1 00:00:09,700 --> 00:00:12,400 You're listening to the identity of the sender podcast. 2 00:00:12,800 --> 00:00:15,600 This is a show that talks about identity and access management 3 00:00:15,700 --> 00:00:18,600 and making sure you know who has access to what let's get 4 00:00:18,600 --> 00:00:27,400 started. Welcome to the identity of the 5 00:00:27,400 --> 00:00:29,500 sender podcast, I'm Jeff. And that's Jim. 6 00:00:29,500 --> 00:00:31,900 Hey, Jim. Hey, Jeff, how are you? 7 00:00:32,000 --> 00:00:34,100 Oh, not so bad yourself. Good. 8 00:00:34,100 --> 00:00:37,400 Keep him dry. Like I said I'm looking out my 9 00:00:37,400 --> 00:00:41,200 window at my pond it will probably be a lake. 10 00:00:41,200 --> 00:00:45,400 Tomorrow might be Oceanfront, we got the big hurricane that's 11 00:00:45,400 --> 00:00:48,000 going to go right over top of my house hurricane. 12 00:00:48,000 --> 00:00:50,300 Elsa. Hurricane else is going to let 13 00:00:50,300 --> 00:00:51,200 it rain. Let it rain. 14 00:00:51,200 --> 00:00:52,700 I guess is the way it's going to go, huh? 15 00:00:53,100 --> 00:00:54,400 Yeah. I'm less worried. 16 00:00:54,500 --> 00:00:58,100 About the reign of my particular situation, but we've got some 17 00:00:58,100 --> 00:01:02,000 trees that I'm, I guess I'm more concerned about the wind blowing 18 00:01:02,000 --> 00:01:06,100 a tree over onto my, my roof. I have a roof over my head, so I 19 00:01:06,107 --> 00:01:09,500 don't have a whole lot to complain about, but the trees 20 00:01:09,500 --> 00:01:12,600 could change that this is true and I think you know, from a 21 00:01:12,607 --> 00:01:14,500 tiny reflective, it probably works out pretty well because I 22 00:01:14,508 --> 00:01:17,600 know you're going to be on vacation and a couple of weeks. 23 00:01:17,600 --> 00:01:20,600 I think you're going to somewhere in Florida, right? 24 00:01:20,700 --> 00:01:23,000 Yeah actually. I'm going what I thought was the 25 00:01:23,000 --> 00:01:27,700 original path. Of the Tampa and looks like the 26 00:01:27,700 --> 00:01:32,300 the storm change path, changed his path, a little bit so that 27 00:01:32,300 --> 00:01:35,200 it went a bit north of that. But now it's going to be 28 00:01:35,200 --> 00:01:39,700 directed over my home in Augusta Georgia to make a path over to 29 00:01:39,700 --> 00:01:42,000 Columbia South Carolina. Anyway, this is not the Weather 30 00:01:42,000 --> 00:01:46,000 Channel, so I'll stop it there into that. 31 00:01:46,000 --> 00:01:48,600 The late weather news as you're listening to, this may be weeks 32 00:01:48,600 --> 00:01:50,900 or months after it took place. Yeah. 33 00:01:50,900 --> 00:01:53,300 For my, we are all the content. This is what we strive for on 34 00:01:53,300 --> 00:01:56,300 the identity of the sender. Cast, absolutely. 35 00:01:56,600 --> 00:01:58,300 Well I think important thing is the timing right? 36 00:01:58,300 --> 00:01:59,700 You're on vacation you're going to Florida. 37 00:01:59,700 --> 00:02:02,500 I'm actually going to Key West in a couple of weeks myself. 38 00:02:02,500 --> 00:02:05,700 So I'm not looking forward to, you know being part of a 39 00:02:06,700 --> 00:02:08,900 hurricane situation at that point either but we'll see how 40 00:02:08,900 --> 00:02:11,200 it goes. Well folks are interested in how 41 00:02:11,200 --> 00:02:15,800 the sausage is made. We're recording with Sarah, you 42 00:02:15,800 --> 00:02:18,800 know, a couple days before this one will go live, but we've been 43 00:02:18,800 --> 00:02:21,800 recording some backup pisode. So, that while we're on 44 00:02:21,800 --> 00:02:24,200 vacation, we don't miss our publication schedule. 45 00:02:25,400 --> 00:02:28,600 We've been pretty anal about that in terms of getting our 46 00:02:28,600 --> 00:02:32,500 episodes out every Monday at 12, noon eastern time. 47 00:02:32,500 --> 00:02:36,300 So planning to keep that. Keep that going throughout the 48 00:02:36,800 --> 00:02:40,000 throughout the year. Yeah, two years 100 episodes and 49 00:02:40,000 --> 00:02:42,700 101 is going to be this one. You mentioned Sarah. 50 00:02:42,700 --> 00:02:45,600 So why don't we introduce her? Her name is Sarah. 51 00:02:45,600 --> 00:02:48,700 Chickadee she is the principal product manager for AWS 52 00:02:48,700 --> 00:02:51,100 identity. She's also the co-founder board 53 00:02:51,100 --> 00:02:54,600 member and president for Ida Pro, which is a lot of different 54 00:02:54,600 --> 00:02:56,400 things going on. Welcome to the show, Sarah. 55 00:02:57,000 --> 00:02:59,100 Thanks very much, Jeff. Yeah. 56 00:02:59,100 --> 00:03:02,200 So I'm excited to have you on here because for a while, for a 57 00:03:02,208 --> 00:03:03,900 couple reasons, right? So Friday Pro. 58 00:03:03,900 --> 00:03:06,400 I've been a member, I think since Inception, which I know 59 00:03:06,400 --> 00:03:09,300 you found her that a couple years ago, 2017, I believe. 60 00:03:09,800 --> 00:03:12,500 So I've been there since the beginning, little bit of find a 61 00:03:12,500 --> 00:03:15,600 wall, but I did have served on a couple of boards, one for the 62 00:03:15,600 --> 00:03:20,700 board selection committee, whatever its I am, butchering 63 00:03:20,700 --> 00:03:22,200 the name on that one, but for that. 64 00:03:22,200 --> 00:03:25,900 And then most recently on the ID Pro Surfer, Station or CID Pro 65 00:03:25,900 --> 00:03:30,000 which we'll talk about later. But before we get too far along 66 00:03:30,300 --> 00:03:31,500 what. I'd like to understand though, 67 00:03:31,500 --> 00:03:34,000 is from your perspective, you know, how did you get into the 68 00:03:34,000 --> 00:03:36,400 identity space? Is it something that you chose 69 00:03:37,000 --> 00:03:38,200 door? Did it choose you? 70 00:03:39,500 --> 00:03:42,000 I sort of fell into it sideways, which I think is more or less. 71 00:03:42,000 --> 00:03:46,100 What happens to everyone. My undergraduate degree is in 72 00:03:46,100 --> 00:03:48,400 physics. I was really excited about being 73 00:03:48,400 --> 00:03:54,700 a rocket scientist when I was in my early 20s and then, Got my 74 00:03:54,700 --> 00:03:57,500 undergraduate degree in physics and realized that one 75 00:03:57,500 --> 00:03:59,400 undergraduate degree is not quite enough to go. 76 00:03:59,400 --> 00:04:01,700 Be a rocket scientist that you need a lot more school. 77 00:04:01,700 --> 00:04:05,000 And I was not up for a lot more school at that point in my life 78 00:04:05,800 --> 00:04:07,800 and so I didn't really know what I wanted to do. 79 00:04:07,800 --> 00:04:11,400 I when I got like a secretary job at a non-profit and their 80 00:04:11,400 --> 00:04:15,600 website was god-awful and so I took it upon myself to make a 81 00:04:15,600 --> 00:04:18,399 website better and like they were using a Content management 82 00:04:18,399 --> 00:04:21,399 system bait, huh, pythons? So I taught myself Python and 83 00:04:22,100 --> 00:04:24,800 then they moved their headquarters from Where I'm 84 00:04:24,800 --> 00:04:29,600 based to New York and I said well, moving to the are going to 85 00:04:29,600 --> 00:04:32,500 secretary salary, just really doesn't seem like a good life 86 00:04:32,500 --> 00:04:37,000 plan and so I'm going to say in Seattle and I'll take the 87 00:04:37,000 --> 00:04:39,800 severance package and but while I'm doing that, can you change 88 00:04:39,800 --> 00:04:41,900 my title to like a technology Services? 89 00:04:41,900 --> 00:04:43,400 Something something. And they said sure. 90 00:04:43,400 --> 00:04:45,500 Like that's the least we can do, we feel super bad for letting 91 00:04:45,500 --> 00:04:47,700 you off and so they changed my title. 92 00:04:47,700 --> 00:04:50,300 I became a technology Services, something something, and then 93 00:04:50,300 --> 00:04:53,600 eventually I got recruited by an identity team who basically said 94 00:04:54,400 --> 00:04:56,800 We know identity really well. This is at the University of 95 00:04:56,800 --> 00:04:58,700 Washington. They've actually built a lot of 96 00:04:58,700 --> 00:05:01,700 the identity tools that other universities used in open source 97 00:05:01,700 --> 00:05:04,500 to them. And they said, you don't need to 98 00:05:04,500 --> 00:05:06,700 know identity. We can teach you and like you 99 00:05:06,700 --> 00:05:10,500 have a year to ask all the stupid questions and that was 100 00:05:10,500 --> 00:05:13,200 awesome. And I had just gotten out of 101 00:05:13,200 --> 00:05:16,200 grad school at the time and so the first thing they said was 102 00:05:16,200 --> 00:05:19,200 hey, you should go and read all of the new specifications and 103 00:05:19,200 --> 00:05:21,300 like summarize them and tell us about them. 104 00:05:21,700 --> 00:05:24,600 And so I went and read Fido and I went and read Yuma and And 105 00:05:24,600 --> 00:05:28,100 read oauth and everything that was going on at the time. 106 00:05:29,800 --> 00:05:33,200 And then I started going to conferences and I met the people 107 00:05:33,200 --> 00:05:36,300 who had written the standards, which is really amazing. 108 00:05:36,300 --> 00:05:38,700 And so I got to ask them, like why is it this way? 109 00:05:38,700 --> 00:05:42,300 Why did you put this in there? Why do tokens like, why are 110 00:05:42,308 --> 00:05:44,200 there only Vera tokens? Why are there other kinds of 111 00:05:44,200 --> 00:05:47,300 chickens? And like got like long involved? 112 00:05:47,300 --> 00:05:48,500 It. Like normally, when you go to 113 00:05:48,500 --> 00:05:51,500 technology conferences, people do not have time. 114 00:05:51,500 --> 00:05:53,400 They did not want to answer your questions. 115 00:05:53,900 --> 00:05:55,700 They will not. Not like sit and explain things 116 00:05:55,700 --> 00:05:56,900 to you. They get very impatient with 117 00:05:56,900 --> 00:05:58,300 that. And identity people are not that 118 00:05:58,300 --> 00:06:00,700 way at all. Identity, people are super nice 119 00:06:00,700 --> 00:06:03,100 super generous with their time and they're so happy that 120 00:06:03,100 --> 00:06:07,000 someone has read their standard and that anyone cares and they 121 00:06:07,000 --> 00:06:10,500 will happily like sit in the bar for two hours and explain to you 122 00:06:10,500 --> 00:06:12,600 why Bearer tokens are bearer tokens. 123 00:06:13,000 --> 00:06:17,100 And so I got to learn the identity field really well and 124 00:06:17,100 --> 00:06:19,700 eventually people said, oh wow, you've like you've read all 125 00:06:19,700 --> 00:06:21,300 these standards and you understood them. 126 00:06:21,300 --> 00:06:23,700 Like can we hire you? Will you work evenings and 127 00:06:23,700 --> 00:06:25,800 weekends. Can we come like, will you come 128 00:06:25,800 --> 00:06:27,400 to our office and explain these to us? 129 00:06:27,400 --> 00:06:29,400 Because we don't have time to read all of them. 130 00:06:30,700 --> 00:06:33,600 And so I said, sure and I started kind of Moonlighting in 131 00:06:33,600 --> 00:06:38,100 addition to my university job as a contractor and eventually it 132 00:06:38,100 --> 00:06:41,000 was working 20 hours a week as a contractor in addition to my 40 133 00:06:41,000 --> 00:06:44,300 hour week job, but I was making twice as much money Contracting. 