1 00:00:05,600 --> 00:00:11,320 This is identity at the center. Welcome to the Identity at the 2 00:00:11,320 --> 00:00:13,120 Center podcast. I'm Jeff, and that's Jim. 3 00:00:13,120 --> 00:00:15,280 Hey, Jim. Hey, Jeff, how are you? 4 00:00:15,680 --> 00:00:17,800 Oh, not so bad yourself. Good. 5 00:00:17,800 --> 00:00:18,720 I'm excited. Today. 6 00:00:18,720 --> 00:00:21,080 We've got one of my favorite guests from one of my favorite 7 00:00:21,080 --> 00:00:24,240 technology companies, so can't wait to get into it. 8 00:00:24,640 --> 00:00:27,040 Yeah, today we've got a sponsor spotlight episode. 9 00:00:27,040 --> 00:00:29,200 These are the ones that we create with our friends in the 10 00:00:29,200 --> 00:00:33,000 industry to help us get some more detail around kind of what 11 00:00:33,000 --> 00:00:35,160 they're working on. A little bit of a departure from 12 00:00:35,160 --> 00:00:38,040 our normal vendor neutral, which we do every week, but this is 13 00:00:38,040 --> 00:00:40,720 where we actually get to ask questions about product and and 14 00:00:40,720 --> 00:00:42,960 things like that. So I want to welcome back for 15 00:00:42,960 --> 00:00:45,560 the third time from Silver Fort Head Cavetts. 16 00:00:45,560 --> 00:00:48,080 He's the CEO and Co founder at Silver Fort. 17 00:00:48,080 --> 00:00:49,760 So welcome back to the show Head. 18 00:00:50,840 --> 00:00:51,920 Hey, Jeff. Hey, Jim. 19 00:00:52,200 --> 00:00:54,240 Good to be here. Yeah. 20 00:00:54,600 --> 00:00:56,560 The last time we chatted was at Gartner. 21 00:00:56,880 --> 00:01:00,280 And if you recall, Jim was in his like Vegas or maybe like 22 00:01:00,280 --> 00:01:04,519 Western dealer outfit when we were chatting there up in your 23 00:01:04,519 --> 00:01:06,120 suite. So yeah, what have you been? 24 00:01:06,440 --> 00:01:10,880 Today, you know, I had. I was expecting something, you 25 00:01:10,880 --> 00:01:13,520 know. Sorry, this is all I could do 26 00:01:13,520 --> 00:01:15,200 for the name was a golf shirt, yeah. 27 00:01:16,160 --> 00:01:20,160 You look very normal. Normal in quotation marks. 28 00:01:22,120 --> 00:01:24,520 So what have you been up to for the last few months ahead since 29 00:01:24,600 --> 00:01:29,000 we last chatted in December? Been very busy. 30 00:01:29,280 --> 00:01:33,400 I mean, first of all, the, the identity market in general is 31 00:01:33,720 --> 00:01:36,480 really moving super fast now and there's so much going on and, 32 00:01:36,480 --> 00:01:42,400 and in silver for typically those you know a lot of going 33 00:01:42,400 --> 00:01:45,000 very fast. You know, we, we now have more 34 00:01:45,000 --> 00:01:53,240 than more than 1000 customers. Marston for us, we we've been 35 00:01:53,240 --> 00:01:56,680 to, I mean we acquired a company called resume just told you 36 00:01:56,680 --> 00:01:58,600 about it. You know, last time it was right 37 00:01:58,600 --> 00:02:01,760 after, but you know, since then we've we've kind of integrated 38 00:02:01,760 --> 00:02:05,000 the teams and the platforms together and already started the 39 00:02:05,000 --> 00:02:09,240 offering it to our customers. So that has been strategic for 40 00:02:09,240 --> 00:02:11,800 us. We released new products. 41 00:02:11,800 --> 00:02:16,600 We we grew the team. We hired the new resident and 42 00:02:16,600 --> 00:02:21,560 chief revenue to be the goal to mark not going on in in a few 43 00:02:21,560 --> 00:02:25,920 months. I like it. 44 00:02:25,920 --> 00:02:29,680 I like the the speed. And had we just got back from 45 00:02:29,680 --> 00:02:34,440 the Denver's conference, a couple observations. 1 is that 46 00:02:34,440 --> 00:02:36,400 this community is stronger than ever. 47 00:02:36,920 --> 00:02:41,280 The second thing is like how much this identity security 48 00:02:41,280 --> 00:02:46,440 space is evolving. You've got such a focus on NHI. 49 00:02:46,440 --> 00:02:51,160 They had an NHI Pavilion, which Silver Port played a part of. 50 00:02:51,880 --> 00:02:56,000 You've got the shared signals framework really taking center 51 00:02:56,000 --> 00:02:58,920 stage. It's got AI agents as a major 52 00:02:58,920 --> 00:03:01,840 talking point. What do you see with all this 53 00:03:02,360 --> 00:03:04,400 starting to come together and evolving? 54 00:03:05,440 --> 00:03:10,360 It's really changing from single sign on privileged access 55 00:03:10,360 --> 00:03:12,760 management and identity governance, right, Taking on a 56 00:03:12,760 --> 00:03:18,280 much bigger picture. Yeah, I or in general the the 57 00:03:18,280 --> 00:03:22,200 identity market is evolving and I think that you know what we 58 00:03:22,200 --> 00:03:27,640 started to see last year, I think is, is only, is only 59 00:03:28,480 --> 00:03:33,920 progressing which is you know the kind of identity security 60 00:03:34,240 --> 00:03:38,680 category forming and becoming it's own thing as opposed to a 61 00:03:38,680 --> 00:03:40,880 lot of features and point solutions. 62 00:03:41,760 --> 00:03:46,280 So I think what we're starting to see is all these things, you 63 00:03:46,280 --> 00:03:50,240 know, like known human identity, security and identity threat 64 00:03:50,240 --> 00:03:54,440 detection response and identity security posture management and 65 00:03:54,440 --> 00:03:57,080 all these all these, you know, these buzzwords. 66 00:03:58,000 --> 00:04:00,640 The different start-ups have been doing are starting to 67 00:04:00,640 --> 00:04:04,680 converge and starting to to become, you know, something 68 00:04:04,680 --> 00:04:08,880 border and and work together and and really kind of, you know, 69 00:04:08,880 --> 00:04:10,680 collaborate and indicate between them. 70 00:04:11,200 --> 00:04:13,200 And I think that's what organizations need, you know, 71 00:04:13,200 --> 00:04:16,160 not a million different products, but something that 72 00:04:16,160 --> 00:04:21,480 really fits the the problem holistically definitely be 73 00:04:21,480 --> 00:04:22,720 happening. I mean, we we are obviously 74 00:04:22,720 --> 00:04:26,200 pushing in that direction and and really kind of going for a 75 00:04:26,200 --> 00:04:28,680 platform play, but we're not the only ones. 76 00:04:28,680 --> 00:04:31,240 You know, a lot of a lot of people are talking about that. 77 00:04:31,240 --> 00:04:35,720 And, and I think that all these, all these smaller categories 78 00:04:35,720 --> 00:04:38,040 like non human identity security as an example, are actually 79 00:04:38,040 --> 00:04:41,960 contributing to that because those are the things that kind 80 00:04:41,960 --> 00:04:46,200 of create the momentum for a a bigger platform to be created. 81 00:04:46,200 --> 00:04:48,920 That's exactly what happened in the early days of cloud security 82 00:04:48,920 --> 00:04:52,800 or endpoint security, all these smaller things that eventually 83 00:04:53,640 --> 00:04:55,400 created enough critical mass for that. 84 00:04:57,360 --> 00:05:01,080 I get the feeling that there is like this assumption that people 85 00:05:01,080 --> 00:05:04,320 at this point have solved for, you know, basic identity 86 00:05:04,320 --> 00:05:07,920 governance, basic privilege access management, single sign 87 00:05:07,920 --> 00:05:10,880 on MFA, right? They've kind of centralized and 88 00:05:10,960 --> 00:05:14,440 maybe gotten the basics in place, which I struggle with 89 00:05:14,440 --> 00:05:16,000 because I'm not always sure if that's the case. 90 00:05:16,000 --> 00:05:18,200 I see a lot of companies out there that still don't have an 91 00:05:18,200 --> 00:05:20,040 IGA. They still don't have really 92 00:05:20,040 --> 00:05:23,560 privileged access management. I guess is, is, is that a fair, 93 00:05:23,560 --> 00:05:25,920 and I don't want to call it a criticism, but you think it's a 94 00:05:25,920 --> 00:05:29,600 fair observation of, OK, we're assuming you've got these basic 95 00:05:29,600 --> 00:05:33,360 things in place and now we're starting to get into sort of the 96 00:05:33,360 --> 00:05:36,600 next Gen. of identity security. And that might be things like, 97 00:05:37,240 --> 00:05:42,760 you know, AI and NHI and share signals framework and Cape and 98 00:05:42,760 --> 00:05:45,800 like a whole bunch of other acronyms, right, that assume 99 00:05:45,800 --> 00:05:48,240 maybe you've got some of that stuff in place. 100 00:05:48,240 --> 00:05:52,080 Is that fair? I think that you are actually, 101 00:05:53,000 --> 00:05:55,480 you're actually very right about the fact that there are people 102 00:05:55,480 --> 00:05:59,920 don't have those base build out. And I think that what is 103 00:05:59,920 --> 00:06:05,080 happening now is not necessarily some kind of a next layer that 104 00:06:05,080 --> 00:06:07,120 assumes that you already have the layer before that. 105 00:06:07,120 --> 00:06:10,800 I think that in many ways what is happening now is companies 106 00:06:10,800 --> 00:06:13,280 are realizing that they they haven't meant made enough 107 00:06:13,280 --> 00:06:16,960 progress with the old approach. They haven't been able to solve 108 00:06:16,960 --> 00:06:19,920 the problem. And part of this new approach 109 00:06:19,920 --> 00:06:23,960 that we're seeing is also trying to go back to these things and, 110 00:06:23,960 --> 00:06:27,160 and address them in a new, maybe simpler way. 111 00:06:28,040 --> 00:06:31,200 Because I think what has been true for identity for many years 112 00:06:31,200 --> 00:06:34,920 is identity is, is very complex. Anything that you do in 113 00:06:34,920 --> 00:06:39,240 identity, any identity project is used and, and tons of 114 00:06:39,240 --> 00:06:42,640 resources. And some of the very large 115 00:06:42,640 --> 00:06:45,880 organizations have been able to do it with huge investments and, 116 00:06:45,880 --> 00:06:49,640 and, and headcounts, But many companies haven't they, they got 117 00:06:49,640 --> 00:06:51,800 stuck. And I think that what's 118 00:06:51,800 --> 00:06:54,920 happening now with all this innovation in the market is not 119 00:06:54,920 --> 00:06:59,320 only offering you the next things, but also revisiting some 120 00:06:59,320 --> 00:07:01,680 of these problems and saying, hey, maybe there's a better way 121 00:07:01,680 --> 00:07:04,040 to do it. Maybe there's a more automated, 122 00:07:04,040 --> 00:07:07,600 scalable, easy to implement way to, to address. 123 00:07:08,480 --> 00:07:11,720 So I think you're, you're completely correct about a lot 124 00:07:11,720 --> 00:07:13,720 of companies don't even have those basics figured out. 125 00:07:13,720 --> 00:07:15,800 So we, we can't afford to just move on. 126 00:07:15,800 --> 00:07:19,840 We we have to take care of them. OK, well, I'm glad to hear that 127 00:07:19,840 --> 00:07:22,200 you say the I'm going to hear you said I was right. 128 00:07:22,200 --> 00:07:24,000 So that's all I took away from that answer. 129 00:07:26,040 --> 00:07:29,160 So you guys have recently expanded and you know, from, I 130 00:07:29,160 --> 00:07:34,000 guess like the on Prem identity to including now non human or NH 131 00:07:34,120 --> 00:07:37,280 is which as Jim mentioned was sort of the buzz around the 132 00:07:37,280 --> 00:07:40,240 recent identifiers conference. Why do you think that is? 133 00:07:40,240 --> 00:07:42,880 I mean, it's not like NHS are new, at least from my 134 00:07:42,880 --> 00:07:44,640 perspective. We've had service accounts, 135 00:07:44,640 --> 00:07:47,080 another non human identities for a long time. 136 00:07:47,080 --> 00:07:50,880 And I'm just curious as he why do you think this is getting so 137 00:07:50,880 --> 00:07:54,400 hot right now? I think it has been a problem 138 00:07:54,400 --> 00:07:55,680 for a long time. I don't think it's a new 139 00:07:55,680 --> 00:07:56,880 problem. You're right. 140 00:07:58,000 --> 00:08:01,760 Service accounts specifically have been a problem for decade. 