Podcasts about SSO

Turbopuffer came out of a reading app.In 2022, Simon was helping his friends at Readwise scale their infra for a highly requested feature: article recommendations and semantic search. Readwise was paying ~$5k/month for their relational database and vector search would cost ~$20k/month making the feature too expensive to ship. In 2023 after mulling over the problem from Readwise, Simon decided he wanted to “build a search engine” which became Turbopuffer.We discuss:• Simon's path: Denmark → Shopify infra for nearly a decade → “angel engineering” across startups like Readwise, Replicate, and Causal → turbopuffer almost accidentally becoming a company • The Readwise origin story: building an early recommendation engine right after the ChatGPT moment, seeing it work, then realizing it would cost ~$30k/month for a company spending ~$5k/month total on infra and getting obsessed with fixing that cost structure • Why turbopuffer is “a search engine for unstructured data”: Simon's belief that models can learn to reason, but can't compress the world's knowledge into a few terabytes of weights, so they need to connect to systems that hold truth in full fidelity • The three ingredients for building a great database company: a new workload, a new storage architecture, and the ability to eventually support every query plan customers will want on their data • The architecture bet behind turbopuffer: going all in on object storage and NVMe, avoiding a traditional consensus layer, and building around the cloud primitives that only became possible in the last few years • Why Simon hated operating Elasticsearch at Shopify: years of painful on-call experience shaped his obsession with simplicity, performance, and eliminating state spread across multiple systems • The Cursor story: launching turbopuffer as a scrappy side project, getting an email from Cursor the next day, flying out after a 4am call, and helping cut Cursor's costs by 95% while fixing their per-user economics • The Notion story: buying dark fiber, tuning TCP windows, and eating cross-cloud costs because Simon refused to compromise on architecture just to close a deal faster • Why AI changes the build-vs-buy equation: it's less about whether a company can build search infra internally, and more about whether they have time especially if an external team can feel like an extension of their own • Why RAG isn't dead: coding companies still rely heavily on search, and Simon sees hybrid retrieval semantic, text, regex, SQL-style patterns becoming more important, not less • How agentic workloads are changing search: the old pattern was one retrieval call up front; the new pattern is one agent firing many parallel queries at once, turning search into a highly concurrent tool call • Why turbopuffer is reducing query pricing: agentic systems are dramatically increasing query volume, and Simon expects retrieval infra to adapt to huge bursts of concurrent search rather than a small number of carefully chosen calls • The philosophy of “playing with open cards”: Simon's habit of being radically honest with investors, including telling Lachy Groom he'd return the money if turbopuffer didn't hit PMF by year-end • The “P99 engineer”: Simon's framework for building a talent-dense company, rejecting by default unless someone on the team feels strongly enough to fight for the candidate —Simon Hørup Eskildsen• LinkedIn: https://www.linkedin.com/in/sirupsen• X: https://x.com/Sirupsen• https://sirupsen.com/aboutturbopuffer• https://turbopuffer.com/Full Video PodTimestamps00:00:00 The PMF promise to Lachy Groom00:00:25 Intro and Simon's background00:02:19 What turbopuffer actually is00:06:26 Shopify, Elasticsearch, and the pain behind the company00:10:07 The Readwise experiment that sparked turbopuffer00:12:00 The insight Simon couldn't stop thinking about00:17:00 S3 consistency, NVMe, and the architecture bet00:20:12 The Notion story: latency, dark fiber, and conviction00:25:03 Build vs. buy in the age of AI00:26:00 The Cursor story: early launch to breakout customer00:29:00 Why code search still matters00:32:00 Search in the age of agents00:34:22 Pricing turbopuffer in the AI era00:38:17 Why Simon chose Lachy Groom00:41:28 Becoming a founder on purpose00:44:00 The “P99 engineer” philosophy00:49:30 Bending software to your will00:51:13 The future of turbopuffer00:57:05 Simon's tea obsession00:59:03 Tea kits, X Live, and P99 LiveTranscriptSimon Hørup Eskildsen: I don't think I've said this publicly before, but I just called Lockey and was like, local Lockie. Like if this doesn't have PMF by the end of the year, like we'll just like return all the money to you. But it's just like, I don't really, we, Justine and I don't wanna work on this unless it's really working.So we want to give it the best shot this year and like we're really gonna go for it. We're gonna hire a bunch of people. We're just gonna be honest with everyone. Like when I don't know how to play a game, I just play with open cards. Lockey was the only person that didn't, that didn't freak out. He was like, I've never heard anyone say that before.Alessio: Hey everyone, welcome to the Leading Space podcast. This is Celesio Pando, Colonel Laz, and I'm joined by Swix, editor of Leading Space.swyx: Hello. Hello, uh, we're still, uh, recording in the Ker studio for the first time. Very excited. And today we are joined by Simon Eski. Of Turbo Farer welcome.Simon Hørup Eskildsen: Thank you so much for having me.swyx: Turbo Farer has like really gone on a huge tear, and I, I do have to mention that like you're one of, you're not my newest member of the Danish AHU Mafia, where like there's a lot of legendary programmers that have come out of it, like, uh, beyond Trotro, Rasmus, lado Berg and the V eight team and, and Google Maps team.Uh, you're mostly a Canadian now, but isn't that interesting? There's so many, so much like strong Danish presence.Simon Hørup Eskildsen: Yeah, I was writing a post, um, not that long ago about sort of the influences. So I grew up in Denmark, right? I left, I left when, when I was 18 to go to Canada to, to work at Shopify. Um, and so I, like, I've, I would still say that I feel more Danish than, than Canadian.This is also the weird accent. I can't say th because it, this is like, I don't, you know, my wife is also Canadian, um, and I think. I think like one of the things in, in Denmark is just like, there's just such a ruthless pragmatism and there's also a big focus on just aesthetics. Like, they're like very, people really care about like where, what things look like.Um, and like Canada has a lot of attributes, US has, has a lot of attributes, but I think there's been lots of the great things to carry. I don't know what's in the water in Ahu though. Um, and I don't know that I could be considered part of the Mafi mafia quite yet, uh, compared to the phenomenal individuals we just mentioned.Barra OV is also, uh, Danish Canadian. Okay. Yeah. I don't know where he lives now, but, and he's the PHP.swyx: Yeah. And obviously Toby German, but moved to Canada as well. Yes. Like this is like import that, uh, that, that is an interesting, um, talent move.Alessio: I think. I would love to get from you. Definition of Turbo puffer, because I think you could be a Vector db, which is maybe a bad word now in some circles, you could be a search engine.It's like, let, let's just start there and then we'll maybe run through the history of how you got to this point.Simon Hørup Eskildsen: For sure. Yeah. So Turbo Puffer is at this point in time, a search engine, right? We do full text search and we do vector search, and that's really what we're specialized in. If you're trying to do much more than that, like then this might not be the right place yet, but Turbo Buffer is all about search.The other way that I think about it is that we can take all of the world's knowledge, all of the exabytes and exabytes of data that there is, and we can use those tokens to train a model, but we can't compress all of that into a few terabytes of weights, right? Compress into a few terabytes of weights, how to reason with the world, how to make sense of the knowledge.But we have to somehow connect it to something externally that actually holds that like in full fidelity and truth. Um, and that's the thing that we intend to become. Right? That's like a very holier than now kind of phrasing, right? But being the search engine for unstructured, unstructured data is the focus of turbo puffer at this point in time.Alessio: And let's break down. So people might say, well, didn't Elasticsearch already do this? And then some other people might say, is this search on my data, is this like closer to rag than to like a xr, like a public search thing? Like how, how do you segment like the different types of search?Simon Hørup Eskildsen: The way that I generally think about this is like, there's a lot of database companies and I think if you wanna build a really big database company, sort of, you need a couple of ingredients to be in the air.We don't, which only happens roughly every 15 years. You need a new workload. You basically need the ambition that every single company on earth is gonna have data in your database. Multiple times you look at a company like Oracle, right? You will, like, I don't think you can find a company on earth with a digital presence that it not, doesn't somehow have some data in an Oracle database.Right? And I think at this point, that's also true for Snowflake and Databricks, right? 15 years later it's, or even more than that, there's not a company on earth that doesn't, in. Or directly is consuming Snowflake or, or Databricks or any of the big analytics databases. Um, and I think we're in that kind of moment now, right?I don't think you're gonna find a company over the next few years that doesn't directly or indirectly, um, have all their data available for, for search and connect it to ai. So you need that new workload, like you need something to be happening where there's a new workload that causes that to happen, and that new workload is connecting very large amounts of data to ai.The second thing you need. The second condition to build a big database company is that you need some new underlying change in the storage architecture that is not possible from the databases that have come before you. If you look at Snowflake and Databricks, right, commoditized, like massive fleet of HDDs, like that was not possible in it.It just wasn't in the air in the nineties, right? So you just didn't, we just didn't build these systems. S3 and and and so on was not around. And I think the architecture that is now possible that wasn't possible 15 years ago is to go all in on NVME SSDs. It requires a particular type of architecture for the database that.It's difficult to retrofit onto the databases that are already there, including the ones you just mentioned. The second thing is to go all in on OIC storage, more so than we could have done 15 years ago. Like we don't have a consensus layer, we don't really have anything. In fact, you could turn off all the servers that Turbo Buffer has, and we would not lose any data because we have all completely all in on OIC storage.And this means that our architecture is just so simple. So that's the second condition, right? First being a new workload. That means that every company on earth, either indirectly or directly, is using your database. Second being, there's some new storage architecture. That means that the, the companies that have come before you can do what you're doing.I think the third thing you need to do to build a big database company is that over time you have to implement more or less every Cory plan on the data. What that means is that you. You can't just get stuck in, like, this is the one thing that a database does. It has to be ever evolving because when someone has data in the database, they over time expect to be able to ask it more or less every question.So you have to do that to get the storage architecture to the limit of what, what it's capable of. Those are the three conditions.swyx: I just wanted to get a little bit of like the motivation, right? Like, so you left Shopify, you're like principal, engineer, infra guy. Um, you also head of kernel labs, uh, inside of Shopify, right?And then you consulted for read wise and that it kind of gave you that, that idea. I just wanted you to tell that story. Um, maybe I, you've told it before, but, uh, just introduce the, the. People to like the, the new workload, the sort of aha moment for turbo PufferSimon Hørup Eskildsen: For sure. So yeah, I spent almost a decade at Shopify.I was on the infrastructure team, um, from the fairly, fairly early days around 2013. Um, at the time it felt like it was growing so quickly and everything, all the metrics were, you know, doubling year on year compared to the, what companies are contending with today. It's very cute in growth. I feel like lot some companies are seeing that month over month.Um, of course. Shopify compound has been compounding for a very long time now, but I spent a decade doing that and the majority of that was just make sure the site is up today and make sure it's up a year from now. And a lot of that was really just the, um, you know, uh, the Kardashians would drive very, very large amounts of, of data to, to uh, to Shopify as they were rotating through all the merch and building out their businesses.And we just needed to make sure we could handle that. Right. And sometimes these were events, a million requests per second. And so, you know, we, we had our own data centers back in the day and we were moving to the cloud and there was so much sharding work and all of that that we were doing. So I spent a decade just scaling databases ‘cause that's fundamentally what's the most difficult thing to scale about these sites.The database that was the most difficult for me to scale during that time, and that was the most aggravating to be on call for, was elastic search. It was very, very difficult to deal with. And I saw a lot of projects that were just being held back in their ambition by using it.swyx: And I mean, self-hosted.Self-hosted. ‘causeSimon Hørup Eskildsen: it's, yeah, and it commercial, this is like 2015, right? So it's like a very particular vintage. Right. It's probably better at a lot of these things now. Um, it was difficult to contend with and I'm just like, I just think about it. It's an inverted index. It should be good at these kinds of queries and do all of this.And it was, we, we often couldn't get it to do exactly what we needed to do or basically get lucine to do, like expose lucine raw to, to, to what we needed to do. Um, so that was like. Just something that we did on the side and just panic scaled when we needed to, but not a particular focus of mine. So I left, and when I left, I, um, wasn't sure exactly what I wanted to do.I mean, it spent like a decade inside of the same company. I'd like grown up there. I started working there when I was 18.swyx: You only do Rails?Simon Hørup Eskildsen: Yeah. I mean, yeah. Rails. And he's a Rails guy. Uh, love Rails. So good. Um,Alessio: we all wish we could still work in Rails.swyx: I know know. I know, but some, I tried learning Ruby.It's just too much, like too many options to do the same thing. It's, that's my, I I know there's a, there's a way to do it.Simon Hørup Eskildsen: I love it. I don't know that I would use it now, like given cloud code and, and, and cursor and everything, but, um, um, but still it, like if I'm just sitting down and writing a teal code, that's how I think.But anyway, I left and I wasn't, I talked to a couple companies and I was like, I don't. I need to see a little bit more of the world here to know what I'm gonna like focus on next. Um, and so what I decided is like I was gonna, I called it like angel engineering, where I just hopped around in my friend's companies in three months increments and just helped them out with something.Right. And, and just vested a bit of equity and solved some interesting infrastructure problem. So I worked with a bunch of companies at the time, um, read Wise was one of them. Replicate was one of them. Um, causal, I dunno if you've tried this, it's like a, it's a spreadsheet engine Yeah. Where you can do distribution.They sold recently. Yeah. Um, we've been, we used that in fp and a at, um, at Turbo Puffer. Um, so a bunch of companies like this and it was super fun. And so we're the Chachi bt moment happened, I was with. With read Wise for a stint, we were preparing for the reader launch, right? Which is where you, you cue articles and read them later.And I was just getting their Postgres up to snuff, like, which basically boils down to tuning, auto vacuum. So I was doing that and then this happened and we were like, oh, maybe we should build a little recommendation engine and some features to try to hook in the lms. They were not that good yet, but it was clear there was something there.And so I built a small recommendation engine just, okay, let's take the articles that you've recently read, right? Like embed all the articles and then do recommendations. It was good enough that when I ran it on one of the co-founders of Rey's, like I found out that I got articles about, about having a child.I'm like, oh my God, I didn't, I, I didn't know that, that they were having a child. I wasn't sure what to do with that information, but the recommendation engine was good enough that it was suggesting articles, um, about that. And so there was, there was recommendations and uh, it actually worked really well.But this was a company that was spending maybe five grand a month in total on all their infrastructure and. When I did the napkin math on running the embeddings of all the articles, putting them into a vector index, putting it in prod, it's gonna be like 30 grand a month. That just wasn't tenable. Right?Like Read Wise is a proudly bootstrapped company and it's paying 30 grand for infrastructure for one feature versus five. It just wasn't tenable. So sort of in the bucket of this is useful, it's pretty good, but let us, let's return to it when the costs come down.swyx: Did you say it grows by feature? So for five to 30 is by the number of, like, what's the, what's the Scaling factor scale?It scales by the number of articles that you embed.Simon Hørup Eskildsen: It does, but what I meant by that is like five grand for like all of the other, like the Heroku, dinos, Postgres, like all the other, and this then storage is 30. Yeah. And then like 30 grand for one feature. Right. Which is like, what other articles are related to this one.Um, so it was just too much right to, to power everything. Their budget would've been maybe a few thousand dollars, which still would've been a lot. And so we put it in a bucket of, okay, we're gonna do that later. We'll wait, we will wait for the cost to come down. And that haunted me. I couldn't stop thinking about it.I was like, okay, there's clearly some latent demand here. If the cost had been a 10th, we would've shipped it and. This was really the only data point that I had. Right. I didn't, I, I didn't, I didn't go out and talk to anyone else. It was just so I started reading Right. I couldn't, I couldn't help myself.Like I didn't know what like a vector index is. I, I generally barely do about how to generate the vectors. There was a lot of hype about, this is a early 2023. There was a lot of hype about vector databases. There were raising a lot of money and it's like, I really didn't know anything about it. It's like, you know, trying these little models, fine tuning them.Like I was just trying to get sort of a lay of the land. So I just sat down. I have this. A GitHub repository called Napkin Math. And on napkin math, there's just, um, rows of like, oh, this is how much bandwidth. Like this is how many, you know, you can do 25 gigabytes per second on average to dram. You can do, you know, five gigabytes per second of rights to an SSD, blah blah.All of these numbers, right? And S3, how many you could do per, how much bandwidth can you drive per connection? I was just sitting down, I was like, why hasn't anyone build a database where you just put everything on O storage and then you puff it into NVME when you use the data and you puff it into dram if you're, if you're querying it alive, it's just like, this seems fairly obvious and you, the only real downside to that is that if you go all in on o storage, every right will take a couple hundred milliseconds of latency, but from there it's really all upside, right?You do the first go, it takes half a second. And it sort of occurred to me as like, well. The architecture is really good for that. It's really good for AB storage, it's really good for nvm ESSD. It's, well, you just couldn't have done that 10 years ago. Back to what we were talking about before. You really have to build a database where you have as few round trips as possible, right?This is how CPUs work today. It's how NVM E SSDs work. It's how as, um, as three works that you want to have a very large amount of outstanding requests, right? Like basically go to S3, do like that thousand requests to ask for data in one round trip. Wait for that. Get that, like, make a new decision. Do it again, and try to do that maybe a maximum of three times.But no databases were designed that way within NVME as is ds. You can drive like within, you know, within a very low multiple of DRAM bandwidth if you use it that way. And same with S3, right? You can fully max out the network card, which generally is not maxed out. You get very, like, very, very good bandwidth.And, but no one had built a database like that. So I was like, okay, well can't you just, you know, take all the vectors right? And plot them in the proverbial coordinate system. Get the clusters, put a file on S3 called clusters, do json, and then put another file for every cluster, you know, cluster one, do js O cluster two, do js ON you know that like it's two round trips, right?So you get the clusters, you find the closest clusters, and then you download the cluster files like the, the closest end. And you could do this in two round trips.swyx: You were nearest neighbors locally.Simon Hørup Eskildsen: Yes. Yes. And then, and you would build this, this file, right? It's just like ultra simplistic, but it's not a far shot from what the first version of Turbo Buffer was.Why hasn't anyone done thatAlessio: in that moment? From a workload perspective, you're thinking this is gonna be like a read heavy thing because they're doing recommend. Like is the fact that like writes are so expensive now? Oh, with ai you're actually not writing that much.Simon Hørup Eskildsen: At that point I hadn't really thought too much about, well no actually it was always clear to me that there was gonna be a lot of rights because at Shopify, the search clusters were doing, you know, I don't know, tens or hundreds of crew QPS, right?‘cause you just have to have a human sit and type in. But we did, you know, I don't know how many updates there were per second. I'm sure it was in the millions, right into the cluster. So I always knew there was like a 10 to 100 ratio on the read write. In the read wise use case. It's, um, even, even in the read wise use case, there'd probably be a lot fewer reads than writes, right?There's just a lot of churn on the amount of stuff that was going through versus the amount of queries. Um, I wasn't thinking too much about that. I was mostly just thinking about what's the fundamentally cheapest way to build a database in the cloud today using the primitives that you have available.And this is it, right? You just, now you have one machine and you know, let's say you have a terabyte of data in S3, you paid the $200 a month for that, and then maybe five to 10% of that data and needs to be an NV ME SSDs and less than that in dram. Well. You're paying very, very little to inflate the data.swyx: By the way, when you say no one else has done that, uh, would you consider Neon, uh, to be on a similar path in terms of being sort of S3 first and, uh, separating the compute and storage?Simon Hørup Eskildsen: Yeah, I think what I meant with that is, uh, just build a completely new database. I don't know if we were the first, like it was very much, it was, I mean, I, I hadn't, I just looked at the napkin math and was like, this seems really obvious.So I'm sure like a hundred people came up with it at the same time. Like the light bulb and every invention ever. Right. It was just in the air. I think Neon Neon was, was first to it. And they're trying, they're retrofitted onto Postgres, right? And then they built this whole architecture where you have, you have it in memory and then you sort of.You know, m map back to S3. And I think that was very novel at the time to do it for, for all LTP, but I hadn't seen a database that was truly all in, right. Not retrofitting it. The database felt built purely for this no consensus layer. Even using compare and swap on optic storage to do consensus. I hadn't seen anyone go that all in.And I, I mean, there, there, I'm sure there was someone that did that before us. I don't know. I was just looking at the napkin mathswyx: and, and when you say consensus layer, uh, are you strongly relying on S3 Strong consistency? You are. Okay.SoSimon Hørup Eskildsen: that is your consensus layer. It, it is the consistency layer. And I think also, like, this is something that most people don't realize, but S3 only became consistent in December of 2020.swyx: I remember this coming out during COVID and like people were like, oh, like, it was like, uh, it was just like a free upgrade.Simon Hørup Eskildsen: Yeah.swyx: They were just, they just announced it. We saw consistency guys and like, okay, cool.Simon Hørup Eskildsen: And I'm sure that they just, they probably had it in prod for a while and they're just like, it's done right.And people were like, okay, cool. But. That's a big moment, right? Like nv, ME SSDs, were also not in the cloud until around 2017, right? So you just sort of had like 2017 nv, ME SSDs, and people were like, okay, cool. There's like one skew that does this, whatever, right? Takes a few years. And then the second thing is like S3 becomes consistent in 2020.So now it means you don't have to have this like big foundation DB or like zookeeper or whatever sitting there contending with the keys, which is how. You know, that's what Snowflake and others have do so muchswyx: for goneSimon Hørup Eskildsen: Exactly. Just gone. Right? And so just push to the, you know, whatever, how many hundreds of people they have working on S3 solved and then compare and swap was not in S3 at this point in time,swyx: by the way.Uh, I don't know what that is, so maybe you wanna explain. Yes. Yeah.Simon Hørup Eskildsen: Yes. So, um, what Compare and swap is, is basically, you can imagine that if you have a database, it might be really nice to have a file called metadata json. And metadata JSON could say things like, Hey, these keys are here and this file means that, and there's lots of metadata that you have to operate in the database, right?But that's the simplest way to do it. So now you have might, you might have a lot of servers that wanna change the metadata. They might have written a file and want the metadata to contain that file. But you have a hundred nodes that are trying to contend with this metadata that JSON well, what compare and Swap allows you to do is basically just you download the file, you make the modifications, and then you write it only if it hasn't changed.While you did the modification and if not you retry. Right? Should just have this retry loops. Now you can imagine if you have a hundred nodes doing that, it's gonna be really slow, but it will converge over time. That primitive was not available in S3. It wasn't available in S3 until late 2024, but it was available in GCP.The real story of this is certainly not that I sat down and like bake brained it. I was like, okay, we're gonna start on GCS S3 is gonna get it later. Like it was really not that we started, we got really lucky, like we started on GCP and we started on GCP because tur um, Shopify ran on GCP. And so that was the platform I was most available with.Right. Um, and I knew the Canadian team there ‘cause I'd worked with them at Shopify and so it was natural for us to start there. And so when we started building the database, we're like, oh yeah, we have to build a, we really thought we had to build a consensus layer, like have a zookeeper or something to do this.But then we discovered the compare and swap. It's like, oh, we can kick the can. Like we'll just do metadata r json and just, it's fine. It's probably fine. Um, and we just kept kicking the can until we had very, very strong conviction in the idea. Um, and then we kind of just hinged the company on the fact that S3 probably was gonna get this, it started getting really painful in like mid 2024.