134 00:06:44,900 --> 00:06:49,300 And so I was able to jump ship and I quit my full-time job and 135 00:06:49,600 --> 00:06:53,000 became a contractor and my my company was called engage 136 00:06:53,000 --> 00:06:55,100 identity. And that's Roughly when I 137 00:06:55,108 --> 00:06:59,600 founded Ida Pro. So in Blazer who runs identity 138 00:06:59,600 --> 00:07:04,200 for Salesforce and I, where, I think we were at a bar at RSA 139 00:07:04,800 --> 00:07:08,500 and we were bemoaning. The fact that security gets so 140 00:07:08,500 --> 00:07:11,400 much attention and privacy you get so much attention, right? 141 00:07:11,400 --> 00:07:15,300 They have c-suite positions and identity like is this third leg 142 00:07:15,300 --> 00:07:18,500 of the stool that's critical to both of them and it gets no 143 00:07:18,500 --> 00:07:20,500 respect, no attention. We don't even have a 144 00:07:20,500 --> 00:07:23,900 professional organization that identity nerds can join and like 145 00:07:23,900 --> 00:07:27,100 learn About their own fields. And isn't that a travesty? 146 00:07:27,100 --> 00:07:30,300 And then like we looked at each other and were like, shit, we're 147 00:07:30,300 --> 00:07:32,400 going to have to do all this work ourselves, aren't we? 148 00:07:32,400 --> 00:07:34,000 Like we're going to have to found this thing. 149 00:07:34,000 --> 00:07:35,600 We're going to have to move forward. 150 00:07:36,300 --> 00:07:40,300 And so we did that and we found it ID Pro that was in 2017. 151 00:07:40,900 --> 00:07:45,500 And then after that, I spent a year at ping and then I came to 152 00:07:45,500 --> 00:07:49,300 AWS and I have loved AWS. I'm like a fish in water. 153 00:07:49,300 --> 00:07:52,800 Here it is. Totally my culture and my jam 154 00:07:52,800 --> 00:07:57,400 and I'll probably be here for a long long time, what makes it? 155 00:07:57,400 --> 00:07:59,700 So sorry. That's it's a fascinating story. 156 00:07:59,700 --> 00:08:03,000 I, especially liked the part where you sat at a bar and we're 157 00:08:03,000 --> 00:08:06,000 thinking, how are we going to solve this issue of awareness, 158 00:08:06,000 --> 00:08:07,900 right around identity? Because I feel the same thing, 159 00:08:07,900 --> 00:08:09,400 right? It's it's always been kind of 160 00:08:09,400 --> 00:08:13,600 tucked under, you know, infosec or, you know, maybe audit in 161 00:08:13,600 --> 00:08:15,200 some earlier stages and things like that. 162 00:08:15,200 --> 00:08:19,200 But it really is foundational from a any security component 163 00:08:19,200 --> 00:08:21,700 has to have identity in it. And if you don't have that 164 00:08:21,700 --> 00:08:23,700 addressed, you're going to have a bad time. 165 00:08:23,700 --> 00:08:27,400 You're probably going to In the news for all the wrong reasons. 166 00:08:27,400 --> 00:08:30,100 So I'm glad that you started it. I'm glad that it started at a 167 00:08:30,108 --> 00:08:33,299 bar, that's even better. And we've had we've had in on 168 00:08:33,299 --> 00:08:35,500 the show as well. I think he kicked off our first 169 00:08:35,500 --> 00:08:39,000 episode for 2021 so he's a good dude. 170 00:08:39,000 --> 00:08:42,900 Definitely will Echo what you said too about the identity 171 00:08:42,900 --> 00:08:46,000 industry being so welcoming. I think it's one of the 172 00:08:46,000 --> 00:08:49,100 industries at least that I've been part of where, you know, 173 00:08:49,100 --> 00:08:52,600 everyone really is, you know, willing to share their 174 00:08:52,600 --> 00:08:54,200 knowledge. It's not an arms race. 175 00:08:54,300 --> 00:08:57,700 Race when it comes to trying to be better or worse. 176 00:08:57,700 --> 00:08:59,500 I mean, I understand there's probably some of that when it 177 00:08:59,500 --> 00:09:01,400 comes to product, you know, for sure. 178 00:09:01,500 --> 00:09:03,300 You know, people are trying to, you know, have the best product 179 00:09:03,300 --> 00:09:04,600 out there. But at the end of the day, all 180 00:09:04,600 --> 00:09:07,300 the people who were in the industry are very willing to 181 00:09:07,300 --> 00:09:10,400 share information and we have, we had them on this show and we 182 00:09:10,400 --> 00:09:13,400 talk to them at conferences, you know, and we're going to all 183 00:09:13,400 --> 00:09:15,200 times different things. And, you know, people are very 184 00:09:15,200 --> 00:09:16,900 gracious with their time. And I would certainly encourage 185 00:09:16,900 --> 00:09:20,600 folks who you know, are looking to get an identity or if they've 186 00:09:20,600 --> 00:09:22,500 only been an identity for a short time, or if they've been 187 00:09:22,500 --> 00:09:25,200 an identity for a long time, Reach out and talk to somebody, 188 00:09:25,200 --> 00:09:26,500 right? I mean I think you'll find most 189 00:09:26,500 --> 00:09:28,800 people are, you know, pretty open have that. 190 00:09:28,800 --> 00:09:32,500 And they are certainly receptive to having their work read and 191 00:09:32,500 --> 00:09:36,200 commented on otherwise you know it dies somewhere in a LinkedIn 192 00:09:36,700 --> 00:09:39,300 post somewhere where you know, maybe not a lot of people might 193 00:09:39,300 --> 00:09:41,400 see it so definitely Echo that for sure. 194 00:09:41,900 --> 00:09:45,000 Yeah and a lot of the work that we do and identity has to do 195 00:09:45,000 --> 00:09:47,600 with interoperability, right? So we are unlike other 196 00:09:47,600 --> 00:09:52,100 Technologies in that we have to work together and the way to 197 00:09:52,100 --> 00:09:54,000 make our customers have better experiences. 198 00:09:54,100 --> 00:09:57,200 Is for us to talk to each other and make sure that all of the 199 00:09:57,200 --> 00:09:59,200 attributes that we have are coming across and that they're 200 00:09:59,200 --> 00:10:02,000 coming across correctly and in the way that customers expect. 201 00:10:02,400 --> 00:10:05,800 And so identity is kind of an unusual field to work in in that 202 00:10:05,800 --> 00:10:08,300 you have to work with your competitors and we have these 203 00:10:08,300 --> 00:10:11,000 kind of teams of Rivals all the time where we have to build 204 00:10:11,000 --> 00:10:14,700 standards together and so we all know each other and we can all 205 00:10:14,700 --> 00:10:17,000 share knowledge and that's really the only way to learn 206 00:10:17,000 --> 00:10:20,900 this feel like there is no accredited undergraduate degree 207 00:10:21,000 --> 00:10:22,800 for identity and access management. 208 00:10:22,800 --> 00:10:25,100 You can't get one you Have to learn it on the job. 209 00:10:25,100 --> 00:10:27,700 It's the only way. So I got imagine that. 210 00:10:27,700 --> 00:10:30,300 Not everyone always agrees when you're sitting in these rooms 211 00:10:30,700 --> 00:10:32,600 and you're trying to come up with something that is 212 00:10:32,600 --> 00:10:34,900 interoperable between different products. 213 00:10:35,500 --> 00:10:39,000 What is what is something that people might argue about? 214 00:10:40,000 --> 00:10:43,000 Well comes to integration, I mean I'm not looking for you 215 00:10:43,000 --> 00:10:45,900 know dirt or anything but I'm curious as someone who's not 216 00:10:45,900 --> 00:10:48,700 taking part of these conversations you know, what are 217 00:10:48,700 --> 00:10:51,300 some of the things that you guys are trying to figure out and 218 00:10:51,300 --> 00:10:53,900 maybe one organization or one person, you know thinks it 219 00:10:53,908 --> 00:10:56,800 should be done this way and another person another way, how 220 00:10:56,808 --> 00:10:59,200 do you kind of, can come come to consensus around that? 221 00:10:59,500 --> 00:11:02,000 So one of the big contentious things, I was one of the 222 00:11:02,000 --> 00:11:05,400 co-authors of the nist digital identity guidelines, which were 223 00:11:05,400 --> 00:11:08,500 Rewritten in 2018. And one of the really 224 00:11:08,500 --> 00:11:13,300 contentious things was that Wanted to deprecate SMS MFA 225 00:11:14,100 --> 00:11:17,800 because when you send a multi-factor authentication code 226 00:11:17,900 --> 00:11:21,800 as a text message that text message can be intercepted with 227 00:11:21,800 --> 00:11:24,000 off-the-shelf, hardware and software, we know that. 228 00:11:24,000 --> 00:11:27,400 And so, it's not very secure, their Sim jacking, right? 229 00:11:27,400 --> 00:11:30,900 There's lots of ways for an attacker to get to that to get 230 00:11:30,900 --> 00:11:33,500 to that, message SMS as an infrastructure was never 231 00:11:33,500 --> 00:11:39,800 intended to be secure. And so the Telco companies 232 00:11:39,800 --> 00:11:42,600 obviously took issue with us publicly saying, this is 233 00:11:42,600 --> 00:11:46,300 insecure and we need to deprecate it and said, look, we 234 00:11:46,300 --> 00:11:48,400 have ways to detect some jacking. 235 00:11:48,400 --> 00:11:51,700 We have ways to time limit these codes, so they can't be used for 236 00:11:51,700 --> 00:11:54,100 very long. Like this is an okay way to do 237 00:11:54,800 --> 00:11:57,000 multi-factor authentication and it's better than just a 238 00:11:57,000 --> 00:11:58,800 password. Like there's no question about 239 00:11:58,800 --> 00:12:01,000 that and it's really easy to deploy. 240 00:12:01,000 --> 00:12:05,100 It doesn't require anyone to install an app and so there are 241 00:12:05,100 --> 00:12:07,700 a lot of benefits to it there, a lot of drawbacks to it and the 242 00:12:07,700 --> 00:12:10,100 same thing is happening. I'm like the same sort of 243 00:12:10,100 --> 00:12:12,500 discussion is happening right now with using email for 244 00:12:12,500 --> 00:12:14,500 multi-factor authentication for a long time. 245 00:12:14,500 --> 00:12:17,300 We said no, no, no, that doesn't even count as multi-factor 246 00:12:17,300 --> 00:12:19,300 authentication because it's supposed to be something, you 247 00:12:19,300 --> 00:12:22,500 know, something you have and something you are. 248 00:12:22,600 --> 00:12:25,000 And if you just have a password and email, then that's something 249 00:12:25,000 --> 00:12:26,700 that's protected by a password and something else that's 250 00:12:26,700 --> 00:12:28,600 protected by a password. And so you're not protecting 251 00:12:28,600 --> 00:12:30,100 against different kinds of attacks. 252 00:12:31,500 --> 00:12:34,300 But if you're in a corporate environment where you can put 253 00:12:34,300 --> 00:12:38,600 multi-factor on the email, then, maybe that is a valid. 