141 00:08:02,400 --> 00:08:06,080 Some of the newer types of energies are, are newer, 142 00:08:06,120 --> 00:08:08,440 obviously, you know, maybe the the ones who are in the cloud 143 00:08:08,440 --> 00:08:10,400 and SAS applications and things like that. 144 00:08:10,400 --> 00:08:15,080 So they are obviously newer, but the, the fact that everybody's 145 00:08:15,080 --> 00:08:18,840 talking about it right now is, you know, a combination of the 146 00:08:18,840 --> 00:08:21,600 fact that it is a big problem and it is a big list that people 147 00:08:21,600 --> 00:08:25,080 need to address and the fact that there are vendors of, you 148 00:08:25,080 --> 00:08:27,120 know, investing money and raising money around it. 149 00:08:27,120 --> 00:08:29,520 So that creates that feeds some of the hype. 150 00:08:30,280 --> 00:08:33,360 I think that's actually a good thing because I think that the, 151 00:08:34,080 --> 00:08:37,679 you know, the the startup ecosystem and, and, and you 152 00:08:37,679 --> 00:08:41,520 know, the innovation that it brings with it is actually a, a 153 00:08:41,520 --> 00:08:46,000 great way to to fuel this revolution that was seeing 154 00:08:46,000 --> 00:08:48,440 across the identity industry. It's not just non human 155 00:08:48,440 --> 00:08:50,320 identities. You know, last year it was all 156 00:08:50,320 --> 00:08:54,480 about ITDL, right? And I'm assuming next to it will 157 00:08:54,480 --> 00:08:58,760 be all about the security for Jen, TKI and all of these 158 00:08:58,760 --> 00:09:02,760 things, you know, separately, they look like trends that come 159 00:09:02,760 --> 00:09:07,920 and go, but all together they create this, this wave of, you 160 00:09:07,920 --> 00:09:11,240 know, priority and investment in identity security in in a new 161 00:09:11,240 --> 00:09:13,280 generation of identity security products. 162 00:09:13,960 --> 00:09:16,600 And if you look at the early days of other security segment, 163 00:09:16,840 --> 00:09:19,080 I mentioned cloud security. That's what happened, right? 164 00:09:19,440 --> 00:09:23,720 It started with people, you know, kind of building companies 165 00:09:23,720 --> 00:09:30,240 to do a container security or cloud security posture 166 00:09:30,240 --> 00:09:33,800 management or, or, or other specific things that eventually 167 00:09:33,800 --> 00:09:38,160 created enough pieces to, to combine into an overall cloud 168 00:09:38,160 --> 00:09:40,320 security platform. And I think that's what we're 169 00:09:40,320 --> 00:09:43,920 saying in identities is all these waves and you know, all 170 00:09:43,920 --> 00:09:49,800 these trends, they seem to kind of come and go have this kind of 171 00:09:49,800 --> 00:09:53,960 hype cycle, but, but all together they're creating the, 172 00:09:53,960 --> 00:09:57,480 the bigger wave of, of just overall awareness to identity 173 00:09:57,480 --> 00:10:01,480 security and, and, and your approach of addressing it, I 174 00:10:01,480 --> 00:10:04,400 think specifically that NHI is a big problem. 175 00:10:04,400 --> 00:10:06,880 It's not just a trend, it is a big problem. 176 00:10:08,040 --> 00:10:10,400 People spend so many years trying to protect the human 177 00:10:10,400 --> 00:10:13,520 users with multi factor authentication and, and beverage 178 00:10:13,520 --> 00:10:17,840 access management and, and, and they have neglected the the non 179 00:10:17,840 --> 00:10:20,120 human identities and those non human identities are now 180 00:10:20,120 --> 00:10:22,760 targeted in the majority of data breaches. 181 00:10:23,280 --> 00:10:27,120 So it is it is a very true, you know, risk and something that 182 00:10:27,120 --> 00:10:30,480 needs to be addressed. I think it will also go now 183 00:10:30,480 --> 00:10:35,040 with, with AI. So, you know, AI agents are also 184 00:10:35,040 --> 00:10:37,680 increasing that problem because they're taking a bigger and 185 00:10:37,680 --> 00:10:41,120 bigger hole in organizations and they probably probably will 186 00:10:41,160 --> 00:10:44,560 continue to to grow. So overall, this is a very 187 00:10:44,560 --> 00:10:46,520 growing problem that has no good solution. 188 00:10:46,720 --> 00:10:48,720 So I I get why this is a priority. 189 00:10:50,040 --> 00:10:52,440 So let's talk a little bit about that recent expansion you guys 190 00:10:52,440 --> 00:10:56,320 did into that whole NHI space. I'm going to put my very well 191 00:10:56,320 --> 00:10:59,880 worn on jaded, you know, see so hat there's so many products in 192 00:10:59,880 --> 00:11:02,440 this space. So what makes Silver Fort 193 00:11:02,440 --> 00:11:06,240 difference when it comes to how you guys are approaching, you 194 00:11:06,240 --> 00:11:09,240 know that that that type of identity security is in a 195 00:11:09,240 --> 00:11:12,600 specifically for these NHIS or maybe cloud identities? 196 00:11:14,040 --> 00:11:19,200 So first of all, we announced an expansion in that area, but, but 197 00:11:19,840 --> 00:11:23,080 we've been doing anonymous identity security for, for 198 00:11:23,240 --> 00:11:30,840 several years now from before it was cool and we just started 199 00:11:30,840 --> 00:11:34,040 from what was the priority. I think it still is the priority 200 00:11:34,040 --> 00:11:36,360 in many cases, but it was definitely the older problem, 201 00:11:36,360 --> 00:11:39,000 which is service accounts. So Active Directory service 202 00:11:39,000 --> 00:11:41,840 accounts, that's when we started, you know, maybe five 203 00:11:41,840 --> 00:11:47,160 years. And with AD service accounts, I 204 00:11:47,160 --> 00:11:50,080 think we've built by far the best solution in the market. 205 00:11:50,080 --> 00:11:52,800 I, I stayed very comfortably because I think that, you know, 206 00:11:52,800 --> 00:11:56,240 we've really done some massive innovation though that no one 207 00:11:56,240 --> 00:12:00,160 else has been able to do so far. So not only we are able to 208 00:12:00,160 --> 00:12:02,880 discover all these service accounts, even the ones that are 209 00:12:02,880 --> 00:12:05,520 not documented, the ones you don't even know about, because 210 00:12:05,520 --> 00:12:08,640 we, we look at the behavior, you know, we can, we can see that 211 00:12:08,640 --> 00:12:10,920 it's behaving like a machine, not like a human. 212 00:12:11,200 --> 00:12:14,840 So we find even even unofficial ones, you know, ones that, you 213 00:12:14,840 --> 00:12:19,360 know, maybe, maybe some person is using the personal accounts 214 00:12:19,520 --> 00:12:21,360 to run some application or script. 215 00:12:21,360 --> 00:12:25,600 We'll, we'll even find that. So not only the documented 1 216 00:12:26,560 --> 00:12:28,320 then we also show you what they're doing. 217 00:12:28,440 --> 00:12:31,520 So we show you that this service account is being used from these 218 00:12:31,520 --> 00:12:34,120 sources to these destinations with these protocols. 219 00:12:34,120 --> 00:12:37,480 We give you the full mapping of the, you know, the dependencies 220 00:12:37,480 --> 00:12:40,920 where is it actually being used. That has been a huge problem for 221 00:12:40,920 --> 00:12:42,360 years. People couldn't protect these 222 00:12:42,360 --> 00:12:45,120 accounts because they were worried if they make any small 223 00:12:45,120 --> 00:12:46,840 change to them, something will break. 224 00:12:47,280 --> 00:12:49,800 You know who knows which other applications have been using 225 00:12:49,800 --> 00:12:52,080 this account. And if I, if I even change the 226 00:12:52,080 --> 00:12:53,880 password once, something will break. 227 00:12:54,520 --> 00:12:56,480 We, we map all these dependencies. 228 00:12:56,480 --> 00:12:58,160 You, you have full visibility to them. 229 00:12:58,880 --> 00:13:02,160 And then the most powerful piece is we have a way to actually 230 00:13:02,600 --> 00:13:06,200 enforce a policy. We can protect them in line. 231 00:13:07,080 --> 00:13:09,680 And that is probably the biggest differentiator of silver fault 232 00:13:09,680 --> 00:13:12,120 in general. And specifically for for non 233 00:13:12,120 --> 00:13:16,400 even identities, not only we show you what they're doing and 234 00:13:16,400 --> 00:13:21,600 offer some offline kind of, you know, risk mitigations you can 235 00:13:21,600 --> 00:13:26,600 do, but also we can control what they do in line. 236 00:13:26,600 --> 00:13:31,080 So if we see a service account being used outside of where it's 237 00:13:31,080 --> 00:13:32,880 normally usable, it needs to be used. 238 00:13:36,280 --> 00:13:41,840 We can, you know, kind of block anything else, you know, or, or, 239 00:13:42,440 --> 00:13:44,000 or tell you if anything else is happening. 240 00:13:44,000 --> 00:13:46,960 So if we see that this account is used to connect from A to B 241 00:13:46,960 --> 00:13:50,920 every day, any attempt to use it anywhere else or to anywhere 242 00:13:50,920 --> 00:13:54,640 else, we can alert on or we can even block in real time. 243 00:13:54,640 --> 00:13:57,400 So make it impossible to abuse this account. 244 00:13:58,120 --> 00:14:00,680 This really reduces the risk of those accounts because it means 245 00:14:00,680 --> 00:14:03,840 that even if you steal the password, you can only go from A 246 00:14:03,840 --> 00:14:05,440 to B. You can't cause damage. 247 00:14:08,680 --> 00:14:13,760 And then that is what we've done for a few years very 248 00:14:13,760 --> 00:14:15,680 successfully. Hundreds of enterprises are 249 00:14:15,680 --> 00:14:17,600 using it, some of the biggest companies in the world. 250 00:14:17,600 --> 00:14:19,720 I think we we'll probably have, I think we have the most 251 00:14:19,720 --> 00:14:24,320 advanced ported for that. What is the the newer edition is 252 00:14:24,320 --> 00:14:28,520 that we expanded that to all the cloud environments and that is 253 00:14:28,720 --> 00:14:33,040 thanks to acquisition of resume. So resume it had those 254 00:14:33,400 --> 00:14:37,040 connectors and and and analytics around all the different cloud 255 00:14:37,040 --> 00:14:41,480 environment and we've now fully added that into our platform. 256 00:14:41,480 --> 00:14:44,160 We really merged the product because a few months I think we 257 00:14:44,160 --> 00:14:48,880 did it relatively fast. So we, we completely really 258 00:14:48,880 --> 00:14:53,280 combined the pot. Now we can protect non human 259 00:14:53,280 --> 00:14:58,520 identities anywhere, not only in AD but also in all the major 260 00:14:58,520 --> 00:15:03,720 cloud identity providers like Okta and Intra and all the the 261 00:15:03,720 --> 00:15:08,240 cloud infrastructure, the providers like, you know, AW and 262 00:15:08,240 --> 00:15:12,160 Azure and GCP and also all the major SAS applications. 263 00:15:12,160 --> 00:15:15,640 So even if you have SAS applications that you use, you 264 00:15:15,640 --> 00:15:18,800 know, with local identities, we'll even we'll even see and 265 00:15:18,800 --> 00:15:21,640 protect that. So now it's a really end to end 266 00:15:21,640 --> 00:15:23,280 offering. And I think it it's probably the 267 00:15:23,280 --> 00:15:27,240 boldest offering in this market. And and also, as opposed to some 268 00:15:27,240 --> 00:15:29,320 of the younger start-ups, we have a much bigger customer 269 00:15:29,320 --> 00:15:31,560 base. We have, you know, many large 270 00:15:31,560 --> 00:15:37,440 organizations using it at scale. So I think, you know, overall 271 00:15:37,440 --> 00:15:40,600 with the the taction and maturity that we have and with 272 00:15:40,600 --> 00:15:43,960 the fact that we have this, this in line active enforcement, 273 00:15:43,960 --> 00:15:46,640 modulating that we have a lot of advantages in this space. 274 00:15:48,080 --> 00:15:53,440 And and then I think the the next thing that you know, was 275 00:15:53,440 --> 00:15:56,440 going to to be important and we are all over it is, is how do 276 00:15:56,440 --> 00:16:01,720 you protect the identities of AI agents, which are non human 277 00:16:01,720 --> 00:16:03,360 identities? But I think it's a new type. 278 00:16:03,360 --> 00:16:07,760 It's a completely new type of energize, not like the the 279 00:16:08,080 --> 00:16:12,160 regular energize. Yeah, I know we're going to talk 280 00:16:12,160 --> 00:16:14,760 about AI because we just, we can't go for an episode of the 281 00:16:14,760 --> 00:16:17,320 Identity Center podcast without getting into AI at this point. 