intended to provide some general guidance around the most appropriate techniques and approaches and recommendations for the utilization of postmastectomy radiation, but that we recognize that all of these recommendations should be individualized for patients and also represent somewhat of a moving target as additional studies, both in the surgical and radiation oncology realm as well as in the systemic therapy realm, enter our milieu, we have to adjust those recommendations accordingly. Dr. Kathleen Horst: Yeah, I would agree, and I wanted to comment as a radiation oncologist, we recognize that local-regional considerations are intertwined with systemic therapy considerations. So as the data evolve, it is critical to have these ongoing updates in a cross-disciplinary manner to ensure optimal care for our patients. And as Dr. Jimenez mentioned, these multidisciplinary discussions are critical for all of us to continue to learn and understand the evolving recommendations across disciplines but also to individualize them according to individual patients. Dr. Yara Abdou: I could not agree more. I think from a medical oncology perspective, systemic therapy has gotten much better with adjuvant CDK4/6 inhibitors, T-DM1, capecitabine, and immune therapy. So these are all newer adjuvant therapies, so the baseline recurrence risks are lower than what they were in the trials that established PMRT. So the absolute benefit of radiation varies more now, so smaller for favorable biology but still relevant in aggressive subtypes or with residual disease. So it is definitely not a one-size-fits-all. Brittany Harvey: Yes, I think it is important that you have all highlighted that multidisciplinary approach and having individualized, patient-centric care. So then, expanding on that just a little bit, Dr. Abdou, how will these guideline recommendations affect patients with breast cancer? Dr. Yara Abdou: So basically, reiterating what we just talked about, these guidelines really move us towards personalized care. So for patients at higher risk, so those with larger tumors, multiple positive nodes, or residual nodal disease after neoadjuvant therapy, PMRT remains essential, consistently lowering local-regional recurrence and improving survival. But for patients at intermediate or lower risk, the recommendations support a more selective approach. So instead of a blanket rule, we now integrate tumor biology, response to systemic therapy, and individual patient factors to decide when PMRT adds meaningful benefit. So the impact for patients is really important because those at high risk continue to get the survival advantage of radiation while others can be spared the unnecessary treatment and side effects. So in short, we are aligning PMRT with modern systemic therapy and biology, making sure each patient receives the right treatment for their situation. Brittany Harvey: Absolutely. Individualizing treatment to every patient will make sure that everyone can achieve the best outcomes as possible. So then, Dr. Jimenez, to wrap us up, I believe Dr. Horst mentioned earlier that data continues to evolve in this field. So in your opinion, what are the outstanding questions regarding the use of PMRT and what are you looking to for the future of research in this space? Dr. Rachel Jimenez: So there are a number of randomized phase III clinical trials that are either in active accrual or that have reported but not yet published that are exploring further de-escalation of postmastectomy radiation and of axillary surgery. And so we do not yet have sufficient data to understand how those two pieces of information integrate with each other. So for example, if you have a patient who has a positive lymph node at the time of diagnosis and forgoes axillary surgery aside from a sentinel lymph node biopsy, we do not yet know that we can also safely forgo radiation entirely in that setting. So we expect that future studies are going to address these questions and understand when it is appropriate to simultaneously de-escalate surgery and radiation. Additionally, there is a number of trials that are looking at ways in which radiation could be omitted or shortened. So there is the RT CHARM trial, which has reported but not yet published, looking at a shorter course of radiation. And so we do make recommendations around that shorter course of radiation in this guideline, but we anticipate that the additional data from the RT CHARM study will provide further evidence in support of that. Additionally, there is a study called the TAILOR RT trial, which looks at forgoing postmastectomy radiation in patients who, to Dr. Abdou's point, have a favorable tumor biology and a low 21-gene recurrence score. And so we are going to anticipate the results from that study to help guide who can selectively forgo postmastectomy radiation when they fall into that favorable risk category. So there are a number of questions that I think will help flesh out this guideline. And as they publish, we will likely publish a focused update on that information to help provide context for our colleagues in the field and clarify some of these recommendations to suit the latest data. Brittany Harvey: Absolutely. We will look forward to those de-escalation trials and ongoing research in the field to build on the evidence and look for future updates to this guideline. So I want to thank you for your work to update these guidelines, and thank you for your time today, Dr. Horst, Dr. Jimenez, and Dr. Abdou. Dr. Rachel Jimenez: Thank you. Dr. Yara Abdou: Thank you. Dr. Kathleen Horst: Thank you. Brittany Harvey: And then finally, thank you to all of our listeners for tuning in to the ASCO Guidelines podcast. To read the full guideline, go to www.asco.org/breast-cancer-guidelines. You can also find many of our guidelines and interactive resources in the free ASCO Guidelines app, which is available in the Apple App Store or the Google Play Store. If you have enjoyed what you have heard today, please rate and review the podcast and be sure to subscribe so you never miss an episode. The purpose of this podcast is to educate and to inform. This is not a substitute for professional medical care and is not intended for use in the diagnosis or treatment of individual conditions. Guests on this podcast express their own opinions, experience, and conclusions. Guest statements on the podcast do not express the opinions of ASCO. The mention of any product, service, organization, activity, or therapy should not be construed as an ASCO endorsement.  