254 00:12:38,700 --> 00:12:41,600 Of MFA because you know that that person has had another 255 00:12:41,600 --> 00:12:44,200 Factor checked via another chill right? 256 00:12:44,200 --> 00:12:49,400 And so a lot of companies are having this struggle with like 257 00:12:49,400 --> 00:12:52,600 okay what counts as MFA what doesn't count as MFA does it 258 00:12:52,600 --> 00:12:56,100 have to be just more secure than just a password or is there a 259 00:12:56,108 --> 00:12:58,700 higher bar for security that we want to talk about? 260 00:12:58,700 --> 00:13:02,700 So yes. Identity nerds love to argue and 261 00:13:02,700 --> 00:13:06,500 we're very bad at agreeing on things and but we're good at 262 00:13:06,500 --> 00:13:08,500 moving forward. We do build new technologies. 263 00:13:08,700 --> 00:13:10,800 Really quickly like the identity field moves. 264 00:13:10,800 --> 00:13:13,900 Moves forward really fast. Yeah, I think even fissionable 265 00:13:13,900 --> 00:13:17,900 forms of MFA are better than no MFA at all. 266 00:13:19,200 --> 00:13:22,200 You know, it's funny because those listening to your how you 267 00:13:22,200 --> 00:13:24,500 got into. I am story and you're talking 268 00:13:24,500 --> 00:13:27,100 about all these standards and people are like, you understand 269 00:13:27,100 --> 00:13:31,000 these and you're like, yeah, they have to remember that you 270 00:13:31,000 --> 00:13:33,900 were you and to be a rocket scientist and you have a degree 271 00:13:33,900 --> 00:13:37,700 in physics, so it all adds up to me anyway. 272 00:13:39,000 --> 00:13:43,100 But the other part kind of the the endpoint of your journey or 273 00:13:43,100 --> 00:13:49,100 the last where you currently are AWS putting together or being 274 00:13:49,100 --> 00:13:55,200 responsible for the AWS Cognito project is fascinating. 275 00:13:55,200 --> 00:13:59,600 I mean I work with clients all the time and when were you know 276 00:13:59,600 --> 00:14:04,600 working on customer I am projects and strategies the 277 00:14:04,600 --> 00:14:07,400 question asked is always what about Amazon? 278 00:14:07,400 --> 00:14:13,600 What about Amazons A customer. I am capabilities and so that's 279 00:14:13,600 --> 00:14:16,200 AWS Cognito right. Maybe you can tell us a little 280 00:14:16,200 --> 00:14:21,800 bit about what it is, who's it for and all those great things. 281 00:14:22,500 --> 00:14:24,600 Yeah. So the way that AWS thinks about 282 00:14:24,600 --> 00:14:30,000 identity as we divide it between Workforce and consumer and it's 283 00:14:30,100 --> 00:14:34,100 it's absolutely huge here. So the between the two of those, 284 00:14:34,500 --> 00:14:38,700 we do over 500 million Authentication. 285 00:14:38,800 --> 00:14:43,000 Authorization calls per second. So it is just like the scale 286 00:14:43,000 --> 00:14:45,500 that you work at an AWS is just Bonkers. 287 00:14:45,600 --> 00:14:48,300 Wait you said 500 million per second? 288 00:14:48,700 --> 00:14:53,300 Yeah that's ridiculous. It is completely ridiculous. 289 00:14:53,700 --> 00:14:56,700 Only slightly less than what Bezos makes per hour but anyway 290 00:15:00,400 --> 00:15:03,700 Yeah, so so the part that I am really excited about and that I 291 00:15:03,700 --> 00:15:05,900 am diving. A lot of my energy into is that 292 00:15:05,900 --> 00:15:09,100 the Amazon could be do product, which is our consumer-facing 293 00:15:09,100 --> 00:15:11,800 product. And the reason I'm really 294 00:15:11,800 --> 00:15:14,400 excited about is because I don't think that any company is really 295 00:15:14,400 --> 00:15:17,100 delivering a great consumer identity product. 296 00:15:17,100 --> 00:15:20,800 Right now as a service, right? Consumer identity is a friction 297 00:15:20,800 --> 00:15:23,100 point at the beginning of every app at the beginning of 298 00:15:23,100 --> 00:15:25,300 everything you want to do, right? 299 00:15:25,300 --> 00:15:30,000 And there's no great way to have. 300 00:15:30,100 --> 00:15:35,600 Have end-user remember a password or have to enter an MFA 301 00:15:35,600 --> 00:15:37,400 code, right? That's always a pain. 302 00:15:38,000 --> 00:15:41,900 And so we're looking for more researching new ways, how can we 303 00:15:41,900 --> 00:15:43,900 make this easier? How can we make it less 304 00:15:43,900 --> 00:15:46,400 friction? How can we make it harder for 305 00:15:46,400 --> 00:15:50,800 attackers to get in and easier for good guys to get in and 306 00:15:50,800 --> 00:15:53,000 that's a really interesting problem for me. 307 00:15:53,000 --> 00:15:57,500 And Amazon company do is just a lot of fun because it's it's a 308 00:15:57,508 --> 00:16:00,800 Swiss army knife or I like to say it's like a So identity 309 00:16:00,800 --> 00:16:03,400 Legos like you can build a whole bunch of stuff with it. 310 00:16:03,400 --> 00:16:05,300 It's got a native directory. It does oid. 311 00:16:05,300 --> 00:16:08,700 See it does sam'l. We just had a token revocation. 312 00:16:08,700 --> 00:16:11,700 Like, there's a whole bunch of stuff you can build just with 313 00:16:11,700 --> 00:16:15,800 Cognito and so just talking to Cognito customers are our 314 00:16:15,800 --> 00:16:18,900 customers, do all sorts of really neat things with the 315 00:16:18,900 --> 00:16:23,800 product that we never expected them to do and so we can talk to 316 00:16:23,800 --> 00:16:25,400 them about. Hey, what are you building? 317 00:16:25,400 --> 00:16:27,400 Oh, you're building a castle. Cool, that guy over there is 318 00:16:27,400 --> 00:16:30,600 building a car. Like if we built a Wheel like 319 00:16:30,600 --> 00:16:33,900 would that help both of you somehow and so we're building 320 00:16:33,900 --> 00:16:36,300 new stuff all the time and talking to people about how 321 00:16:36,300 --> 00:16:38,100 they're using the product and it's a lot of fun. 322 00:16:38,700 --> 00:16:40,800 I won't claim to be an expert on Cognito. 323 00:16:40,800 --> 00:16:44,500 So for the folks who aren't as familiar with it, you mentioned 324 00:16:44,500 --> 00:16:49,300 Workforce and customer. I am, is it the same product for 325 00:16:49,300 --> 00:16:51,300 both? So kognito is both, and then 326 00:16:51,300 --> 00:16:53,400 it's just a matter of configuration or is there 327 00:16:53,400 --> 00:16:55,700 something more to it? That people should be thinking 328 00:16:55,700 --> 00:16:58,300 about it when they're talking about either constituency. 329 00:16:59,000 --> 00:17:03,400 Nope, so cognito Is the consumer identity piece and then 330 00:17:04,000 --> 00:17:07,900 Workforce is handled by a product called aw ssso, okay? 331 00:17:07,900 --> 00:17:12,700 So we have ssom Cognito and then on the kidney do side, I guess 332 00:17:12,700 --> 00:17:14,700 who's taking advantage of Cognito? 333 00:17:14,700 --> 00:17:18,400 Is it app developers who are already building on AWS 334 00:17:18,400 --> 00:17:21,900 services? Do you see uptick from maybe 335 00:17:21,900 --> 00:17:24,700 through who are using other platforms like Azure Google 336 00:17:24,700 --> 00:17:27,800 Cloud but then they come in and use Cognito for some reason. 337 00:17:27,800 --> 00:17:30,500 Can you can I help me understand how you know What does it look 338 00:17:30,500 --> 00:17:31,700 like from a development perspective? 339 00:17:31,700 --> 00:17:35,000 If I'm trying to layer on I am on top of my product we do. 340 00:17:35,000 --> 00:17:38,900 So we see multi-cloud use cases and we see AWS native use cases. 341 00:17:39,500 --> 00:17:43,400 And we see just like, hey, I'm hosting a an app on like 342 00:17:43,500 --> 00:17:46,700 Rackspace or whatever dreamhost whatever my web developer is. 343 00:17:46,700 --> 00:17:49,200 And I just want to add some identity on top of it. 344 00:17:50,300 --> 00:17:53,800 So yeah, we get customers from all over the place using Amazon 345 00:17:53,800 --> 00:17:55,400 Cognito, but it's mainly after developers. 346 00:17:55,400 --> 00:17:58,500 Yeah, it's people who are building something new and they 347 00:17:58,500 --> 00:18:01,700 just needed an easy way to Log people in and we call that 348 00:18:01,700 --> 00:18:03,400 undifferentiated, heavy lifting right? 349 00:18:03,400 --> 00:18:05,400 They don't want to do all of that heavy lifting. 350 00:18:05,400 --> 00:18:08,100 It's not going to make their company a better company to 351 00:18:08,100 --> 00:18:10,800 build a whole login system from scratch and try to do it in a 352 00:18:10,808 --> 00:18:14,200 secure way. But they know that at amazon 353 00:18:14,200 --> 00:18:17,600 security is job 0, and if Amazon is holding all the passwords and 354 00:18:17,600 --> 00:18:20,600 no passwords ever go through my system, I feel way better about 355 00:18:20,600 --> 00:18:23,400 that than I do about trying to build this all myself to a 356 00:18:23,408 --> 00:18:26,000 standard that would be considered best of breed. 357 00:18:26,900 --> 00:18:31,200 So sir, what are the use cases that Cognito supports today? 358 00:18:31,200 --> 00:18:35,300 Is it just the authentication? Do you have a directory? 359 00:18:35,300 --> 00:18:39,400 Do you do you know have registration widget or talk to 360 00:18:39,400 --> 00:18:43,200 us about what's there today? And maybe a little bit about 361 00:18:43,300 --> 00:18:45,300 what we can expect to see in the future. 362 00:18:45,800 --> 00:18:47,700 Yeah. So today it is. 363 00:18:48,100 --> 00:18:52,900 It's a native directory. It's a federation service, it is 364 00:18:52,900 --> 00:18:57,900 authentication and we have a Service called a hosted UI where 365 00:18:57,900 --> 00:19:02,300 we will host your login page, your account recovery page, or 366 00:19:02,300 --> 00:19:06,400 MFA page, anything that has to do with user credentials or 367 00:19:06,400 --> 00:19:10,900 creating the account recovering, the account that those you can 368 00:19:10,900 --> 00:19:13,100 host on AWS servers. They'll still look like they're 369 00:19:13,100 --> 00:19:15,500 on your domain. So there won't be a change in 370 00:19:15,500 --> 00:19:21,000 the URL, but it will be hosted by AWS so that credentials, 371 00:19:21,000 --> 00:19:23,400 never go on your server. You never have to touch any of 372 00:19:23,400 --> 00:19:27,100 that. And so you are the Ability of 373 00:19:27,100 --> 00:19:29,200 having to deal with passwords and usernames. 374 00:19:29,200 --> 00:19:33,000 And and all of that is taken away from you which our 375 00:19:33,000 --> 00:19:36,900 customers really like and we're going to continue building. 376 00:19:36,900 --> 00:19:40,800 As I said, we want to make this an easier experience with less 377 00:19:40,800 --> 00:19:43,900 friction and more security. And so those are the types of 378 00:19:43,900 --> 00:19:45,500 things. You'll see us releasing on 379 00:19:45,500 --> 00:19:49,700 cognitive in the future. I believe I heard somewhere that 380 00:19:49,800 --> 00:19:53,100 you kind of taken a low code. No code approach. 