1 00:00:05,280 --> 00:00:10,440 This is identity at the center. If it has anything to do with 2 00:00:10,560 --> 00:00:17,960 IAM, this is the go to podcast now your hosts Jim McDonald and 3 00:00:17,960 --> 00:00:23,120 Jeff Stedman. Welcome to the Identity at the 4 00:00:23,120 --> 00:00:24,760 Center podcast. I'm Jeff and that's Jim. 5 00:00:24,760 --> 00:00:26,360 Hey, Jim. Hey, Jeff, how are you? 6 00:00:26,720 --> 00:00:29,040 Oh, not so bad yourself. I'm doing great man. 7 00:00:29,040 --> 00:00:33,560 We're here doing another sponsor spotlight episode and that these 8 00:00:33,560 --> 00:00:37,080 are fantastic and I'm really excited with the one that we got 9 00:00:37,080 --> 00:00:40,560 today. I mean you know we we've, I 10 00:00:40,560 --> 00:00:43,720 think we kind of hit the jackpot in terms of what we're going to 11 00:00:43,720 --> 00:00:47,080 talk about today is a company called Visa. 12 00:00:47,080 --> 00:00:49,400 I don't want to steal the Thunder of the show, but I guess 13 00:00:49,400 --> 00:00:53,640 if you if you saw the the title of the podcast, you know already 14 00:00:53,640 --> 00:00:59,960 we're talking to Rich from Visa. But it's like this up and coming 15 00:00:59,960 --> 00:01:02,360 company, right? And it's like it can't be 16 00:01:02,360 --> 00:01:06,280 ignored for sure. And to me, it's just like, wow, 17 00:01:06,280 --> 00:01:09,200 like, we're going to talk about so many great things today. 18 00:01:09,480 --> 00:01:10,920 Yeah. So I guess you've already 19 00:01:10,920 --> 00:01:12,880 spoiled it. We're talking with Vasa, but 20 00:01:12,880 --> 00:01:15,360 want to make it clear, right, this is a sponsored episode. 21 00:01:15,840 --> 00:01:17,800 We actually work with our sponsors on these and kind of 22 00:01:17,800 --> 00:01:20,400 come up collaboratively of how we want to develop a show that 23 00:01:20,400 --> 00:01:24,560 we think will be entertaining, informative, but also get us you 24 00:01:24,560 --> 00:01:27,320 know deeper into specific viewpoints, specific solutions, 25 00:01:27,320 --> 00:01:31,160 something that we try to stay away from on our normal shows. 26 00:01:31,560 --> 00:01:33,640 But this gives us an opportunity to talk with you know, really 27 00:01:33,640 --> 00:01:36,600 smart people and really ask specific questions that are 28 00:01:36,800 --> 00:01:39,640 maybe more product focused than we normally would where we're 29 00:01:39,640 --> 00:01:42,280 really talking big ideas, maybe stuff like that. 30 00:01:42,440 --> 00:01:45,080 Not that we want to talk big ideas here, but gives us, give 31 00:01:45,080 --> 00:01:47,200 us a little more specificity. We can kind of talk through 32 00:01:47,200 --> 00:01:49,680 things. Yeah, I I didn't want to give 33 00:01:49,680 --> 00:01:52,840 away the identity. What I really wanted to say was 34 00:01:52,840 --> 00:01:57,400 we got the man with the golden pipes back on the show excited 35 00:01:57,400 --> 00:02:00,920 to to hear, just to hear him talk because like he has like a 36 00:02:00,920 --> 00:02:05,480 Grover Washington type of voice. Yeah, definitely good pipes. 37 00:02:05,480 --> 00:02:09,360 So today's sponsor is Beza. They're the identity security 38 00:02:09,360 --> 00:02:11,200 company. They think that they've cracked 39 00:02:11,200 --> 00:02:13,400 the code on cybersecurity's hardest question. 40 00:02:13,800 --> 00:02:16,120 Who can take what action on what data? 41 00:02:16,760 --> 00:02:18,800 Question mark. Let's find out more with our 42 00:02:18,800 --> 00:02:20,320 guest. His name is Rich Dan Leicher. 43 00:02:20,320 --> 00:02:22,240 He's the chief strategist at Vasa. 44 00:02:22,240 --> 00:02:24,840 Welcome back to the show, Rich. Thanks, Jeff. 45 00:02:24,840 --> 00:02:26,720 Thanks Jim. It's it's great to be here. 46 00:02:26,720 --> 00:02:28,640 And now I was just, I was just all the time when you were 47 00:02:28,640 --> 00:02:31,200 talking and on my intro, I was hoping my voice wouldn't crack 48 00:02:31,200 --> 00:02:34,480 right out of the gate here. Well, see, that's The thing is, 49 00:02:34,480 --> 00:02:37,280 I do the editing so I can insert little imperfections if I need 50 00:02:37,280 --> 00:02:39,240 to, but I'm not going to do that because I'm absolutely jealous. 51 00:02:39,240 --> 00:02:42,520 You've got a great you've got great radio pipes, as they like 52 00:02:42,520 --> 00:02:44,880 to say in the Fizz, right? Thank you. 53 00:02:44,880 --> 00:02:47,400 As long as as long again as you don't, you don't tell me I have 54 00:02:47,400 --> 00:02:51,200 a face for radio, then I'm good. Now Jim and I have that covered 55 00:02:51,200 --> 00:02:53,680 for sure. We have faces for radio and 56 00:02:53,680 --> 00:02:55,600 voices for a silent movie is what I like to say. 57 00:02:56,840 --> 00:02:58,200 Rich, you've been with us before. 58 00:02:58,200 --> 00:03:02,040 You were with us in Episode 231 back in September of 2023. 59 00:03:02,040 --> 00:03:03,800 We had a conversation about authorization. 60 00:03:04,280 --> 00:03:06,880 We also found out really about your kind of background there. 61 00:03:06,880 --> 00:03:09,640 So tradition would have, we would ask that question. 62 00:03:09,640 --> 00:03:10,640 But we've already asked you that. 63 00:03:10,680 --> 00:03:11,800 How did you get into the identity? 64 00:03:12,080 --> 00:03:14,440 We want to hear that story go back to episode 231. 65 00:03:14,840 --> 00:03:17,800 Why don't we get right into Vasa itself. 66 00:03:18,320 --> 00:03:20,800 Jim mentioned sort of you know, where you guys are kind of 67 00:03:20,800 --> 00:03:23,920 coming up and really you know, making a lot of impact on the 68 00:03:23,920 --> 00:03:29,200 market, making a lot of noise. What specifically is driving the 69 00:03:29,200 --> 00:03:33,920 momentum around Vasa and how does that success reflect your 70 00:03:33,920 --> 00:03:36,080 unique values? Yeah. 71 00:03:36,080 --> 00:03:37,760 Thanks Jeff. And by the way it's it is great 72 00:03:37,760 --> 00:03:40,120 to be back on the show. I really did enjoy the last time 73 00:03:40,120 --> 00:03:42,760 and so it's it's nice to be here again. 74 00:03:43,240 --> 00:03:46,760 But around with the Vasa I think one of the things that that that 75 00:03:46,760 --> 00:03:49,800 really is striking to me as I sort of look trying to you know 76 00:03:49,800 --> 00:03:53,640 trying to be with an outside eye, side eye and and look at us 77 00:03:53,640 --> 00:03:56,040 is that I think it really does come down to customers. 78 00:03:56,040 --> 00:03:59,120 I think that's that's certainly my gauge for a great company is 79 00:03:59,120 --> 00:04:01,520 like who's actually buying, who's actually using, who's 80 00:04:01,520 --> 00:04:03,360 getting successful and getting value from the products. 81 00:04:03,360 --> 00:04:05,920 And I think that's been one where I've been really, really 82 00:04:05,920 --> 00:04:07,640 proud of what we've been able to do here. 83 00:04:07,640 --> 00:04:10,320 Just some really great companies and some really passionate 84 00:04:10,320 --> 00:04:12,240 champions. And so that's that's definitely 85 00:04:12,240 --> 00:04:16,160 part of I think what also makes people out in the market makes 86 00:04:16,160 --> 00:04:18,880 Seesos, Seesos you know listen to other Seesos like that is 87 00:04:18,880 --> 00:04:22,640 typically how how things sort of get bought, how things spread 88 00:04:22,640 --> 00:04:25,040 and I think I think we have been doing a really nice job there. 89 00:04:25,680 --> 00:04:30,160 The second big thing I think is really that it's a pretty 90 00:04:31,040 --> 00:04:34,200 innovative idea and a concept. And I think I, you know, and I 91 00:04:34,200 --> 00:04:36,600 always try and make sure I'm not, I'm not, I'm not selling 92 00:04:36,600 --> 00:04:39,560 myself too much here, but I really think, you know, I have, 93 00:04:39,600 --> 00:04:41,800 I've been an identity for a while and I think you guys have 94 00:04:41,800 --> 00:04:43,200 certainly been an identity for a while. 95 00:04:43,200 --> 00:04:46,040 And one of the things that I've noticed is that a lot of the 96 00:04:46,040 --> 00:04:48,760 players are just are, you know, they're kind of the same players 97 00:04:48,760 --> 00:04:51,000 you would have seen and expected, you know, 15 years 98 00:04:51,000 --> 00:04:52,400 ago. And I think, you know, the Octa 99 00:04:52,400 --> 00:04:55,400 sort of came in, but that was back in 2009, that Octa started. 100 00:04:55,400 --> 00:04:58,960 And so I think the identity hasn't had a tremendous amount 101 00:04:58,960 --> 00:05:02,400 of innovation over the last decade and 1/2 and I think it's 102 00:05:02,400 --> 00:05:04,200 been, it's been ripe, it's been ready. 103 00:05:04,320 --> 00:05:06,960 And so I think actually coming in with I think what is a pretty 104 00:05:06,960 --> 00:05:10,680 different approach in in really trying to go deep into 105 00:05:10,680 --> 00:05:13,560 authorization into this question of who can and should take what 106 00:05:13,560 --> 00:05:16,400 action and what data. I think is, you know, I think 107 00:05:16,400 --> 00:05:18,880 people respond to that and people have been hungry because 108 00:05:18,920 --> 00:05:21,480 and I think everybody knows that identity is a is a big thing 109 00:05:21,480 --> 00:05:23,000 that needs to be really addressed. 110 00:05:23,200 --> 00:05:25,920 So for people who aren't familiar with DAISA, I guess 111 00:05:26,400 --> 00:05:29,120 let's set, let's set the table for folks you know, we've 112 00:05:29,120 --> 00:05:31,640 mentioned authorization. We've mentioned the question and 113 00:05:31,680 --> 00:05:34,680 and the answer, right? Who can take what action on what 114 00:05:34,680 --> 00:05:37,800 data? What is Beza's sweet spot? 115 00:05:37,800 --> 00:05:41,200 What do you guys do? Yeah, I think you know from a 116 00:05:41,200 --> 00:05:44,520 from a value proposition, I think fundamentally the most 117 00:05:44,520 --> 00:05:48,560 important thing that we do is we help customers get to the 118 00:05:48,560 --> 00:05:50,160 reality of least privilege, right. 119 00:05:50,160 --> 00:05:52,200 If I think about like what you know, like from a security 120 00:05:52,200 --> 00:05:55,520 perspective, like what's important that I think is, is 121 00:05:55,520 --> 00:05:57,680 absolutely critical. Sometimes it's through 122 00:05:58,080 --> 00:06:00,240 governance processes like access reviews. 123 00:06:00,240 --> 00:06:03,920 Sometimes it's by having a tool that a security engineering 124 00:06:03,920 --> 00:06:07,800 person can go and actually look and find the biggest violations 125 00:06:07,800 --> 00:06:10,000 of least privilege to go and to go and fix them. 126 00:06:10,280 --> 00:06:13,000 But I think fundamentally it's that it's that preparation for 127 00:06:13,000 --> 00:06:14,560 the next breach. Because it's just, you know, 128 00:06:14,880 --> 00:06:17,520 that always resonates with me when I hear people talk about, 129 00:06:17,840 --> 00:06:20,320 hey, it's not a question, question of if it's a matter of 130 00:06:20,320 --> 00:06:23,320 when the next attack happens, the next breach happens. 131 00:06:23,760 --> 00:06:27,720 And I think really getting your organization ready, tightening 132 00:06:27,720 --> 00:06:30,120 down, privilege, tightening around access, especially 133 00:06:30,120 --> 00:06:32,520 privileged accounts, that's like so critical. 134 00:06:32,520 --> 00:06:35,640 So fundamentally like that's how I think about the value that we 135 00:06:35,640 --> 00:06:37,120 provide. I mean it's a very competitive 136 00:06:37,120 --> 00:06:38,960 market. You've got a lot of incumbents 137 00:06:38,960 --> 00:06:43,840 in this space, You've got upstarts and I guess you know, 138 00:06:43,920 --> 00:06:46,600 how do you separate yourself from others in this place? 