Patrick (Tracer Labs) breaks down Trust ID, a consent + identity layer that replaces cookie pop-ups with a portable, user-owned identity (and embedded wallet). We dig into how Tracer helps brands unify siloed data without storing PII, verify real humans amid AI traffic, and enable one-click privacy that travels site-to-site.Timestamps[00:00] AI = most traffic; attribution is broken [00:01] Intro — Patrick, Tracer Labs & Trust ID [00:02] Patrick's crypto origin story & prior ventures [00:05] The problem: siloed brand data + compliance burden [00:06] What Trust ID does: consent + identity + embedded wallet [00:07] One-click wedge: spin up wallet, tokenize consent, no more cookies [00:09] Brands get real humans, no PII; users keep privacy & control [00:12] GDPR/CCPA costs; why a new US standard is needed[00:15] AI search & bot traffic: restoring pre-intent signal[00:18] Federated identity, modular plug-in, keep existing auth[00:19] Agentic “child IDs” w/ wallets & rule sets (Q1 roadmap)[00:20] KYC/KYB as commoditized credentials that travel with you [00:22] Live MVP; replacing legacy consent managers; early clients [00:24] Who's adopting: cards, casinos, banks, travel; multi-brand SSO [00:25] Unifying loyalty & rewards across properties [00:26] Founder advice: talk to customers on day one [00:31] Digital identity misconceptions; why this time is different [00:33] Abstraction for users; less friction, fewer decisions[00:36] Vision: 0.5–1B users; cut spam; programmatic commerce [00:38] The ask: hiring devs; enterprise intros; $15M seed openConnecthttps://www.tracerlabs.com/https://www.linkedin.com/company/tracerlabs/https://www.linkedin.com/in/patrickmoynihan1/DisclaimerNothing mentioned in this podcast is investment advice and please do your own research. Finally, it would mean a lot if you can leave a review of this podcast on Apple Podcasts or Spotify and share this podcast with a friend.Be a guest on the podcast or contact us - https://www.web3pod.xyz/

In this series “Evidence Today and Tomorrow”, the HPB disease site working group of the SSO explored current gaps in HPB surgical oncology, highlighting existing evidence and ongoing work aimed at filling those gaps. In this episode, Dr. Julie Hallet, chair of the HPB disease site working group, and Dr. Noah Cohen, member of the HPB disease site working group, are joined by Drs. Michael Lidksy and Bas Groot Koerkamp to review evidence in hepatic artery infusion pump therapy.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Oracle's long term CSO departs, and we're not that sad about it Canada's House of Commons gets popped through a Microsoft bug Russia degrades voice calls via Whatsapp and Telegram to push people towards Max South-East Asian scam compounds are also behind child sextortion Reports that the UK has backed down on Apple crypto are… strange Oh and of course there's a Fortinet bug! There's always a Fortinet bug! This week's episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You'll never guess which one was a few lines of PAM config, and which was a multi-month engineering project! This episode is also available on Youtube. Show notes Is Oracle facing headwinds? After layoffs, its 4-decade veteran Chief Security Officer Mary Ann Davidson departs Oracle CSO blasted over anti-security research rant - iTnews New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts | The Record from Recorded Future News Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump' Cashout Scheme – Krebs on Security How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes | TechCrunch UK has backed down on demand to access US Apple user data, spy chief says DNI Tulsi Gabbard on X: "As a result, the UK has agreed to drop its mandate for" Hackers target Workday in social engineering attack Russia curbs WhatsApp, Telegram calls to counter cybercrime | The Record from Recorded Future News Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability | The Record from Recorded Future News Norway police believe pro-Russian hackers were behind April dam sabotage | The Record from Recorded Future News US agencies, international allies issue guidance on OT asset inventorying | Cybersecurity Dive FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970) U.S. State Dept - Near Eastern Affairs on X: "He did not claim diplomatic immunity and was released by a state judge" 493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds | WIRED .:: Phrack Magazine ::. Accenture to buy Australian cyber security firm CyberCX - iTnews