381 00:19:54,300 --> 00:19:59,000 Is that correct? And Whether it is, or isn't it? 382 00:19:59,000 --> 00:20:02,000 Sir certain developers skill set or language? 383 00:20:02,000 --> 00:20:09,300 That people need to kind of be familiar with in order to have 384 00:20:09,300 --> 00:20:13,700 success with Cognito, or is it something where you guys 385 00:20:13,700 --> 00:20:18,600 support, pretty much whatever bring your own kind of language. 386 00:20:20,000 --> 00:20:24,500 Yeah, so we kind of go both in the direction of if you want to 387 00:20:24,508 --> 00:20:28,000 do a bunch of custom code, we have API so you can call and you 388 00:20:28,000 --> 00:20:30,400 can use Cognito for that and that's totally fine. 389 00:20:30,400 --> 00:20:35,100 But we also recognize that a lot of people don't want to do that, 390 00:20:35,100 --> 00:20:37,400 like they want a low code, no code option. 391 00:20:37,400 --> 00:20:39,800 And so we're building out more and more functionality in the 392 00:20:39,808 --> 00:20:43,700 AWS console that is just like do you want MFA? 393 00:20:43,700 --> 00:20:44,600 Yes. Or no clicker. 394 00:20:44,600 --> 00:20:47,600 Radio button, click save and you're done like you don't have 395 00:20:47,600 --> 00:20:52,200 to write all that code and And we will even host the page for 396 00:20:52,200 --> 00:20:53,800 you. And so there is like you can 397 00:20:53,800 --> 00:20:56,500 have a Cognito instance up and running with zero code which is 398 00:20:56,500 --> 00:20:59,000 really cool. That's something that you know, 399 00:20:59,000 --> 00:21:01,400 when I started an identity that was not an option for many 400 00:21:01,400 --> 00:21:07,600 vendor and so we're hoping to get more and more people into 401 00:21:07,600 --> 00:21:10,900 identity just as administrators who know who know the security 402 00:21:10,900 --> 00:21:13,300 implications of the decisions they're making, but don't 403 00:21:13,300 --> 00:21:16,600 necessarily have coding skills. Yeah. 404 00:21:16,600 --> 00:21:19,100 Struggle with organizations that are looking to build something 405 00:21:19,100 --> 00:21:21,600 that already exists. As a product somewhere else. 406 00:21:21,900 --> 00:21:24,600 And I think what you hit earlier was something that I always 407 00:21:24,600 --> 00:21:26,400 agree with is, you know, who's spending more on security? 408 00:21:26,400 --> 00:21:29,400 Is it going to be, you know, an organization is doing 500 409 00:21:29,400 --> 00:21:33,100 billion medications per second or is it going to be, you know, 410 00:21:33,100 --> 00:21:35,800 an organization that, you know, builds Transmissions? 411 00:21:36,400 --> 00:21:38,400 I'm gonna go with, you know, the company that's actually probably 412 00:21:38,400 --> 00:21:40,700 spending more money, you know, on the actual security part of 413 00:21:40,700 --> 00:21:43,100 it, because chances are, they're probably be more successful with 414 00:21:43,100 --> 00:21:45,000 it. And it's not core competency or 415 00:21:45,000 --> 00:21:47,700 really core to the product or the mission right for another 416 00:21:47,700 --> 00:21:49,100 organization. So it makes a lot of sense of be 417 00:21:49,100 --> 00:21:52,600 able to take advantage. Of those types of solutions and 418 00:21:52,800 --> 00:21:55,200 I definitely see the low code. No code approach, I love the 419 00:21:55,200 --> 00:21:57,400 Lego brick analogy. I think that's something that, 420 00:21:57,900 --> 00:22:00,600 you know, that that I've seen elsewhere, you know, we see it a 421 00:22:00,608 --> 00:22:06,200 lot and like itsm tools, so things like service now and Pega 422 00:22:06,200 --> 00:22:09,000 and other things like that, where it's becoming more 423 00:22:09,000 --> 00:22:11,800 business-friendly to configure identity services. 424 00:22:12,800 --> 00:22:15,400 But all that does is really masking, the hard work that 425 00:22:15,400 --> 00:22:18,500 takes place behind the scenes right to make sure that that 426 00:22:18,500 --> 00:22:20,400 stuff works and interoperability. 80 and things 427 00:22:20,400 --> 00:22:22,300 like that. And I think that leads me to 428 00:22:22,300 --> 00:22:24,300 kind of the next conversation topic that I want to bring up 429 00:22:24,300 --> 00:22:28,000 which is around ID Pro itself. Because I do think it takes a 430 00:22:28,000 --> 00:22:31,900 army of really smart people to kind of come up with these types 431 00:22:31,900 --> 00:22:36,900 of standards and having the conversations right to allow, 432 00:22:37,900 --> 00:22:41,400 you know, companies to interact in a safe way through their 433 00:22:41,400 --> 00:22:43,900 identity mechanisms. So why don't we talk a little 434 00:22:43,900 --> 00:22:46,400 bit ID Pro? And I know that, you know, just 435 00:22:46,400 --> 00:22:49,900 for a starting topic. Let's say you recently were at a 436 00:22:50,100 --> 00:22:55,000 Reverse and announced the new CID Pro certification. 437 00:22:55,800 --> 00:22:58,000 I know it's something that has been near and dear to a lot of 438 00:22:58,000 --> 00:23:01,400 people's heart within Ida Pro itself and kind of figuring out. 439 00:23:01,600 --> 00:23:03,800 How do you prove that you can actually do? 440 00:23:03,800 --> 00:23:06,300 I am work right? Are you qualified? 441 00:23:06,300 --> 00:23:08,700 So maybe why don't we start with that? 442 00:23:08,700 --> 00:23:11,800 And you know, what is this CID Pro, you know, who is it for? 443 00:23:12,700 --> 00:23:16,500 Yeah, so this kind of goes back to the conversation that Ian and 444 00:23:16,500 --> 00:23:18,100 I had when we founded ID Pro, right? 445 00:23:18,100 --> 00:23:22,800 Like identity is Critical to the success of security and privacy. 446 00:23:22,800 --> 00:23:28,100 But security has cissp, right? And privacy has a certifications 447 00:23:28,100 --> 00:23:30,100 as well, but there's nothing for identity. 448 00:23:30,100 --> 00:23:32,400 There's no vendor neutral way to prove. 449 00:23:32,400 --> 00:23:34,200 Yes, I know General identity skills. 450 00:23:34,200 --> 00:23:39,500 I can do critical thinking about security issues until now and so 451 00:23:39,500 --> 00:23:41,000 we decided, hey we're going to build one. 452 00:23:41,000 --> 00:23:46,500 We started building a body of knowledge last year where ID Pro 453 00:23:46,500 --> 00:23:49,800 members who are people who have been in the industry for 454 00:23:49,800 --> 00:23:52,400 decades. Kids are writing scholarly 455 00:23:52,400 --> 00:23:55,600 Journal level articles, about identity, and access management 456 00:23:55,600 --> 00:23:57,400 topics. And we said, oh we can certify 457 00:23:57,400 --> 00:24:02,500 against that and so you Jeff and a lot of other identity 458 00:24:02,500 --> 00:24:06,200 professionals all got together and wrote questions that said, 459 00:24:06,200 --> 00:24:09,600 hey someone with like our Target candidate is someone who has two 460 00:24:09,600 --> 00:24:13,500 years of experience either as a developer or an administrator 461 00:24:13,500 --> 00:24:17,500 with an identity system. And so these are questions that 462 00:24:17,500 --> 00:24:19,800 are aimed at someone who's been in the field for two. 463 00:24:20,000 --> 00:24:21,800 Years and hey, this is what you should know. 464 00:24:21,800 --> 00:24:23,800 By the time, you've been in the field for two years, this is 465 00:24:23,800 --> 00:24:27,300 what you should be up to speed on and so someone with two years 466 00:24:27,300 --> 00:24:30,000 of experience should be able to take the test and pass it 467 00:24:30,000 --> 00:24:31,800 without studying, that's our goal. 468 00:24:32,500 --> 00:24:36,000 So, I think it's a good target audience if I like it because 469 00:24:36,600 --> 00:24:40,300 it's still, you know, relatively entry-level but does require 470 00:24:40,300 --> 00:24:42,400 some experience in the industry, right? 471 00:24:42,400 --> 00:24:45,100 To be able to kind of come up the stuff or at least be able to 472 00:24:45,100 --> 00:24:48,500 read the body of knowledge on the ID, Pro dot org website, 473 00:24:48,900 --> 00:24:51,700 which is a, which is a It reads, I think if people are looking 474 00:24:51,700 --> 00:24:55,400 for good identity content, go there and I don't say that just 475 00:24:55,400 --> 00:24:59,000 because we're on the list is a podcast but also because it is, 476 00:24:59,000 --> 00:25:00,800 you know, there's a wealth of information out there and I do 477 00:25:00,800 --> 00:25:03,600 like the fact that, you know, if you're looking to work the 478 00:25:03,600 --> 00:25:08,100 certification process through ID Pro essentially, that's the page 479 00:25:08,100 --> 00:25:09,600 that you can go to to study, right? 480 00:25:09,600 --> 00:25:13,400 There's most of the questions, I think have sources that come 481 00:25:13,400 --> 00:25:17,200 from that area to make it, you know, I won't say easy, right? 482 00:25:17,200 --> 00:25:19,200 Because you still need to have the knowledge and demonstrate 483 00:25:19,200 --> 00:25:21,700 it. But easy from the fact that 484 00:25:21,700 --> 00:25:24,800 you're not having to scour the web eight different, you know, 485 00:25:24,800 --> 00:25:28,400 websites a bunch of YouTube channels, you know however 486 00:25:28,400 --> 00:25:30,700 people are studying for things like Security Plus and C is 487 00:25:30,700 --> 00:25:32,300 ESPYs and you know, things like that. 488 00:25:32,300 --> 00:25:33,900 I think it's a good place to start. 489 00:25:34,200 --> 00:25:38,100 You mentioned that the certification focuses on more? 490 00:25:38,100 --> 00:25:41,000 Do that like the technical of the administrator side of 491 00:25:41,000 --> 00:25:43,100 identity? I think there's a large 492 00:25:43,100 --> 00:25:45,700 constituency of people who are maybe not as technical they 493 00:25:45,700 --> 00:25:49,700 might be more on a business analyst or process-oriented when 494 00:25:49,700 --> 00:25:50,700 it. That identity. 495 00:25:51,000 --> 00:25:54,000 What are your thoughts around? How do we include those people? 496 00:25:54,000 --> 00:25:56,600 As part of that is is this test for them as well? 497 00:25:57,200 --> 00:25:59,800 Or do you see like a different path to kind of demonstrate? 498 00:25:59,800 --> 00:26:03,100 Maybe I am as a process knowledge and maybe less, so on 499 00:26:03,100 --> 00:26:06,900 the technical side of things. So a couple of things one is 500 00:26:06,900 --> 00:26:10,700 that it is intended for them. We intentionally crafted the 501 00:26:10,700 --> 00:26:12,800 question so that they're not gotcha questions, right? 