282 00:16:17,640 --> 00:16:21,040 I want to ask you real quick though, about the the ITDR space 283 00:16:21,040 --> 00:16:23,600 itself. When we first met, that was kind 284 00:16:23,600 --> 00:16:26,840 of like, oh, OK, this is the area you're playing in. 285 00:16:27,240 --> 00:16:32,160 How is ITDR fitting into this? Because you know, Jim and I just 286 00:16:32,160 --> 00:16:33,960 got back to my identifiers conference and there really 287 00:16:33,960 --> 00:16:37,840 wasn't a lot of mention of ITDR specifically. 288 00:16:38,160 --> 00:16:41,880 And I'm curious to see if, if, if that term has evolved or are 289 00:16:41,880 --> 00:16:46,200 we moving now into it? Is it just identity security? 290 00:16:46,280 --> 00:16:48,640 Like where do you see ITDR fitting into this? 291 00:16:50,280 --> 00:16:53,080 It's a great question. I think that what is happening 292 00:16:53,080 --> 00:16:55,960 to ITDR and what I think will also happen to these other 293 00:16:56,080 --> 00:17:00,080 subcategories of identity security, including an agile is 294 00:17:00,120 --> 00:17:04,079 they're emerging and they're getting some maturity and then 295 00:17:04,079 --> 00:17:08,520 they're being at some point kind of consolidated or, or merged 296 00:17:08,520 --> 00:17:11,680 into bigger identity security offerings. 297 00:17:12,319 --> 00:17:15,599 So, you know, IPDR, there were a lot of startups doing it and, 298 00:17:15,599 --> 00:17:18,880 and you know, a lot of enterprises started, you know, 299 00:17:18,880 --> 00:17:23,480 even looking for that and then a lot of these stars got acquired, 300 00:17:24,280 --> 00:17:27,000 right. And the and and what kind of 301 00:17:27,000 --> 00:17:30,440 merged into bigger identity offerings or identity security 302 00:17:30,440 --> 00:17:34,880 offerings until the point where it's almost a feature now in, in 303 00:17:34,880 --> 00:17:37,960 border platforms. By the way, two types of 304 00:17:37,960 --> 00:17:40,160 platforms that where you see it kind of melt now. 305 00:17:40,160 --> 00:17:44,120 One is into border identity security platforms like ours. 306 00:17:44,840 --> 00:17:50,360 And 2nd is into XDR solutions that, that are not really 307 00:17:50,360 --> 00:17:53,800 identity specific, but they do detection response in general, 308 00:17:54,280 --> 00:17:55,600 right. So a lot of the the companies 309 00:17:55,600 --> 00:17:57,720 that will just focus on detection response. 310 00:17:58,120 --> 00:18:02,080 Now ITDL is one pillar of that. So you know, if you really think 311 00:18:02,080 --> 00:18:05,040 about it as either a feature of a bigger identity security 312 00:18:05,040 --> 00:18:09,960 platform or as a feature of a bigger XDR platform, but it's no 313 00:18:09,960 --> 00:18:14,040 longer a stand alone thing. And that makes a lot of sense. 314 00:18:14,040 --> 00:18:17,120 You know, who wants so many different products? 315 00:18:17,120 --> 00:18:20,280 I think the same will eventually happen to NHI Security. 316 00:18:20,480 --> 00:18:23,560 I don't think that in two years from now people will buy NHI 317 00:18:23,720 --> 00:18:26,480 Security from from companies that only do that. 318 00:18:27,880 --> 00:18:31,800 And so I think that the, it makes a lot of sense that these 319 00:18:31,800 --> 00:18:36,880 things are, are kind of created and, and developed and, and you 320 00:18:36,880 --> 00:18:40,880 know, kind of, you know, getting innovation from the startup 321 00:18:40,880 --> 00:18:43,320 ecosystem. But then once they, once they 322 00:18:43,320 --> 00:18:47,400 really kind of figured it out, they, they become part of bigger 323 00:18:47,400 --> 00:18:53,240 platforms, very similar to what happened to UEBA in the past. 324 00:18:53,240 --> 00:18:56,760 If you remember, there used to be a lot of products doing user 325 00:18:56,760 --> 00:19:00,040 behavioral analytics, and today it's just a feature of every 326 00:19:00,040 --> 00:19:04,840 Security Council. Yeah, good point on UEBAI 327 00:19:04,840 --> 00:19:07,560 actually wanted to bring you back to that service account 328 00:19:07,560 --> 00:19:10,120 discussion. This ITDR thing is so 329 00:19:10,120 --> 00:19:15,400 fascinating, but I think the service account is everyone can 330 00:19:15,400 --> 00:19:18,320 relate to it. You guys put out a new report, 331 00:19:18,320 --> 00:19:22,120 let me get the name right. Insecurity in the shadows, new 332 00:19:22,120 --> 00:19:25,040 data on hidden risks of non human identities. 333 00:19:25,720 --> 00:19:28,040 There are a couple statistics in there, but one that really 334 00:19:28,040 --> 00:19:33,400 jumped out at me was that 80% of organizations can't stop the 335 00:19:33,400 --> 00:19:37,720 misuse of service accounts in real time. 336 00:19:37,720 --> 00:19:43,440 I think 20% are out to lunch, don't even maybe don't even know 337 00:19:43,440 --> 00:19:48,040 that there are service accounts. This is a really hard thing to 338 00:19:48,040 --> 00:19:49,560 do. I mean, you mentioned it where 339 00:19:49,560 --> 00:19:53,040 you have these service accounts and for some organizations, 340 00:19:53,040 --> 00:19:56,760 they're the kind of the outlier accounts that were created in 341 00:19:56,760 --> 00:20:02,240 2006 and nobody who was around there and works here anymore 342 00:20:02,240 --> 00:20:04,920 kind of thing where you have these really oddball service 343 00:20:04,920 --> 00:20:09,160 accounts. But even when you have good 344 00:20:09,160 --> 00:20:12,320 control of your service accounts, to know that they're 345 00:20:12,320 --> 00:20:16,360 being misused 1 requires that you would need to understand 346 00:20:16,640 --> 00:20:20,880 what the proper use is. Then you need a mechanism to 347 00:20:20,880 --> 00:20:26,760 stop that account from taking action if it's being misused. 348 00:20:27,000 --> 00:20:32,080 So you kind of spoke to that, like what is the mechanism to 349 00:20:32,080 --> 00:20:34,560 make all that work from a Silver Point? 350 00:20:34,760 --> 00:20:39,280 Perspective, first of all, you're right, I think those 351 00:20:39,280 --> 00:20:42,360 those 80% is probably really 100%. 352 00:20:42,360 --> 00:20:44,880 Maybe there are the others of our customers, but other than 353 00:20:44,880 --> 00:20:48,920 that, I really think it's a, it's a problem that I don't, I 354 00:20:48,920 --> 00:20:50,920 don't see people solving it on their own. 355 00:20:51,640 --> 00:20:59,880 And, and we have built, I think a very innovative technology for 356 00:20:59,880 --> 00:21:02,680 addressing this. And also not only we have 357 00:21:02,680 --> 00:21:05,240 technology, but we really talked about the full journey of doing 358 00:21:05,240 --> 00:21:06,760 it. So, so I'll start just from the 359 00:21:06,760 --> 00:21:09,440 technology that I'll explain what we had to figure out in the 360 00:21:09,440 --> 00:21:12,280 journey to help customers really leverage this effectively. 361 00:21:13,040 --> 00:21:16,440 The technology piece is, you know, we figured out that it's 362 00:21:16,440 --> 00:21:19,200 not enough to just give you visibility to these accounts. 363 00:21:19,440 --> 00:21:21,800 I mean that that's a good starting point and that's what a 364 00:21:21,800 --> 00:21:23,040 lot of the vendors are doing now. 365 00:21:23,040 --> 00:21:26,680 But I don't think that solves the problem on it's reading 366 00:21:26,680 --> 00:21:30,160 information from the directories is this is just a starting 367 00:21:30,160 --> 00:21:32,760 point. We had to figure out how do you 368 00:21:32,760 --> 00:21:37,760 then enforce controls? How do you basically intervene 369 00:21:37,960 --> 00:21:42,320 in what these accounts can do? And that really requires an 370 00:21:42,320 --> 00:21:46,000 inline technology. So at the heart of the 371 00:21:46,000 --> 00:21:49,760 Silverwood platform, those are technology that we call RAP, 372 00:21:50,280 --> 00:21:55,080 runtime access protection that plugs into the directory, OK, 373 00:21:55,080 --> 00:21:58,680 for example, Active Directory, but also others in a way that 374 00:21:58,680 --> 00:22:02,440 doesn't just give us visibility, it gives us the ability to 375 00:22:02,560 --> 00:22:08,200 intervene in line in the actual decisions of the directory. 376 00:22:08,200 --> 00:22:11,680 So for example, if you're trying to access some system, could be 377 00:22:11,680 --> 00:22:15,640 a modern system, could be a legacy system, and we see that 378 00:22:15,640 --> 00:22:17,920 request coming in to the directory. 379 00:22:18,680 --> 00:22:23,800 We are able to then not only see it and and and log it and 380 00:22:23,800 --> 00:22:27,680 analyse it, but we are also able to potentially block it or to 381 00:22:27,680 --> 00:22:30,880 potentially hold it and do something about it, like verify 382 00:22:30,880 --> 00:22:32,360 it somehow and only then allow it. 383 00:22:32,360 --> 00:22:36,160 So we can, we can really become a decision point in the middle 384 00:22:37,160 --> 00:22:39,920 and we found a very elegant way to do it without causing, you 385 00:22:39,920 --> 00:22:42,560 know, any issues to the network or to the performance that, that 386 00:22:42,560 --> 00:22:47,040 that appeals a lot of the sticker sauce of Silverfold and 387 00:22:47,200 --> 00:22:51,440 what gives us advantage in many areas, but also applies to to 388 00:22:51,440 --> 00:22:55,480 service accounts. Because with this, we can not 389 00:22:55,480 --> 00:22:58,880 just give you visibility, but we can actually prevent any abuse 390 00:22:58,880 --> 00:23:02,120 of these accounts. So now moving to the, the 391 00:23:02,120 --> 00:23:05,560 journey of how COC was actually adopted, they talked about 392 00:23:05,560 --> 00:23:07,720 discovery, right? That that's something we do 393 00:23:07,720 --> 00:23:09,880 automatically. So we, we find those accounts 394 00:23:09,880 --> 00:23:13,320 based on group memberships and naming conventions and, and most 395 00:23:13,320 --> 00:23:17,960 interestingly, what they do, then we map where they're being 396 00:23:17,960 --> 00:23:19,760 used. That's another thing we do 397 00:23:19,760 --> 00:23:22,720 automatically. But then it gets to the 398 00:23:22,720 --> 00:23:26,840 enforcement base and to do the enforcement at scale. 399 00:23:26,840 --> 00:23:29,960 I think about it, some of these companies have a million service 400 00:23:29,960 --> 00:23:33,400 accounts, OK, that, that, that actually exists, right? 401 00:23:33,400 --> 00:23:35,200 Like huge amount. Right. 402 00:23:35,200 --> 00:23:39,120 You're not exaggerating there. Some, some companies have a 403 00:23:39,120 --> 00:23:45,200 millions of how do you even start protecting them? 404 00:23:45,920 --> 00:23:47,760 So it has to be something automated. 405 00:23:47,760 --> 00:23:50,920 It has to be something that is really built into the to the 406 00:23:50,920 --> 00:23:54,120 processes of the organization of the IT that that don't require 407 00:23:54,120 --> 00:23:59,000 manual work. So we figured that if we learn 408 00:23:59,000 --> 00:24:02,080 what each of these service accounts are doing at scale, 409 00:24:02,080 --> 00:24:05,160 like even even for a million service accounts, and we 410 00:24:05,160 --> 00:24:07,800 automatically figure out how predictable is it? 411 00:24:08,160 --> 00:24:13,280 Can we see after a month, after two months that it really has 412 00:24:13,280 --> 00:24:15,520 some baseline? You know it, it goes from these 413 00:24:15,520 --> 00:24:18,040 two system to these five systems every day. 414 00:24:18,040 --> 00:24:20,640 This is what it's doing. And most of these accounts, this 415 00:24:20,640 --> 00:24:25,960 is kind of how they behave. We can build a mapping for each 416 00:24:25,960 --> 00:24:29,640 one of these millions accounts. We can automatically build this, 417 00:24:29,640 --> 00:24:34,680 this map, this, this baseline and also understand how, how 418 00:24:34,680 --> 00:24:39,520 sure are we, you know, is it very predictable and repetitive. 