139 00:06:46,600 --> 00:06:50,520 What's the core factor or thing that makes Vasa really stand out 140 00:06:50,760 --> 00:06:53,800 in your mind? Yeah, I think that it really is 141 00:06:53,800 --> 00:06:56,560 starting at the data model. Like when I think about the 142 00:06:56,560 --> 00:06:59,080 product and I think about the platform that we've built around 143 00:06:59,080 --> 00:07:03,200 identity security, it's pulling together all this information 144 00:07:03,200 --> 00:07:06,280 about what we call is the reality of authorization. 145 00:07:06,280 --> 00:07:10,000 So it's pulling in user information, group information, 146 00:07:10,120 --> 00:07:15,680 role information, decomposing all that morass of A WSI AM and 147 00:07:15,680 --> 00:07:20,160 Azure RBAC, but then also going deep into the service level to 148 00:07:20,160 --> 00:07:25,200 pull out granular system level objects in all the services and 149 00:07:25,360 --> 00:07:27,720 things like local users, ACL level permissions. 150 00:07:27,720 --> 00:07:31,280 So really going and putting together a pretty unique data 151 00:07:31,280 --> 00:07:35,000 set into into a graph and you know not just mapping those 152 00:07:35,000 --> 00:07:37,920 entities but the relationships between those identities. 153 00:07:37,920 --> 00:07:41,760 And I think that fundamental data model is, I mean it's it's 154 00:07:41,760 --> 00:07:45,360 a beast as you can imagine like that that is the really a tough 155 00:07:45,360 --> 00:07:48,520 problem to solve. But then once you have that, the 156 00:07:48,520 --> 00:07:51,840 things that you can then start applying that to you around 157 00:07:51,840 --> 00:07:56,440 actually creating products based on that data model are really, 158 00:07:56,440 --> 00:07:58,200 really interesting. And you can do things that are 159 00:07:58,200 --> 00:08:00,880 sort of traditional like IGA types of things like 160 00:08:00,880 --> 00:08:02,920 provisioning and life cycle management. 161 00:08:03,080 --> 00:08:04,320 You can do it in very different ways. 162 00:08:04,320 --> 00:08:06,160 And that's one of the things from a, you know, I'm a product 163 00:08:06,160 --> 00:08:08,200 guy at heart. And so that that kind of stuff 164 00:08:08,200 --> 00:08:10,600 gets me excited when you can sort of go and attack those 165 00:08:10,800 --> 00:08:13,120 those things that have been around forever, but do it in a 166 00:08:13,120 --> 00:08:16,920 dramatically different way that provides and solves problems 167 00:08:16,920 --> 00:08:20,720 that have been around forever. Yeah, Rich, I mean that really 168 00:08:20,720 --> 00:08:25,680 resonates with me. Anytime you've here of a new 169 00:08:25,680 --> 00:08:30,480 vendor, you've tried to, in your mind compartmentalize, OK, where 170 00:08:30,480 --> 00:08:33,600 did I fit them, right. And I think the area that vases 171 00:08:33,600 --> 00:08:38,000 in the closest to is governance. But I I feel like it's kind of 172 00:08:38,000 --> 00:08:41,240 like a gloss over just to say governance, right. 173 00:08:41,240 --> 00:08:44,120 It's like so much more than that, right? 174 00:08:44,120 --> 00:08:48,560 It's being able to drill down more than I've seen really 175 00:08:48,560 --> 00:08:52,040 anywhere else. But talk to you about kind of 176 00:08:52,040 --> 00:08:57,520 the the strategy of Visa in terms of the road map. 177 00:08:58,360 --> 00:09:02,280 I came up with the term the anti convergence strategy, right? 178 00:09:02,280 --> 00:09:08,440 And there there's a lot of IM players out there today who are 179 00:09:08,720 --> 00:09:11,120 really in the strategy around convergence, right? 180 00:09:11,680 --> 00:09:14,880 Whether you like it or not, that's the route they're going, 181 00:09:14,880 --> 00:09:20,560 which is to bolt on additional IM capabilities so that 182 00:09:20,560 --> 00:09:23,000 customers can kind of go one place to get everything. 183 00:09:23,480 --> 00:09:26,160 Your strategy is a lot different, right, which is to 184 00:09:26,520 --> 00:09:31,480 kind of take this piece of the marketplace and really like 185 00:09:31,480 --> 00:09:35,200 provided a solution with differentiation, right? 186 00:09:35,440 --> 00:09:37,880 Am I right in that? Am I wrong in that? 187 00:09:39,000 --> 00:09:40,640 And then can you elaborate on it? 188 00:09:41,560 --> 00:09:42,680 Yeah. No, I think I think you're 189 00:09:42,680 --> 00:09:46,040 absolutely right in that Jim because one of the things that I 190 00:09:46,040 --> 00:09:50,120 notice also it it plays into this sort of this whole tension 191 00:09:50,120 --> 00:09:51,440 and sort of you know difference in the market. 192 00:09:51,440 --> 00:09:54,640 When you look at sort of the you know big legacy companies versus 193 00:09:54,640 --> 00:09:57,440 start-ups you know and and certainly the approach of a big 194 00:09:57,440 --> 00:10:02,040 legacy company and pick Microsoft, pick sale point pick 195 00:10:02,200 --> 00:10:06,280 Cyber Ark or whoever you you want sort of in identity and the 196 00:10:06,280 --> 00:10:09,360 general strategy is there. I need more stuff in my bag to 197 00:10:09,360 --> 00:10:11,200 sell right. You go out and you want to say 198 00:10:11,200 --> 00:10:13,960 like hey, I, you know, I know people spend money on this and 199 00:10:13,960 --> 00:10:17,520 here are some budgets and I'm going to go use my, you know, 200 00:10:17,520 --> 00:10:20,040 my, the connection to the to the customer to go sell more stuff 201 00:10:20,160 --> 00:10:21,320 and get a bigger share of wallet. 202 00:10:21,400 --> 00:10:24,160 And so it's all about you know creating that portfolio whereas 203 00:10:24,480 --> 00:10:28,360 typically start-ups that's where frankly most of the innovation 204 00:10:28,640 --> 00:10:32,080 starts And and that's one of the challenges here is like when we 205 00:10:32,080 --> 00:10:34,760 started when I joined the company I was like man I hope 206 00:10:34,760 --> 00:10:36,760 there's a market but I don't know there's a market because 207 00:10:36,760 --> 00:10:39,680 it's so it it is so different and that I think I think it is 208 00:10:39,680 --> 00:10:41,920 true. It's not like we could go and 209 00:10:41,920 --> 00:10:45,080 say hey you know we know a bunch of people spend money on this 210 00:10:45,080 --> 00:10:47,040 kind of solution because there is no, there was no type of 211 00:10:47,040 --> 00:10:49,880 solution like this before. And so I think it is you know, 212 00:10:49,880 --> 00:10:53,640 really deep diving on authorization on and answering 213 00:10:53,640 --> 00:10:57,280 this question is a, it's a bit riskier because there's not an 214 00:10:57,280 --> 00:10:59,800 obvious market that this is sort of functionality that cuts 215 00:10:59,800 --> 00:11:03,440 across access management and the players like Optic cuts across 216 00:11:03,440 --> 00:11:06,800 Pam and the cyber arts of the world that cuts across IGA as 217 00:11:06,800 --> 00:11:10,520 you pointed out in governance put cuts across SSPM, you know 218 00:11:10,520 --> 00:11:13,720 SAS security posture management and data access governance with 219 00:11:13,720 --> 00:11:15,240 Veronis and all these different things. 220 00:11:15,240 --> 00:11:17,880 You know, authorization is something that's been sprinkled 221 00:11:17,880 --> 00:11:20,360 across all these different security markets. 222 00:11:20,560 --> 00:11:24,080 And no one has really before taken a comprehensive approach 223 00:11:24,080 --> 00:11:26,320 and say I'm going to solve that problem and I'm going to go deep 224 00:11:26,320 --> 00:11:27,960 in that. And I think that's what really 225 00:11:27,960 --> 00:11:29,320 makes Mesa different. Yeah. 226 00:11:29,320 --> 00:11:32,360 I mean, I think it makes sense for the company's strategies 227 00:11:32,360 --> 00:11:37,400 where they're in one spot like access management and to move 228 00:11:37,400 --> 00:11:40,120 into privilege or move into identity for the exactly the 229 00:11:40,120 --> 00:11:43,000 reason you talked about, which is how do they take those 230 00:11:43,000 --> 00:11:47,240 existing relationships and build their company, right? 231 00:11:47,920 --> 00:11:50,200 But I think what you guys have done is built the better 232 00:11:50,200 --> 00:11:52,720 mousetrap, but it seems like your strategy is to build an 233 00:11:52,720 --> 00:11:56,960 even better mousetrap, right? But it does seem like that 234 00:11:56,960 --> 00:11:59,240 mousetrap can be leveraged in certain areas, right? 235 00:11:59,240 --> 00:12:02,920 Because I think a lot of what you're talking about today, what 236 00:12:02,920 --> 00:12:08,000 we're talking about currently is taking access that exists and 237 00:12:08,000 --> 00:12:11,240 being able to analyze it. What if you provision only the 238 00:12:11,240 --> 00:12:13,600 access that a person needs? What? 239 00:12:13,640 --> 00:12:17,200 What are your thoughts there? Well you're you're you're you're 240 00:12:17,320 --> 00:12:20,120 you got a good crystal ball there Jim because that's that's 241 00:12:20,120 --> 00:12:22,640 exactly actually what we we've been moving in And so we we've 242 00:12:22,640 --> 00:12:25,720 thought about this in sort of a three stage approach from a 243 00:12:25,720 --> 00:12:28,880 strategy and we've started with the first stage is kind of 244 00:12:28,880 --> 00:12:32,280 visibility is like hey we just need to really understand what 245 00:12:32,280 --> 00:12:34,720 the reality is so we can show people and people could start 246 00:12:34,720 --> 00:12:38,720 using that data And then we moved on to OK now how do we do 247 00:12:38,720 --> 00:12:42,920 remediation that's Step 2. And so now I can see but now how 248 00:12:42,920 --> 00:12:45,760 do I fix, how do I see what's wrong, how do I see where the 249 00:12:45,760 --> 00:12:49,240 biggest risk, you know most highly damaging potentially 250 00:12:49,240 --> 00:12:52,000 damaging instances of over privilege exists. 251 00:12:52,000 --> 00:12:55,640 So I can go fix them, but then you go on to stage 3, which is 252 00:12:55,680 --> 00:12:58,720 absolutely, as you point out, it's around control, it's around 253 00:12:58,720 --> 00:13:00,840 provisioning. How do I make sure I actually 254 00:13:00,840 --> 00:13:03,240 create the right level permission out of the gate? 255 00:13:03,240 --> 00:13:06,240 How do I actually create those accounts either on birthright 256 00:13:06,240 --> 00:13:09,280 events, on, you know, joiner, mover lever types of things or 257 00:13:09,400 --> 00:13:12,880 when someone is asking for access because they need 258 00:13:12,880 --> 00:13:15,920 additional access to do their job, That's where the magic 259 00:13:15,920 --> 00:13:18,440 happens. And then making a virtuous 260 00:13:18,440 --> 00:13:20,600 cycle. Right now when you think about 261 00:13:20,600 --> 00:13:23,800 all these, you know, this, this, this grand access life cycle 262 00:13:24,240 --> 00:13:27,240 when for instance, you're in access reviews and you're 263 00:13:27,240 --> 00:13:29,800 saying, hey, somebody, you know, somebody has access, they 264 00:13:29,800 --> 00:13:31,240 shouldn't have, we should take that away. 265 00:13:31,600 --> 00:13:33,600 Well, how did they get that in the 1st place, right. 266 00:13:33,920 --> 00:13:36,400 Because they had to, they had to get provisioned somebody either, 267 00:13:36,400 --> 00:13:39,840 you know, fulfilled a ticket or there's a birthright policy 268 00:13:40,000 --> 00:13:42,880 that's wrong. And you know, just because you 269 00:13:42,880 --> 00:13:45,920 found 11 instance of it, is that the only instance of it? 270 00:13:46,320 --> 00:13:48,440 Is it where there's smoke, there's fire or is this, you 271 00:13:48,440 --> 00:13:50,080 know, something that's relevant for the whole group? 