502 00:26:12,800 --> 00:26:15,500 There's nothing that requires like rote memorization of the 503 00:26:15,500 --> 00:26:18,200 phyto standard where you must know exactly what string, this 504 00:26:18,200 --> 00:26:19,800 API returns, right? Like that. 505 00:26:19,900 --> 00:26:23,700 It's not the kind of thing that were testing against the 506 00:26:23,700 --> 00:26:28,200 questions are things like, hey, a developer is making an 507 00:26:28,200 --> 00:26:34,100 identity system and he has a, he's getting a token from a 508 00:26:34,100 --> 00:26:37,500 federation situation and he decides not to check the 509 00:26:37,508 --> 00:26:40,100 signature on the token because his system works fine without 510 00:26:40,100 --> 00:26:42,300 checking that signature and he's got stuff to do. 511 00:26:42,300 --> 00:26:45,000 And so he just push to production and leaves the 512 00:26:45,000 --> 00:26:47,300 office, right? If you are an identity person, 513 00:26:47,300 --> 00:26:49,800 who doesn't know that like you should be checking signatures 514 00:26:50,000 --> 00:26:52,500 Tokens to make sure that they actually came from where they 515 00:26:52,500 --> 00:26:55,200 said they were coming from. You should fail this test. 516 00:26:55,700 --> 00:26:58,200 And so, if you don't know those sorts of things that require 517 00:26:58,200 --> 00:27:01,500 like critical thinking and understanding of this system and 518 00:27:01,500 --> 00:27:04,100 why we trust the system, those are the types of things that 519 00:27:04,100 --> 00:27:08,400 we're testing for not specific, gotcha questions. 520 00:27:09,200 --> 00:27:12,800 However, people have expressed interest in future, 521 00:27:12,800 --> 00:27:14,400 certifications, and going deeper. 522 00:27:14,700 --> 00:27:17,700 So we've had people say, hey, I want to do a whole certification 523 00:27:17,700 --> 00:27:21,600 about governance and how you govern an identity system and 524 00:27:21,600 --> 00:27:24,700 how the business processes work, how you make sure that all of 525 00:27:24,700 --> 00:27:28,200 these mechanisms are in place that keep the system healthy and 526 00:27:28,200 --> 00:27:31,700 hey I want to do a whole legal certification about what are the 527 00:27:31,700 --> 00:27:34,300 legal restrictions and requirements and enablement 528 00:27:34,300 --> 00:27:39,100 Surround identity and and can I prove that I know those things 529 00:27:39,600 --> 00:27:42,500 and so for future certifications like we could go in that 530 00:27:42,500 --> 00:27:45,200 direction or we're going deep into one, specific role and 531 00:27:45,200 --> 00:27:49,800 Identity or we could go by industry and we can say hey Finn 532 00:27:50,200 --> 00:27:54,400 Identity has its own special requirements and Healthcare 533 00:27:54,400 --> 00:27:56,700 identity has its own special requirements. 534 00:27:57,200 --> 00:27:59,700 And like, Hospitality identity has its own special 535 00:27:59,700 --> 00:28:01,600 requirements, right? And so we could go that 536 00:28:01,600 --> 00:28:04,200 direction like kind of a horizontal direction as well. 537 00:28:04,500 --> 00:28:07,900 So there's a few different ways to slice it and if all of you 538 00:28:07,900 --> 00:28:10,800 listening out there, have opinions, please join, I do pro 539 00:28:10,800 --> 00:28:13,600 join the certification committee because these decisions are 540 00:28:13,608 --> 00:28:16,500 decisions that are being made now and they're going to affect 541 00:28:16,800 --> 00:28:18,500 identity Professionals in the future. 542 00:28:18,500 --> 00:28:21,900 So I think this is Such important work and it's really 543 00:28:22,800 --> 00:28:28,500 providing some credibility or, you know, if somebody needs to 544 00:28:28,500 --> 00:28:32,700 have some kind of certification to kind of advance in their 545 00:28:32,700 --> 00:28:36,500 career or at least prove some base level, Baseline level of 546 00:28:36,500 --> 00:28:40,400 knowledge, I think that's where certification can be really 547 00:28:40,400 --> 00:28:44,200 handy, and it's also kind of a way for folks who are kind of 548 00:28:44,200 --> 00:28:47,100 early in their career. You know it's interesting sorry 549 00:28:47,100 --> 00:28:51,300 because I think in the beginning of the Episode where you were 550 00:28:51,400 --> 00:28:54,200 kind of describing your background of whether you chose 551 00:28:54,200 --> 00:28:58,600 I am or I am shows, you think you said kind of of course I am 552 00:28:58,600 --> 00:29:02,000 chose me right? Because folks from who have been 553 00:29:02,000 --> 00:29:03,600 in this industry for a long time? 554 00:29:03,600 --> 00:29:09,100 That's how you know, 99% of us got into, I am, was it shows us, 555 00:29:09,300 --> 00:29:12,000 you know, we kind of lucked our way into this, very cool 556 00:29:12,000 --> 00:29:15,700 industry, but I think in the future that's actually going to 557 00:29:15,700 --> 00:29:19,300 change, you know, maybe somebody will have their entry into I am, 558 00:29:19,900 --> 00:29:23,400 Via our project but they others might choose like, hey, that's 559 00:29:24,100 --> 00:29:26,300 an industry. That I know somebody who's in 560 00:29:26,300 --> 00:29:31,000 the industry, I want to get into that industry and they start by 561 00:29:31,300 --> 00:29:33,800 getting certified. And what the certification 562 00:29:33,800 --> 00:29:36,400 really means to me, like what you're talking about with the, 563 00:29:37,600 --> 00:29:41,400 you know, the signing tokens. Like those are kind of like some 564 00:29:41,400 --> 00:29:44,700 baseline knowledge that if you have that, you kind of 565 00:29:44,700 --> 00:29:48,100 understand what's going on when it comes to I am. 566 00:29:48,200 --> 00:29:50,400 So I think it's very important. What you're doing. 567 00:29:50,400 --> 00:29:55,000 And I think it really helps that next generation of I am 568 00:29:55,000 --> 00:29:59,500 practitioner get into the space, which I think is important for 569 00:29:59,500 --> 00:30:03,000 all of us to do is kind of like handing handing this industry 570 00:30:03,000 --> 00:30:08,000 down and making sure that the next round of qualified people 571 00:30:08,000 --> 00:30:12,700 don't have to kind of kill themselves to figure it out that 572 00:30:12,700 --> 00:30:16,600 we're, you know, giving that passing our knowledge on. 573 00:30:18,500 --> 00:30:21,600 But I wanted to get into Kind of some of the the Tactical 574 00:30:21,600 --> 00:30:24,500 components. Now if somebody wanted to take 575 00:30:24,500 --> 00:30:28,600 this exam you know, do they need to be my ID Pro member? 576 00:30:29,700 --> 00:30:33,700 Where would they go to sign up? And you know how much does it 577 00:30:33,708 --> 00:30:36,700 cost to take the certification exam? 578 00:30:37,100 --> 00:30:40,000 Sure you don't have to be a member it's open to the public 579 00:30:40,600 --> 00:30:45,000 you sign up at ID Pro dot org, slash CID Pro. 580 00:30:45,000 --> 00:30:47,000 That's for a couple or calling certified identity 581 00:30:47,000 --> 00:30:50,800 professionals, CID Pros, the credential you get However, if 582 00:30:50,800 --> 00:30:54,500 you pass the exam you do get a year of Ida Pro membership for 583 00:30:54,500 --> 00:30:58,600 free so you can come hang out with all of the idea Pros. 584 00:30:58,600 --> 00:31:00,800 We have a slack that we all hang out on all day. 585 00:31:00,800 --> 00:31:04,700 And lots of people ask random questions of like identity 586 00:31:04,700 --> 00:31:06,400 professionals who have been around here, you've been around 587 00:31:06,400 --> 00:31:08,000 for 10 years. Like how did you handle this 588 00:31:08,000 --> 00:31:09,400 problem? How did you do this? 589 00:31:10,600 --> 00:31:16,000 Those sorts of things. The exam is $750 and Ida Pro is 590 00:31:16,000 --> 00:31:18,100 a non-profit, nobody's making money off of this. 591 00:31:18,100 --> 00:31:22,000 This is what it costs us. To develop and deliver the test. 592 00:31:22,000 --> 00:31:24,500 And we're hoping to make this a sustainable program where we can 593 00:31:24,500 --> 00:31:27,400 deliver more tests in the future of different subsets of 594 00:31:27,400 --> 00:31:29,600 identity. So I think it'd be interesting 595 00:31:29,600 --> 00:31:35,200 to see identity as a formal education path, right? 596 00:31:35,200 --> 00:31:38,100 I think there's a lot of in information security but 597 00:31:38,300 --> 00:31:41,000 building out the curriculum for someone to show career 598 00:31:41,000 --> 00:31:43,800 progression specifically with my identity would be interesting to 599 00:31:43,800 --> 00:31:46,800 see and I think this is kind of one of those first steps towards 600 00:31:46,800 --> 00:31:49,200 that. I will tell you right now that 601 00:31:49,200 --> 00:31:54,100 the slack All for ID Pro is just a loan that is worth the price 602 00:31:54,100 --> 00:31:57,300 of admission for an ID Pro membership which I believe is 603 00:31:57,300 --> 00:32:00,400 $150 a year. Yes, if I remember. 604 00:32:00,600 --> 00:32:05,000 So just that slack Channel alone is well worth it and then you 605 00:32:05,000 --> 00:32:07,400 get everything else. So I think we're burying the 606 00:32:07,400 --> 00:32:09,300 lead a little bit. It's like that's that's where we 607 00:32:09,300 --> 00:32:11,900 want people to be at because there are really smart people 608 00:32:11,900 --> 00:32:16,300 and really friendly people who are asking questions answering 609 00:32:16,300 --> 00:32:18,600 questions. And yeah if you're struggling 610 00:32:18,600 --> 00:32:21,100 with and I am questions. Um where you know, there's 611 00:32:21,100 --> 00:32:23,900 forums like you know, probably date myself stackoverflow, 612 00:32:23,900 --> 00:32:25,000 right? And things like that, right? 613 00:32:25,000 --> 00:32:26,200 Where people go to ask questions. 614 00:32:26,600 --> 00:32:29,800 It's a great spot to be able to really pick the brains of, you 615 00:32:29,800 --> 00:32:33,600 know, I'd sell though. Identity nerds out there to, you 616 00:32:33,600 --> 00:32:36,400 know, answer things that chances are someone might have seen it 617 00:32:36,400 --> 00:32:39,500 or solve that already or can tell you what doesn't work. 618 00:32:39,600 --> 00:32:42,600 So you don't go down a rabbit hole of, you know, making 619 00:32:42,600 --> 00:32:44,800 mistakes that have a misstatement made before. 620 00:32:44,800 --> 00:32:46,200 So I think that's always really helpful. 621 00:32:47,500 --> 00:32:49,700 So I'm a big supporter of ID Pro for sure. 622 00:32:50,100 --> 00:32:52,700 And I love the fact that there's a certification for it. 623 00:32:53,200 --> 00:32:56,300 I wish I had contributed more. I think I have one question the 624 00:32:56,300 --> 00:32:58,000 test and there is others who are out. 625 00:32:58,000 --> 00:33:00,600 There are definitely double digits you know like yourself 626 00:33:00,600 --> 00:33:02,100 and know. Ian has written about a lot of 627 00:33:02,100 --> 00:33:03,900 questions. I think people like Matthew 628 00:33:03,900 --> 00:33:06,300 Carter and Chris Phillips they believe of also you know 629 00:33:06,300 --> 00:33:09,500 contribute a lot. So it has taken a lot of work to 630 00:33:09,500 --> 00:33:12,400 get to this ditch you know to the to the state you're in right 631 00:33:12,400 --> 00:33:16,500 now in a launch release. I guess from start to finish. 