419 00:24:40,320 --> 00:24:43,560 And then we can automatically start moving them into 420 00:24:43,560 --> 00:24:46,360 enforcement, into protection where we only allow that. 421 00:24:47,200 --> 00:24:51,840 So if an account is very predictable, very kind of, you 422 00:24:51,840 --> 00:24:54,800 know, doing the same thing every day, we'll move it very quickly 423 00:24:54,800 --> 00:24:56,560 to enforcement. And we, we know that it's not 424 00:24:56,560 --> 00:24:59,760 going to, to do anything wrong. If it's not, then it will take a 425 00:24:59,760 --> 00:25:01,840 little longer, but all of it can happen automatically. 426 00:25:02,440 --> 00:25:06,680 And we build integration to the existing IT systems that 427 00:25:06,760 --> 00:25:10,360 organizations are using like service now so that we can build 428 00:25:10,360 --> 00:25:13,920 it into the regular processes. So if they're working with 429 00:25:13,920 --> 00:25:18,960 something like service now, we can automatically plug into that 430 00:25:18,960 --> 00:25:24,160 and, and populate our policies based on, you know, the CMDB or 431 00:25:24,160 --> 00:25:25,880 based on, you know, tickets of people opening. 432 00:25:25,880 --> 00:25:30,160 We can, we can, you know, avoid you having to build any policy 433 00:25:30,160 --> 00:25:33,440 manually. Well, that took a long time. 434 00:25:33,440 --> 00:25:36,400 You know, the, the just building of the capability that that was 435 00:25:36,400 --> 00:25:39,280 one piece, but getting it really to the point where it fits the 436 00:25:39,280 --> 00:25:43,160 way enterprises walk at scale. That that took a long time and 437 00:25:43,160 --> 00:25:44,880 lot of work. And I think that that gives us a 438 00:25:44,880 --> 00:25:47,360 big advantage because we can really do that at this huge 439 00:25:47,360 --> 00:25:51,280 scale because we understand what people need in order to to be 440 00:25:51,280 --> 00:25:53,480 able to, to do that at this large scale. 441 00:25:54,400 --> 00:25:56,360 Absolutely. Your point is really well taken 442 00:25:56,360 --> 00:26:01,520 when it comes to the scale I I talked to a lot of clients who 443 00:26:01,520 --> 00:26:07,640 are getting into their IM roombab and they need to take 444 00:26:07,640 --> 00:26:11,040 some time in the beginning to clean up their Active Directory. 445 00:26:11,040 --> 00:26:15,440 Active Directory is usually the core platform from a security 446 00:26:15,440 --> 00:26:18,000 standpoint that runs most organizations. 447 00:26:18,400 --> 00:26:22,680 Their emails tied to it, the ability to log on to the network 448 00:26:22,680 --> 00:26:25,600 and communicate with your coworkers. 449 00:26:26,120 --> 00:26:32,080 Just so many functions require are reliant on Active Directory. 450 00:26:32,080 --> 00:26:36,360 So they have to do this cleanup project, which usually includes, 451 00:26:37,480 --> 00:26:39,640 you know, group cleanup, group identification. 452 00:26:39,640 --> 00:26:43,440 What are those groups doing and service account cleanup. 453 00:26:44,920 --> 00:26:47,560 First off, I asked you to build a tool for the group cleanup. 454 00:26:48,320 --> 00:26:52,840 Second off, when it comes to the Active Directory cleanup, you 455 00:26:53,000 --> 00:26:56,600 are, I'm sorry, the service account cleanup, you mentioned 456 00:26:56,880 --> 00:26:59,160 this mapping that needs to take place. 457 00:26:59,280 --> 00:27:03,200 I mean, that's a big part of that exercise that when you're 458 00:27:03,200 --> 00:27:07,280 doing it with spreadsheets and emails to, you know, try to 459 00:27:07,280 --> 00:27:10,040 track down the person who knows what that account does. 460 00:27:10,880 --> 00:27:14,160 It's First off is it's just not the right approach. 461 00:27:14,960 --> 00:27:18,320 Second off, it takes forever, especially when you have 462 00:27:18,840 --> 00:27:21,960 hundreds of thousands or a million service accounts. 463 00:27:22,280 --> 00:27:27,000 So how long does that kind of that mapping exercise take with 464 00:27:27,000 --> 00:27:31,880 Silver for Soul? Finding most of the service 465 00:27:31,880 --> 00:27:35,680 accounts and what they're doing, within two weeks, you get almost 466 00:27:35,680 --> 00:27:38,080 the full picture. And so within two weeks, it's 467 00:27:38,080 --> 00:27:41,440 enough for us to figure out, you know, it's enough time to 468 00:27:41,440 --> 00:27:44,200 understand if if an account is behaving like a human or not, 469 00:27:44,280 --> 00:27:46,240 usually unless the person is on vacation, right? 470 00:27:46,600 --> 00:27:50,560 But for most cases, it's also enough time to understand, you 471 00:27:50,560 --> 00:27:53,400 know, for these accounts that are more active, what are they 472 00:27:53,400 --> 00:27:56,760 doing now? That's maybe 95% of your 473 00:27:56,760 --> 00:27:58,880 account. Then there's a long tail of 474 00:27:58,880 --> 00:28:02,160 accounts that only run a scheduled test once every month. 475 00:28:02,160 --> 00:28:05,320 And, and you know, it will take that long to to notice them and 476 00:28:05,320 --> 00:28:08,480 find what they're doing. But that's like, you know, that 477 00:28:08,720 --> 00:28:12,160 last 5%, you know that that can take a little while and that's 478 00:28:12,160 --> 00:28:13,480 OK. You know, as long as you can 479 00:28:13,480 --> 00:28:15,840 start somewhere and you can mitigate the majority of your 480 00:28:15,840 --> 00:28:18,640 ways, that's OK. That that will take a little 481 00:28:18,640 --> 00:28:23,360 extra time. That is a faster than more 482 00:28:23,360 --> 00:28:26,440 complete approach. Then you know what you're 483 00:28:26,440 --> 00:28:28,880 describing, which is how organizations try to do it until 484 00:28:28,880 --> 00:28:31,120 now, trying to manually figure out what these accounts are 485 00:28:31,120 --> 00:28:34,000 doing. That's not a scalable approach. 486 00:28:34,000 --> 00:28:35,520 Any company was tried to do that. 487 00:28:35,520 --> 00:28:38,880 Maybe they were able to do that for 100 service accounts. 488 00:28:38,880 --> 00:28:40,640 I'd like like ridiculous numbers. 489 00:28:40,640 --> 00:28:43,840 I'd like companies tell us. So we we managed to do this for 490 00:28:43,840 --> 00:28:46,080 like 50 service because you know, we know exactly what 491 00:28:46,080 --> 00:28:48,640 they're doing and but they have like 20,000 right. 492 00:28:48,640 --> 00:28:54,600 So it's it's almost as symbolic and also with the manual report, 493 00:28:54,600 --> 00:28:57,240 you'll never know if you really have the full picture. 494 00:28:57,760 --> 00:28:59,880 So you know, you went through this, you talk to the 495 00:28:59,880 --> 00:29:03,080 application owner, they think that it's being used by these 5 496 00:29:03,080 --> 00:29:05,320 servers. They don't really know. 497 00:29:05,560 --> 00:29:08,800 I mean, they, they think that this is better being used. 498 00:29:08,800 --> 00:29:12,040 I mean, who knows if, if, if this was also, this account is 499 00:29:12,040 --> 00:29:15,520 also reused for another system. Nobody knows for sure. 500 00:29:16,280 --> 00:29:20,160 So at the end of the day, what happens is people end up with 501 00:29:20,160 --> 00:29:23,960 these Excelsius a year to build and they're still not fully sure 502 00:29:23,960 --> 00:29:26,000 that this is the the the full story. 503 00:29:26,320 --> 00:29:29,240 So they don't want to act on it. They don't want to actually make 504 00:29:29,240 --> 00:29:31,880 changes to the system because they're not fully certain that 505 00:29:31,880 --> 00:29:33,080 it's all going to break something. 506 00:29:34,040 --> 00:29:37,200 And if they try and it did break something, then the project is 507 00:29:37,200 --> 00:29:40,200 completely derailed because now nobody's going to allow them to 508 00:29:40,200 --> 00:29:42,120 do anything. And this happens all the time. 509 00:29:43,040 --> 00:29:46,160 So with simple, not only we shorten it and simplifies it, 510 00:29:46,160 --> 00:29:49,520 but also we give you the, the, the comfort that this is 511 00:29:49,560 --> 00:29:51,040 everything this account is doing. 512 00:29:51,120 --> 00:29:53,880 This is the full picture. It's impossible that this 513 00:29:53,880 --> 00:29:57,640 account is doing anything that we don't see because we see all 514 00:29:57,640 --> 00:29:59,840 the authentications that kind of the heart of our college. 515 00:30:01,000 --> 00:30:03,760 So you know that if you're going to now make a change to this 516 00:30:03,760 --> 00:30:06,960 system, these are the only three places where you need to do it 517 00:30:06,960 --> 00:30:09,440 and you know exactly what will be affected. 518 00:30:09,960 --> 00:30:13,080 And you don't even necessarily have to do that because we can 519 00:30:13,080 --> 00:30:16,120 also reduce the list for you, you know, using our virtual 520 00:30:16,120 --> 00:30:19,120 fencing, you know, by by just, you know, preventing this 521 00:30:19,120 --> 00:30:23,680 account from being used anywhere else, that that alone is a huge 522 00:30:23,680 --> 00:30:26,800 reduction of risk because it means that nobody can use this 523 00:30:26,800 --> 00:30:29,720 account for lateral movement now or to spread them somewhere. 524 00:30:30,160 --> 00:30:35,720 It can only log in from A to B. So it's just a very easy, very 525 00:30:35,720 --> 00:30:38,400 streamlined way to reduce that that that list. 526 00:30:38,400 --> 00:30:41,560 And again, this is Active Directory where I think the pain 527 00:30:41,560 --> 00:30:43,480 is, by the way, the the, the biggest. 528 00:30:44,000 --> 00:30:46,880 But now we can protect also all the cloud environment. 529 00:30:46,960 --> 00:30:49,440 It's really, it's really that end to end approach where you 530 00:30:49,480 --> 00:30:52,160 you don't need to solve these problems individually, but you 531 00:30:52,160 --> 00:30:54,840 get one platform where you can do that. 532 00:30:55,840 --> 00:30:59,360 And the other advantages non human identities is only one 533 00:30:59,360 --> 00:31:03,720 element of your identity risk. You know, attackers don't only 534 00:31:03,720 --> 00:31:06,240 target human identities, they they also target human 535 00:31:06,240 --> 00:31:07,960 identities. And they might start from an any 536 00:31:07,960 --> 00:31:10,840 giant then expand to an human account. 537 00:31:12,400 --> 00:31:16,600 So any approach that only looks at one piece of this puzzle is 538 00:31:16,600 --> 00:31:19,760 missing some context. If you only look at non human 539 00:31:19,760 --> 00:31:23,160 identities, or if you only look at privileged users, or if you 540 00:31:23,160 --> 00:31:27,440 only look at the cloud or only look at AD, any one of these 541 00:31:27,440 --> 00:31:31,720 these siloed poachers is missed in context and is not going to 542 00:31:31,720 --> 00:31:34,320 really be able to give you the full story because attackers 543 00:31:34,320 --> 00:31:37,400 don't look at it like this. Attackers look at all of this is 544 00:31:37,400 --> 00:31:41,120 1 big attack surface. Yeah, Attackers don't care 545 00:31:41,120 --> 00:31:43,200 whether you're here or not. Human, they're going to exploit 546 00:31:43,560 --> 00:31:47,560 whatever they can. That fear of breaking things is 547 00:31:47,560 --> 00:31:50,560 so important to understand because that is like the number 548 00:31:50,560 --> 00:31:54,080 one reason I've found that people don't do anything to, to 549 00:31:54,120 --> 00:31:57,480 solve some of their, you know, servers count issues or, you 550 00:31:57,480 --> 00:32:00,080 know, CICD pipeline or or whatever it may be. 551 00:32:00,560 --> 00:32:05,160 How do you establish that trust to say, OK, we think we think 552 00:32:05,160 --> 00:32:08,080 we've got a pretty good handle on what the mapping looks like 553 00:32:08,080 --> 00:32:12,240 between if I shut down this account, whether it's AD or 554 00:32:12,240 --> 00:32:15,320 cloud account or whatever it may be that I feel confident to 555 00:32:15,320 --> 00:32:18,760 understand what the, you know, the, the, the ripple effect 556 00:32:18,760 --> 00:32:21,280 might look like for some of the other downstream things. 