272 00:13:50,080 --> 00:13:53,400 Is there a whole role that's over permissioned or you know, 273 00:13:53,400 --> 00:13:55,920 there there's something broken? And sort of how do you take 274 00:13:55,920 --> 00:13:59,960 those little instances that you find and rather than just 275 00:13:59,960 --> 00:14:02,680 fixing, fixing those at a little granular level, how do you sort 276 00:14:02,680 --> 00:14:05,440 of take it and actually build intelligence into that to sort 277 00:14:05,440 --> 00:14:08,520 of fix the overall root cause of those processes that are that 278 00:14:08,520 --> 00:14:09,720 are broken? So I want to take the 279 00:14:09,720 --> 00:14:13,280 conversation a little away from theoretical and more into the 280 00:14:13,280 --> 00:14:15,760 real world. I was poke it around the Beza 281 00:14:15,760 --> 00:14:18,480 website, beza.com, there you go. There's a plug. 282 00:14:19,640 --> 00:14:22,000 You've got some really impressive logos that are kind 283 00:14:22,000 --> 00:14:25,800 of scrolling through there and it makes me kind of wonder, you 284 00:14:25,800 --> 00:14:28,680 know, beyond right, the logos we've got there. 285 00:14:29,120 --> 00:14:30,920 What are there any indications of? 286 00:14:30,920 --> 00:14:34,400 Are there specific types of challenges that Beza is best 287 00:14:34,400 --> 00:14:36,200 suited to solve? Where? 288 00:14:36,240 --> 00:14:38,400 What is that actual sweet spot that we've got here? 289 00:14:39,200 --> 00:14:40,280 Yeah. And you'll, you'll find there's 290 00:14:40,280 --> 00:14:41,600 a, there's a range of them, right. 291 00:14:41,600 --> 00:14:45,400 And so it's, it's funny how you know every company's struggling 292 00:14:45,400 --> 00:14:47,640 with something that's that's often a little bit different. 293 00:14:47,640 --> 00:14:51,760 So in some cases it's around sort of struggling with 294 00:14:51,760 --> 00:14:54,000 identities, right. And so it's not just human 295 00:14:54,000 --> 00:14:57,280 identities, but often. One good example here is machine 296 00:14:57,280 --> 00:14:58,880 identities and service accounts, right. 297 00:14:58,880 --> 00:15:01,360 They might be trying to, you know, sort of broaden the 298 00:15:01,360 --> 00:15:05,320 definition around governance to include things like that. 299 00:15:05,320 --> 00:15:09,560 It might be instances where they're they're actually seeing 300 00:15:09,560 --> 00:15:12,600 that typical role based access control doesn't work for them 301 00:15:12,760 --> 00:15:14,720 right? That they're trying to manage by 302 00:15:14,920 --> 00:15:17,920 groups and roles. And you know, and this is the 303 00:15:18,000 --> 00:15:21,600 the canonical classic example is you've got a role that's named 304 00:15:21,800 --> 00:15:25,440 read only and guess what they're right privileges embedded in 305 00:15:25,440 --> 00:15:28,040 there. And so you know, and what you 306 00:15:28,040 --> 00:15:32,440 start to realize is that you're not really doing role based 307 00:15:32,680 --> 00:15:36,360 access control. You're you're managing by names 308 00:15:36,360 --> 00:15:38,920 of roles and descriptions of roles, right. 309 00:15:38,960 --> 00:15:42,040 And so the and the reality is that you know, hey, what does 310 00:15:42,040 --> 00:15:44,920 this role actually do, you know, does does being a member of this 311 00:15:44,920 --> 00:15:48,720 role and being able to assume this role actually allow this 312 00:15:48,720 --> 00:15:52,400 person to go blow away my customer database as an example 313 00:15:52,840 --> 00:15:55,360 And he said, wow, I wouldn't want that and I hope it doesn't, 314 00:15:55,360 --> 00:15:58,760 but I don't know. And so this is one of the things 315 00:15:58,760 --> 00:16:02,920 that when you start to pull on that thread, it it's it, it 316 00:16:02,920 --> 00:16:05,400 becomes obvious that a new solution is required. 317 00:16:05,400 --> 00:16:08,280 And sort of like the way that different customers pull on that 318 00:16:08,280 --> 00:16:10,360 thread can vary. Sometimes it's an auditor that 319 00:16:10,360 --> 00:16:12,280 sort of figures it out and starts asking lots of 320 00:16:12,280 --> 00:16:14,920 uncomfortable questions. Sometimes it's the CISO 321 00:16:14,920 --> 00:16:16,280 themselves. And you know, it's like 322 00:16:16,280 --> 00:16:19,120 following up out of a breach where you know, it's only in 323 00:16:19,120 --> 00:16:23,240 asking these really concrete questions and understanding how 324 00:16:23,240 --> 00:16:27,880 limited all the existing tool sets are that, you know, a CSO 325 00:16:27,880 --> 00:16:31,040 or somebody or some executive of the company realizes that there 326 00:16:31,040 --> 00:16:34,480 needs to be a different way. So I was going to ask a follow 327 00:16:34,480 --> 00:16:38,200 up question here around, you know these are relatively large 328 00:16:38,200 --> 00:16:40,360 companies, right, well known. I'm going to have to imagine 329 00:16:40,360 --> 00:16:43,320 that they already have tools in this space for Identity and 330 00:16:43,320 --> 00:16:45,720 access management, probably a number of them. 331 00:16:46,640 --> 00:16:50,000 Which leads me to the question of how do you get somebody who 332 00:16:50,160 --> 00:16:53,360 has already got tools in a space to say, oh, hey, you know, 333 00:16:53,440 --> 00:16:55,160 you've got this new tool, it's called VASA. 334 00:16:55,240 --> 00:16:58,520 We should take a look at it and then actually get in to some of 335 00:16:58,520 --> 00:17:00,720 these organizations. I mean, how do you establish 336 00:17:00,720 --> 00:17:05,079 that trust, that confidence rate and say, hey, this is something 337 00:17:05,079 --> 00:17:07,760 that we've not been able to achieve with the tool sets that 338 00:17:07,760 --> 00:17:10,160 we have and Vasa is solving for us. 339 00:17:10,319 --> 00:17:12,800 This specific thing or these specific things, maybe there's a 340 00:17:12,800 --> 00:17:14,960 variety of them. How do you, how do you even get 341 00:17:14,960 --> 00:17:17,880 into that conversation with the Cesos, with the other folks who 342 00:17:17,880 --> 00:17:20,200 are making those decisions on their investments? 343 00:17:20,920 --> 00:17:24,599 Yeah well the the nice thing is that let most Cesos are very are 344 00:17:24,640 --> 00:17:26,079 are interested in new technologies. 345 00:17:26,079 --> 00:17:28,960 So you know so even if you're if they're saying hey you know 346 00:17:29,080 --> 00:17:31,280 maybe I'm not going to buy anything but they want to know 347 00:17:31,280 --> 00:17:33,920 what's going on. And so that's that's always you 348 00:17:33,920 --> 00:17:36,880 know something where you can especially if it's something new 349 00:17:36,880 --> 00:17:38,920 and something that they they haven't seen a lot of tools 350 00:17:38,920 --> 00:17:43,960 around it's you know they they generally are are interested and 351 00:17:44,320 --> 00:17:46,880 and then it's sort of a question of like hey how does this map 352 00:17:46,920 --> 00:17:51,080 into something that's on my key priorities for the next year, 353 00:17:51,240 --> 00:17:52,240 right. So you know when you actually 354 00:17:52,240 --> 00:17:55,200 get down to okay like you know are they going to actually buy 355 00:17:55,200 --> 00:17:57,440 the product or not. It has to obviously be relevant 356 00:17:57,440 --> 00:18:00,880 for something that they care about and and that's one where 357 00:18:00,880 --> 00:18:03,400 you know it, it can again it it varies, right. 358 00:18:03,400 --> 00:18:07,960 And and I know one of one of our customers we were in the in the 359 00:18:07,960 --> 00:18:11,760 first meeting and and actually we're having the conversation 360 00:18:11,760 --> 00:18:13,440 and it was sort of you know we're dancing around it. 361 00:18:13,440 --> 00:18:15,040 It was kind of, you know, kind of interesting, but we saw 362 00:18:15,040 --> 00:18:19,040 something written up behind him on his whiteboard and it was 363 00:18:19,040 --> 00:18:20,320 just, it was just the word China. 364 00:18:20,840 --> 00:18:25,560 And we said China, what's that? And he started describing some 365 00:18:25,560 --> 00:18:29,640 of the problems that he was having with managing access to 366 00:18:29,640 --> 00:18:32,400 box folders. And so it was both the problem 367 00:18:32,400 --> 00:18:35,360 of having data from because they they had operations 368 00:18:35,360 --> 00:18:37,680 internationally. And so it was both from the 369 00:18:37,680 --> 00:18:40,840 example of data from people in China. 370 00:18:40,840 --> 00:18:43,680 So you know PII of Chinese nationals being accessed by 371 00:18:43,680 --> 00:18:46,600 people outside of China and the reverse that there were some 372 00:18:46,600 --> 00:18:49,720 some sensitive things that if you were a Chinese national you 373 00:18:49,720 --> 00:18:53,040 shouldn't get access to and just be able to manage that right of 374 00:18:53,040 --> 00:18:56,800 like you know this, this cross-border issue with a 375 00:18:56,800 --> 00:18:59,520 particular place where they had a lot of data that was important 376 00:18:59,520 --> 00:19:01,840 to them. And so it was you know and so 377 00:19:01,840 --> 00:19:04,360 that turned out to be a key use case for them. 378 00:19:04,600 --> 00:19:08,000 And so again you know when you when you talk to all these 379 00:19:08,000 --> 00:19:09,280 different customers, it can vary. 380 00:19:09,280 --> 00:19:12,440 Sometimes it's GitHub, sometimes it's Salesforce, sometimes it's 381 00:19:12,440 --> 00:19:16,360 Snowflake, sometimes it's AWS, Azure, GCP, sometimes it's 382 00:19:16,360 --> 00:19:19,760 custom applications. And this is this is 1 where that 383 00:19:19,760 --> 00:19:24,080 that was true for our very first customer and they they were 384 00:19:24,080 --> 00:19:27,080 trying to do it because they had built a on top of their SAS 385 00:19:27,080 --> 00:19:30,320 platform, a help desk application, right so custom 386 00:19:30,360 --> 00:19:32,960 custom app. But for all the people who were 387 00:19:32,960 --> 00:19:36,720 helping their customers resolve tickets, right and resolve 388 00:19:36,720 --> 00:19:41,040 issues and you know help desk folks are you know there are a 389 00:19:41,040 --> 00:19:42,480 lot of them. They have a fairly high tune 390 00:19:42,480 --> 00:19:44,720 over. They're not always the highest 391 00:19:44,720 --> 00:19:46,440 paid and highest level. You know you got a lot of 392 00:19:46,440 --> 00:19:51,600 analyst level people and this Cesar wasn't sure what the help 393 00:19:51,600 --> 00:19:54,640 desk people had had access to. When you know when they're able 394 00:19:54,640 --> 00:19:58,320 to actually you know get into a customer tenant and and and get 395 00:19:58,320 --> 00:20:01,760 a pretty deep access, that was the number one thing that they 396 00:20:01,760 --> 00:20:04,000 were concerned about. So it really varies from 397 00:20:04,000 --> 00:20:07,160 customer to customer sort of. You know what the area is that's 398 00:20:07,160 --> 00:20:11,160 most important, but so much of it result revolves around that 399 00:20:11,160 --> 00:20:13,600 core theme that we've been talking about, who, who has 400 00:20:13,640 --> 00:20:16,440 access to what, and should they have that access? 401 00:20:17,200 --> 00:20:20,320 So Rich, you've been doing a lot of videos lately, and I saw 402 00:20:20,320 --> 00:20:25,320 video on LinkedIn with you and your founder and CEO Tarun 403 00:20:25,320 --> 00:20:27,040 Thakur. So hi Tarun. 