632 00:33:16,500 --> 00:33:19,700 How long did it take to actually get this? 633 00:33:19,800 --> 00:33:21,500 Into. Okay, we've got something. 634 00:33:21,500 --> 00:33:22,900 Let's announce it and let's laugh. 635 00:33:23,100 --> 00:33:26,200 Let people start registering. It was it six months a year 636 00:33:26,200 --> 00:33:29,100 longer than that? It took almost a year. 637 00:33:29,200 --> 00:33:34,800 Yeah, I so I took three months of Levi took maternity leave an 638 00:33:34,800 --> 00:33:40,700 early 2020 and I came back in July. 639 00:33:40,700 --> 00:33:42,900 I expecting that the board would have moved forward on this 640 00:33:42,900 --> 00:33:46,000 project. I do pro board and they had just 641 00:33:46,000 --> 00:33:47,800 been super busy and nothing happened. 642 00:33:47,800 --> 00:33:51,800 And so I had Cleared my calendar to take leave and I was like, 643 00:33:51,800 --> 00:33:54,600 all right, I'm going to take this on like I'm going to do 644 00:33:54,600 --> 00:33:56,900 this. We're going to bring this in and 645 00:33:56,900 --> 00:34:01,200 like I'm going to launch it it identifies next year so so what 646 00:34:01,200 --> 00:34:04,100 happens when you show up at identifier sand and you have 647 00:34:04,100 --> 00:34:07,400 that that presentation that you gave to kind of announce it, 648 00:34:07,400 --> 00:34:10,100 what was it like to can I get out on that stage and say okay 649 00:34:10,400 --> 00:34:13,199 this thing that we've been thinking about here it is. 650 00:34:13,199 --> 00:34:14,699 Have at it. What's what was the reaction to 651 00:34:14,699 --> 00:34:16,300 it? It was so amazing. 652 00:34:16,300 --> 00:34:17,699 Jeff. Like I literally did a happy 653 00:34:17,699 --> 00:34:21,000 dance on stage. I was so so so happy we could 654 00:34:21,000 --> 00:34:25,500 finally open registration for the test and everyone was 655 00:34:25,500 --> 00:34:28,300 stopping me in the hallways and going I'm so glad you did this. 656 00:34:28,300 --> 00:34:29,900 I'm going to sign up. I'm going to have my whole 657 00:34:29,900 --> 00:34:31,500 company sign up. I'm going to have my whole 658 00:34:31,500 --> 00:34:34,900 consultancy sign up like we're getting a huge amount of 659 00:34:34,900 --> 00:34:39,000 traction for it so it's just really great to see that as the 660 00:34:39,199 --> 00:34:40,699 industry was clearly ready for this. 661 00:34:40,699 --> 00:34:43,900 Like, this was the right time. I'm kind of sad that I didn't 662 00:34:43,900 --> 00:34:47,600 get to identify first this year. You spoke it identifies. 663 00:34:47,600 --> 00:34:51,100 You just kind of alluded to it. Doing the happy dance. 664 00:34:52,600 --> 00:34:54,699 Can you give us a recap of the conference? 665 00:34:54,699 --> 00:34:59,800 I know I'm definitely going next year, you know, God willing, but 666 00:35:00,400 --> 00:35:04,000 can you give us kind of a recap and tell us a little bit about 667 00:35:04,000 --> 00:35:06,300 what you enjoyed? What was your favorite session? 668 00:35:07,000 --> 00:35:10,900 Sure, the conference this year was a lot smaller because of the 669 00:35:10,900 --> 00:35:13,200 pandemic. And so the people who came were 670 00:35:13,600 --> 00:35:16,300 really industry veterans and they really pulled out all the 671 00:35:16,300 --> 00:35:18,000 stops. I think they were, there are so 672 00:35:18,000 --> 00:35:21,500 excited to be there. That the sessions were like 673 00:35:21,500 --> 00:35:23,900 extra well-done and extra research. 674 00:35:24,300 --> 00:35:27,000 I think it also helped that they had to pre-record beforehand 675 00:35:27,000 --> 00:35:29,200 because it was a hybrid event where half of it was done online 676 00:35:29,200 --> 00:35:32,600 and so they couldn't just put in their slides the night before 677 00:35:32,700 --> 00:35:35,800 they actually had to at least 21 try run to record it for the 678 00:35:35,800 --> 00:35:39,400 online audience. But it was it was really 679 00:35:39,400 --> 00:35:44,000 awesome. There's a great session by Tori 680 00:35:44,000 --> 00:35:45,700 Mayer. Who's a first-time identifier 681 00:35:45,700 --> 00:35:47,900 speaker. She's a product manager at 682 00:35:47,900 --> 00:35:52,000 paying and she's About why you need product management in your, 683 00:35:52,000 --> 00:35:56,000 I am team in order to have strategy and listen to 684 00:35:56,000 --> 00:35:58,400 customers. And not just do project 685 00:35:58,400 --> 00:36:02,700 management of like Gantt charts and how you get things done. 686 00:36:02,700 --> 00:36:04,800 But really making sure you're doing the right things and 687 00:36:04,800 --> 00:36:07,200 making sure you're doing the right things for the long term. 688 00:36:07,500 --> 00:36:11,000 That's a really great talk. David Lee of cloud entity gave a 689 00:36:11,000 --> 00:36:14,600 great talk on diversity in the identity industry and how we can 690 00:36:15,400 --> 00:36:17,400 do real work there and have real solutions. 691 00:36:17,400 --> 00:36:19,600 And not just do sort of thoughts and prayers. 692 00:36:19,700 --> 00:36:22,300 Kind of do this is bad. I hope it gets better kind of 693 00:36:22,308 --> 00:36:26,000 thing. Brian Campbell gave a great talk 694 00:36:26,000 --> 00:36:31,800 on the new par standard John. Lennon did a talk. 695 00:36:31,800 --> 00:36:33,700 That is actually going to be a book. 696 00:36:33,700 --> 00:36:36,900 I guess, he wrote a whole book on actually identity at AWS. 697 00:36:36,900 --> 00:36:41,500 So, there were a ton of good talks this year, and I think the 698 00:36:41,500 --> 00:36:44,400 online portal is still open so people can watch those. 699 00:36:44,400 --> 00:36:49,300 And then normally identifies puts them up online for free a 700 00:36:49,300 --> 00:36:50,000 few. Later. 701 00:36:50,000 --> 00:36:53,600 So they may be coming to the internet soon but I don't know 702 00:36:53,600 --> 00:36:55,400 for sure on that. Yeah, I'll have to keep an eye 703 00:36:55,400 --> 00:36:57,400 out for that cuz I, yeah, I think usually they do have them 704 00:36:57,500 --> 00:37:00,600 online somewhere to view and I'm sad to, I didn't make it. 705 00:37:00,700 --> 00:37:05,100 This is the first one I've missed since 2016, at least. 706 00:37:05,500 --> 00:37:10,300 So, for whatever reason I was I'm looking forward to traveling 707 00:37:10,900 --> 00:37:12,100 and just didn't make it to this one. 708 00:37:12,100 --> 00:37:14,900 So, definitely. Next year, for sure it's a great 709 00:37:14,900 --> 00:37:16,300 conference. I think it's the best identity 710 00:37:16,300 --> 00:37:19,600 conference at least in the u.s. that I've been to. 711 00:37:19,700 --> 00:37:22,800 Ooh not that other ones are bad but I think this one being so 712 00:37:22,800 --> 00:37:26,400 specifically focused on identity and the fact that while it's 713 00:37:26,400 --> 00:37:29,500 hosted by ping, I think pink does a good job of separating it 714 00:37:29,500 --> 00:37:33,300 out that it's not all about ping and it is separate, you know 715 00:37:33,300 --> 00:37:36,800 enough where there are certainly competitors there and it really 716 00:37:36,800 --> 00:37:40,100 has turned into you know not just the Ping Identity 717 00:37:40,100 --> 00:37:42,300 conference. It's it's own thing, right? 718 00:37:42,300 --> 00:37:44,300 And I think they've done a really good job of having that 719 00:37:44,300 --> 00:37:47,700 level of abstraction that layer of second of Separation to make 720 00:37:47,700 --> 00:37:50,400 it a little more vendor neutral, which That's what we try to do. 721 00:37:50,400 --> 00:37:52,800 On our show to is, is not do commercials or anything like 722 00:37:52,800 --> 00:37:55,400 that and really kind of more talk more substance. 723 00:37:55,900 --> 00:37:57,900 One thing I thought was really interesting as we were kind of 724 00:37:58,100 --> 00:38:01,700 prepping before the call. Is you mentioned your fondness 725 00:38:01,700 --> 00:38:04,300 for escape rooms? So I think there's a couple 726 00:38:04,300 --> 00:38:07,300 things you told us a story about one that you attended in Denver, 727 00:38:07,300 --> 00:38:11,600 but before we get to that for folks who aren't familiar what 728 00:38:11,600 --> 00:38:16,000 is an escape room? So, an escape room is a series 729 00:38:16,000 --> 00:38:19,100 of puzzles. They actually started in 730 00:38:19,100 --> 00:38:20,200 Seattle. Where I live. 731 00:38:20,200 --> 00:38:22,800 So it's not like who incidental that I'm into this. 732 00:38:23,400 --> 00:38:26,900 It's in the first one. You were literally locked in a 733 00:38:26,900 --> 00:38:31,500 room and the key to get the door was like in a safe and you had 734 00:38:31,500 --> 00:38:33,700 to get the code to the safe in order to get that I could to the 735 00:38:33,700 --> 00:38:36,200 save, you had to find all the pieces of the puzzle in her to 736 00:38:36,200 --> 00:38:37,300 find all the pieces of the puzzle. 737 00:38:37,300 --> 00:38:39,700 You had to find all these keys and you had to do all these 738 00:38:40,400 --> 00:38:43,500 solutions to different puzzles around the room and some of them 739 00:38:43,500 --> 00:38:47,300 involve like mirrors and lasers and some of them involved like 740 00:38:47,600 --> 00:38:51,300 literal jigsaw puzzles and some of Involved like getting a 741 00:38:51,308 --> 00:38:55,000 magnet through a maze. And so, it's a whole bunch of 742 00:38:55,000 --> 00:38:59,700 fun, puzzles that you have an hour to solve, and then if you 743 00:38:59,700 --> 00:39:02,100 don't solve them, you are locked in that room forever and you 744 00:39:02,107 --> 00:39:03,700 starve and you die. Hmm. 745 00:39:03,800 --> 00:39:05,100 Okay. So there's definitely some 746 00:39:05,100 --> 00:39:08,600 repercussions for for not for not getting a getting things 747 00:39:08,600 --> 00:39:09,200 done. And this is. 748 00:39:09,200 --> 00:39:10,100 So, I guess, the important thing, right? 749 00:39:10,100 --> 00:39:12,000 This is, this is in the real world, right? 750 00:39:12,000 --> 00:39:14,400 We're not talking about a webpage, although maybe there's 751 00:39:14,400 --> 00:39:17,600 a computer with, you know what? Page open, but you're actually 752 00:39:17,600 --> 00:39:22,400 physically in a room and there are puzzles or things and a 753 00:39:22,408 --> 00:39:24,200 theme usually associated with it, right? 