‘cause we were closing deals with, um, um, notion actually that was running in AWS and we're like, trust us. You, you really want us to run this in GCP? And they're like, no, I don't know about that. Like, we're running everything in AWS and the latency across the cloud were so big and we had so much conviction that we bought like, you know, dark fiber between the AWS regions in, in Oregon, like in the InterExchange and GCP is like, we've never seen a startup like do like, what's going on here?And we're just like, no, we don't wanna do this. We were tuning like TCP windows, like everything to get the latency down ‘cause we had so high conviction in not doing like a, a metadata layer on S3. So those were the three conditions, right? Compare and swap. To do metadata, which wasn't in S3 until late 2024 S3 being consistent, which didn't happen until December, 2020.Uh, 2020. And then NVMe ssd, which didn't end in the cloud until 2017.swyx: I mean, in some ways, like a very big like cloud success story that like you were able to like, uh, put this all together, but also doing things like doing, uh, bind our favor. That that actually is something I've never heard.Simon Hørup Eskildsen: I mean, it's very common when you're a big company, right?You're like connecting your own like data center or whatever. But it's like, it was uniquely just a pain with notion because the, um, the org, like most of the, like if you're buying in Ashburn, Virginia, right? Like US East, the Google, like the GCP and, and AWS data centers are like within a millisecond on, on each other, on the public exchanges.But in Oregon uniquely, the GCP data center sits like a couple hundred kilometers, like east of Portland and the AWS region sits in Portland, but the network exchange they go through is through Seattle. So it's like a full, like 14 milliseconds or something like that. And so anyway, yeah. It's, it's, so we were like, okay, we can't, we have to go through an exchange in Portland.Yeah. Andswyx: you'd rather do this than like run your zookeeper and likeSimon Hørup Eskildsen: Yes. Way rather. It doesn't have state, I don't want state and two systems. Um, and I think all that is just informed by Justine, my co-founder and I had just been on call for so long. And the worst outages are the ones where you have state in multiple places that's not syncing up.So it really came from, from a a, like just a, a very pure source of pain, of just imagining what we would be Okay. Being woken up at 3:00 AM about and having something in zookeeper was not one of them.swyx: You, you're talking to like a notion or something. Do they care or do they just, theySimon Hørup Eskildsen: just, they care about latency.swyx: They latency cost. That's it.Simon Hørup Eskildsen: They just cared about latency. Right. And we just absorbed the cost. We're just like, we have high conviction in this. At some point we can move them to AWS. Right. And so we just, we, we'll buy the fiber, it doesn't matter. Right. Um, and it's like $5,000. Usually when you buy fiber, you buy like multiple lines.And we're like, we can only afford one, but we will just test it that when it goes over the public internet, it's like super smooth. And so we did a lot of, anyway, it's, yeah, it was, that's cool.Alessio: You can imagine talking to the GCP rep and it's like, no, we're gonna buy, because we know we're gonna turn, we're gonna turn from you guys and go to AWS in like six months.But in the meantime we'll do this. It'sSimon Hørup Eskildsen: a, I mean, like they, you know, this workload still runs on GCP for what it's worth. Right? ‘cause it's so, it was just, it was so reliable. So it was never about moving off GCP, it was just about honesty. It was just about giving notion the latency that they deserved.Right. Um, and we didn't want ‘em to have to care about any of this. We also, they were like, oh, egress is gonna be bad. It was like, okay, screw it. Like we're just gonna like vvc, VPC peer with you and AWS we'll eat the cost. Yeah. Whatever needs to be done.Alessio: And what were the actual workloads? Because I think when you think about ai, it's like 14 milliseconds.It's like really doesn't really matter in the scheme of like a model generation.Simon Hørup Eskildsen: Yeah. We were told the latency, right. That we had to beat. Oh, right. So, so we're just looking at the traces. Right. And then sort of like hand draw, like, you know, kind of like looking at the trace and then thinking what are the other extensions of the trace?Right. And there's a lot more to it because it's also when you have, if you have 14 versus seven milliseconds, right. You can fit in another round trip. So we had to tune TCP to try to send as much data in every round trip, prewarm all the connections. And there was, there's a lot of things that compound from having these kinds of round trips, but in the grand scheme it was just like, well, we have to beat the latency of whatever we're up against.swyx: Which is like they, I mean, notion is a database company. They could have done this themselves. They, they do lots of database engineering themselves. How do you even get in the door? Like Yeah, just like talk through that kind of.Simon Hørup Eskildsen: Last time I was in San Francisco, I was talking to one of the engineers actually, who, who was one of our champions, um, at, AT Notion.And they were, they were just trying to make sure that the, you know, per user cost matched the economics that they needed. You know, Uhhuh like, it's like the way I think about, it's like I have to earn a return on whatever the clouds charge me and then my customers have to earn a return on that. And it's like very simple, right?And so there has to be gross margin all the way up and that's how you build the product. And so then our customers have to make the right set of trade off the turbo Puffer makes, and if they're happy with that, that's great.swyx: Do you feel like you're competing with build internally versus buy or buy versus buy?Simon Hørup Eskildsen: Yeah, so, sorry, this was all to build up to your question. So one of the notion engineers told me that they'd sat and probably on a napkin, like drawn out like, why hasn't anyone built this? And then they saw terrible. It was like, well, it literally that. So, and I think AI has also changed the buy versus build equation in terms of, it's not really about can we build it, it's about do we have time to build it?I think they like, I think they felt like, okay, if this is a team that can do that and they, they feel enough like an extension of our team, well then we can go a lot faster, which would be very, very good for them. And I mean, they put us through the, through the test, right? Like we had some very, very long nights to to, to do that POC.And they were really our biggest, our second big customer off the cursor, which also was a lot of late nights. Right.swyx: Yeah. That, I mean, should we go into that story? The, the, the sort of Chris's story, like a lot, um, they credit you a lot for. Working very closely with them. So I just wanna hear, I've heard this, uh, story from Sole's point of view, but like, I'm curious what, what it looks like from your side.Simon Hørup Eskildsen: I actually haven't heard it from Sole's point of view, so maybe you can now cross reference it. The way that I remember it was that, um, the day after we launched, which was just, you know, I'd worked the whole summer on, on the first version. Justine wasn't part of it yet. ‘cause I just, I didn't tell anyone that summer that I was working on this.I was just locked in on building it because it's very easy otherwise to confuse talking about something to actually doing it. And so I was just like, I'm not gonna do that. I'm just gonna do the thing. I launched it and at this point turbo puffer is like a rust binary running on a single eight core machine in a T Marks instance.And me deploying it was like looking at the request log and then like command seeing it or like control seeing it to just like, okay, there's no request. Let's upgrade the binary. Like it was like literally the, the, the, the scrappiest thing. You could imagine it was on purpose because just like at Shopify, we did that all the time.Like, we like move, like we ran things in tux all the time to begin with. Before something had like, at least the inkling of PMF, it was like, okay, is anyone gonna hear about this? Um, and one of the cursor co-founders Arvid reached out and he just, you know, the, the cursor team are like all I-O-I-I-M-O like, um, contenders, right?So they just speak in bullet points and, and facts. It was like this amazing email exchange just of, this is how many QPS we have, this is what we're paying, this is where we're going, blah, blah, blah. And so we're just conversing in bullet points. And I tried to get a call with them a few times, but they were, so, they were like really writing the PMF bowl here, just like late 2023.And one time Swally emails me at like five. What was it like 4:00 AM Pacific time saying like, Hey, are you open for a call now? And I'm on the East coast and I, it was like 7:00 AM I was like, yeah, great, sure, whatever. Um, and we just started talking and something. Then I didn't know anything about sales.It was something that just comp compelled me. I have to go see this team. Like, there's something here. So I, I went to San Francisco and I went to their office and the way that I remember it is that Postgres was down when I showed up at the office. Did SW tell you this? No. Okay. So Postgres was down and so it's like they were distracting with that.And I was trying my best to see if I could, if I could help in any way. Like I knew a little bit about databases back to tuning, auto vacuum. It was like, I think you have to tune out a vacuum. Um, and so we, we talked about that and then, um, that evening just talked about like what would it look like, what would it look like to work with us?And I just said. Look like we're all in, like we will just do what we'll do whatever, whatever you tell us, right? They migrated everything over the next like week or two, and we reduced their cost by 95%, which I think like kind of fixed their per user economics. Um, and it solved a lot of other things. And we were just, Justine, this is also when I asked Justine to come on as my co-founder, she was the best engineer, um, that I ever worked with at Shopify.She lived two blocks away and we were just, okay, we're just gonna get this done. Um, and we did, and so we helped them migrate and we just worked like hell over the next like month or two to make sure that we were never an issue. And that was, that was the cursor story. Yeah.swyx: And, and is code a different workload than normal text?I, I don't know. Is is it just text? Is it the same thing?Simon Hørup Eskildsen: Yeah, so cursor's workload is basically, they, um, they will embed the entire code base, right? So they, they will like chunk it up in whatever they would, they do. They have their own embedding model, um, which they've been public about. Um, and they find that on, on, on their evals.It. There's one of their evals where it's like a 25% improvement on a very particular workload. They have a bunch of blog posts about it. Um, I think it works best on larger code basis, but they've trained their own embedding model to do this. Um, and so you'll see it if you use the cursor agent, it will do searches.And they've also been public around, um, how they've, I think they post trained their model to be very good at semantic search as well. Um, and that's, that's how they use it. And so it's very good at, like, can you find me on the code that's similar to this, or code that does this? And just in, in this queries, they also use GR to supplement it.swyx: Yeah.Simon Hørup Eskildsen: Um, of courseswyx: it's been a big topic of discussion like, is rag dead because gr you know,Simon Hørup Eskildsen: and I mean like, I just, we, we see lots of demand from the coding company to ethicsswyx: search in every part. Yes.Simon Hørup Eskildsen: Uh, we, we, we see demand. And so, I mean, I'm. I like case studies. I don't like, like just doing like thought pieces on this is where it's going.And like trying to be all macroeconomic about ai, that's has turned out to be a giant waste of time because no one can really predict any of this. So I just collect case studies and I mean, cursor has done a great job talking about what they're doing and I hope some of the other coding labs that use Turbo Puffer will do the same.Um, but it does seem to make a difference for particular queries. Um, I mean we can also do text, we can also do RegX, but I should also say that cursors like security posture into Tur Puffer is exceptional, right? They have their own embedding model, which makes it very difficult to reverse engineer. They obfuscate the file paths.They like you. It's very difficult to learn anything about a code base by looking at it. And the other thing they do too is that for their customers, they encrypt it with their encryption keys in turbo puffer's bucket. Um, so it's, it's, it's really, really well designed.swyx: And so this is like extra stuff they did to work with you because you are not part of Cursor.Exactly like, and this is just best practice when working in any database, not just you guys. Okay. Yeah, that makes sense. Yeah. I think for me, like the, the, the learning is kind of like you, like all workloads are hybrid. Like, you know, uh, like you, you want the semantic, you want the text, you want the RegX, you want sql.I dunno. Um, but like, it's silly to like be all in on like one particularly query pattern.Simon Hørup Eskildsen: I think, like I really like the way that, um, um, that swally at cursor talks about it, which is, um, I'm gonna butcher it here. Um, and you know, I'm a, I'm a database scalability person. I'm not a, I, I dunno anything about training models other than, um, what the internet tells me and what.The way he describes is that this is just like cash compute, right? It's like you have a point in time where you're looking at some particular context and focused on some chunk and you say, this is the layer of the neural net at this point in time. That seems fundamentally really useful to do cash compute like that.And, um, how the value of that will change over time. I'm, I'm not sure, but there seems to be a lot of value in that.Alessio: Maybe talk a bit about the evolution of the workload, because even like search, like maybe two years ago it was like one search at the start of like an LLM query to build the context. Now you have a gentech search, however you wanna call it, where like the model is both writing and changing the code and it's searching it again later.Yeah. What are maybe some of the new types of workloads or like changes you've had to make to your architecture for it?Simon Hørup Eskildsen: I think you're right. When I think of rag, I think of, Hey, there's an 8,000 token, uh, context window and you better make it count. Um, and search was a way to do that now. Everything is moving towards the, just let the agent do its thing.Right? And so back to the thing before, right? The LLM is very good at reasoning with the data, and so we're just the tool call, right? And that's increasingly what we see our customers doing. Um, what we're seeing more demand from, from our customers now is to do a lot of concurrency, right? Like Notion does a ridiculous amount of queries in every round trip just because they can't.And I'm also now, when I use the cursor agent, I also see them doing more concurrency than I've ever seen before. So a bit similar to how we designed a database to drive as much concurrency in every round trip as possible. That's also what the agents are doing. So that's new. It means just an enormous amount of queries all at once to the dataset while it's warm in as few turns as possible.swyx: Can I clarify one thing on that?Simon Hørup Eskildsen: Yes.swyx: Is it, are they batching multiple users or one user is driving multiple,Simon Hørup Eskildsen: one user driving multiple, one agent driving.swyx: It's parallel searching a bunch of things.Simon Hørup Eskildsen: Exactly.swyx: Yeah. Yeah, exactly. So yeah, the clinician also did, did this for the fast context thing, like eight parallel at once.Simon Hørup Eskildsen: Yes.swyx: And, and like an interesting problem is, well, how do you make sure you have enough diversity so you're not making the the same request eight times?Simon Hørup Eskildsen: And I think like that's probably also where the hybrid comes in, where. That's another way to diversify. It's a completely different way to, to do the search.That's a big change, right? So before it was really just like one call and then, you know, the LLM took however many seconds to return, but now we just see an enormous amount of queries. So the, um, we just see more queries. So we've like tried to reduce query, we've reduced query pricing. Um, this is probably the first time actually I'm saying that, but the query pricing is being reduced, like five x.Um, and we'll probably try to reduce it even more to accommodate some of these workloads of just doing very large amounts of queries. Um, that's one thing that's changed. I think the right, the right ratio is still very high, right? Like there's still a, an enormous amount of rights per read, but we're starting probably to see that change if people really lean into this pattern.Alessio: Can we talk a little bit about the pricing? I'm curious, uh, because traditionally a database would charge on storage, but now you have the token generation that is so expensive, where like the actual. Value of like a good search query is like much higher because they're like saving inference time down the line.How do you structure that as like, what are people receptive to on the other side too?Simon Hørup Eskildsen: Yeah. I, the, the turbo puffer pricing in the beginning was just very simple. The pricing on these on for search engines before Turbo Puffer was very server full, right? It was like, here's the vm, here's the per hour cost, right?Great. And I just sat down with like a piece of paper and said like, if Turbo Puffer was like really good, this is probably what it would cost with a little bit of margin. And that was the first pricing of Turbo Puffer. And I just like sat down and I was like, okay, like this is like probably the storage amp, but whenever on a piece of paper I, it was vibe pricing.It was very vibe price, and I got it wrong. Oh. Um, well I didn't get it wrong, but like Turbo Puffer wasn't at the first principle pricing, right? So when Cursor came on Turbo Puffer, it was like. Like, I didn't know any VCs. I didn't know, like I was just like, I don't know, I didn't know anything about raising money or anything like that.I just saw that my GCP bill was, was high, was a lot higher than the cursor bill. So Justine and I was just like, well, we have to optimize it. Um, and I mean, to the chagrin now of, of it, of, of the VCs, it now means that we're profitable because we've had so much pricing pressure in the beginning. Because it was running on my credit card and Justine and I had spent like, like tens of thousands of dollars on like compute bills and like spinning off the company and like very like, like bad Canadian lawyers and like things like to like get all of this done because we just like, we didn't know.Right. If you're like steeped in San Francisco, you're just like, you just know. Okay. Like you go out, raise a pre-seed round. I, I never heard a word pre-seed at this point in time.swyx: When you had Cursor, you had Notion you, you had no funding.Simon Hørup Eskildsen: Um, with Cursor we had no funding. Yeah. Um, by the time we had Notion Locke was, Locke was here.Yeah. So it was really just, we vibe priced it 100% from first Principles, but it wasn't, it, it was not performing at first principles, so we just did everything we could to optimize it in the beginning for that, so that at least we could have like a 5% margin or something. So I wasn't freaking out because Cursor's bill was also going like this as they were growing.And so my liability and my credit limit was like actively like calling my bank. It was like, I need a bigger credit. Like it was, yeah. Anyway, that was the beginning. Yeah. But the pricing was, yeah, like storage rights and query. Right. And the, the pricing we have today is basically just that pricing with duct tape and spit to try to approach like, you know, like a, as a margin on the physical underlying hardware.And we're doing this year, you're gonna see more and more pricing changes from us. Yeah.swyx: And like is how much does stuff like VVC peering matter because you're working in AWS land where egress is charged and all that, you know.Simon Hørup Eskildsen: We probably don't like, we have like an enterprise plan that just has like a base fee because we haven't had time to figure out SKU pricing for all of this.Um, but I mean, yeah, you can run turbo puffer either in SaaS, right? That's what Cursor does. You can run it in a single tenant cluster. So it's just you. That's what Notion does. And then you can run it in, in, in BYOC where everything is inside the customer's VPC, that's what an for example, philanthropic does.swyx: What I'm hearing is that this is probably the best CRO job for somebody who can come in and,Simon Hørup Eskildsen: I mean,swyx: help you with this.Simon Hørup Eskildsen: Um, like Turbo Puffer hired, like, I don't know what, what number this was, but we had a full-time CFO as like the 12th hire or something at Turbo Puffer, um, I think I hear are a lot of comp.I don't know how they do it. Like they have a hundred employees and not a CFO. It's like having a CFO is like a runningswyx: business man. Like, you know,Simon Hørup Eskildsen: it's so good. Yeah, like money Mike, like he just, you know, just handles the money and a lot of the business stuff and so he came in and just hopped with a lot of the operational side of the business.So like C-O-O-C-F-O, like somewhere in between.swyx: Just as quick mention of Lucky, just ‘cause I'm curious, I've met Lock and like, he's obviously a very good investor and now on physical intelligence, um, I call it generalist super angel, right? He invests in everything. Um, and I always wonder like, you know, is there something appealing about focusing on developer tooling, focusing on databases, going like, I've invested for 10 years in databases versus being like a lock where he can maybe like connect you to all the customers that you need.Simon Hørup Eskildsen: This is an excellent question. No, no one's asked me this. Um, why lockey? Because. There was a couple of people that we were talking to at the time and when we were raising, we were almost a little, we were like a bit distressed because one of our, one of our peers had just launched something that was very similar to Turbo Puffer.And someone just gave me the advice at the time of just choose the person where you just feel like you can just pick up the phone and not prepare anything. And just be completely honest, and I don't think I've said this publicly before, but I just called Lockey and was like local Lockie. Like if this doesn't have PMF by the end of the year, like we'll just like return all the money to you.But it's just like, I don't really, we, Justine and I don't wanna work on this unless it's really working. So we want to give it the best shot this year and like we're really gonna go for it. We're gonna hire a bunch of people and we're just gonna be honest with everyone. Like when I don't know how to play a game, I just play with open cards and.Lockey was the only person that didn't, that didn't freak out. He was like, I've never heard anyone say that before. As I said, I didn't even know what a seed or pre-seed round was like before, probably even at this time. So I was just like very honest with him. And I asked him like, Lockie, have you ever have, have you ever invested in database company?He was just like, no. And at the time I was like, am I dumb? Like, but I think there was something that just like really drew me to Lockie. He is so authentic, so honest, like, and there was something just like, I just felt like I could just play like, just say everything openly. And that was, that was, I think that that was like a perfect match at the time, and, and, and honestly still is.He was just like, okay, that's great. This is like the most honest, ridiculous thing I've ever heard anyone say to me. But like that, like that, whyswyx: is this ridiculous? Say competitor launch, this may not work out. It wasSimon Hørup Eskildsen: more just like. If this doesn't work out, I'm gonna close up shop by the end of the mo the year, right?Like it was, I don't know, maybe it's common. I, I don't know. He told me it was uncommon. I don't know. Um, that's why we chose him and he'd been phenomenal. The other people were talking at the, at the time were database experts. Like they, you know, knew a lot about databases and Locke didn't, this turned out to be a phenomenal asset.Right. I like Justine and I know a lot about databases. The people that we hire know a lot about databases. What we needed was just someone who didn't know a lot about databases, didn't pretend to know a lot about databases, and just wanted to help us with candidates and customers. And he did. Yeah. And I have a list, right, of the investors that I have a relationship with, and Lockey has just performed excellent in the number of sub bullets of what we can attribute back to him.Just absolutely incredible. And when people talk about like no ego and just the best thing for the founder, I like, I don't think that anyone, like even my lawyer is like, yeah, Lockey is like the most friendly person you will find.swyx: Okay. This is my most glow recommendation I've ever heard.Alessio: He deserves it.He's very special.swyx: Yeah. Yeah. Yeah. Okay. Amazing.Alessio: Since you mentioned candidates, maybe we can talk about team building, you know, like, especially in sf, it feels like it's just easier to start a company than to join a company. Uh, I'm curious your experience, especially not being n SF full-time and doing something that is maybe, you know, a very low level of detail and technical detail.Simon Hørup Eskildsen: Yeah. So joining versus starting, I never thought that I would be a founder. I would start with it, like Turbo Puffer started as a blog post, and then it became a project and then sort of almost accidentally became a company. And now it feels like it's, it's like becoming a bigger company. That was never the intention.The intentions were very pure. It's just like, why hasn't anyone done this? And it's like, I wanna be the, like, I wanna be the first person to do it. I think some founders have this, like, I could never work for anyone else. I, I really don't feel that way. Like, it's just like, I wanna see this happen. And I wanna see it happen with some people that I really enjoy working with and I wanna have fun doing it and this, this, this has all felt very natural on that, on that sense.So it was never a like join versus versus versus found. It was just dis found me at the right moment.Alessio: Well I think there's an argument for, you should have joined Cursor, right? So I'm curious like how you evaluate it. Okay, I should actually go raise money and make this a company versus like, this is like a company that is like growing like crazy.It's like an interesting technical problem. I should just build it within Cursor and then they don't have to encrypt all this stuff. They don't have to obfuscate things. Like was that on your mind at all orSimon Hørup Eskildsen: before taking the, the small check from Lockie, I did have like a hard like look at myself in the mirror of like, okay, do I really want to do this?And because if I take the money, I really have to do it right. And so the way I almost think about it's like you kind of need to ha like you kind of need to be like fucked up enough to want to go all the way. And that was the conversation where I was like, okay, this is gonna be part of my life's journey to build this company and do it in the best way that I possibly can't.Because if I ask people to join me, ask people to get on the cap table, then I have an ultimate responsibility to give it everything. And I don't, I think some people, it doesn't occur to me that everyone takes it that seriously. And maybe I take it too seriously, I don't know. But that was like a very intentional moment.And so then it was very clear like, okay, I'm gonna do this and I'm gonna give it everything.Alessio: A lot of people don't take it this seriously. But,swyx: uh, let's talk about, you have this concept of the P 99 engineer. Uh, people are 10 x saying, everyone's saying, you know, uh, maybe engineers are out of a job. I don't know.But you definitely see a P 99 engineer, and I just want you to talk about it.Simon Hørup Eskildsen: Yeah, so the P 99 engineer was just a term that we started using internally to talk about candidates and talk about how we wanted to build the company. And you know, like everyone else is, like we want a talent dense company.And I think that's almost become trite at this point. What I credit the cursor founders a lot with is that they just arrived there from first principles of like, we just need a talent dense, um, talent dense team. And I think I've seen some teams that weren't talent dense and like seemed a counterfactual run, which if you've run in been in a large company, you will just see that like it's just logically will happen at a large company.Um, and so that was super important to me and Justine and it's very difficult to maintain. And so we just needed, we needed wording for it. And so I have a document called Traits of the P 99 Engineer, and it's a bullet point list. And I look at that list after every single interview that I do, and in every single recap that we do and every recap we end with.End with, um, some version of I'm gonna reject this candidate completely regardless of what the discourse was, because I wanna see people fight for this person because the default should not be, we're gonna hire this person. The default should be, we're definitely not hiring this person. And you know, if everyone was like, ah, maybe throw a punch, then this is not the right.swyx: Do, do you operate, like if there's one cha there must have at least one champion who's like, yes, I will put my career on, on, on the line for this. You know,Simon Hørup Eskildsen: I think career on the line,swyx: maybe a chair, butSimon Hørup Eskildsen: yeah. You know, like, um, I would say so someone needs to like, have both fists up and be like, I'd fight.Right? Yeah. Yeah. And if one person said, then, okay, let's do it. Right?swyx: Yeah.Simon Hørup Eskildsen: Um. It doesn't have to be absolutely everyone. Right? And like the interviews are always the sign that you're checking for different attributes. And if someone is like knocking it outta the park in every single attribute, that's, that's fairly rare.Um, but that's really important. And so the traits of the P 99 engineer, there's lots of them. There's also the traits of the p like triple nine engineer and the quadruple nine engineer. This is like, it's a long list.swyx: Okay.Simon Hørup Eskildsen: Um, I'll give you some samples, right. Of what we, what we look for. I think that the P 99 engineer has some history of having bent, like their trajectory or something to their will.Right? Some moment where it was just, they just, you know, made the computer do what it needed to do. There's something like that, and it will, it will occur to have them at some point in their career. And, uh. Hopefully multiple times. Right.swyx: Gimme an example of one of your engineers that like,Simon Hørup Eskildsen: I'll give an eng.Uh, so we, we, we launched this thing called A and NV three. Um, we could, we're also, we're working on V four and V five right now, but a and NV three can search a hundred billion vectors with a P 50 of around 40 milliseconds and a p 99 of 200 milliseconds. Um, maybe other people have done this, I'm sure Google and others have done this, but, uh, we haven't seen anyone, um, at least not in like a public consumable SaaS that can do this.And that was an engineer, the chief architect of Turbo Puffer, Nathan, um, who more or less just bent this, the software was not capable of this and he just made it capable for a very particular workload in like a, you know, six to eight week period with the help of a lot of the team. Right. It's been, been, there's numerous of examples of that, like at, at turbo puff, but that's like really bending the software and X 86 to your will.It was incredible to watch. Um. You wanna see some moments like that?swyx: Isn't that triple nine?Simon Hørup Eskildsen: Um, I think Nathan, what's calledAlessio: group nine, that was only nine. I feel like this is too high forSimon Hørup Eskildsen: Nathan. Nathan is, uh, Nathan is like, yeah, there's a lot of nines. Okay. After that p So I think that's one trait. I think another trait is that, uh, the P 99 spends a lot of time looking at maps.Generally it's their preferred ux. They just love looking at maps. You ever seen someone who just like, sits on their phone and just like, scrolls around on a map? Or did you not look at maps A lot? You guys don't look atswyx: maps? I guess I'm not feeling there. I don't know, butSimon Hørup Eskildsen: you just dis What about trains?Do you like trains?swyx: Uh, I mean they, not enough. Okay. This is just like weapon nice. Autism is what I call it. Like, like,Simon Hørup Eskildsen: um, I love looking at maps, like, it's like my preferred UX and just like I, you know, I likeswyx: lotsAlessio: of, of like random places, soswyx: like,youswyx: know.Alessio: Yes. Okay. There you go. So instead of like random places, like how do you explore the maps?Simon Hørup Eskildsen: No, it's, it's just a joke.swyx: It's autism laugh. It's like you are just obsessed by something and you like studying a thing.Simon Hørup Eskildsen: The origin of this was that at some point I read an interview with some IOI gold medalistswyx: Uhhuh,Simon Hørup Eskildsen: and it's like, what do you do in your spare time? I was just like, I like looking at maps.I was like, I feel so seen. Like, I just like love, like swirling out. I was like, oh, Canada is so big. Where's Baffin Island? I don't know. I love it. Yeah. Um, anyway, so the traits of P 99, P 99 is obsessive, right? Like, there's just like, you'll, you'll find traits of that we do an interview at, at, at, at turbo puffer or like multiple interviews that just try to screen for some of these things.Um, so. There's lots of others, but these are the kinds of traits that we look for.swyx: I'll tell you, uh, some people listen for like some of my dere stuff. Uh, I do think about derel as maps. Um, you draw a map for people, uh, maps show you the, uh, what is commonly agreed to be the geographical features of what a boundary is.And it shows also shows you what is not doing. And I, I think a lot of like developer tools, companies try to tell you they can do everything, but like, let's, let's be real. Like you, your, your three landmarks are here, everyone comes here, then here, then here, and you draw a map and, and then you draw a journey through the map.And like that. To me, that's what developer relations looks like. So I do think about things that way.Simon Hørup Eskildsen: I think the P 99 thinks in offs, right? The P 99 is very clear about, you know, hey, turbo puffer, you can't run a high transaction workload on turbo puffer, right? It's like the right latency is a hundred milliseconds.That's a clear trade off. I think the P 99 is very good at articulating the trade offs in every decision. Um. Which is exactly what the map is in your case, right?swyx: Uh, yeah, yeah. My, my, my world. My world.Alessio: How, how do you reconcile some of these things when you're saying you bend the will the computer versus like the trade