On this episode, I cover the news from Patch Tuesday including an update issue on Windows 11 when using WSUS, I get into a new SSO feature for macOS and much more! Reference Links: https://www.rorymon.com/blog/windows-12-predictions-patch-tuesday-news-teams-security-enhancements/

In this episode of the Food Junkies Podcast, Dr. Vera Tarman and Clarissa Kennedy welcome back Dr. Nicole Avena — neuroscientist, researcher, and author — to discuss her team's latest paper exploring a provocative question: Could GLP-1 receptor agonists, while reducing food cravings, also negatively impact dopamine regulation, mood, and addiction risk? Dr. Avena breaks down the science behind GLP-1 drugs, their effects on the brain's reward pathways, and why these mechanisms might lead to unintended consequences such as anhedonia, apathy, and depressive symptoms. Together, they examine potential tolerance and rebound effects, the role of GABAergic neurons, and the paradox of eliminating “food noise” while risking a hypodopaminergic state. The conversation also covers dose-dependence, the importance of holistic support and mindful eating skills, and ethical considerations for use in vulnerable populations — especially those with a history of addiction or mental health challenges. Listeners will gain nuanced insight into: How GLP-1s work in the brain's reward and motivation systems Why side effects may be tied to dosing, individual sensitivity, and muscle loss The risk of emotional flattening and its impact on recovery and quality of life Strategies to use these medications responsibly, including lower-dose approaches and lifestyle integration Broader implications for the food industry, public health, and prevention — including concerns about pediatric use Dr. Avena also shares a preview of her upcoming talk at the International Food Addiction & Comorbidities Conference in September 2025, where she'll address GLP-1 research, early-life risk factors for ultra-processed food addiction, and prevention strategies. If you've ever wondered about the long-term story behind the GLP-1 craze — especially for those navigating food addiction recovery — this in-depth discussion is a must-listen. Get your IN-PERSON or LIVESTREAM ticket(s) HERE! Use code SSO for a 40% discount!   The content of our show is educational only. It does not supplement or supersede your healthcare provider's professional relationship and direction. Always seek the advice of your physician or other qualified mental health providers with any questions you may have regarding a medical condition, substance use disorder, or mental health concern.