404 00:20:28,280 --> 00:20:30,760 And he said something. I'm going to quote him here, 405 00:20:32,000 --> 00:20:36,160 knowing who can take action on what data is the biggest 406 00:20:36,160 --> 00:20:38,680 identity challenge. So I wanted to break that down a 407 00:20:38,680 --> 00:20:45,240 little bit because I think when we talk identity, it's not 408 00:20:45,240 --> 00:20:49,520 always brought back to the data that you're protecting the data 409 00:20:49,520 --> 00:20:53,880 and and knowing who has access to what data is being important. 410 00:20:53,880 --> 00:20:57,120 So why is Why use the term data? Why? 411 00:20:57,120 --> 00:20:59,120 Why is that the important differentiator? 412 00:21:00,320 --> 00:21:02,440 Yeah. For us it really comes down to 413 00:21:02,560 --> 00:21:06,040 the overall priorities of an organization. 414 00:21:06,040 --> 00:21:08,200 And when you think about, you know, everybody talks in 415 00:21:08,200 --> 00:21:12,080 security by the crown jewels that more the most frequent 416 00:21:12,080 --> 00:21:14,920 thing there is the data are the crown jewels. 417 00:21:14,920 --> 00:21:17,120 Like why are you protecting it? It's not really because you need 418 00:21:17,120 --> 00:21:18,640 to protect the servers. It's not because the 419 00:21:18,640 --> 00:21:20,880 infrastructure is that valuable because it's all dynamic, right. 420 00:21:20,880 --> 00:21:24,600 It's all in the cloud. Like I don't really care that my 421 00:21:24,600 --> 00:21:27,560 infrastructure is protected except that I need to protect 422 00:21:27,560 --> 00:21:29,440 the data that's running on that infrastructure, right. 423 00:21:29,440 --> 00:21:32,280 That tends to be the number one thing and obviously there are 424 00:21:32,280 --> 00:21:35,680 there are exceptions to that but when you go and have the board 425 00:21:35,680 --> 00:21:39,600 level conversation when you're talking to the CSO that that has 426 00:21:39,600 --> 00:21:44,040 been a strongly resonant theme is that I want to protect my 427 00:21:44,040 --> 00:21:46,680 data why are we doing all this why am I doing security at all. 428 00:21:47,120 --> 00:21:51,160 And and that that's the the been the piece that comes out is is 429 00:21:51,160 --> 00:21:53,800 most strongly and and something that you know that gets board 430 00:21:53,800 --> 00:21:56,720 level attention that you know every and everybody knows if you 431 00:21:56,800 --> 00:22:01,400 if you have a breach around the data that you know that makes 432 00:22:01,400 --> 00:22:03,720 the paper right that's that that's the thing that really 433 00:22:03,720 --> 00:22:05,800 gets gets nailed. So it's it's really around that 434 00:22:05,800 --> 00:22:08,960 resonance of being able to connect it to a real business 435 00:22:08,960 --> 00:22:10,680 goal that everybody understands. Yeah. 436 00:22:10,680 --> 00:22:14,320 And I know your role, you're not the the frontline like cold 437 00:22:14,320 --> 00:22:18,560 calling people. We might run into this objection 438 00:22:18,560 --> 00:22:22,920 which is well we do our back so we don't, we don't need this, 439 00:22:22,920 --> 00:22:27,880 right. I think this kind of discussion 440 00:22:28,280 --> 00:22:33,400 really goes to OK level beyond our back towards a more data 441 00:22:33,400 --> 00:22:37,680 centric approach, right. Do you see that like is like 442 00:22:37,680 --> 00:22:42,280 people think RBAC is at the right level of managing? 443 00:22:42,280 --> 00:22:47,440 Security, I think most everybody does RBAC, but when you point 444 00:22:47,440 --> 00:22:50,280 out some of these natural flaws, and I think one of the one of my 445 00:22:50,280 --> 00:22:53,760 favourites to talk about this with is with reference to access 446 00:22:53,760 --> 00:22:55,640 reviews because everybody's sort of gone through it. 447 00:22:55,640 --> 00:22:59,160 If you're a manager, you, you know, at any companies of size, 448 00:22:59,160 --> 00:23:02,280 you've done an access review. And so you've gone through and 449 00:23:02,280 --> 00:23:04,440 done all these things where you said, hey, this is, you know, 450 00:23:04,920 --> 00:23:07,480 you know, here's Fred, he's on my team and here's all the stuff 451 00:23:07,480 --> 00:23:10,080 that Fred has access to. And is that right? 452 00:23:10,880 --> 00:23:13,800 And I asked this question again. You know, I remember back to, 453 00:23:13,800 --> 00:23:15,960 you know, one of the one of the Csos or one of my organization. 454 00:23:15,960 --> 00:23:18,560 I said, you know, I said, hey, how, what's your experience with 455 00:23:18,560 --> 00:23:20,360 that? Like, you know, is that a good 456 00:23:20,360 --> 00:23:23,120 experience for you? And he said, yeah, half the time 457 00:23:23,120 --> 00:23:24,400 I don't know what I'm clicking yes to. 458 00:23:24,840 --> 00:23:28,640 And I like that is a very, that's an extremely common 459 00:23:28,640 --> 00:23:33,320 experience is that people are saying yes, but it's kind of 460 00:23:33,320 --> 00:23:36,440 meaningless. It's this whole idea of, you 461 00:23:36,440 --> 00:23:39,280 know, compliance theatre or security theatre, right. 462 00:23:39,280 --> 00:23:41,240 People are going through the motions because you have to, 463 00:23:41,240 --> 00:23:42,960 right? You've got to have access 464 00:23:42,960 --> 00:23:45,160 reviews, that's you've got to check that box. 465 00:23:45,160 --> 00:23:50,760 But wouldn't it be great if you could actually do that and and 466 00:23:50,760 --> 00:23:54,080 do that compliance process, spend the time, ask everybody 467 00:23:54,080 --> 00:23:57,640 who's managing to spend the time and actually improve your 468 00:23:57,640 --> 00:23:59,080 security posture at the same time? 469 00:23:59,760 --> 00:24:01,600 Wouldn't that be great? Is that too much to ask? 470 00:24:02,040 --> 00:24:04,920 And we don't think it is, in that you can actually do these 471 00:24:04,920 --> 00:24:07,640 all you know that that's the real reason you're doing access 472 00:24:07,640 --> 00:24:10,680 reviews is you want to restrict access. 473 00:24:10,680 --> 00:24:13,240 You want to make sure that only the people who need it are 474 00:24:13,240 --> 00:24:16,800 getting access. And if you don't give people the 475 00:24:16,800 --> 00:24:20,240 right information about what that really means, you're asking 476 00:24:20,240 --> 00:24:24,120 them to do an impossible job. And this, this is the thing that 477 00:24:24,120 --> 00:24:27,040 I think is so fundamentally broken with most of these 478 00:24:27,040 --> 00:24:29,280 processes is people doing these things that they know don't 479 00:24:29,280 --> 00:24:32,080 really help, and there's a better way. 480 00:24:32,760 --> 00:24:35,720 Let's talk about the the principle of least privilege, 481 00:24:35,720 --> 00:24:41,000 because I kind of feel like least privilege and RBAC pull it 482 00:24:41,000 --> 00:24:44,400 opposite ends of the of the string you've got. 483 00:24:44,520 --> 00:24:49,520 RBAC where it's saying we need to establish these roles is 484 00:24:49,520 --> 00:24:56,240 going to give certain levels of application level access. 485 00:24:56,680 --> 00:24:59,160 But when you're talking about an enterprise, I mean think of how 486 00:24:59,160 --> 00:25:02,840 many systems and how many roles within those systems that you 487 00:25:02,840 --> 00:25:05,720 have to manage amongst potentially hundreds of 488 00:25:05,720 --> 00:25:10,440 thousands of of your workforce. Now if you were to do true least 489 00:25:10,440 --> 00:25:15,680 privilege to every one of those systems and to the data, doesn't 490 00:25:15,680 --> 00:25:19,080 it become unmanageable? Absolutely right. 491 00:25:19,080 --> 00:25:21,520 So the way I would look at it is, I don't know if I'd say 492 00:25:21,520 --> 00:25:24,920 they're at polar opposite ends of the spectrum, but I think 493 00:25:25,240 --> 00:25:27,440 that you know least privilege everybody agrees with in 494 00:25:27,440 --> 00:25:29,280 principle. Like I've never heard anybody 495 00:25:29,280 --> 00:25:31,800 say Nah, I don't believe in least privilege like it's it's 496 00:25:31,800 --> 00:25:34,440 you know everybody agrees it's the right idea. 497 00:25:34,600 --> 00:25:36,600 It's really a question of how do you implement it. 498 00:25:36,800 --> 00:25:40,600 And so RBAC is sort of is the way I see is like most every 499 00:25:40,600 --> 00:25:44,880 organization at some level has implements RBAC as a practical 500 00:25:44,880 --> 00:25:48,840 way to get to least privilege. But even within that, the 501 00:25:48,840 --> 00:25:52,040 challenge is how do I get the right roles, how do I even 502 00:25:52,040 --> 00:25:54,080 assign the right roles. And so I'll I'll give another 503 00:25:54,080 --> 00:25:56,760 example here. One of our customers actually 504 00:25:56,760 --> 00:26:00,760 uses VASA as a provisioning intelligence tool. 505 00:26:00,920 --> 00:26:04,320 What I mean by that is what they have is that they have a process 506 00:26:04,320 --> 00:26:07,560 around Snowflake. And so when a developer who's 507 00:26:07,720 --> 00:26:11,200 doing their developer job needs access to something in 508 00:26:11,200 --> 00:26:14,080 Snowflake, maybe a table in Snowflake, and they submit a 509 00:26:14,080 --> 00:26:17,480 ticket and they ask, hey, I want to get the access to this. 510 00:26:17,560 --> 00:26:21,320 So the challenge this organization had before Vasa was 511 00:26:21,480 --> 00:26:23,480 they had all these rules in Snowflake and they didn't know 512 00:26:23,480 --> 00:26:26,320 which rule to provision. Because that's the question is 513 00:26:26,320 --> 00:26:29,600 like, how do you know what rule best conforms to least 514 00:26:29,600 --> 00:26:31,920 privilege, the role that gives them access to that table that 515 00:26:31,920 --> 00:26:34,160 they need and as little else as possible? 516 00:26:34,760 --> 00:26:38,520 That's an incredibly hard thing to answer, right, because 517 00:26:38,680 --> 00:26:42,720 there's no tool could actually see what does this role do in 518 00:26:42,720 --> 00:26:44,840 Snowflake, really what does this give access to? 519 00:26:45,360 --> 00:26:48,080 And so by using Vasa, they actually were able to implement 520 00:26:48,080 --> 00:26:50,600 that. So simply saying, hey, now I 521 00:26:50,600 --> 00:26:54,240 know what role to give, right. And by doing that, they and they 522 00:26:54,240 --> 00:26:56,040 and they actually measured this. So they have, they had an 523 00:26:56,040 --> 00:26:59,280 internal process where they were actually looking at the total 524 00:26:59,280 --> 00:27:03,080 exposure and the total risk from all the different permissions on 525 00:27:03,080 --> 00:27:05,880 Snowflake. When they introduced Vasa after 526 00:27:05,880 --> 00:27:08,240 a year of doing this process, they were able to reduce the 527 00:27:08,240 --> 00:27:12,120 total number of permissions, the total risk on snowflake by 80%. 528 00:27:12,680 --> 00:27:17,160 So that's by just knowing what role do I grant because they had 529 00:27:17,160 --> 00:27:20,280 no way to know before. So you know, so Vasa can 530 00:27:20,360 --> 00:27:24,520 absolutely and almost always does We actually make our back 531 00:27:24,520 --> 00:27:26,720 better, right. It's not that we replace our 532 00:27:26,720 --> 00:27:29,960 back and this is also one of the themes about how we work in 533 00:27:29,960 --> 00:27:34,080 general is that we really, I think I've done a nice job of 534 00:27:34,080 --> 00:27:35,360 meeting customers where they are. 535 00:27:35,520 --> 00:27:38,240 We don't force you to go take a different architecture. 536 00:27:38,440 --> 00:27:42,080 We're leveraging all the existing authorization schemes 537 00:27:42,080 --> 00:27:44,480 in the native systems that you're already using. 