Is your security team treating your Identity Provider (IDP) like a firewall? In this episode, Adam Bateman (CEO & Co-founder of Push Security) explains why that's a dangerous mistake and how modern attackers are bypassing SSO entirely .Drawing from his background leading red teams that simulated nation-state attacks , Adam breaks down the massive architectural shift from network-based attacks to browser-native exploits. We dive into the terrifying evolution of phishing, from "Click Fix" attacks that trick users into running malicious commands via their clipboard, to "Consent Phishing" that completely takes over Azure without ever touching the endpoint .If your company relies heavily on SaaS applications or Chromebooks, this episode would be a valuable listen. Guest Socials -⁠ ⁠⁠⁠⁠⁠⁠⁠Adam's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Security, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠Questions asked:(00:00) Introduction(02:50) Who is Adam Bateman? (Red Teaming & Simulating Nation States) (05:40) Why Identity & MFA Are Not "Solved" Problems (07:50) The Myth: Why an IDP is Not a Firewall (11:30) Consent Phishing: Exploiting OAuth Apps (13:30) The Architectural Shift: Network to Browser (15:30) Scattered Spider & The Rise of Identity Coalitions (19:30) Threat Modeling: On-Prem vs. Chromebooks (23:20) The Problem with SSPM and API Limitations (28:40) How "Click Fix" Attacks Trick Users into Running Malware (32:30) Omnichannel Phishing: LinkedIn, SMS, and Google Ads (34:30) Weaponizing Legitimate SaaS Apps (The DocuSign Exploit) (37:00) Consent Fix: Full Azure Compromise Inside the Browser (38:50) Disrupting the Secure Web Gateway (SWG) Market (41:40) Fun Questions: Wakeboarding, Culture, and Brat's RestaurantResources spoken about during the episode:You can find out more about Push Security here.Thank you to Push Security for sponsoring this episode.