Hey Hey beautiful people here is this weeks Radio Rewind in High Definition Sounds. Hey hey Beautiful People I'm back once again like a Renegade master this Wednesday on Cruise FM. so try and control your excitement!! The paradise sessions - Discos Revenge returns to its original birthplace on Wednesday's 8-10pm with @markymmp on @cruise_fm UK cruise FM. SSo in Wednesdays's So the Star's on 45's take over this week features the amazing Traxsource Hot joints of 2025 so far. Powered by DJ Allan's Awesome 4Some and we also have another brand new amazing Awesome 4Some from DJ Allan in the second hour of the show so be prepared for another high energy uplifting radio show that brings sunshine and smiles on a a Humpday. It's a Specially Prepped Rewind for your aural pleasure. Much Love Marky MMP Cruise FM, and hope you can join me on this special weekly journey delivered with love.. 
 Title Artist Rockin Your World (Main NYC Streets Mix) StretchMan I Don't Love You Anymore (Eric Kupper Remix) The Philly All Stars, Eric Kupper Ride On The Moon (Funkatomic Revenge Extended) Funkatomic, Tracy Hamlin, Derrick Mckenzie Squire for Hire (Fouk Remix) Nathan Haines, Marlena Shaw & Fouk Times Are Changing Ben Westbeech, RAHH Fighting Love (Extended Mix) Mark Knight, Mark Dedross Gimme A Clap (Main Mix) Mild Sauce I Say A Little Prayer 4 U (Jay's Prayer Mix) Jay Caruso Love Taste (Original Mix) GooDisco Right Here Right Now (Mark Francis Re Edit Of DJ Spen, Gary Hudgins, & Thomy Davis Remix) Alicia Myers, DJ Spen, Mark Francis, Gary Hudgins, Thommy Davis Can't Hold Back (Your Loving) (Brian Tappert Rework) Kano, Brian Tappert Slave to the Vibe (Original Extended Mix) Jay Caruso, Aja Luv High (Eric Kupper Extended Remix) Sonic Soul Orchestra, Camden Rose, Eric Kupper That's the Way Love Is (Jerome Sydenham & Tiger Stripes Remix 2025 Remaster) Ten City, Jerome Sydenham, Tiger Stripes Change Of Mind (Stephan Duy's 2025 Extended Edit) Per QX, Stephan Duy Never Gonna Fall In Love Again (Like I Fell In Love With You) (Micky More & Andy Tee Remix) Diplomats Of Soul, Incognito, Vanessa Haynes, Micky More & Andy Tee Another Holiday (Extended Mix) Michael Gray, Sian-Lee Baby Don't Make Me Wait (Sean McCabe Vocal Remix) MissFly, David Bailey, Sean McCabe Heavy Vibes (Yogi Extended Remix) Dr Packer, Yogi We Rise (Johnny Montana And Yorkee Remix) Ann Nesby Rhythm In Me (Original Mix) Tony Deledda, Abyss Deep Sound Lab, Roxanne Myles Let It Flow Raffaele Ciavolino I love you all.
I hope you enjoy on this special weekly journey packed with love and here is the listen back link.

Dr. Tro Kalayjian is a board-certified physician in Internal Medicine and Obesity Medicine, and the founder of Toward Health, a virtual metabolic health clinic helping people break free from food addiction and chronic metabolic disease. He's also a founding member of the Society of Metabolic Health Practitioners and an international speaker on metabolic psychiatry, obesity, and nutrition science. But what makes Dr. Tro's work truly powerful is that it's personal. He grew up in a household affected by obesity and struggled with his own weight into adulthood, reaching over 350 pounds. After years of frustration with traditional medical advice, he took a deep dive into the research and completely transformed his health—losing over 150 pounds and sustaining that loss for more than a decade. His clinic's latest research, published in Frontiers in Psychiatry, shows how combining low-carb nutrition with real-time support, psychological care, and metabolic monitoring can significantly reduce food addiction and binge eating symptoms—offering hope for those who haven't found relief in diets or medications alone. Dr. Tro is passionate about helping others find food freedom, and today he's here to share the science, the struggle, and the solutions that actually work. Research Highlights: Published in Frontiers in Psychiatry (2025): 43 lbs average weight loss ~40–50% improvement in food addiction and binge eating symptoms Outcomes comparable to medications (e.g. amphetamines, GLP-1s) — but without long-term side effects Case series (220 people) on keto for binge eating showed significant improvements, challenging the old myth that "restrictive diets worsen eating disorders"

In this series “evidence today and tomorrow”, the HPB disease site working group of the SSO explored current gaps in HPB surgical oncology, highlighting existing evidence and ongoing work aimed at filling those gaps. In this episode of SurgOnc Today, Dr. Julie Hallet from the Unviersity of Toronto and chair of the SSO HPB Disease Site Working Group, and Dr. Winnie Lo from Eastern Virginia Medical School are joined by Dr. Adam Yopp and Dr. Amit Singal from UT Southwestern, and Dr. Katie Kelley from University of California San Francisco. They will be discussing the state-of-the-art evidence and upcoming trials on treating hepatocellular carcinoma.