538 00:27:44,720 --> 00:27:47,480 But we actually tell you what it means and help you fix what's 539 00:27:47,480 --> 00:27:49,680 broken. OK, Rich, so help me out here. 540 00:27:49,880 --> 00:27:56,640 Does Visa tell me what a person has or on the other end of the 541 00:27:56,640 --> 00:28:00,280 spectrum, who can do some action on my data? 542 00:28:00,480 --> 00:28:02,880 Which one? You can go both directions 543 00:28:03,000 --> 00:28:05,080 right? So so this is this is the beauty 544 00:28:05,080 --> 00:28:09,120 of having a graph is you can start from you know for us the 545 00:28:09,120 --> 00:28:10,640 person is on the left side of the graph. 546 00:28:10,720 --> 00:28:14,440 And by person I mean might be a real person or might be a 547 00:28:14,440 --> 00:28:17,080 service account. But then I can traverse through 548 00:28:17,080 --> 00:28:21,600 and say all right this person is linked to a group and that group 549 00:28:21,600 --> 00:28:24,760 might be a nested group that then connects to a role. 550 00:28:24,920 --> 00:28:28,720 That role might be hierarchical then that goes into maybe I'm 551 00:28:28,720 --> 00:28:32,960 going to go through a bunch of different policies in in IAM, 552 00:28:33,200 --> 00:28:36,120 but then all the eventually I'm going to get all the way down to 553 00:28:36,360 --> 00:28:41,400 a resource in that target system and an action that can be taken 554 00:28:41,400 --> 00:28:42,560 on that target system in the end. 555 00:28:42,560 --> 00:28:45,800 So one of the big innovations as well that we've also built in 556 00:28:45,800 --> 00:28:49,080 here is this idea of effective permissions in that we do a 557 00:28:49,080 --> 00:28:51,280 translation. And so we don't just give you 558 00:28:51,280 --> 00:28:55,160 the raw permissions that are in the system because often times 559 00:28:55,600 --> 00:28:57,320 it's very hard to understand what those things mean. 560 00:28:57,320 --> 00:28:59,920 But we'll actually say, hey, does this mean you can create, 561 00:29:00,240 --> 00:29:04,240 read, update or delete the language of CRUD, right. 562 00:29:04,240 --> 00:29:08,320 And so you can do that on this object and of course you and 563 00:29:08,320 --> 00:29:09,800 then you can go the other way as well. 564 00:29:09,800 --> 00:29:11,400 And that's one of the beautiful things about the graph. 565 00:29:11,400 --> 00:29:14,720 You can say, hey, my customer database, a resource in this 566 00:29:14,720 --> 00:29:20,080 system in Snowflake or you know, Bitbucket, you know, I, I have 567 00:29:20,200 --> 00:29:23,040 AI have a repo in GitHub. I want to see everybody who has 568 00:29:23,040 --> 00:29:25,160 access to that thing, right. You can go the other way. 569 00:29:25,440 --> 00:29:28,000 And so it's a it's a very flexible kind of data model. 570 00:29:29,280 --> 00:29:32,080 Yeah, I think that's important is like you can go either way. 571 00:29:32,080 --> 00:29:34,600 And then one of the nuances I picked up on what you're just 572 00:29:34,600 --> 00:29:36,520 saying, you can start in the middle. 573 00:29:37,520 --> 00:29:40,640 You can start with, hey, I want to see what this role or this 574 00:29:40,640 --> 00:29:45,520 group does or can do. And I think that's important. 575 00:29:45,600 --> 00:29:50,000 You know, there's this debate in the identity community around 576 00:29:50,440 --> 00:29:54,840 least privilege or if you just like take a beeline to 0 577 00:29:54,840 --> 00:29:58,040 standing privilege. But The thing is, like, even if 578 00:29:58,040 --> 00:30:01,520 you go to the 0 standing privilege route, eventually you 579 00:30:01,520 --> 00:30:05,240 have to put it on to a user. And if you don't really know 580 00:30:05,240 --> 00:30:08,520 what it does, then you're just like saying, all right, well, 581 00:30:08,520 --> 00:30:12,240 we're going to trust you with this machine gun for 15 minutes 582 00:30:12,240 --> 00:30:14,320 and hopefully you use it as intended. 583 00:30:15,440 --> 00:30:18,080 That's that's exactly right. Now that's that's great insight 584 00:30:18,080 --> 00:30:20,720 because that's that's always one of the things that makes me 585 00:30:20,720 --> 00:30:23,560 scratch my head is like you know 0 standing privilege and doing 586 00:30:23,560 --> 00:30:25,280 just in time is great. I mean that's a that's an 587 00:30:25,280 --> 00:30:27,720 important aspect. But you're still granting 588 00:30:27,720 --> 00:30:29,320 access. And if you're if you're sort of 589 00:30:29,320 --> 00:30:33,360 going to you know all just in time privilege like you know the 590 00:30:33,360 --> 00:30:37,360 number of approvals that have to go through magnifies you know by 591 00:30:37,400 --> 00:30:40,560 by whatever that is by whatever factor you want to pick. 592 00:30:40,960 --> 00:30:44,040 And then those approvals just get rubber stamped right. 593 00:30:44,040 --> 00:30:47,040 And so you're always have, you know there's always a a you know 594 00:30:47,040 --> 00:30:50,640 sort of a balance there because the more approvals you do and 595 00:30:50,640 --> 00:30:52,720 and force through a sort of a just in time provisioning 596 00:30:52,720 --> 00:30:55,320 system, the less attention that gets paid to each of them. 597 00:30:55,320 --> 00:30:58,280 And so you, you always want to be judicious about that and say 598 00:30:58,280 --> 00:31:00,280 hey maybe there's some people who should never get access. 599 00:31:00,280 --> 00:31:02,240 I don't care who approves it. I don't care if their manager 600 00:31:02,240 --> 00:31:06,920 says it's OK like you know, Fred should not be able to blow away 601 00:31:06,920 --> 00:31:10,480 the customer database. Like I don't care if somebody 602 00:31:10,480 --> 00:31:11,960 says it's OK. But it's Fred. 603 00:31:11,960 --> 00:31:15,640 Come on, I mean. I'm sure there's someone out 604 00:31:15,640 --> 00:31:17,960 there whose name is Fred who's really his. 605 00:31:18,000 --> 00:31:21,320 His ears are steaming right now. He's not happy with what we're 606 00:31:21,320 --> 00:31:22,960 saying about him. No, I know. 607 00:31:22,960 --> 00:31:24,840 I I feel sorry. Just Fred things. 608 00:31:25,520 --> 00:31:26,960 I'm sorry, Fred, when you're out there. 609 00:31:29,200 --> 00:31:34,760 There was a video that we saw around Intelligent Access and 610 00:31:35,120 --> 00:31:37,160 one of the things that it covered or one of the things I 611 00:31:37,160 --> 00:31:40,000 emphasized was covering all systems. 612 00:31:40,440 --> 00:31:43,040 So all right, I've got my skeptic cat on now because I've 613 00:31:43,040 --> 00:31:45,680 been through enough of these appointments where there's 614 00:31:45,680 --> 00:31:52,120 always an asterisk or something. Is it really all systems meaning 615 00:31:52,160 --> 00:31:57,840 legacy systems as well modern systems, SAS, non SAS? 616 00:31:58,240 --> 00:32:00,720 Help me understand what the coverage looks like here and 617 00:32:00,720 --> 00:32:04,440 what's what's realistic from AI guess from that coverage or 618 00:32:04,440 --> 00:32:07,800 integration perspective. Yep, that's a a great question 619 00:32:07,800 --> 00:32:10,200 and you're right to be skeptical because that is all that that is 620 00:32:10,200 --> 00:32:13,560 always the that is always the the devil's in the details and 621 00:32:13,920 --> 00:32:17,440 the reality is for some systems that we cover natively their 622 00:32:17,440 --> 00:32:21,600 cloud that have well formed AP is integration can be very, very 623 00:32:21,600 --> 00:32:23,480 fast, right. And so you know the on the on 624 00:32:23,480 --> 00:32:27,840 that example for I know of at least one customer where they 625 00:32:27,840 --> 00:32:31,840 were able to fully deploy Vasa in about 30 minutes because they 626 00:32:31,840 --> 00:32:35,440 were all cloud. And the SISO who happened to be 627 00:32:35,440 --> 00:32:39,080 our server customer champion there happened to have admin 628 00:32:39,080 --> 00:32:41,960 level privileges for all the systems that we were worried 629 00:32:41,960 --> 00:32:44,000 about. So I won't comment on that but 630 00:32:44,000 --> 00:32:47,120 that was the reality as it sometimes is And so he was able 631 00:32:47,120 --> 00:32:50,680 to go set up the read only roles that's sort of one of the 632 00:32:50,680 --> 00:32:53,720 necessary pieces you want to you want to make sure that BEZA has 633 00:32:53,880 --> 00:32:56,000 least privilege that we only have access to the stuff that we 634 00:32:56,000 --> 00:33:00,240 need to do the job and the and fulfil the use cases that you've 635 00:33:00,240 --> 00:33:02,920 bought the product for. So it was it was very 636 00:33:02,920 --> 00:33:06,840 straightforward and that was and then we're off to the races In 637 00:33:06,840 --> 00:33:10,040 other cases where for instance the custom application or if 638 00:33:10,040 --> 00:33:13,720 it's an on premise application that doesn't have good Restful 639 00:33:13,720 --> 00:33:17,160 APIs right then we've got to figure out a different way to 640 00:33:17,160 --> 00:33:20,480 get the data into the Vasa system and that can take some 641 00:33:20,480 --> 00:33:23,800 more work. And so an example here is one of 642 00:33:23,800 --> 00:33:27,240 our larger customers that's using us for access reviews 643 00:33:27,720 --> 00:33:30,080 integrated in about the first, I think it was about the first 644 00:33:30,080 --> 00:33:34,000 four months or so about 60 different custom applications to 645 00:33:34,000 --> 00:33:36,160 do access reviews on, right. And so that took some work. 646 00:33:36,200 --> 00:33:39,400 But still I would say if you've if you've ever gone through an 647 00:33:39,400 --> 00:33:42,680 IGA deployment and tried to do it, getting 60 custom 648 00:33:42,680 --> 00:33:47,040 applications in four months is a pretty good clip of things. 649 00:33:47,040 --> 00:33:49,320 And so that's that's sort of the the longer end. 650 00:33:49,840 --> 00:33:53,040 And the other thing I'll say is that from even on premise 651 00:33:53,200 --> 00:33:56,760 systems, we have a couple of customers that are all on Prem 652 00:33:57,160 --> 00:34:00,680 right zero cloud. And so they actually that was 653 00:34:00,680 --> 00:34:03,480 actually one that was surprising to me because I remember asking 654 00:34:03,480 --> 00:34:05,760 this I was we were at one of these one of our company 655 00:34:05,760 --> 00:34:08,000 meetings and I asked the questions like hey how are we, 656 00:34:08,280 --> 00:34:10,440 how are we doing on the on Prem is that is that real? 657 00:34:10,440 --> 00:34:12,800 Because I was, I was wondering myself over how it actually 658 00:34:12,800 --> 00:34:15,719 worked in reality And and they were like, yeah, we got a couple 659 00:34:15,719 --> 00:34:17,480 customers that are fully, fully on Prem. 660 00:34:17,560 --> 00:34:21,320 And I was like that's really fantastic because that gives me 661 00:34:21,320 --> 00:34:23,520 the confidence that they can actually get the value out of 662 00:34:23,520 --> 00:34:26,920 Visa even though they don't have any any cloud infrastructure at 663 00:34:26,920 --> 00:34:29,760 all. I think that's a really 664 00:34:29,760 --> 00:34:33,480 important distinction and maybe you know I'm not going to try 665 00:34:33,480 --> 00:34:36,880 and take over iveza's marketing, but that is an area that I 666 00:34:36,880 --> 00:34:40,120 typically see a lot of struggle with is hey you know what on 667 00:34:40,120 --> 00:34:42,800 Prem is on Prem we're not even going to try it man. 668 00:34:43,159 --> 00:34:46,679 We're going to focus on the cloud and SAS based applications 669 00:34:46,679 --> 00:34:50,280 and things like that because we know that they are having you 670 00:34:50,280 --> 00:34:53,159 know connectivity, they've got integrations, right. 