Identity, AI Agents, and the Session Token Time Bomb | Carey Frey (CSO, TELUS) on Cybersecurity Today In this Cybersecurity Today weekend edition, David Shipley interviews Carey Frey, Chief Security Officer at TELUS, about the evolution of identity security and why it's a growing risk in the age of generative and agentic AI. Frey recounts his career from Canada's Communications Security Establishment to leading TELUS's internal security and managed cybersecurity services, then explains how convenience-driven identity decisions led from PKI's unrealized promise to passwords, bearer/session tokens, and today's widespread session cookie theft. He describes lessons from TELUS's deployment of FIDO2 phishing-resistant tokens, the dangers of long-lived SSO tokens across SaaS ecosystems, and how agentic "auto-browse" could amplify harm via the "lethal trifecta" and ephemeral agents with poor auditability. Frey highlights the Syne/SignNet CISO Identity Handbook and calls for stronger cryptographic roots of trust, proof-based tokens, re-authentication across trust domains, and fine-grained delegation guardrails. Cybersecurity Today  would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale.  You can find them at Meter.com/cst 00:00 Sponsor Message 00:24 Weekend Edition Intro 00:32 Meet Carey Frey 02:07 Carey's Cyber Origin Story 03:47 Telus Security Two Hats 06:22 Identity's Broken Legacy 08:43 Why PKI Didn't Win 11:25 Passkeys Missed Moment 14:10 SSO Tokens Surprise 19:50 Session Theft Reality 23:18 Agentic AI Stakes 24:17 Building Identity Playbook 25:24 Identity Maturity Model 25:49 Fixing OAuth and SAML 27:00 Industry Call to Action 27:37 Where to Find the Handbook 28:06 Not a Vendor Pitch 30:13 Agentic AI Identity Gaps 31:30 Auto Browse Threat Scenario 33:12 Lethal Trifecta Explained 34:31 Ephemeral Agents and Forensics 37:08 Supply Chain Agent Malware 38:20 Crypto Roots of Trust 39:35 Proof Tokens and Reauth 40:17 Delegation Guardrails 42:34 Regulation or Market Forces 44:25 Practical Risk Decisions 46:20 Wrap Up and Next Resources 48:00 Sponsor and Closing Credits

Okta's Dan Hefley (https://www.linkedin.com/in/dan-hefley), Senior Product Manager for Device Access, explains how Platform SSO brings enterprise identity to the Mac. From day-zero Setup Assistant enrollment in macOS 26 to device bound SSO using secure enclave keys, Dan covers what IT teams need to know about deploying Platform SSO with Okta and Jamf. Dan shares his perspective as a former MDM admin turned identity product manager, discusses how device bound SSO prevents session hijacking with hardware-backed keys, and explains why the Shared Signals Framework between Okta and Jamf creates layered security. Hosts Josh Thornton and Kat Garbis explore what this means for organizations managing Apple fleets. 1:44 Meet Dan Hefley - Senior Product Manager at Okta 5:00 What Is Okta? Vendor-Neutral Identity Provider Overview 6:23 Why Identity and Device Security Go Hand in Hand 7:21 What Is Platform SSO? Native macOS Framework Defined 8:07 Evolution from Jamf Connect Basic to Platform SSO 9:15 Why Platform SSO Was 9:47 Platform SSO in Setup Assistant 10:08 Day-Zero Enrollment Flow - ABM to Jamf to Okta MFA 11:43 Solving Enrollment Friction with Separated Device and User Registration 12:18 Password Syncing Benefits 16:40 How Device Bound SSO Prevents Session Hijacking 17:53 Identity Threat Protection and Continuous Authentication 18:06 Shared Signals Framework - Okta and Jamf Working Together 20:40 Okta FastPass and Passwordless Authentication on Mac 21:20 Device Bound SSO Completes the Day-Zero Story 22:30 Getting Started - Requirements and Deployment Considerations 26:26 Okta's Platform SSO Roadmap and Future Direction 27:43 Key Takeaway - Identity and Device Teams Belong in the Same Room RESOURCES: - Mac Admins Slack - Platform SSO Channel: https://macadmins.slack.com - IAMSE Blog - Okta Integration Guides: https://iamse.blog - Jamf Learning Hub: https://learn.jamf.com/ - Jamf and Okta integrations: https://www.jamf.com/integrations/okta/ Subscribe for Apple device management and security insights WHO THIS IS FOR: IT administrators and security teams managing Mac fleets in enterprise environments. Relevant if you're evaluating Platform SSO with Okta, migrating from Jamf Connect Basic, or planning identity integration for zero-touch Mac deployment. #Okta #Jamf #macossecurity #AppleSecurity #DeviceBoundSSO #macOS #IdentityManagement #PlatformSSO #ZeroTouchDeployment #JamfAfterDark #EnterpriseSecurity #MacAdmin #TrustedAccess #podcast

In this episode host Carolyn Woodard is joined by Norwin Herrera, IT Business Manager and Team Lead at Community IT. Together, they walk through a real-world case study of a public charter school that implemented a Single Sign-On (SSO) platform called Clever that can solve cybersecurity and accessibility challenges for adult or child students.Strategic IT Leadership for NonprofitsUnlike a traditional account manager, an IT Business Manager (ITBM) acts as a strategic partner, helping nonprofit leadership understand the technology landscape and make informed decisions that align with their mission. The ITBM role is unique to Community IT and is an example of a commitment to partnering with clients over the long term.In this case, the goal was to find a SSO solution that could handle a complex mix of Chromebooks and Windows devices while remaining user-friendly for both adult students and faculty.The Power of Single Sign-OnSSO acts as one door for all of your doors. By using Clever as an identity manager, the organization was able to:Enhance Cybersecurity: Centralizing access allows for immediate offboarding. If a student or staff member leaves, closing one account automatically secures access to all others, prevents fraud, and saves money.Automate User Provisioning: Through zero intervention integration with the Student Information System (SIS), accounts are created or deactivated automatically based on enrollment status.Improve User Experience: Students no longer need to remember multiple different passwords for Google, Microsoft, Zoom, and Slack for example. One password provides access to all the apps they have access to as a student using a school device.Reduce Administrative Costs: Norwin breaks down the ROI of SSO, comparing a small per-user fee against the hundreds of hours of manual labor required to manage accounts individually.Change Management and Successful ImplementationA successful IT project is about more than just software; it is about people. Norwin explains why this project resulted in zero tickets and no complaints: it started with leadership buy-in and a commitment to clear communication.Whether you are an executive at a school or a volunteer board member at a community nonprofit, this episode offers practical insights into how integrated cybersecurity and strategic IT planning can save your organization time and money.Listen in to learn how your organization can move toward a more secure and efficient digital future by subscribing to the Community IT Innovators Technology Topics podcast. _______________________________Start a conversation :) Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/ email Carolyn at cwoodard@communityit.com on LinkedIn Thanks for listening.

On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They cover: Palo Alto threat researchers want to attribute to China, but management says shush An increasing proportion of ransomware is data extortion. Is this good? Cambodia says it's going to dismantle scam compounds CISA sufferers through yet another shutdown Google Gemini's training secrets are being systematically harvested to improve other LLMs Academics assess SaaS password managers' resilience against a malicious server This episode is sponsored by SSO-firewall integration vendor Knocknoc. Chief exec Adam Pointon joins to talk about the latest in defences… which is to say Knocknoc for Solaris/Sparc and HPUX on PA-RISC?! Okay also that other little known OS… Windows. This episode is also available on Youtube. Show notes Data-only extortion grows as ransomware gangs seek better profits | Cybersecurity Dive Arctic Wolf Threat Report 2026 Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say Risky Bulletin: Cambodia promises to dismantle scam networks by April - Risky Business Media Age of the ‘scam state': how an illicit, multibillion-dollar industry has taken root in south-east Asia | Cybercrime | The Guardian Critical flaw in BeyondTrust Remote Support sees early signs of exploitation | Cybersecurity Dive CISA Navigates DHS Shutdown With Reduced Staff - SecurityWeek Kimwolf Botnet Swamps Anonymity Network I2P – Krebs on Security BADIIS to the Bone: New Insights to a Global SEO Poisoning Campaign — Elastic Security Labs Over 500,000 VKontakte accounts hijacked through malicious Chrome extensions | The Record from Recorded Future News Password managers' promise that they can't see your vaults isn't always true - Ars Technica Zero Knowledge (About) Encryption: A Comparative Security Analysis of Three Cloud-based Password Managers Google finds state-sponsored hackers use AI at 'all stages' of attack cycle | CyberScoop Google: Gemini hit with 100,000+ prompts in cloning attempt Proofpoint acquires Acuvity to tackle the security risks of agentic AI | CyberScoop Cisco Redefines Security for the Agentic Era with AI Defense Expansion and AI-Aware SASE Sophos Acquires Arco Cyber to Bring CISO-Level, Agentic AI-Powered Expertise to Every Organization Dave Kennedy on X: "Regarding this, there was a couple questions on does the pacemaker continue to advertise - most BLE implantable devices go into a sleep type mode. In this case, we are lucky - it does not. We know based on law enforcement answers that she is using a more modern pacemaker with" / X Clash Report on X: "BIG: Dutch Defence Minister Gijs Tuinman hints that software independence is possible for F-35 jets. He literally said you can “jailbreak” an F-35. When asked if Europe can modify it without US approval: “That's not the point… we'll see whether the Americans will show https://t.co/f11cGvtYsO" / X Dutch police arrest man who refused to delete confidential files shared by mistake | The Record from Recorded Future News

China Government Turns APPS into SPY Tools | Ex FBI Agent Explainsew Episode

Sumbits is back. MBA experts Sean Cawby, Eric Schaitel, and Ryan Cockrem sit down (this time with coffee-instead-of-whiskey energy) and catch up on what's been happening while the microphones were off, then get into what's new in PowerSchool since they last joined us. They talk AI (from skepticism to daily tool), the new UI and navigation, security and SSO, data dictionary changes, page permissions, development workflows - along with a few opinions on what's genuinely helpful versus what's just different. The beards might be a little more gray, but the commits are still green.Sumbits is brought to you by MBA. At MBA, we enhance the power of #PowerSchool with plugins, customizations and professional development, transforming your PowerSchool #SIS experience without creating more administrative overhead. Learn more at MBA-link.com

This week, while ⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Space Daily show) is out at a conference, hosts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are joined by friend of the show Michele Kellerman, as they are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Our hosts start with some follow-up on Joe's egg story, including his latest update and a brief detour into unexpected “big chicken news.” Joe's story is on a massive USDA loan fraud scheme where Nikesh Patel fabricated fake government-backed farm loans, duped investment firms out of hundreds of millions of dollars, and continued running similar scams under aliases and even from prison, ultimately earning decades more in sentencing. Michele's story is on a breaking report about the ShinyHunters group using targeted voice phishing and custom phishing kits to abuse Okta SSO, steal MFA credentials, and gain privileged access for data theft and extortion. Dave's story is on LastPass warning users about an active phishing campaign impersonating the company, designed to steal master passwords and potentially expose all credentials stored in affected vaults. Our catch of the day comes from the Reddit, where two people we're approached by scammers through text messaging and both dealt with their scammers in different ways. Resources and links to stories: Sticky Fingers: USDA Fraudster Steals $200M in Stunning Scam Formerly Married Couple Sentenced For Multi-Million Dollar Fraud Schemes A new wave of ‘vishing' attacks is breaking into SSO accounts in real time LastPass Warns of Phishing Campaign Attempting to Steal Master Passwords ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Have a Catch of the Day you'd like to share? Email it to us at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠hackinghumans@n2k.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠.

In this episode of SurgOnc Today, Drs. Shelley Hwang and Mediget Teshome are joined by international leaders Drs. Wonshik Han and Jeong Eon Lee to reflect on key insights from the 2025 Global Breast Cancer Conference and look ahead to future directions. The conversation highlights evolving trends in breast cancer care, including surgical de-escalation, care of younger and premenopausal patients, emerging technologies, and opportunities for continued global collaboration between the SSO and partners across Asia.