557 00:32:21,280 --> 00:32:22,960 How do you how do you establish that trust? 558 00:32:22,960 --> 00:32:26,160 Because let's be honest, system admins and you know, other folks 559 00:32:26,160 --> 00:32:28,600 are like, don't touch it. It's, it's working. 560 00:32:29,880 --> 00:32:31,280 And how do you get past that fear? 561 00:32:32,160 --> 00:32:35,880 That's a great question. We, we, we didn't fully 562 00:32:35,880 --> 00:32:38,360 understand how big that fear is initially. 563 00:32:38,360 --> 00:32:41,440 And it took us time to learn how to, to offer things that will 564 00:32:41,440 --> 00:32:43,960 make people comfortable. And one of those things that was 565 00:32:43,960 --> 00:32:47,840 very effective is to move these accounts before we move them 566 00:32:47,840 --> 00:32:50,200 into full enforcement and prevention mode, we move them 567 00:32:50,200 --> 00:32:52,760 into some kind of alerting or simulation mode. 568 00:32:53,480 --> 00:32:56,600 So at that point, we basically say, hey, we are confident that 569 00:32:56,600 --> 00:32:59,000 this account is only doing what we learned. 570 00:33:00,040 --> 00:33:03,240 But because you know, we want to give you comfort, we're first 571 00:33:03,240 --> 00:33:06,120 going to move it to a phase where it's not actually going to 572 00:33:06,120 --> 00:33:10,440 block anything, but it's going to alert you, you know, if, if, 573 00:33:10,520 --> 00:33:13,160 if there's any deviation that supplies that, you know, if 574 00:33:13,840 --> 00:33:16,360 let's say that we think that this account is only used to 575 00:33:16,360 --> 00:33:19,680 connect from these five systems to these 10 systems. 576 00:33:20,160 --> 00:33:21,640 And we learned this over two months. 577 00:33:21,640 --> 00:33:24,320 And we're very confident because it's very, very repetitive. 578 00:33:25,440 --> 00:33:29,200 And we're going to give it another month where it's we're 579 00:33:29,200 --> 00:33:33,280 not preventing anything yet, But but we're going to alert you if 580 00:33:33,280 --> 00:33:37,320 there was any other use of this account that was outside of 581 00:33:37,320 --> 00:33:39,320 this. And this gives you comfort 582 00:33:39,320 --> 00:33:43,080 because at that period of time, you're going to see that there's 583 00:33:43,080 --> 00:33:45,640 no false positive, there's no alerts, there's nothing that 584 00:33:45,640 --> 00:33:48,240 actually happened that would have been prevented. 585 00:33:49,240 --> 00:33:52,040 And at that point, organizations feel more comfortable. 586 00:33:52,040 --> 00:33:54,680 And also, I think they realize that if, if there will be 587 00:33:54,680 --> 00:33:59,000 anything that goes outside of this, it's suspicious enough at 588 00:33:59,000 --> 00:34:02,520 this point to at least pause and ask, what is this? 589 00:34:02,520 --> 00:34:06,080 Why is it happening? So by the way, one of the things 590 00:34:06,080 --> 00:34:08,639 we do is for every one of these accounts, we, we are able to 591 00:34:08,639 --> 00:34:11,360 recommend or, or kind of map, you know, two different 592 00:34:11,360 --> 00:34:14,000 integrations who's the owner of that account. 593 00:34:14,880 --> 00:34:18,639 That's really useful because we can say, OK, we think that this 594 00:34:18,639 --> 00:34:20,800 account is only doing this, but if it's going to do anything 595 00:34:20,800 --> 00:34:23,159 else, we're going to reach out to the owner of this account and 596 00:34:23,159 --> 00:34:27,760 ask, is this expected? Like we'll sing this, this 597 00:34:27,760 --> 00:34:29,679 account being used in this new place. 598 00:34:30,159 --> 00:34:32,000 Is this something that you know about? 599 00:34:32,840 --> 00:34:34,840 And, and that allows for some feedback. 600 00:34:34,840 --> 00:34:38,520 So now this also builds fast because they know that those 601 00:34:38,520 --> 00:34:41,159 application owners are going to, to be able to provide feedback 602 00:34:41,159 --> 00:34:44,239 and say, Oh yeah, my, my account actually does need to run in 603 00:34:44,239 --> 00:34:47,639 this additional place because they just, you know, did this 604 00:34:47,639 --> 00:34:51,280 change? And once these and, and by the 605 00:34:51,280 --> 00:34:53,159 way, at this point, we didn't prevent anything yet. 606 00:34:53,159 --> 00:34:56,960 We were still in, it was still in alerting mode at that point. 607 00:34:56,960 --> 00:34:59,960 When they see that this whole flow walks, they'll feel 608 00:34:59,960 --> 00:35:01,880 comfortable enough moving into prevention. 609 00:35:04,240 --> 00:35:08,360 But that really took a lot of investment in understanding, you 610 00:35:08,360 --> 00:35:11,600 know, how organizations want to operationalize this, what other 611 00:35:11,600 --> 00:35:14,000 IT system they're using that we need to integrate with to make 612 00:35:14,000 --> 00:35:16,440 it, you know, more, more visible to them. 613 00:35:17,400 --> 00:35:20,720 It's, it's really, I think anyone outside of the identity 614 00:35:20,720 --> 00:35:25,120 market cannot fully appreciate like how complex the changes are 615 00:35:26,240 --> 00:35:29,680 that I think, I think, you know, you guys, you guys know, well, 616 00:35:30,960 --> 00:35:33,480 I've talked to one company, well, you know, before 617 00:35:33,480 --> 00:35:35,880 implementing Silverfold, they were trying to do some of these 618 00:35:35,880 --> 00:35:38,880 manually and, and finding these accounts and trying to rotate 619 00:35:38,880 --> 00:35:41,240 the passwords. And they told me it would, it 620 00:35:41,240 --> 00:35:44,600 would take sometimes six months to get approval to make a change 621 00:35:44,600 --> 00:35:46,640 to a service account. And by the time they got the 622 00:35:46,640 --> 00:35:49,120 approval, the service account maybe was already decommissioned 623 00:35:49,120 --> 00:35:52,200 or was outside of the scope of the audit or the audit already 624 00:35:52,200 --> 00:35:54,240 happened. Like all kinds of things that 625 00:35:54,240 --> 00:35:56,640 make it make it so slow that it's almost irrelevant. 626 00:35:57,760 --> 00:36:00,920 It's really a feeling of you're, you're walking and walking and 627 00:36:00,920 --> 00:36:06,040 making no progress. And I think that's not only a 628 00:36:06,040 --> 00:36:08,120 problem in, in non human identities, it's probably an 629 00:36:08,120 --> 00:36:11,520 identity in general. But in in non human identities, 630 00:36:11,520 --> 00:36:15,520 it's even more of a problem because there's no person to ask 631 00:36:15,520 --> 00:36:17,520 sometimes, like, what are you doing? 632 00:36:17,520 --> 00:36:20,480 Like, why are you doing this? You need to, you need to, you 633 00:36:20,480 --> 00:36:22,440 know, guess if you don't have this system. 634 00:36:23,840 --> 00:36:26,760 So Speaking of non persons, I think that's probably a great 635 00:36:26,760 --> 00:36:29,160 segue to get into talking about some of the new things you've 636 00:36:29,160 --> 00:36:33,520 announced around AI agent security because you talked 637 00:36:33,520 --> 00:36:35,800 about that mapping of like, OK, who does this account belong to? 638 00:36:35,800 --> 00:36:39,920 It's approaching probably sooner than we think where we have a is 639 00:36:39,920 --> 00:36:42,560 talking to AIS, talking to AIS, talking to AIS. 640 00:36:42,560 --> 00:36:45,760 We have like this Inception or Mostrica doll where you've got 641 00:36:46,080 --> 00:36:49,800 so many different layers of, you know, bots talking to bots and 642 00:36:49,800 --> 00:36:51,640 maybe there's a human in the mix somewhere. 643 00:36:52,240 --> 00:36:55,000 But I want to talk about this, this new feature or this new 644 00:36:55,000 --> 00:36:58,920 capability that you guys have have brought out around age AI 645 00:36:58,920 --> 00:37:00,840 agent security. Tell me a little bit about that. 646 00:37:02,320 --> 00:37:07,520 Yeah, it's, it's this is a very exciting space that is obviously 647 00:37:07,520 --> 00:37:10,680 moving faster than anything else that we've been talking about. 648 00:37:11,880 --> 00:37:14,640 I mean, other areas of identity security are moving fast, but 649 00:37:14,640 --> 00:37:16,480 but nothing is even close to this. 650 00:37:17,200 --> 00:37:23,000 This problem is changing and evolving, you know, every day. 651 00:37:23,000 --> 00:37:26,240 And I think it's going to become a huge problem for organizations 652 00:37:26,240 --> 00:37:30,120 that soon, if not already. So just an explanation for we 653 00:37:30,120 --> 00:37:33,640 know anyone you know, listening to this who doesn't fully 654 00:37:33,640 --> 00:37:36,880 understand what are those AI agents and, and why is it such a 655 00:37:36,880 --> 00:37:39,760 new and different problem? What why is it so different than 656 00:37:39,760 --> 00:37:42,280 detecting regular identities or, or NH is? 657 00:37:43,040 --> 00:37:48,120 So, you know, AI agents are basically as opposed to chat 658 00:37:48,120 --> 00:37:50,040 bot. AI agents are actually doing 659 00:37:50,040 --> 00:37:53,520 things though, you know, logging into your systems and they can 660 00:37:53,520 --> 00:37:57,040 take actions, they can write an e-mail, they can, you know, 661 00:37:57,680 --> 00:38:00,880 change something in in your in your CLM. 662 00:38:01,400 --> 00:38:05,360 It can, you know, build an application, it can actually do 663 00:38:05,400 --> 00:38:08,880 things. And this has massive potential 664 00:38:08,880 --> 00:38:12,280 for helping businesses because you can actually automate a lot 665 00:38:12,280 --> 00:38:15,560 of work that was done by people, manual work. 666 00:38:16,080 --> 00:38:20,360 You can use these these agents almost as virtual workforce or 667 00:38:20,360 --> 00:38:25,720 virtual assistants that do things that that were just a 668 00:38:25,720 --> 00:38:27,800 lot, a lot of manual effort for people. 669 00:38:29,320 --> 00:38:34,480 But it also creates a huge security risk because the risk 670 00:38:34,520 --> 00:38:40,240 of using our our regular good old ChatGPT are are, you know, 671 00:38:40,400 --> 00:38:43,200 at the worst case you get, you get the wrong answer, right? 672 00:38:45,040 --> 00:38:48,880 So it's, it's, it's there is a risk though, right, with his 673 00:38:48,920 --> 00:38:55,040 utilization and things like that to, to do anything bad agents 674 00:38:55,040 --> 00:38:58,680 can actually do stuff. So it can delete your data 675 00:38:59,080 --> 00:39:03,240 accidentally, or it can send an e-mail that makes you look 676 00:39:03,240 --> 00:39:06,480 really bad or cause an issue for your company, or it can it can 677 00:39:06,480 --> 00:39:09,760 do all kinds of things that that can cause real damage. 678 00:39:11,040 --> 00:39:17,800 And unlike regular non human identities, and this is where 679 00:39:17,800 --> 00:39:21,120 we're starting to get into the differences, they're much less 680 00:39:21,120 --> 00:39:24,040 predictable with a regular non human identity. 681 00:39:24,040 --> 00:39:26,560 I mean, we just talked about, I can learn that it's connecting 682 00:39:26,560 --> 00:39:30,040 from A to B every morning at 9:00 AM. 683 00:39:30,360 --> 00:39:33,600 And I kind of learned that very, very simple repetitive button, 684 00:39:33,600 --> 00:39:38,400 because it's just a script, an AI agent, because it's based on, 685 00:39:38,400 --> 00:39:43,440 on AI, on LLMS, it's, it's not deterministic. 686 00:39:43,440 --> 00:39:45,680 It can do a different thing every day. 687 00:39:45,680 --> 00:39:51,480 It can suddenly decide to to do something new today that is a 688 00:39:51,480 --> 00:39:56,320 little different than yesterday. So it's harder to tell is it 689 00:39:56,320 --> 00:39:58,280 doing something that that it should. 690 00:40:00,160 --> 00:40:02,480 At the same time it it's not a human. 