671 00:34:53,159 --> 00:34:56,520 All the stuff's there. But you know I guess maybe 672 00:34:56,520 --> 00:35:00,520 something to think about to go to market is hey what is you 673 00:35:00,520 --> 00:35:03,240 know we can handle the on Prem stuff too which I think is such 674 00:35:03,240 --> 00:35:06,720 a missing link for a lot of things in this space. 675 00:35:06,720 --> 00:35:09,960 So I'm happy to hear it. What I'm not happy to hear about 676 00:35:09,960 --> 00:35:12,240 is 30 minutes to install something, get things 677 00:35:12,240 --> 00:35:14,440 configured. It's going to put people like me 678 00:35:14,440 --> 00:35:16,160 out of a job for integrating IGA. 679 00:35:17,440 --> 00:35:20,400 But I think that's that's another thing too, right, is how 680 00:35:20,400 --> 00:35:22,880 quickly you can get in there. Now 30 minutes I think you 681 00:35:22,880 --> 00:35:25,800 mentioned was a Seeso who had admin access to things which, 682 00:35:26,440 --> 00:35:27,920 you know, say what you want about Seeso's. 683 00:35:27,920 --> 00:35:29,760 A lot of them do like to have their hands in the pie. 684 00:35:31,200 --> 00:35:34,480 What is a normal, I guess, integration timeline look like? 685 00:35:34,560 --> 00:35:37,880 Is it days, weeks, months? I mean, it can't really be 30 686 00:35:37,880 --> 00:35:40,280 minutes all the time, but what's a what's an average deployment 687 00:35:40,280 --> 00:35:42,320 look like? Yeah, I'd say you know on 688 00:35:42,320 --> 00:35:45,080 average you know it's going to be in the term of weeks and 689 00:35:45,080 --> 00:35:50,000 that's also because you know usually what happens is and and 690 00:35:50,000 --> 00:35:52,280 we certainly encourage this is the, you know the the key to 691 00:35:52,280 --> 00:35:55,080 success is to start start small. So start with start with your 692 00:35:55,080 --> 00:35:58,440 cloud, start with something easy and get some wins right that and 693 00:35:58,440 --> 00:36:01,360 that's always the thing to you know to actually build momentum 694 00:36:01,360 --> 00:36:04,040 to build knowledge with the system and understanding with 695 00:36:04,040 --> 00:36:06,400 the system. So you know it, it sort of, you 696 00:36:06,400 --> 00:36:08,720 know, it depends how where you draw your boundaries and where 697 00:36:08,720 --> 00:36:11,280 you draw your lines. But you know, usually customers 698 00:36:11,280 --> 00:36:15,200 will start with something in the cloud, get it going quickly, get 699 00:36:15,200 --> 00:36:16,840 some wins and then they're off to the races. 700 00:36:16,840 --> 00:36:20,040 So from from a from a deployment in you know in you know a week 701 00:36:20,040 --> 00:36:22,680 or two, that's not unreasonable 'cause that's your approach. 702 00:36:22,680 --> 00:36:25,840 But if your if your goal post is you know got 1000 on Prem 703 00:36:25,840 --> 00:36:30,280 applications that are fully customized and on mainframes and 704 00:36:30,280 --> 00:36:33,440 AS4 hundreds that will that will take longer. 705 00:36:35,360 --> 00:36:38,800 AS400 green screens, They're giving me a flashback. 706 00:36:38,800 --> 00:36:42,280 So it's of our prior life. The other thing that I thought 707 00:36:42,280 --> 00:36:45,080 was interesting was this idea of covering all identities. 708 00:36:45,560 --> 00:36:50,040 So I'm guessing that means human and non human machines, service 709 00:36:50,040 --> 00:36:52,720 counts etcetera. I guess how do you, how do you 710 00:36:52,720 --> 00:36:57,080 make sure that you've got all the identities, types I guess 711 00:36:57,080 --> 00:36:59,800 covered and making sure you've got the right correlations in 712 00:36:59,800 --> 00:37:03,760 place to say, Oh yeah, this is Jeff and not AI version of Jeff 713 00:37:03,760 --> 00:37:06,600 or some machine or service account that Jeff is using to 714 00:37:06,600 --> 00:37:08,720 run an application. Can you walk us through a little 715 00:37:08,720 --> 00:37:10,680 bit about how that works? Yeah. 716 00:37:10,680 --> 00:37:13,520 And I think it's it's really that you know, I think I and I 717 00:37:13,520 --> 00:37:16,280 think the thing I'd like to to really emphasize here is that 718 00:37:16,280 --> 00:37:20,160 the, the thing that I've seen that is pretty different is also 719 00:37:20,160 --> 00:37:22,040 just the way that service accounts have been treated, 720 00:37:22,040 --> 00:37:23,560 right. And that and that you know 721 00:37:23,560 --> 00:37:26,440 obviously there's there are you know solutions out there that 722 00:37:26,440 --> 00:37:29,440 will go after service accounts. But typically the world of 723 00:37:29,440 --> 00:37:33,720 identity has sort of hasn't really treated those as sort of 724 00:37:34,760 --> 00:37:37,320 you know, full partners if you will, where you know like you 725 00:37:37,320 --> 00:37:40,000 know typically the, you know the service account types of 726 00:37:40,000 --> 00:37:42,840 processes have been around the Pam world, right. 727 00:37:42,840 --> 00:37:45,040 It's been in like Yep, you want to get your, you know your 728 00:37:45,040 --> 00:37:48,320 secrets and your certificates into the into the secrets vault. 729 00:37:48,480 --> 00:37:51,960 Yep, that's great. But in terms of doing things 730 00:37:51,960 --> 00:37:55,000 like governance around service accounts over like, hey, you 731 00:37:55,000 --> 00:37:57,360 know, I want to do an accessory not around people but around 732 00:37:57,360 --> 00:38:00,760 like hey, you know, do we know what this, what applications the 733 00:38:00,760 --> 00:38:04,080 service account is actually attaching to and is it right. 734 00:38:04,400 --> 00:38:07,600 And has the person who developed a service account and created 735 00:38:07,600 --> 00:38:10,120 the service account, do they still work at the company and 736 00:38:10,360 --> 00:38:12,040 you know, who who owns the service account? 737 00:38:12,480 --> 00:38:16,000 Those are the kinds of questions that we typically see are 738 00:38:16,400 --> 00:38:18,280 missing. And that's actually one of the 739 00:38:18,280 --> 00:38:20,800 things that I think has been most attractive with some of 740 00:38:20,800 --> 00:38:24,200 our, you know our really large customers especially in the 741 00:38:24,200 --> 00:38:26,960 financial services side that's sort of where they're headed now 742 00:38:26,960 --> 00:38:29,960 where they there's you know it's actually around this sort of 743 00:38:29,960 --> 00:38:34,000 machine identity service account governance processes that's sort 744 00:38:34,000 --> 00:38:35,760 of the forefront of that. Where they're saying Yep, we 745 00:38:35,760 --> 00:38:39,320 want to do the same kinds of things we do with human based 746 00:38:39,320 --> 00:38:42,280 HR, system based access reviews, but we want to do it, we want to 747 00:38:42,280 --> 00:38:44,880 do it on service accounts. And so I think that's the big, 748 00:38:44,960 --> 00:38:46,880 that's the big biggest missing piece. 749 00:38:46,880 --> 00:38:49,880 I say it's not necessarily the technology which is which is 750 00:38:49,880 --> 00:38:52,320 great and I think the technology is an important piece of that. 751 00:38:52,320 --> 00:38:55,400 But the fact that now that most customers have sort of treated 752 00:38:55,400 --> 00:38:58,440 it operationally and from a process standpoint as something 753 00:38:58,720 --> 00:39:01,240 outside as something not identity based. 754 00:39:01,680 --> 00:39:03,720 And I think that that's something that's pretty that we 755 00:39:03,720 --> 00:39:06,440 see changing, which is great. Rich, I have to key off that 756 00:39:06,440 --> 00:39:12,000 because it, it feels like secure or yeah, securing machine 757 00:39:12,000 --> 00:39:15,640 accounts, non human accounts, it's kind of like the bane of 758 00:39:15,640 --> 00:39:19,000 all of our existence these days. They're starting to outnumber 759 00:39:19,000 --> 00:39:24,840 human accounts, if not already. Do you find that your customers 760 00:39:24,840 --> 00:39:26,680 are coming to you to solve that problem? 761 00:39:26,680 --> 00:39:28,440 Like that's the problem they need to solve? 762 00:39:28,440 --> 00:39:32,200 Are they starting there? Many, many are. 763 00:39:32,320 --> 00:39:33,680 Yep. And this is, this is something 764 00:39:33,680 --> 00:39:36,080 we were you know and it like I mentioned there's you know it's 765 00:39:36,440 --> 00:39:39,280 it's a pretty broad set of use cases that people key off. 766 00:39:39,280 --> 00:39:43,200 But definitely that service account coverage is a big deal 767 00:39:43,200 --> 00:39:45,600 for a a for a number of customers. 768 00:39:46,080 --> 00:39:48,680 And I think you know this is, this is one of the things I know 769 00:39:48,680 --> 00:39:51,960 and if you you mentioned the the Microsoft breach, that's 770 00:39:51,960 --> 00:39:57,080 certainly one that comes to mind here as we start to see attacks 771 00:39:57,080 --> 00:40:00,320 that are sort of well documented and well publicized that focus 772 00:40:00,320 --> 00:40:04,360 around as the Microsoft one did a legacy Oauth application. 773 00:40:04,760 --> 00:40:08,320 Had had the ability to go get elevated privilege and that was 774 00:40:08,320 --> 00:40:10,560 it, you know instead of that Oauth app and that's that 775 00:40:10,560 --> 00:40:16,720 service account linkage was key to the attack factor, right, 776 00:40:16,720 --> 00:40:18,520 that that was really the key part of that. 777 00:40:18,520 --> 00:40:22,840 And so when as we see more of those things, I think I think 778 00:40:22,840 --> 00:40:26,480 customers are going to start to realize how critical that piece 779 00:40:26,480 --> 00:40:29,280 is and say, yeah, we got to get you know our security tooling 780 00:40:29,480 --> 00:40:30,840 that covers those things as well. 781 00:40:30,840 --> 00:40:33,520 We can't just worry about people as we've traditionally defined 782 00:40:33,520 --> 00:40:34,200 it. Now it has to. 783 00:40:34,240 --> 00:40:37,120 We really do have to get to that because it's it's not only is it 784 00:40:37,360 --> 00:40:41,680 as you point out, Jim, it's a, it's a huge and more rapidly 785 00:40:41,680 --> 00:40:44,120 increasing surface area in terms of the number of accounts, the 786 00:40:44,120 --> 00:40:48,520 number of machines there. But also the fact that most 787 00:40:48,520 --> 00:40:51,160 security tooling I think hasn't emphasized that in the same way, 788 00:40:51,160 --> 00:40:56,040 especially on the Identity side. So I just wanted to key up for 789 00:40:56,040 --> 00:40:57,280 something else you just said there. 790 00:40:57,280 --> 00:41:00,040 So you talked about that Microsoft breach. 791 00:41:01,480 --> 00:41:04,080 So you wrote a blog. I read the whole blog, then I 792 00:41:04,080 --> 00:41:06,720 watched the video, and then I realized that the whole blog was 793 00:41:06,720 --> 00:41:09,880 basically the video. So either read the blog if you'd 794 00:41:09,880 --> 00:41:12,720 like to read or watch the video if you're like me and you don't 795 00:41:12,720 --> 00:41:15,720 like to read. I just wanted to point out 796 00:41:15,720 --> 00:41:18,280 something. So it was you and Tarun were 797 00:41:18,280 --> 00:41:23,400 talking and you guys went out of your way to compliment 798 00:41:23,400 --> 00:41:27,000 Microsoft, right? Because I think that one of the 799 00:41:27,000 --> 00:41:31,080 things that they did that really needed to be recognized was that 800 00:41:31,440 --> 00:41:35,880 they came out, they were honest about the issue, they documented 801 00:41:35,880 --> 00:41:38,320 the issue. You know, it wasn't the best 802 00:41:38,320 --> 00:41:40,480 look, right? Because I think it was 803 00:41:40,960 --> 00:41:44,400 essentially something that didn't have MFA enabled, right? 