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerability, using a non-working AI slop exploit https://isc.sans.edu/diary/Odd%20WebLogic%20Request.%20Possible%20CVE-2026-21962%20Exploit%20Attempt%20or%20AI%20Slop%3F/32662 Fortinet Patches are Rolling Out Fortinet is starting to roll out patches for the recent SSO vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-060 SolarWinds Web Helpdesk Vulnerability Another set of vulnerabilities in SolarWinds Web Helpdesk may result in unauthenticated system access https://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/

Automatic Script Execution In Visual Studio Code Visual Studio Code will read configuration files within the source code that may lead to code execution. https://isc.sans.edu/diary/Automatic%20Script%20Execution%20In%20Visual%20Studio%20Code/32644 Cisco Unified Communications Products Remote Code Execution Vulnerability A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b Zoom Vulnerability A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to execute remote code on the MMR via network access. https://www.zoom.com/en/trust/security-bulletin/zsb-26001/ Possible new SSO Exploit (CVE-2025-59718) on 7.4.9 https://www.reddit.com/r/fortinet/comments/1qibdcb/possible_new_sso_exploit_cve202559718_on_749/ SANS SOC Survey The 2026 SOC Survey is open, and we need your input to create a meaningful report. Please share your experience so we can advocate for what actually works in the trenches. https://survey.sans.org/jfe/form/SV_3ViqWZgWnfQAzkO?is=socsurveystormcenter

Italijanski senat, zgornji dom parlamenta, je z veliko večino odobril reformo deželnega statuta Furlanije – Julijske krajine, ki uvaja t.i. širše lokalne uprave in s tem vrača pred desetimi leti ukinjene pokrajine. Spremembo deželnega statuta je novembra lani podprl že spodnji dom parlamenta. Reformo je predlagala vladajoča desna koalicija. Deželni svetnik stranke Slovenska skupnost (SSk) Marko Pisani je ocenil, da se je z ukinitvijo pokrajin zmanjšala možnost za aktivno soupravljanje območja, na katerem živi slovenska manjšina. Svet slovenskih organizacij SSO izraža zadovoljstvo ob ponovni ustanovitvi pokrajin v Furlaniji-Julijski krajini. Predsednik Walter Bandelj meni, da gre za velik dosežek za Slovence v Italiji ter za pomembno pridobitev, zlasti za manjše občine na obmejnem območju.

In this series "evidence today and tomorrow", the HPB disease site working group of the SSO explores current gaps in HPB surgical oncology, highlighting existing evidence and ongoing work aimed at filling those gaps. In this episode, Drs. Julie Hallet and Patricio Polanco, chair and vice-chair of the HPB disease site working group are joined by Drs. Ajay Maker, Rebecca Snyder, and Giovanni Marchegiani to review evidence in the management of pancreatic cystic neoplasms.

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

Conversation with Spokane Symphony Principal Bassoonist Lynne Feller-Marshall and Principal Horn Clinton Webb about the next SSO chamber concert.

Discussion of the next SSO concert

Die aktuelle Protestwelle ist die heftigste seit Jahren. Der deutsche Kanzler glaubt, dass die Mullahs am Ende sind. Es seien »die letzten Tage und Wochen«. Gut möglich, dass er sich irrt. Hunderttausende protestieren in mehreren Städten Irans gegen das Regime. Polizeifahrzeuge brennen, Sicherheitskräfte schießen scharf, Aktivisten sprechen von mehr als 2.500 Toten. Das Regime hat das Internet tagelang weitgehend abgeschaltet, auch Mobilfunk- und Festnetzdienste waren eingeschränkt. In dieser Ausgabe von »Acht Milliarden«, dem Auslandspodcast des SPIEGEL, spricht Host Juan Moreno mit dem SPIEGEL-Reporter Christoph Reuter. Er sieht die Lage nicht so optimistisch wie Kanzler Merz. Was müsste passieren, damit das Regime tatsächlich fällt? Und welche Rolle spielen dabei die knallharten ökonomischen Interessen der iranischen Eliten? Mehr zum Thema: (S+) »Sie töten die Menschen direkt vor ihrer Haustür«https://www.spiegel.de/ausland/iran-proteste-sie-toeten-die-menschen-direkt-vor-ihrer-haustuer-a-3026522e-1937-406e-9df3-1a616a8084c5 (S+) So könnte Trump Iran angreifen:https://www.spiegel.de/ausland/donald-trump-und-iran-so-koennte-der-us-praesident-das-regime-in-teheran-angreifen-a-055eea9d-39f7-4348-905d-c44e1af83f44 Abonniert »Acht Milliarden«, um die nächste Folge nicht zu verpassen. Wir freuen uns, wenn ihr den Podcast weiterempfehlt oder uns eine Bewertung hinterlasst.+++ Alle Infos zu unseren Werbepartnern finden Sie hier. Die SPIEGEL-Gruppe ist nicht für den Inhalt dieser Seite verantwortlich. +++ Den SPIEGEL-WhatsApp-Kanal finden Sie hier. Alle SPIEGEL Podcasts finden Sie hier. Mehr Hintergründe zum Thema erhalten Sie mit SPIEGEL+. Entdecken Sie die digitale Welt des SPIEGEL, unter spiegel.de/abonnieren finden Sie das passende Angebot. Informationen zu unserer Datenschutzerklärung.

In this episode of Reboot IT, host Dave Coriale sits down with Mike Robichaud, IT Director at the Brewers Association, to explore how his organization is embracing AI to enhance staff productivity and deliver greater value to members. Mike shares insights on their two-pronged AI strategy, internal adoption challenges, and how they're building trust and security around proprietary data. This conversation is packed with practical ideas for associations looking to move beyond AI experimentation and into meaningful implementation.Themes and Topics:Crafting an AI StrategyTwo-pronged approach: internal staff tools and member-facing AI agent. Focus on augmentation, not job replacement. Aligning AI initiatives with organizational goals and member success.Driving Staff Adoption71% of staff were already using AI before rollout; 66% used ChatGPT. Use cases include brainstorming, data analysis, and document creation. Idea-sharing through informal showcases to inspire broader adoption.Enhancing Member ValueAI agent trained on proprietary “BAMO” data for personalized support. Enables conversational access to complex resources like regulations. Goal: make finding information easier and more intuitive for members.Building Trust and SecurityStrong vetting of platforms for data privacy and compliance (GDPR, SOC 2). Clear boundaries: proprietary data stays internal and is not used to train external models. Legal review and communication plan to address staff concerns.Tools and Technology ChoicesInternal: ChatGPT Enterprise for staff workflows. Member-facing: Chatbase integrated with ChatGPT-5 for custom training. Features like SSO, connectors, and compliance were key selection criteria.Looking AheadSoft launch internally; member-facing tool in testing phase. Refining tone and personality of AI agent for better engagement. Marketing plans and use cases to drive member adoption.

Izvršni odbor Sveta slovenskih organizacij SSO je Walterja Bandlja znova izvolil za predsednika te krovne organizacije naše narodne skupnosti v Italiji. S tem je potrdil zaupanje v njegovo dosedanje delo - predsednik je že deset let in začrtano smer delovanja organizacije. Pod vodstvom Bandlja je SSO okrepil sodelovanje med slovenskimi organizacijami, zastopal njihove skupne interese ter prispeval k utrjevanju vloge slovenske skupnosti v širšem družbenem prostoru. Svet slovenskih organizacij bo letos praznoval 50-letnico. Povezuje ustanove, organizacije in društva, ki so se zgledovala po vrednotah slovenstva, krščanstva in demokracije

https://www.loginradius.com/Discover why managing customer access demands a completely different approach than employee access. This episode unpacks the differences between CIAM and IAM, revealing how security priorities, scalability needs, and user experience expectations diverge - plus practical guidance on selecting the right SSO provider. LoginRadius City: Vancouver Address: 450 SW Marine Drive, Floor 18 Website: https://www.loginradius.com/

Jack Harrington sits down with Tanner Linsley to talk about the evolution of TanStack and where it's headed next. They explore how early projects like React Query and React Table influenced the headless philosophy behind TanStack Router, why virtualized lists matter at scale, and what makes forms in React so challenging. Tanner breaks down TanStack Start and its client-first approach to SSR, routing, and data loading, and shares his perspective on React Server Components, modern authentication tradeoffs, and composable tooling. The episode wraps with a look at TanStack's roadmap and what it takes to sustainably maintain open source at scale. We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey (https://t.co/oKVAEXipxu)! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabeth.becz@logrocket.com (mailto:elizabeth.becz@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Check out our newsletter (https://blog.logrocket.com/the-replay-newsletter/)! https://blog.logrocket.com/the-replay-newsletter/ Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Chapters 01:00 – What is TanStack? Contributors, projects, and mission 02:05 – React Query vs React Table: TanStack's origins 03:10 – TanStack principles: headless, cross-platform, type safety 03:45 – TanStack Virtual and large list performance 05:00 – Forms, abandoned libraries, and lessons learned 06:00 – Why TanStack avoids building auth 07:30 – Auth complexity, SSO, and enterprise realities 08:45 – Partnerships with WorkOS, Clerk, Netlify, and Cloudflare 09:30 – Introducing TanStack Start 10:20 – Client-first architecture and React Router DNA 11:00 – Pages Router nostalgia and migration paths 12:00 – Loaders, data-only routes, and seamless navigation 13:20 – Why data-only mode is a hidden superpower 14:00 – Built-in SWR-style caching and perceived speed 15:20 – Loader footguns and server function boundaries 16:40 – Isomorphic execution model explained 18:00 – Gradual adoption: router → file routing → Start 19:10 – Learning from Remix, Next.js, and past frameworks 20:30 – Full-stack React before modern meta-frameworks 22:00 – Server functions, HTTP methods, and caching 23:30 – Simpler mental models vs server components 25:00 – Donut holes, cognitive load, and developer experience 26:30 – Staying pragmatic and close to real users 28:00 – When not to use TanStack (Shopify, WordPress, etc.) 29:30 – Marketing sites, CMS pain, and team evolution 31:30 – Scaling realities and backend tradeoffs 33:00 – Static vs dynamic apps and framework fit 35:00 – Astro + TanStack Start hybrid architectures 36:20 – Composability with Hono, tRPC, and Nitro 37:20 – Why TanStack Start is a request handler, not a platform 38:50 – TanStack AI announcement and roadmap 40:00 – TanStack DB explained 41:30 – Start 1.0 status and real-world adoption 42:40 – Devtools, Pacer, and upcoming libraries 43:50 – Sustainability, sponsorships, and supporting maintainers 45:30 – How companies and individuals can support TanStack Special Guest: Tanner Linsley.

Send us a textCheck us out at:  https://www.cisspcybertraining.com/Get access to 360 FREE CISSP Questions:  https://www.cisspcybertraining.com/offers/dzHKVcDB/checkoutGet access to my FREE CISSP Self-Study Essentials Videos:  https://www.cisspcybertraining.com/offers/KzBKKouvHeadlines say the talent shortage is easing, yet nearly half of UK businesses still lack basic cyber skills. That disconnect sets the stage for a frank, practical tour through what actually reduces risk—no buzzwords required. We open with real takeaways from the UK's international cyber skills initiatives and move quickly to the daily decisions that shape resilience: encryption in the cloud, least privilege by default, and how to keep role-based access control from collapsing under credential creep.We make the identity layer tangible. Single sign-on can simplify life and lower password reuse, but it also centralizes risk. We share how to counterbalance SSO with MFA, conditional access, and strong monitoring. Cloud-based IAM accelerates deployment and gives flexibility, yet brings ongoing costs and integration challenges with legacy systems; outsourcing introduces a loss of control that must be offset by airtight requirements, auditability, and vendor transparency. Phishing remains the most reliable social engineering vector, so security awareness training isn't optional—it's the routine that turns policy into behavior.Zero trust becomes manageable when you stop treating it like a switch and start treating it like a program. We outline a phased path: define protect surfaces, segment by sensitivity, apply continuous verification where the impact is highest, and expand deliberately. Vendor access deserves the same precision: NDAs for legal guardrails, least privilege for scope, monitoring for assurance, and scheduled reviews to remove stale permissions. Along the way, we talk mentorship, pro bono work, and competitions as concrete ways to grow talent while delivering real security outcomes.We also road-test your knowledge with a focused Domain 1.9 CISSP question set, reinforcing the core ideas with scenario-based reasoning. If you're preparing for the CISSP or leading a security program, you'll walk away with a clear playbook: encrypt by default, minimize access, verify continuously, and measure what matters. If this resonates, subscribe, share with a teammate, and leave a review so others can find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

In this episode, Todd and Jon discuss the latest AI agreements, updates to the Apple ecosystem (OS 26.2), and the history of PowerShell. The core discussion focuses on the "overcomplication issue" facing tech enthusiasts and offers hardware and software tips to simplify daily workflows. AI & Industry News Disney & OpenAI: The Walt Disney Company has reached an agreement to license characters to OpenAI's Sora. Google Labs: Todd joined the waitlist for "Google Disco," a tool that uses "GenTabs" to create interactive web apps and complete tasks using natural language without coding. Visual Podcasting: Todd discussed using "Nano Banana Pro" and Gemini to create visual whiteboard summaries for podcast notes. Apple OS 26.2 Updates watchOS 26.2: Features updates to Sleep Scores, which Jon notes can feel "judgmental" regarding sleep quality. iPadOS 26.2: Reintroduces multitasking features like slide over and enables "Auto Chapters" for podcasts. macOS 26.2: Introduces "Edge Light" (a virtual ring light for video calls) and "low latency clusters" for local AI development on M5 Macs. Tech History PowerShell Origins: Jeffrey Snover, creator of PowerShell, revealed in a blog post that "cmdlets" were originally named "Function Units" (FUs), reflecting the "Unix smart-ass culture" of the era. Discussion: Simplifying the Tech Stack The hosts discuss the tendency to overcomplicate setups, such as using Docker for RSS feeds or complex SSO for home use. They recommend the following simplifications: Hardware KableCARD: A credit-card-sized kit containing multiple adapters, a light, and a phone stand to replace carrying multiple cables. Presentation Remotes: Use a simple dedicated remote ($20–$30) or repurpose a Surface Pen via Bluetooth instead of relying on complex software solutions. Software Pythonista (iOS/macOS): Run simple local scripts (e.g., GPA calculators) rather than paying for dedicated subscription apps. Homebridge: A lighter-weight alternative to Home Assistant for connecting IoT devices (like Sonos) to Apple HomeKit. Troubleshooting Tip Pixel Tablet YouTube Glitch: If the YouTube app on the Pixel Tablet displays unusable, giant thumbnails, the fix is to clear both the app's cache and storage/memory.

News On The Flipside Trump new pole numbers more pic with Epstein seems democrats not thru digging there own graves . Aliens Are Probably Out There, NASA Scientist Says—But There's a Dreadful Reason They Never Call King Charles' Cancer Is Not in Remission, Palace Clarifies: Treatment Moving into ‘Precautionary Phase' Archaeologists Found a Lost Temple in the Sand That Solves a Major Historical Puzzle Christmas brawl erupts in wealthy Massachusetts enclave during holiday celebration McDonald's pulls controversial Christmas commercial within days of being uploaded: 'Offensive from every angle' Entire Russian column destroyed entering Pokrovsk North Korean armored vehicles appear on the Ukrainian frontline Giant 250,000-mile X-ray cloud found around 3i/Atlas, and experts admit they don't understand it yet Trump's signature tax laws could let millions of Americans pay $0 in federal income tax. Here's who can eliminate their 2025 bill completely US sides with Russia and North Korea on UN resolution Israel unleashes Iron Beam laser weapon NASA confirms comet 3I/ATLAS is speeding up in new data Giant structure discovered deep beneath Bermuda is unlike anything else on Earth Russia strikes ports of Odesa and Chornomorsk with ballistic missiles, Turkish cargo ship hit Something weird is orbiting Neptune - and it shouldn't be SSO and Russian partisans cripple two Russian military cargo vessels

Microsoft Patch Tuesday Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550 Adobe Patches Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon. https://helpx.adobe.com/security.html Ivanti Endpoint Manager Patches Ivanti patched four vulnerabilities in End Point Manager. https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024?language=en_US Fortinet FortiCloud SSO Vulnerability Due to a cryptographic vulnerability, Forinet s FortiCloud SSO authentication is bypassable. https://fortiguard.fortinet.com/psirt/FG-IR-25-647 ruby-saml vulnerability Ruby fixed a vulnerability in ruby-saml. The issue is due to an incomplete patch for another vulnerability a few months ago. https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-9v8j-x534-2fx3

In this episode, Dr. Jeffrey E. Gershenwald discusses the critical role surgical oncologists play in advancing evidence-based public policy. Using the FDA's black-box warning on indoor tanning for minors as a case study, Dr. Gershenwald highlights the science behind melanoma risk in adolescents and why advocacy is essential to protecting the next generation. Tune in to explore how policy action, prevention, and oncology expertise intersect, and why your voice as an SSO member matters beyond the operating room.