691 00:40:02,640 --> 00:40:05,320 So you can't use the regular stuff that the security controls 692 00:40:05,320 --> 00:40:07,880 that work for human like multi factor authentication, right? 693 00:40:07,880 --> 00:40:10,120 The stuff that we got used to do for humans. 694 00:40:11,640 --> 00:40:15,520 So it's not a human, not classic NHI. 695 00:40:15,520 --> 00:40:19,200 It's something in between. And it takes a newer post to. 696 00:40:19,200 --> 00:40:23,320 How do we secure this? I think that this is a very 697 00:40:23,320 --> 00:40:29,320 important problem because the adoption of AI and especially AI 698 00:40:29,320 --> 00:40:34,040 agents is going to have so much benefits for the business that 699 00:40:34,040 --> 00:40:36,840 companies are going to adopt it whether we the security people 700 00:40:36,840 --> 00:40:41,200 are ready or not. I think that, you know, in over 701 00:40:41,200 --> 00:40:46,240 the next month, you know, boards and CEOs will be coming to those 702 00:40:46,240 --> 00:40:49,640 security leaders and saying, you know, we're going to adopt AI 703 00:40:49,640 --> 00:40:52,240 because otherwise our competitors take us out of 704 00:40:52,240 --> 00:40:53,720 business. Like we're not going to be 705 00:40:53,720 --> 00:40:56,040 competitive. So we're going to implement it. 706 00:40:56,320 --> 00:40:58,920 You know, you should do your best to secure it, but we're not 707 00:40:58,920 --> 00:41:02,360 waiting. And I think that this is this 708 00:41:02,360 --> 00:41:05,640 makes it an urgent problem, although it looks like it's so 709 00:41:05,640 --> 00:41:09,920 new and and so emerging and it feels like you can wait and see 710 00:41:09,920 --> 00:41:11,880 where it goes. I think that it is going to 711 00:41:11,880 --> 00:41:15,720 become very urgent based and. So. 712 00:41:17,040 --> 00:41:19,800 Now let me tell you our, our approach to it. 713 00:41:20,840 --> 00:41:27,200 So we figured in order to make this safe, in order to make AI 714 00:41:27,200 --> 00:41:31,960 agents operate in my network and know that that I, I limit them 715 00:41:31,960 --> 00:41:35,000 from from causing any damage, I need to have visibility to what 716 00:41:35,000 --> 00:41:39,400 they do and I need to be able to stop them from from doing things 717 00:41:39,400 --> 00:41:43,600 they shouldn't do. The first part is easier. 718 00:41:44,240 --> 00:41:46,000 So giving you visibility to what they do. 719 00:41:46,480 --> 00:41:49,080 You know, I think that every vendor that is in the non human 720 00:41:49,080 --> 00:41:51,920 identity space is going to be able to do that because at the 721 00:41:51,920 --> 00:41:55,040 end of the day, these are non human identities And you know, 722 00:41:55,200 --> 00:41:58,040 we can see what they're doing. The other vendors that can also 723 00:41:58,040 --> 00:42:00,240 see what they're doing by looking at the logs and looking 724 00:42:00,240 --> 00:42:02,960 at, you know, the configurations and things like that and show 725 00:42:02,960 --> 00:42:06,400 you, you know, you have this AI agent and it's using this 726 00:42:06,400 --> 00:42:08,160 identity and it's accessing this system. 727 00:42:09,160 --> 00:42:12,400 I mean, it's not super easy, but but you know, vendors are 728 00:42:12,400 --> 00:42:14,360 figuring it out and companies are figuring it out. 729 00:42:15,240 --> 00:42:18,640 The second part is more complex. How do you actually prevent it 730 00:42:18,640 --> 00:42:22,760 from doing bad things? This requires an in line 731 00:42:23,200 --> 00:42:24,920 approach. What I mean by that is we need 732 00:42:24,920 --> 00:42:29,840 to actually get the AI agents when they access things. 733 00:42:30,160 --> 00:42:32,520 So when they connect to your e-mail server, all to all to 734 00:42:32,520 --> 00:42:37,520 your customer database, we need to be in line as a gateway on 735 00:42:37,520 --> 00:42:40,400 this communication in order to really be able to stop bad 736 00:42:40,400 --> 00:42:44,800 things. Now, luckily, there are ways to 737 00:42:44,800 --> 00:42:47,440 do that technically, For example, I don't know if you 738 00:42:47,440 --> 00:42:51,440 heard about, obviously, like a lot of people are talking now 739 00:42:51,440 --> 00:42:54,240 about how AI agents are accessing other systems and, and 740 00:42:54,400 --> 00:42:56,880 the Basel right now is MCP, right? 741 00:42:56,880 --> 00:43:00,080 MCP is kind of the, the language, the protocol in which 742 00:43:00,080 --> 00:43:02,440 AI agents are connecting to other systems. 743 00:43:03,480 --> 00:43:05,720 It's very cool. It, it allows you to save the 744 00:43:05,720 --> 00:43:08,120 need to integrate individually with every system. 745 00:43:08,560 --> 00:43:13,960 And the, the, you know, the advantage of that is that you 746 00:43:13,960 --> 00:43:19,440 can actually create an MCP gateway, which means that when 747 00:43:19,440 --> 00:43:22,720 an AI agent is trying to connect to different systems and 748 00:43:22,720 --> 00:43:26,960 applications, it will do it to your solution to silver fault. 749 00:43:26,960 --> 00:43:31,680 In this case, this means that we are actually in line on what 750 00:43:31,680 --> 00:43:33,680 it's trying to do. And it means that if we're 751 00:43:33,680 --> 00:43:36,760 seeing you're doing something bad, we can block it or we can 752 00:43:37,240 --> 00:43:41,080 involve a human, you know, this is, by the way, in a new kind of 753 00:43:41,080 --> 00:43:43,000 concept. But think about the AI agent is 754 00:43:43,000 --> 00:43:47,040 doing something bad. I go to the owner of this agent 755 00:43:47,120 --> 00:43:51,160 and I ask it, hey, is it OK that your AI agent is trying to do 756 00:43:51,160 --> 00:43:53,320 this? And the human says, yes, that's 757 00:43:53,320 --> 00:43:54,960 actually, that actually makes sense to me. 758 00:43:55,360 --> 00:43:59,160 And then we can allow it. So there's a lot of things you 759 00:43:59,160 --> 00:44:03,400 can do there. By the way, it's not just a new 760 00:44:03,400 --> 00:44:05,680 problem. There's also new opportunities 761 00:44:05,680 --> 00:44:09,760 here. You can actually use AI to be 762 00:44:09,760 --> 00:44:11,640 able to do that. You, you, you, you know what you 763 00:44:11,640 --> 00:44:15,200 said before, you know, you left, but that actually is true. 764 00:44:15,200 --> 00:44:19,240 Like it's all kind of connected. So in order to to look at what 765 00:44:19,240 --> 00:44:22,000 AI is doing and, and, and figure out if it makes sense, you can 766 00:44:22,000 --> 00:44:26,960 actually leverage AI And also those new opportunities with 767 00:44:27,120 --> 00:44:32,160 interacting with AI agent, for example, with regular non even 768 00:44:32,160 --> 00:44:34,040 identity that is trying to do something. 769 00:44:34,080 --> 00:44:37,320 I can't ask it why are you doing it? 770 00:44:37,360 --> 00:44:41,000 But with an AI agent, maybe I can, maybe I can ask the AI 771 00:44:41,000 --> 00:44:43,760 agent, hey, why are you accessing the customer database? 772 00:44:44,520 --> 00:44:48,080 And the AI agent will actually tell me why is he trying to do 773 00:44:48,080 --> 00:44:49,760 that? So there's, there's a lot of new 774 00:44:49,760 --> 00:44:52,560 opportunities. There's a lot of, you know, new 775 00:44:52,560 --> 00:44:55,240 challenges, new opportunities, everything is moving super fast. 776 00:44:56,160 --> 00:44:59,000 But you know, the port we just released is exactly that. 777 00:44:59,000 --> 00:45:03,040 It's a, a gateway that sees all these agents trying to do 778 00:45:03,040 --> 00:45:04,800 things. It can show you what they're 779 00:45:04,800 --> 00:45:07,080 doing. It can control what they're 780 00:45:07,080 --> 00:45:09,720 allowed to do. So like granular authorization, 781 00:45:10,000 --> 00:45:13,600 we can say, you know, yes, it connects to Slack, but it 782 00:45:13,600 --> 00:45:15,320 shouldn't be able to write anything. 783 00:45:15,320 --> 00:45:17,760 We shouldn't be able to read any, any of these groups. 784 00:45:18,160 --> 00:45:20,960 And also you can really control the granular access permissions 785 00:45:20,960 --> 00:45:23,800 you give it. It can block certain things. 786 00:45:23,800 --> 00:45:26,880 It can, it can, you know, involve more security because if 787 00:45:26,880 --> 00:45:30,280 we think it's doing something bad, it's really a very cool 788 00:45:30,800 --> 00:45:34,080 answer to this concern that this is super new. 789 00:45:35,000 --> 00:45:37,520 But I think without solving it, organizations will not be able 790 00:45:37,520 --> 00:45:39,800 to really enjoy this revolution. So I think it's going to be. 791 00:45:41,560 --> 00:45:43,760 So I, I, I think that's really clever the way you're 792 00:45:43,760 --> 00:45:46,080 approaching with that gateway type of approach and, and things 793 00:45:46,080 --> 00:45:50,000 like MCP or model context protocol or A to a which is 794 00:45:50,000 --> 00:45:53,200 agent to agent. There's a lot of work being done 795 00:45:53,200 --> 00:45:57,360 to facilitate data transferring right between models and between 796 00:45:57,360 --> 00:45:59,320 agents itself. I'm curious if you have an 797 00:45:59,320 --> 00:46:04,240 opinion on from an identity standpoint, how should we be 798 00:46:04,240 --> 00:46:05,520 thinking about security for this? 799 00:46:05,520 --> 00:46:10,440 Is it very specific fine tune agents that only have access to 800 00:46:10,440 --> 00:46:15,520 the things they need to, which means more agents or something 801 00:46:15,520 --> 00:46:18,120 that's a little bit broader from an agent perspective that maybe 802 00:46:18,120 --> 00:46:21,160 does have more access to different things and have fewer 803 00:46:21,160 --> 00:46:23,880 agents. So is it a quantity versus 804 00:46:23,880 --> 00:46:25,920 quality thing? Like what are you thinking like 805 00:46:25,920 --> 00:46:27,360 from an identity security standpoint? 806 00:46:28,640 --> 00:46:31,880 I think that at first at least, we, we probably are going to see 807 00:46:31,880 --> 00:46:36,080 many agents doing small things right and, and kind of 808 00:46:36,080 --> 00:46:38,400 orchestrating each other and telling each other what to do. 809 00:46:38,400 --> 00:46:41,480 But it's really, it's really an army of agents that is trying to 810 00:46:41,480 --> 00:46:44,400 to do a combination of many small things in order to 811 00:46:44,400 --> 00:46:48,120 accomplish one big thing. That also simplifies things a 812 00:46:48,120 --> 00:46:50,240 little from a security perspective, because I can 813 00:46:50,240 --> 00:46:54,120 figure out what each of these agents is exactly trying to do. 814 00:46:54,160 --> 00:46:56,960 And I can understand, you know, who owns each of these pieces. 815 00:46:58,240 --> 00:47:03,520 If you imagine one agent that is Superintendent can do all of it, 816 00:47:04,000 --> 00:47:06,800 then it's also really hard to secure it because I don't know 817 00:47:06,800 --> 00:47:09,280 what it's time. It might do this today and this 818 00:47:09,280 --> 00:47:11,400 tomorrow. And you know, does it even have 819 00:47:11,400 --> 00:47:12,840 an owner? Because if it's doing 820 00:47:12,840 --> 00:47:16,680 everything, then who, who is the person really owns it? 821 00:47:17,240 --> 00:47:19,040 So it makes things a little harder. 822 00:47:19,280 --> 00:47:22,560 I think in the long term, this is where it actually might go 823 00:47:23,400 --> 00:47:27,920 because, you know, AI will become smarter and, you know, we 824 00:47:27,920 --> 00:47:29,720 won't need to bake it all these tiny pieces. 