804 00:41:44,600 --> 00:41:47,600 But rather than try and sweep it under the rug and wait till 805 00:41:47,600 --> 00:41:51,360 somebody finds out and try to ignore the issue, they were 806 00:41:51,360 --> 00:41:53,560 proactive. Absolutely. 807 00:41:53,560 --> 00:41:56,880 I I still give them props because it's like those things 808 00:41:56,880 --> 00:41:59,320 are so valuable for certainly for me. 809 00:41:59,320 --> 00:42:00,920 But I think it's. I think it's true for the entire 810 00:42:00,920 --> 00:42:04,640 community to really understand what went on and you know, and 811 00:42:04,640 --> 00:42:10,240 this is the same same deal. You know and maybe, you know, I 812 00:42:10,240 --> 00:42:13,160 don't know if I'd give Okta quite as many props in terms of 813 00:42:13,160 --> 00:42:14,880 their transparency over the last stuff. 814 00:42:14,880 --> 00:42:17,200 But you know they the information has gotten out there 815 00:42:17,200 --> 00:42:21,200 and and it's it's eventually gotten there around the role 816 00:42:21,200 --> 00:42:24,040 that inbound federation played in The MGM breach. 817 00:42:24,520 --> 00:42:26,480 You know that. But but again that when I 818 00:42:26,480 --> 00:42:30,080 compare sort of the outward response for Microsoft and Okta, 819 00:42:30,360 --> 00:42:33,080 you know, that's that's why I sort of do give Microsoft props 820 00:42:33,080 --> 00:42:35,760 because they were, you know, they were very forthcoming, had 821 00:42:35,760 --> 00:42:38,160 a lot of really good detail. It was like, wow, this is, you 822 00:42:38,160 --> 00:42:40,320 know, I really understand how this thing worked, you know, 823 00:42:40,480 --> 00:42:43,400 maybe not fully fully, but you know, 80% of the way there I 824 00:42:43,400 --> 00:42:46,920 got, you know, it was, it was very useful and actionable in 825 00:42:46,920 --> 00:42:48,800 terms of sort of how that all went down. 826 00:42:49,080 --> 00:42:52,720 I always find it a struggle and a challenge to figure out when 827 00:42:52,720 --> 00:42:54,280 do you make disclosures like that? 828 00:42:54,400 --> 00:42:57,800 Because I think there's a rush to Do you tell people right away 829 00:42:57,800 --> 00:43:00,760 and not know the full story or do you wait so you have the full 830 00:43:00,760 --> 00:43:04,440 story and then tell people and there's all I don't envy anybody 831 00:43:04,440 --> 00:43:08,600 who has to disclose information like that because I think you're 832 00:43:08,600 --> 00:43:10,040 really caught in a rock and a hard place. 833 00:43:10,080 --> 00:43:14,840 You're already in trouble cuz you had an incident and now it's 834 00:43:14,920 --> 00:43:16,720 well, what if we release information too early? 835 00:43:16,720 --> 00:43:19,440 It's not correct, right? Is it better to release early 836 00:43:19,960 --> 00:43:22,360 and then have to make corrections, or do you wait 837 00:43:22,360 --> 00:43:24,520 until you know a little bit more what's the right balance? 838 00:43:24,800 --> 00:43:27,360 The longer you wait, people get suspicious and they're like, 839 00:43:27,360 --> 00:43:28,720 well, why didn't you tell us sooner? 840 00:43:29,120 --> 00:43:31,920 You know, it's it's a difficult balance and I don't envy any 841 00:43:31,920 --> 00:43:33,960 organization that that gets put in that position, that's for 842 00:43:33,960 --> 00:43:37,720 sure. Yeah, my gosh, I, I, I, I look 843 00:43:37,720 --> 00:43:41,640 at the the Cesos that are at my our our customer organizations 844 00:43:41,640 --> 00:43:46,000 like that is a tough tough job and it is it's no joke. 845 00:43:46,560 --> 00:43:49,000 So I I agree that's really, really challenging. 846 00:43:49,560 --> 00:43:51,480 And it's also interesting because although it's not 847 00:43:51,480 --> 00:43:54,960 certified what I'd say like our primary use case, but it's one 848 00:43:54,960 --> 00:43:58,000 that I think is going to be a really interesting one for us 849 00:43:58,000 --> 00:44:01,280 for Vasa actually in the future is actually starting to bring to 850 00:44:01,280 --> 00:44:04,600 bear this whole question of you know who has access to what, but 851 00:44:04,600 --> 00:44:08,000 do it in the context of post breach investigation. 852 00:44:08,000 --> 00:44:09,920 So you know, so you know, you know in in the security 853 00:44:09,920 --> 00:44:12,520 operations team, 'cause this is one of the things that I've, 854 00:44:12,560 --> 00:44:15,040 I've definitely heard is obviously the gold standard is, 855 00:44:15,280 --> 00:44:16,400 you know, I want to look at the activity. 856 00:44:16,400 --> 00:44:18,360 I want to look, OK, you know, I had a breached account. 857 00:44:18,360 --> 00:44:21,560 I'm going to go check and look at the logs and see, you know, 858 00:44:21,560 --> 00:44:24,560 what did this account access, you know, after this time and, 859 00:44:24,560 --> 00:44:27,560 you know, time and date. But the the challenge that I've 860 00:44:27,560 --> 00:44:31,560 heard from Csos is really that, hey, you know, logging is great, 861 00:44:31,560 --> 00:44:35,320 but a lot of times logging isn't turned on, right, because it's 862 00:44:35,320 --> 00:44:38,160 expensive and it's a lot of memory and people charge you, 863 00:44:38,320 --> 00:44:39,600 you know, left, right and Center for it. 864 00:44:39,600 --> 00:44:41,360 And so sometimes it just never gets turned on. 865 00:44:41,880 --> 00:44:45,840 And sometimes when it's turned on, it doesn't quite give you 866 00:44:45,840 --> 00:44:48,440 the right information, right. It's not enough to really 867 00:44:48,440 --> 00:44:51,720 understand what went on. And so you end up having some 868 00:44:51,720 --> 00:44:54,280 big gaps. And so you can never just rely 869 00:44:54,280 --> 00:44:57,240 on logging, you know, after an incident like you've got to keep 870 00:44:57,240 --> 00:44:59,800 going, You've got to dig deeper. And so, you know, if you think 871 00:44:59,800 --> 00:45:02,200 about sort of a set of concentric circles, you know, 872 00:45:02,200 --> 00:45:04,760 the first one you go do is like look at the logging and look at 873 00:45:04,760 --> 00:45:07,240 the activity. But then the next you want to 874 00:45:07,240 --> 00:45:09,080 say, well, what could this account have touched? 875 00:45:09,120 --> 00:45:10,840 Like what were the permissions for that account? 876 00:45:10,840 --> 00:45:15,160 And that's one where Vasa is extremely powerful and I'll I'll 877 00:45:15,160 --> 00:45:17,720 throw in one one other product pitch and then I'll stop. 878 00:45:17,720 --> 00:45:21,440 But we also do leverage the activity monitoring as well. 879 00:45:21,440 --> 00:45:23,640 So you know, so now it's actually pulling both of those 880 00:45:23,640 --> 00:45:26,400 things into a single platform, not just the activity of who 881 00:45:26,400 --> 00:45:30,160 accessed what, but also who could access what and having 882 00:45:30,160 --> 00:45:32,360 those two things together I think is going to be a really 883 00:45:32,640 --> 00:45:36,640 powerful use case for our post breach forensic security 884 00:45:36,640 --> 00:45:39,280 operations in the future. Well, it must be rid of my mind, 885 00:45:39,280 --> 00:45:41,480 'cause I was kind of thinking here as talking as like a tool 886 00:45:41,480 --> 00:45:44,200 like this would be really handy for a forensic, you know, 887 00:45:44,200 --> 00:45:47,680 investigation. I guess it's better to have it 888 00:45:47,680 --> 00:45:51,760 before the incident happened so you can capture the activity of 889 00:45:51,760 --> 00:45:54,560 what's happening. But even afterwards, being able 890 00:45:54,600 --> 00:45:57,240 to do that diagnosis of, OK, well, here's the account. 891 00:45:57,240 --> 00:46:00,000 Now at least we know the account that got popped or whatever 892 00:46:00,000 --> 00:46:02,160 phrase you want to use, right, That that, that caused the 893 00:46:02,160 --> 00:46:04,720 breach, What else could it have touched, I think is really 894 00:46:04,720 --> 00:46:06,400 interesting. So you kind of stole my Thunder 895 00:46:06,400 --> 00:46:08,440 there. So pitch away that was. 896 00:46:08,720 --> 00:46:10,440 That was where I was headed anyway, from a question 897 00:46:10,440 --> 00:46:11,720 standpoint. Nice. 898 00:46:11,720 --> 00:46:13,040 We're we're on the same page here. 899 00:46:13,080 --> 00:46:15,920 That's good we are. So I want to wrap up a 900 00:46:15,920 --> 00:46:19,200 conversation with a lighter note because that's how we typically 901 00:46:19,200 --> 00:46:22,560 will end our our shows. The last time you were here, we 902 00:46:22,560 --> 00:46:25,600 asked questions around longevity because that was something that 903 00:46:25,920 --> 00:46:28,160 I think you know, you've got some interest and we talked 904 00:46:28,160 --> 00:46:30,160 about what's the most interesting thing you've learned 905 00:46:30,160 --> 00:46:32,440 about longevity. If you want to know more about 906 00:46:32,440 --> 00:46:35,160 that, again go back to episode 231. 907 00:46:35,160 --> 00:46:36,960 But I want to stay in that same vein, right? 908 00:46:36,960 --> 00:46:39,960 Try to stay with interests. This one I think is a little 909 00:46:39,960 --> 00:46:43,480 more fun, Maybe thought provoking and rich. 910 00:46:43,480 --> 00:46:48,520 I'll ask you first, the fountain of youth or the wisdom of age? 911 00:46:48,920 --> 00:46:54,240 If you absolutely you could only choose one, which would you pick 912 00:46:54,480 --> 00:46:58,920 and why? It it is a a fantastic question 913 00:46:58,920 --> 00:47:04,600 and I think you know it depends on you know what we how old I am 914 00:47:04,600 --> 00:47:07,240 when you when you ask this questions because I think one of 915 00:47:07,240 --> 00:47:10,360 the beautiful things about getting older has been 916 00:47:10,360 --> 00:47:12,800 appreciating the wisdom of age more. 917 00:47:12,920 --> 00:47:17,360 And, you know, I I also think about, you know, as you as I've 918 00:47:17,360 --> 00:47:22,080 gotten older, I just, I there's a level of comfort and 919 00:47:22,080 --> 00:47:25,920 confidence and just, you know, knowing who you are is just a 920 00:47:25,920 --> 00:47:28,240 wonderful thing. And you know, I I think about it 921 00:47:28,240 --> 00:47:30,800 because I've got two teenage boys and just, you know, the 922 00:47:30,800 --> 00:47:33,400 challenges of being a teenager and thinking that everybody is 923 00:47:33,400 --> 00:47:36,760 staring at you. It's like it's so mentally 924 00:47:36,760 --> 00:47:37,840 traumatizing. It's tough. 925 00:47:38,040 --> 00:47:39,480 Being a teenager was really rough. 926 00:47:39,480 --> 00:47:42,680 And you know, as you get older, you just start to care less and 927 00:47:42,680 --> 00:47:46,320 less and and This is why you see so many old guys walking around 928 00:47:46,320 --> 00:47:48,400 with Plaid pants is they just stop caring. 929 00:47:48,720 --> 00:47:50,920 And there's a there's a beauty to that that I've really 930 00:47:50,920 --> 00:47:52,800 appreciated. So I don't have my Plaid pants 931 00:47:52,800 --> 00:47:57,360 yet, but I aspire to that. So Plaid Pants is how we know 932 00:47:57,360 --> 00:47:59,960 that you've picked the the the wisdom of age. 933 00:48:00,360 --> 00:48:00,960 That's. Right. 934 00:48:00,960 --> 00:48:02,880 That's when. That's when you know I'm on, I'm 935 00:48:02,880 --> 00:48:05,640 on the, the, the, I've, I've reached the, the, the final 936 00:48:05,640 --> 00:48:09,880 stage of development. Jim, how about yourself, Which 937 00:48:09,880 --> 00:48:12,000 one do you pick? Fountain of Youth or Wisdom of 938 00:48:12,000 --> 00:48:16,080 Age and. I I don't think anybody could 939 00:48:16,080 --> 00:48:18,600 have said better than Rich right there. 