We weigh the promise and peril of the AI agent economy, pressing into how overprovisioned non-human identities, shadow AI, and SaaS integrations expand risk while go-to-market teams push for speed. A CMO and a CFO align on governance-first pilots, PLG trials, buyer groups, and the adoption metrics that sustain value beyond the sale.• AI adoption surge matched by adversary AI• Overprovisioned agents and shadow AI in SaaS• Governance thresholds before budget scale• PLG trials, sandbox, and POV sequencing• Visualization to reach the aha moment• Buying groups, ICP, and economic buyer alignment• Post‑sales usage, QBRs, NRR and churn signals• Zero trust limits and non-human identities• Breach disclosures as industry standards• Co-sourcing MSSP with in-house oversightSecurity isn't slowing AI down; it's the unlock that makes enterprise AI valuable. We dive into the AI agent economy with a CMO and a CFO who meet in the messy middle. The result is a practical blueprint for moving from hype to governed production without killing momentum.We start by mapping where controls fail: once users pass SSO and MFA, agents often operate beyond traditional identity and network guardrails. That's how prompts pull sensitive deal data across Salesforce and Gmail, and how third‑party API links expand the attack surface. From there, we lay out an adoption sequence that balances trust and speed. Think frictionless free trials and sandboxes that reach an immediate “aha” visualization of shadow AI and permissions, then progress to a scoped POV inside the customer's environment with clear policies and measurable outcomes. Along the way, we detail the buying group: economic buyers who sign and practitioners who live in the UI, plus the finance lens that sets pilot capital, milestones, and time-to-value expectations.We also challenge sacred cows. Zero trust is essential, but attackers increasingly log in with valid credentials and pivot through integrations, so verification must include non-human identities and agent-to-agent controls. Breach disclosures, far from being a greater threat than breaches, are foundational to ecosystem trust and faster remediation. And while MSSPs add critical scale, co-sourcing—retaining strategic oversight and compliance ownership—keeps accountability inside. If you care about ICP, PLG motions, PQLs, NRR, or simply reducing AI risk while driving growth, this conversation turns buzzwords into a playbook you can run.Vamshi Sriperumbudur: https://www.linkedin.com/in/vamsriVamshi Sriperumbudur was recently the CMO for Prisma SASE at Palo Alto Networks, where he led a complete marketing transformation, driving an impact of $1.3 billion in ARR in 2025 (up 35%) and establishing it as the platform leader.  Chithra Rajagopalan - https://www.linkedin.com/in/chithra-rajagopalan-mba/Chithra Rajagopalan is the Head of Finance at Obsidian Security and former Head of Finance at Glue, and she is recognized as a leader in scaling businesses. Chithra is also an Investor and Advisory Board member for Campfire, serving as the President and Treasurer of Blossom Projects.Website: https://www.position2.com/podcast/Rajiv Parikh: https://www.linkedin.com/in/rajivparikh/Sandeep Parikh: https://www.instagram.com/sandeepparikh/Email us with any feedback for the show: sparkofages.podcast@position2.com

Michael Assraf is building Flamingo, an open-source and AI-powered operating system for managed service providers. After exiting Vicarious in May 2024, he spent seven months on market research before writing a single line of code—conducting 15+ MSP interviews, mapping their complete tool stack economics, and testing distribution channels with a free community product. The research revealed a structural margin crisis: MSPs operate on 10-15% margins with 30% of revenue flowing to vendor payouts and 25-30% to technician labor. Meanwhile, private equity consolidation drives customer pricing down while legacy vendors raise prices. Michael closed a $2.2 million pre-seed in February 2025, built OpenMSP as a lead-gen vehicle that generated 1,000+ waitlist signups, and launched Open Frame with 70% of capital still in the bank. In this launch-day conversation, he breaks down why the $380 billion MSP market remains massively underinvested, how Facebook ads outperformed LinkedIn 5:1, and why he's giving away the core product while charging for hosted deployment. Topics Discussed: The seven-month research phase: 15+ MSP interviews, mapping 19 tool categories with pricing data, evaluating open source project maturity through commit frequency and VC backing MSP margin compression mechanics: 30% vendor payouts, 25-30% labor costs, 10-15% net margins being crushed by PE-driven consolidation and vendor price increases Building OpenMSP as distribution validation: four months before alpha, generated 1,000 waitlist signups and 200 Slack members while testing paid acquisition channels Why Facebook delivered 40%+ of leads at $6-8 CPL while outbound completely failed with IT-busy MSPs aged 25-50 in central US markets Launching with 70% of $2.2M pre-seed still in bank by solving for distribution and product-market fit before scaling headcount Open Frame's architecture: unified control plane over open source tools (RMM, SSO, zero trust) with dual AI agents—one for end users, one for technicians Offering both self-hosted (free, GitHub) and commercial SaaS (per-seat pricing starting January 2026) to build trust in an underserved market The MSP category opportunity: $380B market, 12% annual growth, 30-40K US MSPs, minimal VC-backed innovation against 20-year-old incumbents GTM Lessons For B2B Founders: Build lead-gen infrastructure before you have a product to sell: Four months before launching Open Frame, Michael shipped OpenMSP—a free tool that analyzes MSP tech stacks and suggests open source replacements. It wasn't a waitlist landing page; it delivered standalone value while capturing intent data. This generated 1,000 qualified signups and 200 Slack community members while simultaneously validating paid acquisition channels. By launch, he knew Facebook cost $6-8 per lead while outbound failed completely. Most founders build product first, then scramble for distribution. Michael inverted the sequence. Fire fast on sales hires in early stage, or don't hire them at all: Michael fired three VP Sales at Vicarious before learning the lesson: "The moment to bring salespeople is not when you are able to sell your product, is when someone else is able to sell your product." The critical test isn't whether the founder can close deals—founders sell vision and relationship. The test is whether a marketing person, SDR, or non-sales hire can generate revenue. Only then do salespeople accelerate an already-working motion. Hiring VP Sales at $50K ARR because the board wants "someone to own revenue" burns 12+ months and $200K+ learning this. Spend 6-12 months researching before building in unfamiliar markets: Michael conducted 15+ MSP interviews, mapped all 19 tool categories they use with pricing, evaluated open source alternatives by analyzing GitHub commit frequency and pull requests, identified which projects had VC backing for long-term viability, and tested multiple marketing channels before alpha deployment. This allowed him to launch with product-market fit indicators already validated and 70% of his $2.2M still in the bank. The alternative—build fast, iterate with customers—works when you deeply understand the market. When you don't, research is cheaper than pivots. Target categories where lack of innovation creates adoption momentum: MSPs represent 30-40K companies in the US alone, part of a $380B global market growing 12% annually. Yet VCs historically avoided the space assuming low ACV and high churn. The dominant platforms—ConnectWise, Datto, Asea—have existed 20+ years with minimal AI adoption or architectural modernization. Michael specifically chose MSPs because "in cyber security you would never get traction that we're getting right now unless you're spending millions of dollars." In crowded categories, distribution cost kills you. In starved categories, any credible innovation gets attention. Architect your product so adoption mechanically improves customer unit economics: Open Frame attacks both sides of MSP margin compression simultaneously. The open source tool suite eliminates the 30% of revenue paid to commercial vendors. The dual AI agent system (end-user self-service + technician orchestration) reduces the 25-30% spent on labor. Michael didn't find a problem and then figure out monetization—he reverse-engineered a solution where product adoption directly expands customer margins. When your product makes customers structurally more profitable, adoption isn't a marketing problem. // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe. www.GlobalTalent.co   //   Don't Miss: New Podcast Series — How I Hire Senior GTM leaders share the tactical hiring frameworks they use to build winning revenue teams. Hosted by Andy Mowat, who scaled 4 unicorns from $10M to $100M+ ARR and launched Whispered to help executives find their next role. Subscribe here: https://open.spotify.com/show/53yCHlPfLSMFimtv0riPyM

At the Crexendo UGM, Mike Somers, Founder and COO of Beetexting, sat down with Doug Green, Publisher of Technology Reseller News, to discuss Beetexting's newest integrations and AI innovations for compliance and customer engagement. Beetexting provides a corporate texting platform designed to help teams move beyond email, offering shared inboxes, automation, and collaboration features that streamline customer communication. “We built Beetexting to help teams communicate faster and more effectively,” said Somers. “It's about enabling businesses to connect with their customers in a modern, compliant way.” At the Crexendo UGM, Somers announced that Beetexting has launched a direct integration with NetSapiens, making it easier for Crexendo resellers to provision and manage accounts. “Partners can now log in via SSO, set up accounts, and monitor onboarding success—all within a unified dashboard,” he explained. Somers also revealed a new partnership with Phone.com and several AI-driven tools that address one of the industry's biggest challenges: 10DLC compliance. Beetexting's TCR Agent uses conversational AI to guide businesses through the 10DLC registration process in minutes, while its AI-powered Compliance Agents monitor outgoing messages to ensure adherence to company policies and regulations, including FINRA and HIPAA. “The Compliance Agent is like a hall monitor for messaging,” Somers said. “It helps users stay compliant in real time, prevents issues before they happen, and continuously learns company-specific policies.” With Beetexting's innovations, resellers and service providers can deliver a fully white-labeled, compliant business texting solution that adds measurable value to their communications offerings. To learn more about Beetexting, visit www.beetexting.com.

In this episode, Eric and Brian kick off the week with a look at the SPX options market, recent price action, and key gamma levels heading into FOMC week. Eric recaps his recent put credit spread trades from Alpha Crunching, discusses how he's managing new positions into record highs, and explains how he's balancing bullish exposure with call credit spreads and discretionary hedges. The conversation also covers upcoming events—including major tech earnings from Apple, Microsoft, and Google—and how they might influence market sentiment.Brian shares a practical example of a LEAPS diagonal trade on AVGO that's been profitable even without much price movement, illustrating how selling weekly calls can generate consistent income against a long-dated call. The two also discuss covered call timing, hedging approaches, and using instruments like SSO to gain leveraged exposure with less capital.

In this sponsored podcast Patrick Gray chats with Knocknoc CEO Adam Pointon about why true Zero Trust architectures never really got there. Spinning up ZTNA access to core applications and slapping SSO prompts on everything else is great, but if we're honest, it's not really Zero Trust. So, how and why did we get here? Show notes

Mukund Jha is CEO of Emergent, an agentic vibe-coding platform. They've raised $23M from Lightspeed, Y Combinator, Together Fund, and Prosus. He was previously the cofounder and CTO of Dunzo, a hugely popular ecommerce company in India.Mukund's favorite books: The Hard Thing About Hard Things (Author: Ben Horowitz)(00:01) Intro(00:07) State of vibe-coding and where we are today(01:42) Emergent in plain English: what the product delivers(03:07) From prototype to traction: the first 90 days(06:03) What changed in the last 24 months (models + infra)(08:13) Early infra bets that enabled speed(12:07) Precision vs. control: editing and debugging without code(14:21) One-click to production: the unglamorous infra behind it(15:55) Points of failure across prompt → plan → code → test → deploy(17:53) Models division of labor: planning, codegen, tests, commits(20:05) What “reasoning” means and how they evaluate it(22:13) Context & memory strategy (beyond naive RAG)(24:22) Representing large codebases so agents don't hallucinate structure(27:03) Orchestration walkthrough: adding SSO end-to-end(29:40) Agent coordination protocols (how agents talk)(31:05) Debugging long-running agents and trace observability(32:37) Company-building lessons from Dunzo to Emergent(36:10) Philosophy: offloading decisions to models(36:57) Rapid Fire Round--------Where to find Mukund Jha: LinkedIn: https://www.linkedin.com/in/mukund-jha-a1596413/--------Where to find Prateek Joshi: Newsletter: https://prateekjoshi.substack.com Website: https://prateekj.com LinkedIn: https://www.linkedin.com/in/prateek-joshi-infiniteX: https://x.com/prateekvjoshi 

Send us a textArt Poghosyan shares his journey from IT security consultant to CEO of Britive, a cloud-native identity and access management company. His experience during economic downturns shaped his understanding of how cybersecurity services remain resilient through various market cycles.• Started in IT security right after completing a master's in technology risk management• Worked with early IAM solutions including LDAP directories, SSO, and authentication systems• Founded Advanced Technology Solutions focusing on IAM implementation services• Identified growing challenges with traditional IAM solutions in cloud environments• Created Britive to address cloud-native identity management challenges• Witnessed explosion of machine identities in cloud environments creating security risks• Now focused on securing new identity types including AI and agentic identities• Cybersecurity consulting proves relatively recession-proof as security needs persist in both growth and contraction• Capital One AWS breach highlighted risks of excessive privileges in cloud environments• Current focus includes securing agent-to-agent interactions in AI systemsConnect with Art on LinkedIn or email him at art@britive.com to learn more about Britive's solutions for cloud and AI identity challenges. 

This week on The Business of Open Source, I spoke to Or Weis, the CEO and co-founder of Permit.io. Or is a serial entrepreneur who has had a long career in developer tools. We talked about Permit's relationship with open source, including of course the open source projects that they create and maintain. One thing to note is that none of Permit's open source projects are branded as “Permit.” They are all separate from the permit.io brand. On the other hand, Or talked about the essential balancing act for open source companies… figuring out the balance between what goes in the open source project and what goes in the commercial offering. “Companies that get it wrong die, and companies that get it right end up flourishing,” he said. Or Weiss has a theory about open source businesses that he calls ‘open foundations.' He thinks that this model is better than open core — to be honest I think open foundations is a type of open core, but I think that Or's argument about how to do open core are fundamentally correct. Permit's primary open source project is OPAL, and the way that Or puts it is that Permit uses OPAL, but it is not OPAL. The two pieces of software are different and have different value propositions. He also talked about how important it is for everyone to understand what features belong in the project and what belongs in the product… by ‘everyone' he means product managers in your team but also members of the open source community. We also talked about how you have to have a moat for your product, and especially with AI coding tools a lot of models do not have a moat anymore. Which is why he doesn't think that just SSO and a fancy UI are enough of a difference between project and product anymore. If you are interested in having more conversations about building open source businesses, join us next May in Paris at Open Source Founders Summit! 