825 00:47:29,720 --> 00:47:32,520 It will just have, you know, much better capabilities and it 826 00:47:32,520 --> 00:47:35,600 will be able to take action. And we'll actually, we'll 827 00:47:35,600 --> 00:47:39,600 actually want to give it more flexibility, but that will have 828 00:47:39,600 --> 00:47:42,080 some paid off with, with security, you know, with our 829 00:47:42,080 --> 00:47:44,600 ability to control it. I think at least for now, while 830 00:47:44,600 --> 00:47:46,760 we, we still don't know how this is going to work. 831 00:47:46,760 --> 00:47:49,800 We, we, we understand some of the risk, but definitely not all 832 00:47:49,800 --> 00:47:51,880 the risk. I think it's important that we 833 00:47:51,880 --> 00:47:55,200 that we stay pretty structured. I and I think that's what 834 00:47:55,200 --> 00:47:58,320 organizations mostly are doing because that's also, you know, 835 00:47:58,360 --> 00:48:01,200 the, the limitations of, of the current AI models. 836 00:48:01,840 --> 00:48:03,640 They're breaking it down to small things. 837 00:48:03,640 --> 00:48:08,120 And we can tell that, you know, this piece is in charge only on, 838 00:48:08,800 --> 00:48:13,040 you know, writing stuff into your CRM and it's owned by this 839 00:48:13,040 --> 00:48:17,160 person from sales operations and it's only connecting from here 840 00:48:17,160 --> 00:48:20,440 to there and doing this. And this actually makes things, 841 00:48:20,560 --> 00:48:23,840 you know, much, much more controlled from a security 842 00:48:23,840 --> 00:48:27,120 perspective. So I think at least for the 843 00:48:27,120 --> 00:48:29,560 short term, that that's what we mainly are going to see. 844 00:48:31,040 --> 00:48:35,640 And, and by the way, I think the that that connection of every 845 00:48:35,640 --> 00:48:38,720 agent to a human owner is actually very important because 846 00:48:38,720 --> 00:48:40,760 it means that you have someone accountable for what it's doing. 847 00:48:41,840 --> 00:48:46,280 Yeah, it seems like the agent acts in the context of the 848 00:48:46,280 --> 00:48:51,360 person who is making the requests or what if I'm not sure 849 00:48:51,360 --> 00:48:53,840 if the request is the right word, but depending on what the 850 00:48:53,880 --> 00:48:56,840 agent does, right? So the question is, does the 851 00:48:56,880 --> 00:49:01,640 agent run under a service account or does it leverage the 852 00:49:01,640 --> 00:49:05,520 context and authentication of the person, Not only the 853 00:49:05,520 --> 00:49:09,600 authentication, but also the authorization, the entitlements 854 00:49:09,600 --> 00:49:14,000 that that person has. And via the MCP server, maybe 855 00:49:14,160 --> 00:49:19,440 MCP server says, oh, here's Jim McDonald asking to access, you 856 00:49:19,440 --> 00:49:21,840 know, the Custer database user example. 857 00:49:22,480 --> 00:49:25,480 Yeah, that to me seems like that's the right level of 858 00:49:25,480 --> 00:49:29,080 security. I think that is probably the 859 00:49:29,080 --> 00:49:32,880 easiest approach because, you know, if it's on behalf of Jim, 860 00:49:32,880 --> 00:49:34,680 then it's going to have Jim's permissions. 861 00:49:34,760 --> 00:49:38,040 I don't think that's the safest approach because it might not 862 00:49:38,040 --> 00:49:41,720 need all of Jim's permissions, you know, because it's doing 863 00:49:41,720 --> 00:49:45,120 something specific. Why give it all the permissions 864 00:49:45,120 --> 00:49:47,760 that the gym has? I think that that's where a lot 865 00:49:47,760 --> 00:49:49,480 of people started because it was easy. 866 00:49:49,920 --> 00:49:54,040 I think that what vendors like us are doing now is offering, 867 00:49:55,080 --> 00:49:57,240 you know, more ground law controls. 868 00:49:57,240 --> 00:50:01,320 So we the least privilege approach where we say, yes, it's 869 00:50:01,320 --> 00:50:04,280 acting on behalf of gym, but it only really needs to do this one 870 00:50:04,280 --> 00:50:06,320 thing. So, you know, let's only give it 871 00:50:06,320 --> 00:50:09,360 this this permission that will give it all the permissions Jim 872 00:50:09,360 --> 00:50:14,680 has, which is harder to do, but that's what vendors like us are 873 00:50:14,680 --> 00:50:17,240 here for in order to automate this and figure it out more 874 00:50:17,240 --> 00:50:20,080 automatically. I don't think that's something 875 00:50:20,080 --> 00:50:22,680 that an organization can figure out on their own at scale. 876 00:50:23,640 --> 00:50:27,720 But just like we've done that for service accounts and for non 877 00:50:27,720 --> 00:50:31,120 humanities in the cloud, now we're doing this for NHIS 878 00:50:31,120 --> 00:50:33,160 because we have already some expertise in this. 879 00:50:33,600 --> 00:50:36,760 We can see all these agents, we can understand what they're 880 00:50:36,760 --> 00:50:38,840 doing. We can understand who is the 881 00:50:38,840 --> 00:50:41,160 owner, we can understand it. Or do they really need those 882 00:50:41,160 --> 00:50:43,520 full permissions? Or based on what they're doing, 883 00:50:43,520 --> 00:50:45,720 maybe they only need a much smaller set of permissions and 884 00:50:45,720 --> 00:50:48,840 then we can automatically start recommending to you, you know, 885 00:50:48,840 --> 00:50:50,360 where you can actually minimize that. 886 00:50:51,040 --> 00:50:57,840 So all of that I think is is very important, very urgent, 887 00:50:58,360 --> 00:51:01,440 because before we know it, our companies are going to be full 888 00:51:01,440 --> 00:51:03,160 of agents. I mean, we're already seeing it 889 00:51:03,160 --> 00:51:05,040 at Silverthorpe, even internally. 890 00:51:05,480 --> 00:51:07,440 I'm sure many organizations are starting to save. 891 00:51:07,440 --> 00:51:10,640 And if not, they should actually be even more concerned. 892 00:51:11,040 --> 00:51:14,040 I think that, you know, they need to, and I think that this 893 00:51:14,040 --> 00:51:15,960 level of control is the only thing that will allow 894 00:51:15,960 --> 00:51:19,240 organizations to, to have the trust and the confidence to do 895 00:51:19,240 --> 00:51:23,120 it. So in a way, it it's an enabler 896 00:51:23,120 --> 00:51:25,840 for AI adoption. You know, if we don't figure out 897 00:51:25,840 --> 00:51:28,120 the security aspects, then organizations are not going to 898 00:51:28,120 --> 00:51:31,840 be able to adopt this fully or under competitive pressure. 899 00:51:31,840 --> 00:51:35,080 They're going to adopt it without security and it's going 900 00:51:35,080 --> 00:51:38,720 to be a mess. So so we do need to figure it 901 00:51:38,720 --> 00:51:41,360 out. And I think that that's, you 902 00:51:41,360 --> 00:51:45,280 know, starting from the the entire the permissions of the 903 00:51:45,280 --> 00:51:47,960 person who's who's who's running the agent is a good start, but 904 00:51:47,960 --> 00:51:50,240 it but it has to be more narrow than that. 905 00:51:51,720 --> 00:51:55,280 You know that I think this kind of highlights the the urgency 906 00:51:55,280 --> 00:51:58,520 and sort of the the issue with all these different agents. 907 00:51:58,520 --> 00:52:01,160 I can certainly see an angle where, you know, in this, in 908 00:52:01,160 --> 00:52:03,880 this example that Jim point out there I was acting in the 909 00:52:03,880 --> 00:52:06,120 context of something. And you're totally right. 910 00:52:06,120 --> 00:52:08,520 We, we don't want to give the thing too much information or 911 00:52:08,520 --> 00:52:11,960 too much permission. So I can see one agent, you 912 00:52:11,960 --> 00:52:14,520 know, saying, OK, here's what I need to do, another agent 913 00:52:14,520 --> 00:52:16,880 saying, OK, well, what does that actually mean? 914 00:52:16,880 --> 00:52:20,640 And then another agent that says, let me interrogate Jim's 915 00:52:20,640 --> 00:52:25,280 entitlements and then some other agent that says, OK, based on 916 00:52:25,280 --> 00:52:28,120 these entitlements and based on what you're trying to do, let me 917 00:52:28,120 --> 00:52:31,600 down select the specific authorizations and then passing 918 00:52:31,600 --> 00:52:34,240 that back through the check all the way back to the first agent 919 00:52:34,400 --> 00:52:36,640 to actually do the work. Yeah, no, it's crazy. 920 00:52:36,640 --> 00:52:39,480 And then it can even become more sophisticated. 921 00:52:39,480 --> 00:52:41,520 I'll give you an example of something we're we're building 922 00:52:41,520 --> 00:52:45,560 now. You know, we've had for years 923 00:52:45,960 --> 00:52:49,520 sexually coding, right, as part of, of, of privilege access 924 00:52:49,520 --> 00:52:51,440 management, right? People have been doing session 925 00:52:51,440 --> 00:52:53,440 recording. They recorded what the admin is 926 00:52:53,440 --> 00:52:58,560 doing inside the session and then it was sent to be buried 927 00:52:58,560 --> 00:53:00,240 somewhere that nobody ever watched it, right. 928 00:53:00,600 --> 00:53:05,240 But but, but we did that because we needed to have some evidence 929 00:53:05,240 --> 00:53:09,480 of what the the person did. AI actually presents an amazing 930 00:53:09,480 --> 00:53:12,360 opportunity to use this kind of data because you can actually 931 00:53:12,360 --> 00:53:15,520 have AI watch it and figure out, you know, what is it doing? 932 00:53:15,520 --> 00:53:18,800 Is it actually aligned with what it will this person was supposed 933 00:53:18,800 --> 00:53:20,720 to do. Now think about this is in the 934 00:53:20,720 --> 00:53:25,560 context of of AI protecting AI. You could have an AI agent 935 00:53:25,560 --> 00:53:28,880 saying, I need to log into the CRM because I need to do 936 00:53:29,760 --> 00:53:32,200 something. I need to update this this, you 937 00:53:32,200 --> 00:53:35,720 know, record and then you can actually watch what it's doing. 938 00:53:35,720 --> 00:53:38,280 I mean, another AI agent can watch what it's doing and 939 00:53:38,280 --> 00:53:41,280 compare that to what the agent said is going to do. 940 00:53:41,960 --> 00:53:44,760 So the agent was going though to update this record. 941 00:53:44,760 --> 00:53:47,160 Did it actually upgrade the record, update the record or did 942 00:53:47,160 --> 00:53:50,120 it do something else? You can apply, but of course you 943 00:53:50,120 --> 00:53:53,040 can apply that to humans too. But there's so much new 944 00:53:53,040 --> 00:53:56,760 opportunity to ultimate things that were impossible to do 945 00:53:56,760 --> 00:53:59,920 because the manual work needed was unreasonable. 946 00:54:00,800 --> 00:54:03,880 And now that those AI, we can actually do that. 947 00:54:03,880 --> 00:54:07,920 We can actually watch all these hours of, you know, session 948 00:54:07,920 --> 00:54:10,560 recording and compel them to what people were supposed to do 949 00:54:10,560 --> 00:54:12,560 and what they said they're going to do in the ticket. 950 00:54:12,960 --> 00:54:16,320 And we can automatically figure out who's doing something bad 951 00:54:16,680 --> 00:54:20,120 and block it in real time. So, you know, I think security 952 00:54:20,120 --> 00:54:23,400 is actually going to get way more sophisticated because we 953 00:54:23,400 --> 00:54:26,440 can finally automate all these things that we're always, you 954 00:54:26,440 --> 00:54:30,480 know, not feasible. And that is actually going to 955 00:54:30,480 --> 00:54:34,640 help us protect the AI too. And by the way, I think that 956 00:54:34,640 --> 00:54:39,080 that is critical because with AI protection has to be automated, 957 00:54:39,080 --> 00:54:43,760 has to be fast because AI itself is is operating very fast. 958 00:54:44,880 --> 00:54:48,000 So think about the way we secured human was always 959 00:54:48,600 --> 00:54:50,760 assuming that they move at human speed. 960 00:54:50,920 --> 00:54:54,440 So I could detect the bad behavioural send an alert and 961 00:54:54,440 --> 00:54:58,760 somebody at the stock would look at the alert and investigate it 962 00:54:58,760 --> 00:55:01,360 and then go back and, and do something about it. 963 00:55:01,560 --> 00:55:05,560 And all of it was assuming that it's a human attacker moving at 964 00:55:05,560 --> 00:55:09,840 human speed with AI based attacks is going to happen in 965 00:55:09,840 --> 00:55:13,000 seconds because all the decisions are automated and AI 966 00:55:13,000 --> 00:55:15,520 is making them. So taking over the corporate 967 00:55:15,520 --> 00:55:17,960 network, you know, breaching the corporate network could take a 968 00:55:17,960 --> 00:55:20,640 few seconds if all of this is automated. 