940 00:48:18,600 --> 00:48:21,840 I mean, seriously, like every thought I was having on this 941 00:48:21,840 --> 00:48:27,440 topic, you just hit all of them. And I actually feel like I'm 942 00:48:27,440 --> 00:48:30,960 happier now at 50 than I was at 40. 943 00:48:30,960 --> 00:48:34,200 And I remember having the thought I'm happier now at 40 944 00:48:34,200 --> 00:48:36,800 than I was at 30. And I'll bet you it goes all the 945 00:48:36,800 --> 00:48:39,880 way back. And I have two teenage boys as 946 00:48:39,880 --> 00:48:43,080 well. I've got a 19 year old who I 947 00:48:43,080 --> 00:48:47,320 love him to death, right? It's like he's working a job, 948 00:48:47,440 --> 00:48:51,960 like manual labor and making like under 20 bucks an hour and 949 00:48:51,960 --> 00:48:55,520 he's talking about going and buying like a $40,000 truck. 950 00:48:55,600 --> 00:48:59,120 And it's like as a 50 year old, you just look at that and you're 951 00:48:59,120 --> 00:49:02,840 just like, my goodness, kid, what are you thinking about? 952 00:49:03,040 --> 00:49:06,600 You have zero debt right now and it's like he can't wait to get 953 00:49:06,600 --> 00:49:08,880 into debt. And what he doesn't realize is 954 00:49:09,040 --> 00:49:11,560 once you get into debt, you're in debt for the rest of your 955 00:49:11,560 --> 00:49:14,680 life. Because like, yeah, you know, 956 00:49:14,680 --> 00:49:17,400 you're just, you're always running credit cards, you get 957 00:49:17,400 --> 00:49:19,480 ahead financially and all that, right? 958 00:49:19,480 --> 00:49:22,440 It's not like you're living paycheck to paycheck your whole 959 00:49:22,440 --> 00:49:25,000 life, but you've always got payments, right? 960 00:49:25,400 --> 00:49:28,760 Most people, most of us, all have a mortgage and maybe a car 961 00:49:28,760 --> 00:49:32,920 payment, etcetera. What would be ideal? 962 00:49:33,240 --> 00:49:37,400 I know this is cheating with this question would be youth, 963 00:49:37,800 --> 00:49:42,720 physical youth, but also keeping your your wisdom. 964 00:49:44,240 --> 00:49:47,920 No, I mean that's that's absolutely, 100% cheap. 965 00:49:47,920 --> 00:49:49,360 I mean, that's what everyone wants, right? 966 00:49:49,360 --> 00:49:53,240 I mean, there's there's TV shows that, you know, vampires live 967 00:49:53,240 --> 00:49:56,760 forever, you got altered carbon, which you've never seen on 968 00:49:56,760 --> 00:49:58,880 Netflix is fantastic. I love it. 969 00:49:59,120 --> 00:50:01,720 Same idea there. I've heard that Warren Buffett 970 00:50:01,720 --> 00:50:05,760 said that he would give up all of his money to be like 21 971 00:50:05,760 --> 00:50:10,160 again, so I'm not going to go. Does he retain the knowledge? 972 00:50:10,160 --> 00:50:12,920 That he's gained. Because I think it, I think, you 973 00:50:12,920 --> 00:50:17,800 know, 45 to anyway, I'm only 50, so I can't speak beyond this too 974 00:50:17,800 --> 00:50:22,400 much with experience anyway. But I think in that range. 975 00:50:22,480 --> 00:50:25,680 I'm happy with where I'm at. Like, I don't like all the signs 976 00:50:25,680 --> 00:50:29,560 of aging, but I'm really like happy with my life. 977 00:50:29,560 --> 00:50:30,920 I'm happy with the person that I am. 978 00:50:30,920 --> 00:50:32,920 If people don't like me, I really don't care. 979 00:50:33,640 --> 00:50:36,600 And I can't say that when I was in my 20s, like I really cared 980 00:50:36,600 --> 00:50:38,520 what people thought of me. What about you, Jeff? 981 00:50:39,160 --> 00:50:43,040 You know, Rich, I I couldn't disagree more. 982 00:50:43,400 --> 00:50:46,640 I I wish I was still 20. I could almost dunk a 983 00:50:46,640 --> 00:50:48,800 basketball. Yes, I used to be able to. 984 00:50:49,120 --> 00:50:51,160 If you look at me now, it's like there's no way that that dude is 985 00:50:51,160 --> 00:50:52,760 getting any more than six inches off the ground. 986 00:50:53,120 --> 00:50:56,240 No, I'm just kidding. I think, you know, I think you 987 00:50:56,240 --> 00:50:58,480 hit it right on the head. I mean everything you just said, 988 00:50:58,480 --> 00:51:01,840 same thing, you know more confident more comfortable with 989 00:51:01,840 --> 00:51:05,880 who I am, the knowledge that I've gained, you know Now if I 990 00:51:05,880 --> 00:51:08,080 could pause time, I think that would be great. 991 00:51:08,920 --> 00:51:11,200 I'm I'm, I, I think Jim you hit as well too. 992 00:51:11,200 --> 00:51:13,840 Like I'm happier now than I was five years ago, 10 years ago, 993 00:51:13,840 --> 00:51:15,840 etcetera. And I had some great times. 994 00:51:15,840 --> 00:51:17,440 Look, I feel like I've LED a great life. 995 00:51:17,440 --> 00:51:20,200 I've had a lot of experiences, a lot of fun fun stuff that I've 996 00:51:20,200 --> 00:51:22,320 done very fortunate in that regard. 997 00:51:22,320 --> 00:51:26,440 But yeah, I don't think I would trade youth for the wisdom 998 00:51:26,800 --> 00:51:28,240 that's been accumulated over the years. 999 00:51:28,240 --> 00:51:31,000 So I feel like we're all, I don't know, maybe this is an old 1000 00:51:31,000 --> 00:51:34,160 hat question. If you ask a younger person if 1001 00:51:34,160 --> 00:51:36,840 they would ask, you know, answer it the same way but it feels 1002 00:51:36,840 --> 00:51:38,640 like we're all on the same page except I'm not going to wear the 1003 00:51:38,640 --> 00:51:40,440 Plaid pants. I would still feel too 1004 00:51:40,440 --> 00:51:44,000 self-conscious about that. I felt like a real nerd wearing 1005 00:51:44,000 --> 00:51:47,440 my Apple Vision Pro on a flight last week. 1006 00:51:47,560 --> 00:51:51,080 And I did return it by the way, but that that experiment is 1007 00:51:51,080 --> 00:51:53,320 over. But I have not felt that 1008 00:51:53,320 --> 00:51:56,440 self-conscious in a very long time putting that thing on. 1009 00:51:56,440 --> 00:51:58,280 I'm like, I know I'm going to return this, but I got to try it 1010 00:51:58,280 --> 00:52:01,800 out, see what's like. And yeah, you you totally, you 1011 00:52:01,800 --> 00:52:04,400 totally hit that question on the on on the head for me as well. 1012 00:52:04,800 --> 00:52:07,400 Awesome awesome. Well the the you know just as as 1013 00:52:07,400 --> 00:52:09,480 we as we leave with parting thoughts. 1014 00:52:09,480 --> 00:52:12,400 I think Jim I think if you if you convinced your your 19 year 1015 00:52:12,400 --> 00:52:16,840 old son you know the really the the beauty and and and all the 1016 00:52:16,840 --> 00:52:19,600 the benefits of a 15 year old minivan. 1017 00:52:19,880 --> 00:52:22,160 I can I can hook you up here I've got something. 1018 00:52:23,280 --> 00:52:25,720 But if he's got a Mustang, I handed him down my. 1019 00:52:25,840 --> 00:52:30,800 My old might be a bit like. Frazee Mustang and not good 1020 00:52:30,800 --> 00:52:32,120 enough. He's a. 1021 00:52:32,200 --> 00:52:33,720 Senior Mustang. It's a nice car too. 1022 00:52:33,720 --> 00:52:37,080 I mean, I wish I'll tell you what I had a the the cheapest 1023 00:52:37,080 --> 00:52:39,360 Chevrolet car that you could possibly have. 1024 00:52:39,360 --> 00:52:42,520 It only had three cylinders in it for an engine and I was 1025 00:52:42,520 --> 00:52:45,280 thrilled to have it so. What? 1026 00:52:45,280 --> 00:52:46,040 What Car was that? A. 1027 00:52:46,040 --> 00:52:48,360 Mustang is good. Well, I'm not going to tell you 1028 00:52:48,360 --> 00:52:49,840 because that's a secret question, man. 1029 00:52:49,840 --> 00:52:50,640 But you'll have to. Type. 1030 00:52:50,680 --> 00:52:52,720 Guess it. I love it. 1031 00:52:52,960 --> 00:52:55,240 Yeah. So I mean it's not going to be 1032 00:52:55,240 --> 00:52:57,040 hard that hard to guess and I think I've changed all those 1033 00:52:57,040 --> 00:52:59,120 answers anyway. But if you Google three 1034 00:52:59,120 --> 00:53:03,200 cylinder, it would have been my guess mid to late 90s. 1035 00:53:03,200 --> 00:53:05,200 Was it a Yugo? Did you have a Yugo? 1036 00:53:05,280 --> 00:53:07,400 No, it was a Chevy. Oh. 1037 00:53:07,680 --> 00:53:09,760 OK, it was a Chevrolet brand, let's put it that way. 1038 00:53:10,320 --> 00:53:12,160 So there's the the trivia for folks. 1039 00:53:12,200 --> 00:53:14,240 Did you have to crank it up before you drove it? 1040 00:53:16,480 --> 00:53:18,680 Look, I've heard you. You can't make fun of me because 1041 00:53:18,680 --> 00:53:21,560 I've heard every single joke. Nothing that you're going to say 1042 00:53:22,080 --> 00:53:23,760 I've not heard before about that car. 1043 00:53:23,760 --> 00:53:25,200 But you know what? It was my car. 1044 00:53:25,320 --> 00:53:27,600 It gave me freedom. I could get wherever I wanted. 1045 00:53:27,960 --> 00:53:30,800 Jeff, Jeff, this this car is your these are your Plaid pants 1046 00:53:30,880 --> 00:53:33,400 right here. That was my Plaid pants. 1047 00:53:33,400 --> 00:53:35,960 I'm glad I outgrew it. Now I'm very happy in my 1048 00:53:35,960 --> 00:53:38,680 electric vehicle. And yeah, life moves on. 1049 00:53:39,920 --> 00:53:40,960 Let's go ahead and leave it there. 1050 00:53:40,960 --> 00:53:43,360 That was a whole lot of fun. Rich, thank you so much for 1051 00:53:43,360 --> 00:53:45,920 coming back with us and having a conversation. 1052 00:53:45,920 --> 00:53:48,880 I hope folks will go out and check out beza.com beza and 1053 00:53:48,880 --> 00:53:52,160 really check out what you guys are doing. 1054 00:53:52,160 --> 00:53:53,920 I think you guys are doing some really remarkable stuff. 1055 00:53:54,280 --> 00:53:57,320 And I think there's a lot of applications that, you know, at 1056 00:53:57,320 --> 00:53:59,640 first glance, me, it was like, oh, OK, it's this. 1057 00:53:59,640 --> 00:54:01,040 I was like, oh, wait, there's so much more. 1058 00:54:01,560 --> 00:54:03,800 We'll have links in our show notes for people to check out. 1059 00:54:04,040 --> 00:54:06,200 Want to connect with you, Rich? Ask you questions? 1060 00:54:06,760 --> 00:54:11,160 Argue with you politely about Fountain of youth versus, you 1061 00:54:11,160 --> 00:54:13,040 know, wisdom and age and things like that. 1062 00:54:13,680 --> 00:54:16,640 We'll also have links to Vasa's website as well, so you can 1063 00:54:16,640 --> 00:54:19,040 check them out. And yeah, we'll go ahead and 1064 00:54:19,040 --> 00:54:21,360 leave it there for this week. Thank you again so much, Rich, 1065 00:54:21,360 --> 00:54:23,640 for taking the time with us. Jim, as always, thanks for your 1066 00:54:23,640 --> 00:54:25,480 time and thanks for everyone for listening. 1067 00:54:25,480 --> 00:54:28,960 You can find us on the web, idacpodcast.com or on Twitter or 1068 00:54:28,960 --> 00:54:31,920 X or whatever it's called by the time you listen to this at IDAC 1069 00:54:32,200 --> 00:54:34,520 podcast and we'll leave it there. 1070 00:54:34,680 --> 00:54:36,560 Thanks everyone. And we'll talk with everyone in 1071 00:54:36,560 --> 00:54:38,320 the next one. Thanks much. 1072 00:54:39,360 --> 00:54:42,320 You've been listening to Identity at the Center. 1073 00:54:42,640 --> 00:54:46,760 We hope you've enjoyed the show. Make sure to like, rate and 1074 00:54:46,760 --> 00:54:50,400 review and we'll be back soon. But in the meantime, hit the 1075 00:54:50,400 --> 00:54:54,520 website at identity@thecenter.com and find 1076 00:54:54,520 --> 00:55:01,960 us on Twitter at IDAC Podcast. See you next time on Identity at 1077 00:55:01,960 --> 00:55:02,920 the Center.