Dr. Kathleen Horst, Dr. Rachel Jimenez, and Dr. Yara Abdou discuss the updated guideline from ASTRO, ASCO, and SSO on postmastectomy radiation therapy. They share new and updated recommendations on topics including PMRT after upfront surgery, PMRT after neoadjuvant systemic therapy, dose and fractionation schedules, and delivery techniques. They comment on the importance of a multidisciplinary approach and providing personalized care based on individual patient characteristics. Finally, they review ongoing research that may impact these evidence-based guidelines in the future. Read the full guideline, “Postmastectomy Radiation Therapy: An ASTRO-ASCO-SSO Clinical Practice Guideline” at www.asco.org/breast-cancer-guidelines" TRANSCRIPT This guideline, clinical tools, and resources are available at www.asco.org/breast-cancer-guidelines. Read the full text of the guideline and review authors' disclosures of potential conflicts of interest in the Journal of Clinical Oncology, https://ascopubs.org/doi/10.1200/JCO-25-01747  Brittany Harvey: Hello and welcome to the ASCO Guidelines podcast, one of ASCO's podcasts delivering timely information to keep you up to date on the latest changes, challenges, and advances in oncology. You can find all the shows, including this one, at asco.org/podcasts. My name is Brittany Harvey, and today I am interviewing Dr. Kathleen Horst, expert panel chair from Stanford University; Dr. Rachel Jimenez, expert panel vice chair from Massachusetts General Hospital; and Dr. Yara Abdou, ASCO representative from the University of North Carolina, authors on "Postmastectomy Radiation Therapy: An American Society for Radiation Oncology, American Society of Clinical Oncology, and Society of Surgical Oncology Clinical Practice Guideline." Thank you for being here today, Dr. Horst, Dr. Jimenez, and Dr. Abdou. Dr. Kathleen Horst: Thank you for having us. Brittany Harvey: And then just before we discuss this guideline, I would like to note that ASCO takes great care in the development of its guidelines and ensuring that the ASCO conflict of interest policy is followed for each guideline. The disclosures of potential conflicts of interest for the guideline panel, including Dr. Horst, Dr. Jimenez, and Dr. Abdou who have joined us here today, are available online with the publication of the guideline in the Journal of Clinical Oncology, which is linked in the show notes. Then to dive into the content that we are here today to talk about, Dr. Horst, could you start us off by describing what prompted the update for this joint guideline between ASTRO, ASCO, and SSO, and what is the scope of this 2025 guideline on postmastectomy radiation therapy? Dr. Kathleen Horst: Thank you. This joint guideline was last updated in 2016. Over the past decade, the treatment of breast cancer has evolved substantially. Newer systemic therapy regimens have increasingly personalized treatment based on tumor biology, and local therapy management has explored both the de-escalation of axillary surgery and more abbreviated courses of radiation therapy. Given these advances, it was important to revisit the role of postmastectomy radiotherapy in this modern era of breast cancer therapy. This updated guideline addresses four key questions, including postmastectomy radiation therapy after upfront surgery as well as after neoadjuvant systemic therapy. It also reviews the evolving role of various dose and fractionation schedules and optimal treatment techniques and dose constraints. Brittany Harvey: Excellent. I appreciate that background, Dr. Horst. So then, next, Dr. Jimenez, I would like to review the recommendations of this guideline across those four key questions that Dr. Horst just mentioned. So first, what does the panel recommend for PMRT for patients who received initial treatment with mastectomy? Dr. Rachel Jimenez: The panel provided pretty strong consensus that patients with positive lymph nodes or patients with large tumors involving the skin or the chest wall should receive postmastectomy radiation. However, the panel also recognized that the omission of postmastectomy radiation may be appropriate for select patients who have positive lymph nodes and have an axillary lymph node dissection if they have a low nodal burden and other favorable clinical or pathologic features. For patients without lymph node involvement at the time of surgery and no involvement of the skin or chest wall, postmastectomy radiation was not advised by the panel. Brittany Harvey: Understood. It is helpful to understand those recommendations for that patient population. Following that, Dr. Abdou, what are the key recommendations for PMRT for patients who received neoadjuvant systemic therapy before mastectomy? Dr. Yara Abdou: When we think about PMRT after neoadjuvant treatment, the key point is that the initial stage of presentation still matters a lot. So for example, if a patient comes in with more advanced disease, say a large primary tumor, like a clinical T4, or more extensive nodal disease, like an N2 or N3 disease, those patients should get PMRT, no matter how well they respond to neoadjuvant therapy, because we know it reduces the risk of recurrence and that has been shown pretty consistently. On the other hand, if there are still positive lymph nodes after neoadjuvant treatment, basically residual nodal disease, PMRT is also strongly recommended because the risk of local-regional recurrence is much higher in that setting. The gray area is the group of patients who start with a lower burden of nodal disease, such as N1 disease, but then become node negative at surgery. For those patients, we tend to individualize the decision. So if the patient is young or has triple-negative disease, or if there is a lot of residual disease in the breast even though the nodes are cleared, then radiation is probably helpful. But if everything has melted away with pCR in both the breast and the nodes, then it may be safe to omit PMRT in those patients. For patients with smaller tumors and no nodal involvement to begin with, like a clinical T1-T2 N0, if they are still node negative after neoadjuvant treatment, then PMRT is generally not recommended because their baseline recurrence risk is low. And finally, if the margins are positive and cannot be re-excised, then PMRT is recommended after neoadjuvant therapy. Brittany Harvey: Yes, those distinctions are important for appropriate patient selection. So then, Dr. Horst, we have just reviewed the indications for PMRT, but for those patients who receive PMRT, what are the appropriate treatment volumes and dose fractionation regimens? Dr. Kathleen Horst: The guideline addresses coverage of the chest wall and regional nodes with a specific discussion of the data regarding internal mammary nodal irradiation, which has been an area of controversy over many years. The guideline also reviews the data exploring moderate hypofractionation, or shorter courses of radiation therapy. The task force recommends utilizing moderate hypofractionation for the majority of women requiring postmastectomy radiation, which is likely to have a large impact on clinical practice. This recommendation is based on the evolving data demonstrating that a 3-week course of radiotherapy after mastectomy provides similar oncologic outcomes and minimal toxicity for most patients compared to the standard 5-week treatment course. Brittany Harvey: Thank you for reviewing that set of recommendations as well. So then, Dr. Jimenez, to wrap us up on the key questions here, what delivery techniques are recommended for treating patients who receive PMRT? Dr. Rachel Jimenez: So this portion of the guideline is likely to be most helpful for radiation oncologists because it represents the most technical part of the guideline, but we do believe that it offers some important guidance that has, to this point, been lacking in the postmastectomy radiation setting. So first, the panel recommends that all patients should undergo 3-dimensional radiation planning using CAT scan based imaging, and this includes contouring. So contouring refers to the explicit identification, using a drawing interface on the CAT scan imaging, by the radiation oncologist to identify the areas that are targeted to receive radiation, as well as all of the nearby normal tissues that could receive unintended radiation exposure. And we also provide radiation oncologists in the guideline with suggestions about how much dose each target tissue should receive and what the dose limits should be for normal tissues. Additionally, we make some recommendations regarding the manner in which radiation is delivered. So for example, we advise that when conventional radiation methods are not sufficient for covering the areas of the body that are still at risk for cancer, or where too high of a dose of radiation would be anticipated to a normal part of the body, that providers employ a technique called intensity modulated radiation therapy, or IMRT. And if IMRT is going to be used, we also advise regular 3-dimensional imaging assessments of the patient's body relative to the treatment machine to ensure treatment fidelity. When the treatments are delivered, we further advise using a deep inspiration breath-hold technique, which lowers the exposure to the heart and to the lungs when there is concern for cardiopulmonary radiation exposure, and again, that image guidance be used along with real-time monitoring of the patient's anatomy when those techniques are employed. And then finally, we advise that patients receiving postmastectomy radiation utilize a bolus, or a synthetic substance placed on the patient's skin to enhance radiation dose to the superficial tissue, only when there is involvement of the skin with cancer or other high-risk features of the cancer, but not for every patient who receives postmastectomy radiation. Brittany Harvey: Understood. And then, yes, you just mentioned that section of the guideline is probably most helpful for radiation oncologists, but I think you can all comment on this next question. What should all clinicians, including radiation oncologists, surgical oncologists, medical oncologists, and other oncologic professionals, know as they implement all of these updated recommendations? Dr. Rachel Jimenez: So I think one of the things that is most important when we consider postmastectomy radiation and making recommendations is that this is a multidisciplinary panel and that we would expect and encourage our colleagues, as they interpret the guidelines, to employ a multidisciplinary approach when they are discussing each individual patient with their surgical and medical oncology colleagues, that there is no one size fits all. So these guidelines are intended to provide some general guidance around the most appropriate techniques and approaches and recommendations for the utilization of postmastectomy radiation, but that we recognize that all of these recommendations should be individualized for patients and also represent somewhat of a moving target as additional studies, both in the surgical and radiation oncology realm as well as in the systemic therapy realm, enter our milieu, we have to adjust those recommendations accordingly. Dr. Kathleen Horst: Yeah, I would agree, and I wanted to comment as a radiation oncologist, we recognize that local-regional considerations are intertwined with systemic therapy considerations. So as the data evolve, it is critical to have these ongoing updates in a cross-disciplinary manner to ensure optimal care for our patients. And as Dr. Jimenez mentioned, these multidisciplinary discussions are critical for all of us to continue to learn and understand the evolving recommendations across disciplines but also to individualize them according to individual patients. Dr. Yara Abdou: I could not agree more. I think from a medical oncology perspective, systemic therapy has gotten much better with adjuvant CDK4/6 inhibitors, T-DM1, capecitabine, and immune therapy. So these are all newer adjuvant therapies, so the baseline recurrence risks are lower than what they were in the trials that established PMRT. So the absolute benefit of radiation varies more now, so smaller for favorable biology but still relevant in aggressive subtypes or with residual disease. So it is definitely not a one-size-fits-all. Brittany Harvey: Yes, I think it is important that you have all highlighted that multidisciplinary approach and having individualized, patient-centric care. So then, expanding on that just a little bit, Dr. Abdou, how will these guideline recommendations affect patients with breast cancer? Dr. Yara Abdou: So basically, reiterating what we just talked about, these guidelines really move us towards personalized care. So for patients at higher risk, so those with larger tumors, multiple positive nodes, or residual nodal disease after neoadjuvant therapy, PMRT remains essential, consistently lowering local-regional recurrence and improving survival. But for patients at intermediate or lower risk, the recommendations support a more selective approach. So instead of a blanket rule, we now integrate tumor biology, response to systemic therapy, and individual patient factors to decide when PMRT adds meaningful benefit. So the impact for patients is really important because those at high risk continue to get the survival advantage of radiation while others can be spared the unnecessary treatment and side effects. So in short, we are aligning PMRT with modern systemic therapy and biology, making sure each patient receives the right treatment for their situation. Brittany Harvey: Absolutely. Individualizing treatment to every patient will make sure that everyone can achieve the best outcomes as possible. So then, Dr. Jimenez, to wrap us up, I believe Dr. Horst mentioned earlier that data continues to evolve in this field. So in your opinion, what are the outstanding questions regarding the use of PMRT and what are you looking to for the future of research in this space? Dr. Rachel Jimenez: So there are a number of randomized phase III clinical trials that are either in active accrual or that have reported but not yet published that are exploring further de-escalation of postmastectomy radiation and of axillary surgery. And so we do not yet have sufficient data to understand how those two pieces of information integrate with each other. So for example, if you have a patient who has a positive lymph node at the time of diagnosis and forgoes axillary surgery aside from a sentinel lymph node biopsy, we do not yet know that we can also safely forgo radiation entirely in that setting. So we expect that future studies are going to address these questions and understand when it is appropriate to simultaneously de-escalate surgery and radiation. Additionally, there is a number of trials that are looking at ways in which radiation could be omitted or shortened. So there is the RT CHARM trial, which has reported but not yet published, looking at a shorter course of radiation. And so we do make recommendations around that shorter course of radiation in this guideline, but we anticipate that the additional data from the RT CHARM study will provide further evidence in support of that. Additionally, there is a study called the TAILOR RT trial, which looks at forgoing postmastectomy radiation in patients who, to Dr. Abdou's point, have a favorable tumor biology and a low 21-gene recurrence score. And so we are going to anticipate the results from that study to help guide who can selectively forgo postmastectomy radiation when they fall into that favorable risk category. So there are a number of questions that I think will help flesh out this guideline. And as they publish, we will likely publish a focused update on that information to help provide context for our colleagues in the field and clarify some of these recommendations to suit the latest data. Brittany Harvey: Absolutely. We will look forward to those de-escalation trials and ongoing research in the field to build on the evidence and look for future updates to this guideline. So I want to thank you for your work to update these guidelines, and thank you for your time today, Dr. Horst, Dr. Jimenez, and Dr. Abdou. Dr. Rachel Jimenez: Thank you. Dr. Yara Abdou: Thank you. Dr. Kathleen Horst: Thank you. Brittany Harvey: And then finally, thank you to all of our listeners for tuning in to the ASCO Guidelines podcast. To read the full guideline, go to www.asco.org/breast-cancer-guidelines. You can also find many of our guidelines and interactive resources in the free ASCO Guidelines app, which is available in the Apple App Store or the Google Play Store. If you have enjoyed what you have heard today, please rate and review the podcast and be sure to subscribe so you never miss an episode. The purpose of this podcast is to educate and to inform. This is not a substitute for professional medical care and is not intended for use in the diagnosis or treatment of individual conditions. Guests on this podcast express their own opinions, experience, and conclusions. Guest statements on the podcast do not express the opinions of ASCO. The mention of any product, service, organization, activity, or therapy should not be construed as an ASCO endorsement.  

Patrick (Tracer Labs) breaks down Trust ID, a consent + identity layer that replaces cookie pop-ups with a portable, user-owned identity (and embedded wallet). We dig into how Tracer helps brands unify siloed data without storing PII, verify real humans amid AI traffic, and enable one-click privacy that travels site-to-site.Timestamps[00:00] AI = most traffic; attribution is broken [00:01] Intro — Patrick, Tracer Labs & Trust ID [00:02] Patrick's crypto origin story & prior ventures [00:05] The problem: siloed brand data + compliance burden [00:06] What Trust ID does: consent + identity + embedded wallet [00:07] One-click wedge: spin up wallet, tokenize consent, no more cookies [00:09] Brands get real humans, no PII; users keep privacy & control [00:12] GDPR/CCPA costs; why a new US standard is needed[00:15] AI search & bot traffic: restoring pre-intent signal[00:18] Federated identity, modular plug-in, keep existing auth[00:19] Agentic “child IDs” w/ wallets & rule sets (Q1 roadmap)[00:20] KYC/KYB as commoditized credentials that travel with you [00:22] Live MVP; replacing legacy consent managers; early clients [00:24] Who's adopting: cards, casinos, banks, travel; multi-brand SSO [00:25] Unifying loyalty & rewards across properties [00:26] Founder advice: talk to customers on day one [00:31] Digital identity misconceptions; why this time is different [00:33] Abstraction for users; less friction, fewer decisions[00:36] Vision: 0.5–1B users; cut spam; programmatic commerce [00:38] The ask: hiring devs; enterprise intros; $15M seed openConnecthttps://www.tracerlabs.com/https://www.linkedin.com/company/tracerlabs/https://www.linkedin.com/in/patrickmoynihan1/DisclaimerNothing mentioned in this podcast is investment advice and please do your own research. Finally, it would mean a lot if you can leave a review of this podcast on Apple Podcasts or Spotify and share this podcast with a friend.Be a guest on the podcast or contact us - https://www.web3pod.xyz/

In this series “Evidence Today and Tomorrow”, the HPB disease site working group of the SSO explored current gaps in HPB surgical oncology, highlighting existing evidence and ongoing work aimed at filling those gaps. In this episode, Dr. Julie Hallet, chair of the HPB disease site working group, and Dr. Noah Cohen, member of the HPB disease site working group, are joined by Drs. Michael Lidksy and Bas Groot Koerkamp to review evidence in hepatic artery infusion pump therapy.

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: Oracle's long term CSO departs, and we're not that sad about it Canada's House of Commons gets popped through a Microsoft bug Russia degrades voice calls via Whatsapp and Telegram to push people towards Max South-East Asian scam compounds are also behind child sextortion Reports that the UK has backed down on Apple crypto are… strange Oh and of course there's a Fortinet bug! There's always a Fortinet bug! This week's episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the show this week, and explains the journey of implementing SSO backed login on Windows, Mac and Linux. You'll never guess which one was a few lines of PAM config, and which was a multi-month engineering project! This episode is also available on Youtube. Show notes Is Oracle facing headwinds? After layoffs, its 4-decade veteran Chief Security Officer Mary Ann Davidson departs Oracle CSO blasted over anti-security research rant - iTnews New York lawsuit against Zelle creator alleges features allowed $1 billion in thefts | The Record from Recorded Future News Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump' Cashout Scheme – Krebs on Security How we found TeaOnHer spilling users' driver's licenses in less than 10 minutes | TechCrunch UK has backed down on demand to access US Apple user data, spy chief says DNI Tulsi Gabbard on X: "As a result, the UK has agreed to drop its mandate for" Hackers target Workday in social engineering attack Russia curbs WhatsApp, Telegram calls to counter cybercrime | The Record from Recorded Future News Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability | The Record from Recorded Future News Norway police believe pro-Russian hackers were behind April dam sabotage | The Record from Recorded Future News US agencies, international allies issue guidance on OT asset inventorying | Cybersecurity Dive FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970) U.S. State Dept - Near Eastern Affairs on X: "He did not claim diplomatic immunity and was released by a state judge" 493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds | WIRED .:: Phrack Magazine ::. Accenture to buy Australian cyber security firm CyberCX - iTnews

On this episode, I cover the news from Patch Tuesday including an update issue on Windows 11 when using WSUS, I get into a new SSO feature for macOS and much more! Reference Links: https://www.rorymon.com/blog/windows-12-predictions-patch-tuesday-news-teams-security-enhancements/

In this episode of the Food Junkies Podcast, Dr. Vera Tarman and Clarissa Kennedy welcome back Dr. Nicole Avena — neuroscientist, researcher, and author — to discuss her team's latest paper exploring a provocative question: Could GLP-1 receptor agonists, while reducing food cravings, also negatively impact dopamine regulation, mood, and addiction risk? Dr. Avena breaks down the science behind GLP-1 drugs, their effects on the brain's reward pathways, and why these mechanisms might lead to unintended consequences such as anhedonia, apathy, and depressive symptoms. Together, they examine potential tolerance and rebound effects, the role of GABAergic neurons, and the paradox of eliminating “food noise” while risking a hypodopaminergic state. The conversation also covers dose-dependence, the importance of holistic support and mindful eating skills, and ethical considerations for use in vulnerable populations — especially those with a history of addiction or mental health challenges. Listeners will gain nuanced insight into: How GLP-1s work in the brain's reward and motivation systems Why side effects may be tied to dosing, individual sensitivity, and muscle loss The risk of emotional flattening and its impact on recovery and quality of life Strategies to use these medications responsibly, including lower-dose approaches and lifestyle integration Broader implications for the food industry, public health, and prevention — including concerns about pediatric use Dr. Avena also shares a preview of her upcoming talk at the International Food Addiction & Comorbidities Conference in September 2025, where she'll address GLP-1 research, early-life risk factors for ultra-processed food addiction, and prevention strategies. If you've ever wondered about the long-term story behind the GLP-1 craze — especially for those navigating food addiction recovery — this in-depth discussion is a must-listen. Get your IN-PERSON or LIVESTREAM ticket(s) HERE! Use code SSO for a 40% discount!   The content of our show is educational only. It does not supplement or supersede your healthcare provider's professional relationship and direction. Always seek the advice of your physician or other qualified mental health providers with any questions you may have regarding a medical condition, substance use disorder, or mental health concern.