969 00:55:21,120 --> 00:55:26,600 This means that if we don't make those security decisions in line 970 00:55:26,600 --> 00:55:29,640 in real time, and we don't block these things while they're 971 00:55:29,640 --> 00:55:33,680 happening, we're too late before just sending some alerts to the 972 00:55:33,680 --> 00:55:35,640 stock waiting for anyone to to look at them. 973 00:55:35,880 --> 00:55:40,200 The attack already happened, so I think AI speed is actually the 974 00:55:40,200 --> 00:55:42,920 only way we can protect against AI threats. 975 00:55:44,400 --> 00:55:48,200 So, so had you've already given us like 12 minutes more than we 976 00:55:48,200 --> 00:55:52,560 asked for and I didn't want to we neither Jeff or I wanted to 977 00:55:52,560 --> 00:55:56,120 stop you along the way because we're learning so much. 978 00:55:56,400 --> 00:55:58,400 It's been an absolutely great session. 979 00:55:58,720 --> 00:56:01,040 So can you just give me two more minutes? 980 00:56:01,200 --> 00:56:03,480 There's one more question I wanted to ask you, which was 981 00:56:03,480 --> 00:56:07,960 around this ideal identity security playbook that you guys 982 00:56:07,960 --> 00:56:11,560 have crafted an ideals and acronymic stands for integrated 983 00:56:11,800 --> 00:56:15,960 integrate, discover and force analyze and lightweight. 984 00:56:16,280 --> 00:56:21,800 So can you give us an idea of like how this gets used, why is 985 00:56:21,800 --> 00:56:25,280 it useful for the practitioner? And then Jeff will take us out. 986 00:56:26,320 --> 00:56:29,040 Yeah, I'll keep it very short. I think that it it kind of 987 00:56:29,040 --> 00:56:31,200 summarizes a lot of what we talked about. 988 00:56:31,280 --> 00:56:34,280 So I talked about syllables approach to identity security, 989 00:56:34,280 --> 00:56:36,080 right. We're doing it really is a very 990 00:56:36,080 --> 00:56:38,040 broad platform. We want to tackle all these 991 00:56:38,160 --> 00:56:42,160 things like humans and non humans and AI and on Prem and 992 00:56:42,160 --> 00:56:45,640 cloud. And, and to summarize this 993 00:56:45,640 --> 00:56:47,560 approach, you know, with a playbook that I think 994 00:56:47,560 --> 00:56:50,680 organizations can use to, to understand what does it take to 995 00:56:50,680 --> 00:56:53,720 really deliver holistic identity security. 996 00:56:54,320 --> 00:56:57,200 You can really use this, this ideal concept. 997 00:56:57,200 --> 00:57:00,800 So it starts from integrate, which means in order to really 998 00:57:00,800 --> 00:57:03,320 bring identity security everywhere, I need integrate 999 00:57:03,320 --> 00:57:06,640 with all the pieces of my identity infrastructure all the 1000 00:57:06,640 --> 00:57:09,640 way from the legacy to the modern cloud ID. 1001 00:57:09,640 --> 00:57:14,120 PS Right, Okta, Google, AWS or all of these different pieces 1002 00:57:14,120 --> 00:57:17,640 including the the SAS applications or or legacy 1003 00:57:17,640 --> 00:57:19,600 applications that have local identities. 1004 00:57:20,120 --> 00:57:22,480 So integrate is the first piece because I need to see every. 1005 00:57:23,520 --> 00:57:27,560 The second piece is discover. Once I'm connected to all of 1006 00:57:27,560 --> 00:57:30,280 these pieces, I need to discover all the entities, all the 1007 00:57:30,320 --> 00:57:32,680 identities, all the and non human identities, all the 1008 00:57:32,680 --> 00:57:34,720 privileges, the group memberships, everything that 1009 00:57:34,720 --> 00:57:37,440 they can get. The third step is in. 1010 00:57:37,440 --> 00:57:39,760 Force that is also. Probably the step that is the 1011 00:57:39,760 --> 00:57:43,840 most unique the silver fold many vendors. 1012 00:57:43,840 --> 00:57:47,360 Do the first. 2 steps and they just give you that visibility 1013 00:57:47,360 --> 00:57:50,120 and then you know, you need to do something with that. 1014 00:57:50,120 --> 00:57:52,240 We need to figure out how to to address these issues. 1015 00:57:53,160 --> 00:57:57,080 We also believe that the critical element of this is in 1016 00:57:57,080 --> 00:57:59,200 force. Once we see what's going on, 1017 00:57:59,200 --> 00:58:04,000 when we see some bad things, we need to be able to intervene. 1018 00:58:04,000 --> 00:58:06,280 We need to be able to prevent certain activity. 1019 00:58:06,280 --> 00:58:09,320 We need to be able to authenticate certain users as 1020 00:58:09,320 --> 00:58:12,680 they're trying to do something. We need to be able to to to 1021 00:58:12,680 --> 00:58:14,640 have, you know, real time controls. 1022 00:58:15,080 --> 00:58:18,320 And that requires an inline architecture means that you need 1023 00:58:18,320 --> 00:58:21,440 to actually see the access, the quest going to, in a, in a way 1024 00:58:21,440 --> 00:58:28,520 that you're able to, to stop them if you need to step #4 is, 1025 00:58:28,560 --> 00:58:33,480 is analyzed because, you know, all of this, all of this data 1026 00:58:33,480 --> 00:58:37,240 and activities and, and, and, you know, people authenticating 1027 00:58:38,800 --> 00:58:41,040 and all these different data sources, you get, you need to, 1028 00:58:41,040 --> 00:58:44,000 to have intelligence around. And that's part of what we just 1029 00:58:44,000 --> 00:58:47,240 talked about analyzing, you know, what did it actually do 1030 00:58:47,240 --> 00:58:49,040 compared to what it was supposed to do? 1031 00:58:49,400 --> 00:58:52,680 And, you know, does this look like normal behaviour or not? 1032 00:58:52,680 --> 00:58:54,960 Does this look like lateral movement? 1033 00:58:54,960 --> 00:58:58,720 Does this, you know, you need to, to bring intelligence into, 1034 00:58:58,840 --> 00:59:02,560 into this. And then the last part is, is 1035 00:59:02,560 --> 00:59:04,640 lightweight. And the, the reason why we 1036 00:59:05,640 --> 00:59:08,080 believe that's so crucial is because identity project 1037 00:59:08,080 --> 00:59:11,360 historically have been way too complex for most organizations 1038 00:59:11,360 --> 00:59:17,000 to, to survive. You know, a lot of people joke 1039 00:59:17,000 --> 00:59:19,560 that, you know, there's no point starting an identity project 1040 00:59:19,560 --> 00:59:21,800 because it's going to be the, the next person after me that is 1041 00:59:21,800 --> 00:59:23,720 going to actually get to finish it and get a credit. 1042 00:59:25,000 --> 00:59:27,800 So I think we have to make identity security easier, 1043 00:59:28,360 --> 00:59:31,960 otherwise we'll, we'll, we'll limiting it to a very small 1044 00:59:31,960 --> 00:59:34,640 number of companies in the world that have the, the ability to, 1045 00:59:34,640 --> 00:59:37,760 to execute. And, you know, and the rest of 1046 00:59:37,760 --> 00:59:40,520 the companies are just, you know, listening to these type 1047 00:59:40,520 --> 00:59:43,440 of, of podcasts and, and, you know, wishing they had these, 1048 00:59:43,440 --> 00:59:45,800 these, these things, but, but they can't really implement them 1049 00:59:45,800 --> 00:59:47,840 effectively. So it has to be lightweight, it 1050 00:59:47,840 --> 00:59:49,880 has to be simple, it has to be quick. 1051 00:59:51,840 --> 00:59:54,000 I think that if you look at other categories of, of 1052 00:59:54,000 --> 00:59:58,040 security, again, the vendors that really were able to bring 1053 00:59:58,040 --> 01:00:00,480 innovation and conquer those markets, well, not just the ones 1054 01:00:00,480 --> 01:00:03,480 who did it in the most secure way, but the ones who made it 1055 01:00:03,760 --> 01:00:07,840 easy, made it super simple to implement and to use. 1056 01:00:08,480 --> 01:00:12,000 And I think it's time for identity to, to set this as a, 1057 01:00:12,000 --> 01:00:15,040 as a requirement of, you know, identity. 1058 01:00:15,080 --> 01:00:19,000 People deserve to have porks. They're not a nightmare to 1059 01:00:19,000 --> 01:00:23,720 implement otherwise. You know, they're just wasting 1060 01:00:23,720 --> 01:00:25,480 time and money and they're not going to get the result. 1061 01:00:26,680 --> 01:00:27,840 So that's basically the approach and. 1062 01:00:27,840 --> 01:00:29,760 It's kind of summarizes. You know, everything we said 1063 01:00:29,760 --> 01:00:32,560 before and kind of how we believe identity security should 1064 01:00:32,560 --> 01:00:37,200 be done and and yeah, whether people do it with. 1065 01:00:37,200 --> 01:00:39,200 Us or not, I think I. Think that's that's what they 1066 01:00:39,200 --> 01:00:41,800 need to aim for. I think that's. 1067 01:00:42,440 --> 01:00:45,600 AI don't know how we top. That and so I think that's 1068 01:00:45,600 --> 01:00:46,840 probably a good spot where we close it. 1069 01:00:47,000 --> 01:00:49,360 You guys are doing such, such cool work and, you know, 1070 01:00:49,360 --> 01:00:51,920 Congrats on the success. We're going to have a bunch of 1071 01:00:51,920 --> 01:00:53,600 links in our show notes, but definitely want to encourage 1072 01:00:53,600 --> 01:00:56,160 people to go to silverfork.com and check things out. 1073 01:00:56,920 --> 01:00:58,640 I was taking notes as we were kind of talking here. 1074 01:00:58,640 --> 01:01:03,080 There'll be a link to the, the insecurity in the shadows report 1075 01:01:03,080 --> 01:01:05,680 that we talked about to be a link to the identity security 1076 01:01:05,680 --> 01:01:08,440 playbook as well. And then we'll also have the 1077 01:01:08,440 --> 01:01:11,400 link in our show notes forehead for people to connect on, on 1078 01:01:11,400 --> 01:01:12,800 LinkedIn and as well as ourselves. 1079 01:01:12,800 --> 01:01:15,600 So had it's always a great pleasure talking with you and I 1080 01:01:15,600 --> 01:01:17,800 I I really appreciate you taking the time with us. 1081 01:01:18,080 --> 01:01:21,840 Any if I took one thing away from this conversation, you kept 1082 01:01:21,840 --> 01:01:26,000 mentioning that the word in line, it's like, OK, like that 1083 01:01:26,000 --> 01:01:27,320 is what we need to get people understand. 1084 01:01:27,320 --> 01:01:30,480 It's like you need to be injected into the process, into 1085 01:01:30,480 --> 01:01:32,960 the data stream, into whatever you want to call it and be, 1086 01:01:33,280 --> 01:01:37,200 well, as you said in line. Yeah, I think that's very. 1087 01:01:37,200 --> 01:01:40,160 Important otherwise. We'll just, otherwise we'll just 1088 01:01:40,160 --> 01:01:42,680 pointing out the issues without being able to actually solve 1089 01:01:42,680 --> 01:01:46,080 them or stop them. Yeah, well, there's. 1090 01:01:46,080 --> 01:01:48,040 Value in. In at least pointing the issue 1091 01:01:48,040 --> 01:01:50,360 out but we've got to start solving these problems so I I I 1092 01:01:50,360 --> 01:01:53,440 appreciate the you know the the discussion especially when we 1093 01:01:53,440 --> 01:01:56,280 say we need to make identity security easier yeah absolutely 1094 01:01:56,280 --> 01:01:59,240 right nobody wants hard tools we've got to have a way to 1095 01:01:59,240 --> 01:02:02,520 approach this and I like what you guys are doing so thank you 1096 01:02:02,560 --> 01:02:04,280 that yeah so that's is a good spot we're. 1097 01:02:04,280 --> 01:02:05,680 Going to have to leave. It for this week. 1098 01:02:06,160 --> 01:02:08,080 Thanks everyone for watching Andrew listening. 1099 01:02:08,080 --> 01:02:11,960 You can find us on the web at idacpodcast.com and we'll talk 1100 01:02:11,960 --> 01:02:16,760 with everyone in the next one. You've been listening to 1101 01:02:16,760 --> 01:02:18,640 Identity at. The Center. 1102 01:02:18,960 --> 01:02:23,040 We hope you've enjoyed the show. Make sure to like, rate and 1103 01:02:23,040 --> 01:02:26,680 review and we'll be back soon. But in the meantime, hit the 1104 01:02:26,680 --> 01:02:30,080 website at identity@thecenter.com. 1105 01:02:30,680 --> 01:02:34,800 See you next time on Identity at the Center.