In this special live episode of Autonomous IT, Live! we walk through a high-stakes incident response drill that mimics a disturbingly realistic threat scenario: an attacker gains access to your internal tools — not by breaking in, but by logging in.Here's the setup: a user unknowingly reuses compromised credentials with the company's SSO provider. An attacker logs in, flies under the radar, and impersonates internal IT support using Slack, email, and calendar invites. Their goal? Convince employees to install a fake remote access tool—all while avoiding anyone likely to report suspicious behavior.Join Landon Miles, Tom Bowyer, and Ryan Braunstein as they:

Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical tools are overpriced, overcomplicated, and reserved for companies that can afford to overpay and have full-time security teams. That's broken. Cubeless is tearing down the barriers. With Cubeless Verify, we're delivering SSO and MFA that anyone can use—no IT army required. No hidden fees. No contracts. No catch. Just enterprise-grade security made simple, and free forever. The gatekeepers had their turn. Now it's yours. Go to https://securityweekly.com/cubelessidv to start using Cubeless Identity today. As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. A lack of identity standards tailored specifically for AI agents, is creating a roadblock for developers. Existing infrastructure was not designed with autonomous agents in mind. How will identity standards need to evolve in order to meet the needs of an agent driven ecosystem? https://frontegg.com/product/frontegg-ai This segment is sponsored by Frontegg. Visit https://securityweekly.com/fronteggidv to learn more about them! Traditional IGA tools struggle to deliver full observability—and stall when it's time to take action. Axonius Identities is changing that—bringing actionability to identity governance by embedding it into the broader cyber asset platform. In this session, CEO of AxoniusX, Amir Ofek shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments. https://www.axonius.com/products/identities Axonius Blog: From Roles to Rules – An Access Paradigm Shift: https://www.axonius.com/blog/from-roles-to-rules Axonius Cybersecurity Asset Management Platform Overview: https://www.axonius.com/platform See how Axonius makes identity actionable. Visit https://securityweekly.com/axoniusidv. As enterprises are looking to rapidly deploy AI agents to drive innovation, they face an urgent need to secure this new "digital workforce" without hindering speed. Traditional security models weren't built for the unique identity and access demands of autonomous AI. This session will cut through the hype, address the real security concerns head-on, and outline a modern, cloud-native framework for managing privileged access for AI agents, ensuring your organization can innovate fast and stay secure. https://www.britive.com/use-cases/agentic-ai-security https://www.britive.com/resource/events/zero-standing-privileges-human-ai-nhi https://www.britive.com/resource/blog/agentic-ai-redefining-identity-security-cloud https://www.britive.com/resource/blog/owasp-vulnerabilities-llm-goes-rogue-navigating-corporate-chaos https://www.britive.com/resource/blog/agent-to-agent-access-security https://www.britive.com/resource/blog/genai-data-privacy-ip-protection https://www.britive.com/resource/blog/rethinking-nhi-cloud-security-strategies This segment is sponsored by Britive. Visit https://securityweekly.com/britiveidv to learn more about Britive's agentless cloud-native Privileged Access Management platform. As digital transformation accelerates and advanced threats evolve, industries of all kinds face rising pressure to secure identities, prevent fraud, and deliver seamless user experiences. Aware CEO Ajay Amlani shares how biometric technology is stepping up to meet these challenges—providing fast, accurate, and scalable solutions that strengthen security while reducing friction. Discover how biometrics is reshaping the identity landscape and enabling trust in an increasingly complex world. https://www.aware.com/blog/ This segment is sponsored by Aware. Visit https://securityweekly.com/awareidv to learn more about them! As threat landscapes grow more complex and stakeholder expectations rise, organizations must reimagine their approach to cyber resilience and trust. This interview will explore how artificial intelligence is transforming cybersecurity—from identifying vulnerabilities in real time to automating response and aligning security initiatives with broader business goals. Join us for a forward-looking discussion on what it means to lead with AI, earn digital trust, and create a resilient enterprise that's built to withstand tomorrow's threats. This segment is sponsored by SDG. Visit https://securityweekly.com/sdgidv to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-414

Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical tools are overpriced, overcomplicated, and reserved for companies that can afford to overpay and have full-time security teams. That's broken. Cubeless is tearing down the barriers. With Cubeless Verify, we're delivering SSO and MFA that anyone can use—no IT army required. No hidden fees. No contracts. No catch. Just enterprise-grade security made simple, and free forever. The gatekeepers had their turn. Now it's yours. Go to https://securityweekly.com/cubelessidv to start using Cubeless Identity today. As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. A lack of identity standards tailored specifically for AI agents, is creating a roadblock for developers. Existing infrastructure was not designed with autonomous agents in mind. How will identity standards need to evolve in order to meet the needs of an agent driven ecosystem? https://frontegg.com/product/frontegg-ai This segment is sponsored by Frontegg. Visit https://securityweekly.com/fronteggidv to learn more about them! Traditional IGA tools struggle to deliver full observability—and stall when it's time to take action. Axonius Identities is changing that—bringing actionability to identity governance by embedding it into the broader cyber asset platform. In this session, CEO of AxoniusX, Amir Ofek shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments. https://www.axonius.com/products/identities Axonius Blog: From Roles to Rules – An Access Paradigm Shift: https://www.axonius.com/blog/from-roles-to-rules Axonius Cybersecurity Asset Management Platform Overview: https://www.axonius.com/platform See how Axonius makes identity actionable. Visit https://securityweekly.com/axoniusidv. As enterprises are looking to rapidly deploy AI agents to drive innovation, they face an urgent need to secure this new "digital workforce" without hindering speed. Traditional security models weren't built for the unique identity and access demands of autonomous AI. This session will cut through the hype, address the real security concerns head-on, and outline a modern, cloud-native framework for managing privileged access for AI agents, ensuring your organization can innovate fast and stay secure. https://www.britive.com/use-cases/agentic-ai-security https://www.britive.com/resource/events/zero-standing-privileges-human-ai-nhi https://www.britive.com/resource/blog/agentic-ai-redefining-identity-security-cloud https://www.britive.com/resource/blog/owasp-vulnerabilities-llm-goes-rogue-navigating-corporate-chaos https://www.britive.com/resource/blog/agent-to-agent-access-security https://www.britive.com/resource/blog/genai-data-privacy-ip-protection https://www.britive.com/resource/blog/rethinking-nhi-cloud-security-strategies This segment is sponsored by Britive. Visit https://securityweekly.com/britiveidv to learn more about Britive's agentless cloud-native Privileged Access Management platform. As digital transformation accelerates and advanced threats evolve, industries of all kinds face rising pressure to secure identities, prevent fraud, and deliver seamless user experiences. Aware CEO Ajay Amlani shares how biometric technology is stepping up to meet these challenges—providing fast, accurate, and scalable solutions that strengthen security while reducing friction. Discover how biometrics is reshaping the identity landscape and enabling trust in an increasingly complex world. https://www.aware.com/blog/ This segment is sponsored by Aware. Visit https://securityweekly.com/awareidv to learn more about them! As threat landscapes grow more complex and stakeholder expectations rise, organizations must reimagine their approach to cyber resilience and trust. This interview will explore how artificial intelligence is transforming cybersecurity—from identifying vulnerabilities in real time to automating response and aligning security initiatives with broader business goals. Join us for a forward-looking discussion on what it means to lead with AI, earn digital trust, and create a resilient enterprise that's built to withstand tomorrow's threats. This segment is sponsored by SDG. Visit https://securityweekly.com/sdgidv to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-414

Interview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organizations expect. Talk about the critical weaknesses in traditional SSO implementations, how shadow IT thrives under the radar, and why enterprises continue to experience data breaches despite security investments. Can cover real-world examples of security failures, highlight the role of human behavior in risk, and provide actionable strategies to regain control over enterprise security. This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them! Topic Segment: Is AI taking our jerbs or not? I listened to most of a debate between Marcus Hutchins and Daniel Miessler over whether generative AI will be good enough to replace a lot of jobs (Daniel's take), or so bad that it won't take any (Marcus's take). I got frustrated though, because I feel like some foundational assumptions were ignored, and not enough examples were shared or prepared. Assumption #1: Jobs exist because work needs to be done. This is a false assumption. Check out a book called "Bullshit Jobs" to go down this particular rabbit hole. Assumption #2: The primary task of a job is the job. This is rarely the case, unless you work in the service industry. How much of a developer's job is writing code? A lot less than you think. Employees spend a massive amount of time communicating with other employees, via meetings, emails, Slack chats - can AI replace this? Maybe all that communication is wasteful and inefficient? Could be, but for every job AI supposedly replaces, it becomes someone else's job to manage that AI agent. Does all of middle management become expert prompt engineers, or do they also disappear with no employees to manage? Assumption #3: Jobs aren't already being replaced. They are, they're just not terribly visible jobs. That contractor your marketing team was using to build blog/SEO content? He's probably gone. The in-house or contract graphic designer? Probably gone. There's a whole swath of jobs out there, where quality isn't very important, but work needs to be produced, and those jobs are being actively replaced with generative AI. With that said, I don't see any full time jobs that require quality work and a lot of communication with other employees getting replaced. Yet? Ever? That's the question. The Enterprise News In this week's enterprise security news, Not much interesting funding to discuss Securonix acquires ThreatQuotient Cellebrite acquires Corellium (that sounds a lot like a rock bought a stone or a gem or something) Yet another free vulnerability database ChatGPT can now clandestinely record meetings Threat detection resources a VERY expensive Zoom call (for the victim) Should we stop using SOC2s? Should we give up on least privilege? How much did it cost to change HBO to HBO Max, then to Max, then back to HBO Max? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-413