Hey Hey beautiful people here is this weeks Radio Rewind in High Definition Sounds. Hey hey Beautiful People I'm back once again like a Renegade master this Wednesday on Cruise FM. so try and control your excitement!! The paradise sessions - Discos Revenge returns to its original birthplace on Wednesday's 8-10pm with @markymmp on @cruise_fm UK cruise FM. SSo in Wednesdays's So the Star's on 45's take over this week features the amazing Traxsource Hot joints of 2025 so far. Powered by DJ Allan's Awesome 4Some and we also have another brand new amazing Awesome 4Some from DJ Allan in the second hour of the show so be prepared for another high energy uplifting radio show that brings sunshine and smiles on a a Humpday. It's a Specially Prepped Rewind for your aural pleasure. Much Love Marky MMP Cruise FM, and hope you can join me on this special weekly journey delivered with love.. 
 Title Artist Rockin Your World (Main NYC Streets Mix) StretchMan I Don't Love You Anymore (Eric Kupper Remix) The Philly All Stars, Eric Kupper Ride On The Moon (Funkatomic Revenge Extended) Funkatomic, Tracy Hamlin, Derrick Mckenzie Squire for Hire (Fouk Remix) Nathan Haines, Marlena Shaw & Fouk Times Are Changing Ben Westbeech, RAHH Fighting Love (Extended Mix) Mark Knight, Mark Dedross Gimme A Clap (Main Mix) Mild Sauce I Say A Little Prayer 4 U (Jay's Prayer Mix) Jay Caruso Love Taste (Original Mix) GooDisco Right Here Right Now (Mark Francis Re Edit Of DJ Spen, Gary Hudgins, & Thomy Davis Remix) Alicia Myers, DJ Spen, Mark Francis, Gary Hudgins, Thommy Davis Can't Hold Back (Your Loving) (Brian Tappert Rework) Kano, Brian Tappert Slave to the Vibe (Original Extended Mix) Jay Caruso, Aja Luv High (Eric Kupper Extended Remix) Sonic Soul Orchestra, Camden Rose, Eric Kupper That's the Way Love Is (Jerome Sydenham & Tiger Stripes Remix 2025 Remaster) Ten City, Jerome Sydenham, Tiger Stripes Change Of Mind (Stephan Duy's 2025 Extended Edit) Per QX, Stephan Duy Never Gonna Fall In Love Again (Like I Fell In Love With You) (Micky More & Andy Tee Remix) Diplomats Of Soul, Incognito, Vanessa Haynes, Micky More & Andy Tee Another Holiday (Extended Mix) Michael Gray, Sian-Lee Baby Don't Make Me Wait (Sean McCabe Vocal Remix) MissFly, David Bailey, Sean McCabe Heavy Vibes (Yogi Extended Remix) Dr Packer, Yogi We Rise (Johnny Montana And Yorkee Remix) Ann Nesby Rhythm In Me (Original Mix) Tony Deledda, Abyss Deep Sound Lab, Roxanne Myles Let It Flow Raffaele Ciavolino I love you all.
I hope you enjoy on this special weekly journey packed with love and here is the listen back link.

Dr. Tro Kalayjian is a board-certified physician in Internal Medicine and Obesity Medicine, and the founder of Toward Health, a virtual metabolic health clinic helping people break free from food addiction and chronic metabolic disease. He's also a founding member of the Society of Metabolic Health Practitioners and an international speaker on metabolic psychiatry, obesity, and nutrition science. But what makes Dr. Tro's work truly powerful is that it's personal. He grew up in a household affected by obesity and struggled with his own weight into adulthood, reaching over 350 pounds. After years of frustration with traditional medical advice, he took a deep dive into the research and completely transformed his health—losing over 150 pounds and sustaining that loss for more than a decade. His clinic's latest research, published in Frontiers in Psychiatry, shows how combining low-carb nutrition with real-time support, psychological care, and metabolic monitoring can significantly reduce food addiction and binge eating symptoms—offering hope for those who haven't found relief in diets or medications alone. Dr. Tro is passionate about helping others find food freedom, and today he's here to share the science, the struggle, and the solutions that actually work. Research Highlights: Published in Frontiers in Psychiatry (2025): 43 lbs average weight loss ~40–50% improvement in food addiction and binge eating symptoms Outcomes comparable to medications (e.g. amphetamines, GLP-1s) — but without long-term side effects Case series (220 people) on keto for binge eating showed significant improvements, challenging the old myth that "restrictive diets worsen eating disorders"

In this series “evidence today and tomorrow”, the HPB disease site working group of the SSO explored current gaps in HPB surgical oncology, highlighting existing evidence and ongoing work aimed at filling those gaps. In this episode of SurgOnc Today, Dr. Julie Hallet from the Unviersity of Toronto and chair of the SSO HPB Disease Site Working Group, and Dr. Winnie Lo from Eastern Virginia Medical School are joined by Dr. Adam Yopp and Dr. Amit Singal from UT Southwestern, and Dr. Katie Kelley from University of California San Francisco. They will be discussing the state-of-the-art evidence and upcoming trials on treating hepatocellular carcinoma.

In this special live episode of Autonomous IT, Live! we walk through a high-stakes incident response drill that mimics a disturbingly realistic threat scenario: an attacker gains access to your internal tools — not by breaking in, but by logging in.Here's the setup: a user unknowingly reuses compromised credentials with the company's SSO provider. An attacker logs in, flies under the radar, and impersonates internal IT support using Slack, email, and calendar invites. Their goal? Convince employees to install a fake remote access tool—all while avoiding anyone likely to report suspicious behavior.Join Landon Miles, Tom Bowyer, and Ryan Braunstein as they:

Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical tools are overpriced, overcomplicated, and reserved for companies that can afford to overpay and have full-time security teams. That's broken. Cubeless is tearing down the barriers. With Cubeless Verify, we're delivering SSO and MFA that anyone can use—no IT army required. No hidden fees. No contracts. No catch. Just enterprise-grade security made simple, and free forever. The gatekeepers had their turn. Now it's yours. Go to https://securityweekly.com/cubelessidv to start using Cubeless Identity today. As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. A lack of identity standards tailored specifically for AI agents, is creating a roadblock for developers. Existing infrastructure was not designed with autonomous agents in mind. How will identity standards need to evolve in order to meet the needs of an agent driven ecosystem? https://frontegg.com/product/frontegg-ai This segment is sponsored by Frontegg. Visit https://securityweekly.com/fronteggidv to learn more about them! Traditional IGA tools struggle to deliver full observability—and stall when it's time to take action. Axonius Identities is changing that—bringing actionability to identity governance by embedding it into the broader cyber asset platform. In this session, CEO of AxoniusX, Amir Ofek shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments. https://www.axonius.com/products/identities Axonius Blog: From Roles to Rules – An Access Paradigm Shift: https://www.axonius.com/blog/from-roles-to-rules Axonius Cybersecurity Asset Management Platform Overview: https://www.axonius.com/platform See how Axonius makes identity actionable. Visit https://securityweekly.com/axoniusidv. As enterprises are looking to rapidly deploy AI agents to drive innovation, they face an urgent need to secure this new "digital workforce" without hindering speed. Traditional security models weren't built for the unique identity and access demands of autonomous AI. This session will cut through the hype, address the real security concerns head-on, and outline a modern, cloud-native framework for managing privileged access for AI agents, ensuring your organization can innovate fast and stay secure. https://www.britive.com/use-cases/agentic-ai-security https://www.britive.com/resource/events/zero-standing-privileges-human-ai-nhi https://www.britive.com/resource/blog/agentic-ai-redefining-identity-security-cloud https://www.britive.com/resource/blog/owasp-vulnerabilities-llm-goes-rogue-navigating-corporate-chaos https://www.britive.com/resource/blog/agent-to-agent-access-security https://www.britive.com/resource/blog/genai-data-privacy-ip-protection https://www.britive.com/resource/blog/rethinking-nhi-cloud-security-strategies This segment is sponsored by Britive. Visit https://securityweekly.com/britiveidv to learn more about Britive's agentless cloud-native Privileged Access Management platform. As digital transformation accelerates and advanced threats evolve, industries of all kinds face rising pressure to secure identities, prevent fraud, and deliver seamless user experiences. Aware CEO Ajay Amlani shares how biometric technology is stepping up to meet these challenges—providing fast, accurate, and scalable solutions that strengthen security while reducing friction. Discover how biometrics is reshaping the identity landscape and enabling trust in an increasingly complex world. https://www.aware.com/blog/ This segment is sponsored by Aware. Visit https://securityweekly.com/awareidv to learn more about them! As threat landscapes grow more complex and stakeholder expectations rise, organizations must reimagine their approach to cyber resilience and trust. This interview will explore how artificial intelligence is transforming cybersecurity—from identifying vulnerabilities in real time to automating response and aligning security initiatives with broader business goals. Join us for a forward-looking discussion on what it means to lead with AI, earn digital trust, and create a resilient enterprise that's built to withstand tomorrow's threats. This segment is sponsored by SDG. Visit https://securityweekly.com/sdgidv to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-414

Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical tools are overpriced, overcomplicated, and reserved for companies that can afford to overpay and have full-time security teams. That's broken. Cubeless is tearing down the barriers. With Cubeless Verify, we're delivering SSO and MFA that anyone can use—no IT army required. No hidden fees. No contracts. No catch. Just enterprise-grade security made simple, and free forever. The gatekeepers had their turn. Now it's yours. Go to https://securityweekly.com/cubelessidv to start using Cubeless Identity today. As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. A lack of identity standards tailored specifically for AI agents, is creating a roadblock for developers. Existing infrastructure was not designed with autonomous agents in mind. How will identity standards need to evolve in order to meet the needs of an agent driven ecosystem? https://frontegg.com/product/frontegg-ai This segment is sponsored by Frontegg. Visit https://securityweekly.com/fronteggidv to learn more about them! Traditional IGA tools struggle to deliver full observability—and stall when it's time to take action. Axonius Identities is changing that—bringing actionability to identity governance by embedding it into the broader cyber asset platform. In this session, CEO of AxoniusX, Amir Ofek shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments. https://www.axonius.com/products/identities Axonius Blog: From Roles to Rules – An Access Paradigm Shift: https://www.axonius.com/blog/from-roles-to-rules Axonius Cybersecurity Asset Management Platform Overview: https://www.axonius.com/platform See how Axonius makes identity actionable. Visit https://securityweekly.com/axoniusidv. As enterprises are looking to rapidly deploy AI agents to drive innovation, they face an urgent need to secure this new "digital workforce" without hindering speed. Traditional security models weren't built for the unique identity and access demands of autonomous AI. This session will cut through the hype, address the real security concerns head-on, and outline a modern, cloud-native framework for managing privileged access for AI agents, ensuring your organization can innovate fast and stay secure. https://www.britive.com/use-cases/agentic-ai-security https://www.britive.com/resource/events/zero-standing-privileges-human-ai-nhi https://www.britive.com/resource/blog/agentic-ai-redefining-identity-security-cloud https://www.britive.com/resource/blog/owasp-vulnerabilities-llm-goes-rogue-navigating-corporate-chaos https://www.britive.com/resource/blog/agent-to-agent-access-security https://www.britive.com/resource/blog/genai-data-privacy-ip-protection https://www.britive.com/resource/blog/rethinking-nhi-cloud-security-strategies This segment is sponsored by Britive. Visit https://securityweekly.com/britiveidv to learn more about Britive's agentless cloud-native Privileged Access Management platform. As digital transformation accelerates and advanced threats evolve, industries of all kinds face rising pressure to secure identities, prevent fraud, and deliver seamless user experiences. Aware CEO Ajay Amlani shares how biometric technology is stepping up to meet these challenges—providing fast, accurate, and scalable solutions that strengthen security while reducing friction. Discover how biometrics is reshaping the identity landscape and enabling trust in an increasingly complex world. https://www.aware.com/blog/ This segment is sponsored by Aware. Visit https://securityweekly.com/awareidv to learn more about them! As threat landscapes grow more complex and stakeholder expectations rise, organizations must reimagine their approach to cyber resilience and trust. This interview will explore how artificial intelligence is transforming cybersecurity—from identifying vulnerabilities in real time to automating response and aligning security initiatives with broader business goals. Join us for a forward-looking discussion on what it means to lead with AI, earn digital trust, and create a resilient enterprise that's built to withstand tomorrow's threats. This segment is sponsored by SDG. Visit https://securityweekly.com/sdgidv to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-414

Interview with Dave Lewis Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organizations expect. Talk about the critical weaknesses in traditional SSO implementations, how shadow IT thrives under the radar, and why enterprises continue to experience data breaches despite security investments. Can cover real-world examples of security failures, highlight the role of human behavior in risk, and provide actionable strategies to regain control over enterprise security. This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them! Topic Segment: Is AI taking our jerbs or not? I listened to most of a debate between Marcus Hutchins and Daniel Miessler over whether generative AI will be good enough to replace a lot of jobs (Daniel's take), or so bad that it won't take any (Marcus's take). I got frustrated though, because I feel like some foundational assumptions were ignored, and not enough examples were shared or prepared. Assumption #1: Jobs exist because work needs to be done. This is a false assumption. Check out a book called "Bullshit Jobs" to go down this particular rabbit hole. Assumption #2: The primary task of a job is the job. This is rarely the case, unless you work in the service industry. How much of a developer's job is writing code? A lot less than you think. Employees spend a massive amount of time communicating with other employees, via meetings, emails, Slack chats - can AI replace this? Maybe all that communication is wasteful and inefficient? Could be, but for every job AI supposedly replaces, it becomes someone else's job to manage that AI agent. Does all of middle management become expert prompt engineers, or do they also disappear with no employees to manage? Assumption #3: Jobs aren't already being replaced. They are, they're just not terribly visible jobs. That contractor your marketing team was using to build blog/SEO content? He's probably gone. The in-house or contract graphic designer? Probably gone. There's a whole swath of jobs out there, where quality isn't very important, but work needs to be produced, and those jobs are being actively replaced with generative AI. With that said, I don't see any full time jobs that require quality work and a lot of communication with other employees getting replaced. Yet? Ever? That's the question. The Enterprise News In this week's enterprise security news, Not much interesting funding to discuss Securonix acquires ThreatQuotient Cellebrite acquires Corellium (that sounds a lot like a rock bought a stone or a gem or something) Yet another free vulnerability database ChatGPT can now clandestinely record meetings Threat detection resources a VERY expensive Zoom call (for the victim) Should we stop using SOC2s? Should we give up on least privilege? How much did it cost to change HBO to HBO Max, then to Max, then back to HBO Max? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-413

In this wholly sponsored Soap Box edition of the show, Patrick Gray chats with Adam Bateman and Luke Jennings from Push Security. Push has built an identity security platform that collects identity information and events from your users' browsers. It can detect phish kits and shut down phishing attempts, protect SSO credentials, and find shadow/personal account that a user has spun up. It's extremely difficult to bypass. That's because when you're in the browser it doesn't matter how a phishing link arrives, or how a threat actor has concealed it from your detection stack – if the user sees it, Push sees it. There are solutions for protecting your users SSO credentials, like passkeys. But what about all the SaaS in your environment? Even if it's enrolled into your SSO, are you sure that's how your users are authenticating to it? What about the automation platforms your developers and admins use? What about data platforms like Snowflake? Are your using setting up passkeys for those accounts? How would you know, and what problems can it cause if those accounts are vulnerable? This is a fun one! This episode is also available on Youtube. Show notes

A Tale of Two Phishing Sties Two phishing sites may use very different backends, even if the site itself appears to be visually very similar. Phishing kits are often copied and modified, leading to sites using similar visual tricks on the user facing site, but very different backends to host the sites and reporting data to the miscreant. https://isc.sans.edu/diary/A%20Tale%20of%20Two%20Phishing%20Sites/31810 A Phihsing Tale of DOH and DNS MX Abuse Infoblox discovered a new variant of the Meerkat phishing kit that uses DoH in Javascript to discover MX records, and generate better customized phishing pages. https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/ Using OpenID Connect for SSH Cloudflare opensourced it's OPKSSH too. It integrates SSO systems supporting OpenID connect with SSH. https://github.com/openpubkey/opkssh/