754 00:39:24,200 --> 00:39:27,700 To kind of say, okay, you need to get to this objective, 755 00:39:27,700 --> 00:39:30,900 whatever that may be open the safe or, you know, find the key 756 00:39:30,900 --> 00:39:33,500 to the exit, whatever it may be, which I think is fascinating, I 757 00:39:33,500 --> 00:39:38,200 have not done one yet myself, but I know people who have and 758 00:39:38,200 --> 00:39:40,300 they just keep talking about it and raving about it and it's a 759 00:39:40,300 --> 00:39:42,700 little bit irritating sometimes about how much they like it. 760 00:39:43,500 --> 00:39:46,000 But why don't we talk about the one that that happened in 761 00:39:46,000 --> 00:39:47,500 Denver? Because I think it was an 762 00:39:47,500 --> 00:39:49,200 interesting story on a couple different fronts and I don't 763 00:39:49,200 --> 00:39:51,100 want to spoil That's a lot. You go ahead and tell it. 764 00:39:51,300 --> 00:39:53,000 Yeah. So I try to get some ID Pro 765 00:39:53,000 --> 00:39:55,700 members together and every identifiers to go to an escape 766 00:39:55,700 --> 00:39:58,300 room. So the last one we did was in 767 00:39:58,300 --> 00:40:02,800 Washington, DC in 2019. And for that one, we set an 768 00:40:02,800 --> 00:40:05,700 all-time record for the fastest team to get out of the room. 769 00:40:06,100 --> 00:40:09,400 Because it turns out that like, identity people are really good, 770 00:40:09,400 --> 00:40:13,500 creative problem solvers, and so like the very transferable skill 771 00:40:13,500 --> 00:40:16,000 set. And so this one, we like we had 772 00:40:16,000 --> 00:40:18,400 really high expectations. Were like, oh yeah, like what's 773 00:40:18,400 --> 00:40:19,600 the record for the room we're going to? 774 00:40:19,700 --> 00:40:24,500 Beat that record and we did one in Denver this year and identify 775 00:40:24,500 --> 00:40:28,800 verse and the record for the room was 27 minutes and we got 776 00:40:28,800 --> 00:40:33,300 out in 33. So we were pretty darn close but 777 00:40:33,300 --> 00:40:37,200 we had to haul ourselves all the way from the conference center 778 00:40:37,200 --> 00:40:41,200 which is more by the airport at to downtown Denver and we were 779 00:40:41,200 --> 00:40:44,200 going to Uber, but apparently Ubers are really expensive and 780 00:40:44,200 --> 00:40:47,200 unreliable now because like post IPO, they want to make money or 781 00:40:47,200 --> 00:40:51,100 something. And but as it turns out, like at 782 00:40:51,100 --> 00:40:55,700 6 p.m. on a Tuesday, like limos are super cheap and so we 783 00:40:55,700 --> 00:41:00,500 actually rented a limo and a tidy Pro members, drink, 784 00:41:00,500 --> 00:41:04,200 champagne, and were ferried to an escape room in downtown 10 785 00:41:04,200 --> 00:41:09,800 for then and then came back. And so it was, it was an extra 786 00:41:09,800 --> 00:41:11,700 fancy Escape. So if you need any more 787 00:41:11,700 --> 00:41:15,400 motivation to join ID Pro, that's right. 788 00:41:15,900 --> 00:41:18,500 Sarah will pick you up in a limo and take you? 789 00:41:18,900 --> 00:41:20,400 A escape room. Is that what I'm hearing? 790 00:41:20,700 --> 00:41:22,600 And you will get out in record time. 791 00:41:22,600 --> 00:41:27,100 There's a 50% chance. I just imagine this this image 792 00:41:27,100 --> 00:41:31,600 of like this limo pulling up to identify verse and then a whole 793 00:41:31,600 --> 00:41:34,300 bunch of identity, nerds kind of like hopping into it and people 794 00:41:34,300 --> 00:41:37,300 sticking out of the top of the sunroof, whatever drinking 795 00:41:37,300 --> 00:41:40,300 champagne as they're like, you know, onwards my toe off 796 00:41:40,300 --> 00:41:44,900 companions are unique, he's back to downtown and then they're 797 00:41:44,900 --> 00:41:49,000 like jokes the whole way. I mean, this is Now really 798 00:41:49,000 --> 00:41:52,600 getting into like probably true identity, nor tears nor identity 799 00:41:52,600 --> 00:41:55,600 and heard territory for sure, but it sounds like a lot of fun. 800 00:41:55,900 --> 00:42:00,200 So, you know, I think what want to do is probably end up here on 801 00:42:00,200 --> 00:42:05,300 a lighter note, what is your ideal escape room like describe 802 00:42:05,300 --> 00:42:09,700 it for us and the listeners. So, let me tell you about a few 803 00:42:09,700 --> 00:42:14,100 of the Escape rooms that I have really been impressed by, and 804 00:42:14,100 --> 00:42:16,500 like, some combination of those would probably be my ideal. 805 00:42:17,300 --> 00:42:19,800 So the first one is in LA. It's on Hollywood Boulevard. 806 00:42:19,800 --> 00:42:22,600 There is an escape hotel that has, like, eight different 807 00:42:22,600 --> 00:42:25,300 Escape rooms. And I did not even know this was 808 00:42:25,300 --> 00:42:28,800 there, but I was there with my family and we walked in and we 809 00:42:28,800 --> 00:42:30,900 were like, do you have any open it like, and they're like, yes, 810 00:42:30,900 --> 00:42:32,100 we have lots. Which one do you want? 811 00:42:32,100 --> 00:42:34,200 And we were like, which one is the hardest? 812 00:42:35,100 --> 00:42:37,800 And I forget what the name of the room was but they were like, 813 00:42:37,800 --> 00:42:42,700 it's this room and but you start off blindfolded and chained to 814 00:42:42,700 --> 00:42:48,000 the floor and we were like cool. We're in like let's do it right? 815 00:42:48,000 --> 00:42:50,400 And it's in Hollywood, right? So it's Hollywood production 816 00:42:50,400 --> 00:42:53,600 level. So that one was super fun and 817 00:42:53,600 --> 00:42:56,500 then, hey, Sarah. Are you sure though that was an 818 00:42:56,500 --> 00:43:02,200 escape room? Right? 819 00:43:02,200 --> 00:43:03,800 You have to wonder when they do that. 820 00:43:04,500 --> 00:43:07,700 Yeah, no kidding. Sorry then there's a great one 821 00:43:08,200 --> 00:43:14,400 in Austin that we did where we were supposed to. 822 00:43:14,600 --> 00:43:17,500 There was this whole cabinet that they had built in doors. 823 00:43:17,900 --> 00:43:20,500 And so you started outside the cabin, you had to break in. 824 00:43:20,500 --> 00:43:22,800 And then you saw the bunch of puzzles in the cabin, and the 825 00:43:22,800 --> 00:43:25,200 fireplace swings open. And you're like, okay, what's 826 00:43:25,200 --> 00:43:28,500 behind the fireplace and you crawl in and there's an 827 00:43:28,500 --> 00:43:32,600 adult-sized slide to the next level of Building where there 828 00:43:32,600 --> 00:43:37,600 are more puzzles and so you have to go down the slide, that was 829 00:43:37,600 --> 00:43:39,800 awesome. And then, my absolute favorite 830 00:43:39,800 --> 00:43:43,500 escape room is here in Seattle. The company that founded Escape 831 00:43:43,500 --> 00:43:46,800 rooms is called puzzle break. And they started with two and 832 00:43:46,800 --> 00:43:49,900 they found that they had groups that were trying to compete to 833 00:43:49,900 --> 00:43:53,000 see which one could get out faster, but they were two 834 00:43:53,000 --> 00:43:55,800 different rooms and so it wasn't really a fair contest. 835 00:43:56,000 --> 00:43:59,400 And so they built two, identical Escape rooms. 836 00:44:00,700 --> 00:44:04,100 And not so not only can you bring two groups and see who 837 00:44:04,100 --> 00:44:07,500 gets out faster? But there is a, it's all say on 838 00:44:07,500 --> 00:44:10,600 steamed and there's like this plastic candelabra on the wall 839 00:44:10,600 --> 00:44:13,300 that lights up when the other group, it's a milestone. 840 00:44:13,300 --> 00:44:15,500 So you can sort of tell like who's ahead. 841 00:44:15,800 --> 00:44:19,700 So like we went in and then like we're looking for things and 842 00:44:19,700 --> 00:44:21,800 like there's this clearly, this like chest said that we're 843 00:44:21,800 --> 00:44:24,100 supposed to put together and like there's one piece missing 844 00:44:24,100 --> 00:44:27,600 that we can't find somewhere in the room and then one candle on 845 00:44:27,600 --> 00:44:31,000 the kind of labra lights up. And we're like, oh, Oh, hell no. 846 00:44:31,000 --> 00:44:33,400 Like they already found the chest piece, like we have got to 847 00:44:33,400 --> 00:44:35,800 get to work, but this is not cool. 848 00:44:36,900 --> 00:44:40,900 So I think like some combination of like, competitive escape room 849 00:44:40,900 --> 00:44:43,600 that involves being like blindfolded and chained to the 850 00:44:43,600 --> 00:44:48,300 floor that also involves slice. Like, that's a combination of 851 00:44:48,600 --> 00:44:51,700 the best things I've seen. That's an Eclectic mix of 852 00:44:51,900 --> 00:44:56,100 flavors for your escape room. I like the idea of the 853 00:44:56,100 --> 00:44:58,800 competition part, right? Kind of bracing against someone 854 00:44:58,800 --> 00:45:01,100 else. Yeah, I firmly believe there 855 00:45:01,100 --> 00:45:03,100 should be like Hotel. There should be like, escape 856 00:45:03,100 --> 00:45:06,000 room Olympics. There needs to be a world 857 00:45:06,000 --> 00:45:08,400 champion. It sounds kind of like the movie 858 00:45:08,400 --> 00:45:11,600 Saw. If you think about it in that 859 00:45:11,600 --> 00:45:14,800 perspective, that's maybe a little bit more morbid way to 860 00:45:14,800 --> 00:45:16,500 end on a light note. Yeah, don't know. 861 00:45:16,500 --> 00:45:17,100 Kidding. Right. 862 00:45:17,100 --> 00:45:20,900 You know, I like to I like to keep it real for the folks you 863 00:45:20,900 --> 00:45:23,900 know, I haven't done one myself but I would imagine that if I 864 00:45:23,900 --> 00:45:27,000 were going to do one I would like something that is like 865 00:45:27,400 --> 00:45:31,800 virtual reality based somehow where You're not constrained by 866 00:45:31,800 --> 00:45:35,400 the limits of physics, man, you know, where there's some 867 00:45:35,400 --> 00:45:38,700 component to it, where you're able to leverage, kind of a 868 00:45:38,700 --> 00:45:42,800 bunch of different Technologies, maybe to kind of solve issues, 869 00:45:42,800 --> 00:45:45,100 or, you know, puzzles, things like that. 870 00:45:45,100 --> 00:45:49,400 So, maybe that's one of those in Australia. 871 00:45:49,400 --> 00:45:54,500 And so you have to change your strategy. 872 00:45:55,100 --> 00:45:58,200 Oh my gosh. I think we need to do a 873 00:45:58,200 --> 00:46:02,600 fact-finding mission. To to come up with some sort of 874 00:46:02,600 --> 00:46:05,100 identity problem that will that needs the identity at the center 875 00:46:05,100 --> 00:46:07,200 podcast to be there. That's right. 876 00:46:07,200 --> 00:46:10,100 We're going to use our Char, we're going to need our escape 877 00:46:10,100 --> 00:46:12,800 room Sherpa, Sarah to help us with that, as well. 878 00:46:12,800 --> 00:46:14,900 So I think that should be a mission of ours to take on at 879 00:46:14,900 --> 00:46:16,800 some point first. And what about yourself? 880 00:46:16,800 --> 00:46:18,600 What about have you ever done an Escape Route? 