Interview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organizations expect. Talk about the critical weaknesses in traditional SSO implementations, how shadow IT thrives under the radar, and why enterprises continue to experience data breaches despite security investments. Can cover real-world examples of security failures, highlight the role of human behavior in risk, and provide actionable strategies to regain control over enterprise security. This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them! Topic Segment: Is AI taking our jerbs or not? I listened to most of a debate between Marcus Hutchins and Daniel Miessler over whether generative AI will be good enough to replace a lot of jobs (Daniel's take), or so bad that it won't take any (Marcus's take). I got frustrated though, because I feel like some foundational assumptions were ignored, and not enough examples were shared or prepared. Assumption #1: Jobs exist because work needs to be done. This is a false assumption. Check out a book called "Bullshit Jobs" to go down this particular rabbit hole. Assumption #2: The primary task of a job is the job. This is rarely the case, unless you work in the service industry. How much of a developer's job is writing code? A lot less than you think. Employees spend a massive amount of time communicating with other employees, via meetings, emails, Slack chats - can AI replace this? Maybe all that communication is wasteful and inefficient? Could be, but for every job AI supposedly replaces, it becomes someone else's job to manage that AI agent. Does all of middle management become expert prompt engineers, or do they also disappear with no employees to manage? Assumption #3: Jobs aren't already being replaced. They are, they're just not terribly visible jobs. That contractor your marketing team was using to build blog/SEO content? He's probably gone. The in-house or contract graphic designer? Probably gone. There's a whole swath of jobs out there, where quality isn't very important, but work needs to be produced, and those jobs are being actively replaced with generative AI. With that said, I don't see any full time jobs that require quality work and a lot of communication with other employees getting replaced. Yet? Ever? That's the question. The Enterprise News In this week's enterprise security news, Not much interesting funding to discuss Securonix acquires ThreatQuotient Cellebrite acquires Corellium (that sounds a lot like a rock bought a stone or a gem or something) Yet another free vulnerability database ChatGPT can now clandestinely record meetings Threat detection resources a VERY expensive Zoom call (for the victim) Should we stop using SOC2s? Should we give up on least privilege? How much did it cost to change HBO to HBO Max, then to Max, then back to HBO Max? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-413

In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security. Push has built an identity security platform that collects identity information and events from your users' browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account that a user has spun up. It's extremely difficult to bypass. That's because when you're in the browser it doesn't matter how a phishing link arrives, or how a threat actor has concealed it from your detection stack – if the user sees it, Push sees it. There are solutions for protecting your users SSO credentials, like passkeys. But what about all the SaaS in your environment? Even if it's enrolled into your SSO, are you sure that's how your users are authenticating to it? What about the automation platforms your developers and admins use? What about data platforms like Snowflake? Are your using setting up passkeys for those accounts? How would you know, and what problems can it cause if those accounts are vulnerable? This is a fun one! This episode is also available on Youtube. Show notes

A Tale of Two Phishing Sties Two phishing sites may use very different backends, even if the site itself appears to be visually very similar. Phishing kits are often copied and modified, leading to sites using similar visual tricks on the user facing site, but very different backends to host the sites and reporting data to the miscreant. https://isc.sans.edu/diary/A%20Tale%20of%20Two%20Phishing%20Sites/31810 A Phihsing Tale of DOH and DNS MX Abuse Infoblox discovered a new variant of the Meerkat phishing kit that uses DoH in Javascript to discover MX records, and generate better customized phishing pages. https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/ Using OpenID Connect for SSH Cloudflare opensourced it's OPKSSH too. It integrates SSO systems supporting OpenID connect with SSH. https://github.com/openpubkey/opkssh/