881 00:46:18,600 --> 00:46:22,600 I've never done an escape room. I thought about the one that 882 00:46:22,600 --> 00:46:25,900 Sarah mentioned, where there's a key locked in a sieve, and I've 883 00:46:25,900 --> 00:46:29,500 got a safe in my house and I know the combination and half 884 00:46:29,500 --> 00:46:29,900 the time. Time. 885 00:46:29,900 --> 00:46:33,500 It takes me to three tries to get to get it plugged in so I'll 886 00:46:33,500 --> 00:46:36,600 see you do it. Like, yeah, once he even if I 887 00:46:36,607 --> 00:46:41,400 know the combination, I takes me a while to get the safe open, so 888 00:46:41,600 --> 00:46:45,100 I don't think I would succeed. But I think if I was to say what 889 00:46:45,100 --> 00:46:49,000 an ideal escape room would be for me, would be something 890 00:46:49,000 --> 00:46:52,800 that's almost impossible to solve like, finding my keys or 891 00:46:52,800 --> 00:46:57,100 finding my remote control, you know, even though I was the last 892 00:46:57,100 --> 00:47:00,500 person to use it and I put it wherever Still can't find. 893 00:47:00,500 --> 00:47:03,900 It sounds like every day's an escape room for you. 894 00:47:03,900 --> 00:47:07,200 Jim was true. There's been that way for a long 895 00:47:07,200 --> 00:47:09,800 time. All right. 896 00:47:09,800 --> 00:47:12,000 So I think, we think we brought it back up to the lighter note, 897 00:47:12,000 --> 00:47:14,700 which is what we wanted. So we can forgive my saw 898 00:47:14,700 --> 00:47:19,300 reference, but before we let Sarah go any final words of 899 00:47:19,300 --> 00:47:21,800 wisdom, Sarah, that you want to lay on us and lay on the 900 00:47:21,800 --> 00:47:24,200 listening audience for anything we've talked about today. 901 00:47:25,200 --> 00:47:29,600 Oh gosh. Yeah, one of the tenets of the 902 00:47:29,600 --> 00:47:31,200 oauth working group that I have made. 903 00:47:31,200 --> 00:47:35,900 Also a tenant at AWS identity is make the easy things, easy and 904 00:47:35,900 --> 00:47:39,700 make the hard things possible. So when you're doing identity, 905 00:47:39,700 --> 00:47:43,400 you want to make it as easy as possible for things to get 906 00:47:43,400 --> 00:47:45,100 people to do things that they do every day, right? 907 00:47:45,100 --> 00:47:48,800 Login change, their password, things like that, and you want 908 00:47:48,800 --> 00:47:52,600 to make it possible for them to really dig into this system and 909 00:47:52,600 --> 00:47:54,500 write their own code if they want to make their own custom 910 00:47:54,500 --> 00:47:56,900 stuff. If they want and and really go 911 00:47:56,900 --> 00:48:00,300 to new lengths and New Heights. So, that's one of the tenets 912 00:48:00,300 --> 00:48:03,600 that I firmly believe in what architecting identity. 913 00:48:04,400 --> 00:48:06,100 I really like that. I think, you know, there's 914 00:48:06,100 --> 00:48:08,100 enough hard thing to this world. Let's try to make the easy 915 00:48:08,100 --> 00:48:09,800 things. Easy, that's when I think one of 916 00:48:09,800 --> 00:48:12,700 things I've been saying recently is, you know, I know identity 917 00:48:12,700 --> 00:48:15,500 can be overwhelming, but the goal is to make it whelming, 918 00:48:18,200 --> 00:48:21,700 it's like okay, there's so many things to solve issues, whatever 919 00:48:21,700 --> 00:48:23,000 right? And you can easily get 920 00:48:23,000 --> 00:48:24,700 overwhelmed with like a list of a hundred thousand. 921 00:48:24,800 --> 00:48:27,400 Is that need to happen. Let's just, let's just take it 922 00:48:27,408 --> 00:48:29,400 down to whelmed, right? Let's just fix the things we can 923 00:48:29,400 --> 00:48:31,400 fix and just work on in order. And that's how you eat. 924 00:48:31,400 --> 00:48:34,600 An elephant one bite at a time. Jim, how about yourself words of 925 00:48:34,600 --> 00:48:36,200 wisdom and words? Wisdom? 926 00:48:36,200 --> 00:48:40,000 I have is, you know, in preparing for this episode I 927 00:48:40,000 --> 00:48:45,000 went out to YouTube and watch some videos on AWS Cognito, so I 928 00:48:45,000 --> 00:48:48,000 actually may have known more about it than I let on with my 929 00:48:48,000 --> 00:48:51,400 questions. But I'd say anybody who's 930 00:48:51,400 --> 00:48:54,600 interested, I mean a ton of videos out there. 931 00:48:54,800 --> 00:49:00,100 Ron YouTube around AWS Cognito. So if you want to start that 932 00:49:00,100 --> 00:49:03,000 educational Journey, that's one place to start. 933 00:49:03,000 --> 00:49:05,500 But I would actually even turn it over to Sarah could because 934 00:49:05,800 --> 00:49:08,400 maybe there's better than than what I found, right? 935 00:49:08,400 --> 00:49:11,200 I found things on YouTube but where else can people go to 936 00:49:11,200 --> 00:49:16,900 learn about it? Yeah, and so AWS doesn't annual 937 00:49:16,900 --> 00:49:19,100 conference. Every year in December in Las 938 00:49:19,100 --> 00:49:22,100 Vegas, called reinvent and all of the talks from that 939 00:49:22,100 --> 00:49:25,400 conference go up on YouTube. So if you search for reinvent 940 00:49:25,400 --> 00:49:27,700 and search for Cognito, you'll find some of the, some of the 941 00:49:27,700 --> 00:49:29,700 best stuff that are solutions Architects. 942 00:49:29,700 --> 00:49:33,300 That are our service team has put out there. 943 00:49:33,500 --> 00:49:35,300 That's a great way to get started on learning. 944 00:49:35,700 --> 00:49:38,200 Now, you should see reinvent banners around when Gartner 945 00:49:38,200 --> 00:49:40,900 would do their identity access management conference which I 946 00:49:40,900 --> 00:49:43,700 believe was kind of like right before it and It's smart. 947 00:49:43,700 --> 00:49:45,500 I think to kind of, you know, have the two. 948 00:49:45,500 --> 00:49:49,100 It's almost like black hat and definitely. 949 00:49:49,100 --> 00:49:51,200 I did both. And I was in Vegas for two weeks 950 00:49:51,200 --> 00:49:53,800 and that was a terrible mistake. No one should ever stay in Vegas 951 00:49:53,800 --> 00:49:55,800 for two weeks. No, I did it for one week like 952 00:49:55,800 --> 00:49:57,300 Vegas, but I wouldn't want to live there. 953 00:49:58,700 --> 00:50:01,300 I like biggest only because, you know, when I go, I'm staying in 954 00:50:01,300 --> 00:50:03,900 a hotel, there's good restaurants, you know, usually 955 00:50:03,900 --> 00:50:06,900 it's, you know, on a company's answer, something like that, 956 00:50:06,900 --> 00:50:09,000 which is also helpful to this amazing. 957 00:50:09,000 --> 00:50:10,600 But like, that's part of the problem, right? 958 00:50:10,600 --> 00:50:12,700 Like you just can't stop eating. Yeah. 959 00:50:13,000 --> 00:50:15,100 Well, you know, or you don't have to go outside, right? 960 00:50:15,100 --> 00:50:18,000 You can breathe our official error for, I think, my record is 961 00:50:18,000 --> 00:50:20,200 four days. I never saw some light once in 962 00:50:20,200 --> 00:50:25,300 Vegas. Yeah, well, you know, that's 963 00:50:25,300 --> 00:50:28,600 what gives me. My radiant pale skin, that 964 00:50:29,300 --> 00:50:31,200 lichens, me to Casper the Friendly Ghost. 965 00:50:31,300 --> 00:50:34,100 Hey, Jeff. I'm very, how long is the ideal? 966 00:50:34,100 --> 00:50:37,500 Stay in Vegas for me. It's for days, anything beyond 967 00:50:37,500 --> 00:50:39,500 four days. So like I cannot wait to get to 968 00:50:39,500 --> 00:50:40,700 the airport. Yeah. 969 00:50:40,700 --> 00:50:45,000 I think I would say the same. But I think that's true for 970 00:50:45,000 --> 00:50:48,700 probably most areas unless you're actually going for 971 00:50:49,000 --> 00:50:52,900 leisure like a beach or if it's something like you can't go to 972 00:50:52,900 --> 00:50:54,400 Europe. For example, for four days. 973 00:50:54,400 --> 00:50:56,400 Or if you're in Europe, can't come to the US or four days 974 00:50:56,400 --> 00:50:59,100 because it takes you a day to get there today to get back. 975 00:50:59,100 --> 00:51:00,300 You're going to want to spend more time. 976 00:51:00,800 --> 00:51:04,100 So you know, I could I could probably swing a week but that's 977 00:51:04,200 --> 00:51:07,200 I don't drink really that much. I don't gamble but I love to 978 00:51:07,200 --> 00:51:10,700 people watch and I'll tell you right now, Beast be with Las 979 00:51:10,700 --> 00:51:13,800 Vegas being one of the best areas and actually Paris, France 980 00:51:13,800 --> 00:51:16,000 was another fantastic area for people watching. 981 00:51:16,600 --> 00:51:20,000 I could I could satisfy that that that need you know for 982 00:51:20,000 --> 00:51:22,700 several days and be good. Sarah, what about yourself? 983 00:51:22,700 --> 00:51:24,600 What's your, what's your ideal Vegas? 984 00:51:24,700 --> 00:51:27,700 Stay duration? Yeah, I think for today is just 985 00:51:27,700 --> 00:51:31,300 perfect and then you got to get out of there and then you're 986 00:51:31,300 --> 00:51:34,600 throwing your last leftover coins, in the slot machine at 987 00:51:34,600 --> 00:51:37,100 the, at the airport and your way out, okay. 988 00:51:38,600 --> 00:51:40,700 All right, I think that's a good spot that we can leave it for 989 00:51:40,700 --> 00:51:42,500 this week. Sarah, thank you so much for 990 00:51:42,500 --> 00:51:43,900 joining us. I really enjoyed the 991 00:51:43,900 --> 00:51:45,800 conversation. Kind of talking about everything 992 00:51:45,800 --> 00:51:49,100 from from Neva WS Cognito perspective but also just 993 00:51:49,200 --> 00:51:53,700 congratulations on the ID Pro success and especially on the 994 00:51:54,000 --> 00:51:56,000 certification getting out there. CID Pro. 995 00:51:56,000 --> 00:51:59,200 So for folks who want to get more information about that 996 00:51:59,300 --> 00:52:04,700 certification you can visit ID Pro dot org slash CID pro has 997 00:52:04,700 --> 00:52:06,800 all the information there, it's open to the public. 998 00:52:06,800 --> 00:52:08,600 You don't have to be a member which is fantastic. 999 00:52:09,000 --> 00:52:11,900 Would encourage people to check it out and try to pick out the 1000 00:52:11,900 --> 00:52:14,300 one question that maybe My made it onto the test or not. 1001 00:52:14,300 --> 00:52:17,000 We'll see. So with that we'll go ahead and 1002 00:52:17,000 --> 00:52:19,000 leave it for this week. You can connect with Sarah on 1003 00:52:19,000 --> 00:52:20,900 LinkedIn as well. I'll have a link to her in our 1004 00:52:20,900 --> 00:52:23,300 show notes and linked to CID Pro. 1005 00:52:23,700 --> 00:52:27,000 Also to AWS kognito for folks who want to learn more about 1006 00:52:27,000 --> 00:52:30,000 that specifically. And with that, we're going to go 1007 00:52:30,000 --> 00:52:32,800 ahead and wrap it up for this week, preciate it and thanks for 1008 00:52:32,800 --> 00:52:34,200 listening. And we'll talk with you all in 1009 00:52:34,200 --> 00:52:40,700 the next one. Thanks for listening to the 1010 00:52:40,700 --> 00:52:43,500 identity at the center podcast. If you like what you heard, 1011 00:52:43,500 --> 00:52:46,800 don't forget to subscribe and visit us on the web and identity 1012 00:52:46,800 --> 00:52:47,600 at the center.com.