1 00:00:04,720 --> 00:00:11,520 This is identity at the center. Welcome to the Identity at the 2 00:00:11,520 --> 00:00:13,280 Center podcast. I'm Jeff, and that's Jim. 3 00:00:13,280 --> 00:00:15,440 Hey, Jim. Hey, Jeff, how are you? 4 00:00:15,800 --> 00:00:18,280 Oh, not so bad yourself. Doing great, man. 5 00:00:18,280 --> 00:00:21,760 I'm so excited for this episode. There are a couple of hot trends 6 00:00:22,080 --> 00:00:25,960 in the identity space right now. Continuous identity that we're 7 00:00:25,960 --> 00:00:30,200 going to talk about today is one that I really believe in. 8 00:00:30,400 --> 00:00:35,080 I'm really excited to talk about and I'm just excited to jump 9 00:00:35,080 --> 00:00:36,800 into things. Yeah. 10 00:00:36,800 --> 00:00:39,040 So today we've got a sponsor spotlight episode. 11 00:00:39,040 --> 00:00:41,720 We do these from time to time. It's a fully sponsored episode. 12 00:00:41,720 --> 00:00:45,240 So we get into the mindsets of our sponsors and sort of the big 13 00:00:45,240 --> 00:00:47,320 thinkers they've got on their side, get their perspectives on 14 00:00:47,320 --> 00:00:50,320 I am market straight from the source, which is a little bit 15 00:00:50,320 --> 00:00:52,200 different than our normal episodes where we are. 16 00:00:52,440 --> 00:00:55,080 We try to be as vendor neutral as possible, right, not talk 17 00:00:55,080 --> 00:00:56,560 product, but that is not one of these. 18 00:00:56,560 --> 00:00:59,080 Today we're actually going to talk product and the product 19 00:00:59,080 --> 00:01:00,880 today we're going to talk with is Signal. 20 00:01:01,000 --> 00:01:04,519 And for those not familiar, you can find them on the web SGNL 21 00:01:04,519 --> 00:01:07,720 dot AI slash IDAC. We'll take you to there. 22 00:01:07,720 --> 00:01:10,000 I know it's like a lot of letters, but it's Signal. 23 00:01:10,240 --> 00:01:12,520 And for that we've got Eric Gustafson. 24 00:01:12,520 --> 00:01:15,280 He's the Co founder and CPO at Signal. 25 00:01:15,280 --> 00:01:16,680 Welcome to Identity at the Center, Eric. 26 00:01:17,680 --> 00:01:20,440 Hey, well, glad to be here. Yeah, thanks for taking the 27 00:01:20,440 --> 00:01:22,800 time. So I, I, I, I kind of, I'm 28 00:01:22,800 --> 00:01:27,280 joking a little bit because it's like SGNL dot AI slash igac and 29 00:01:27,280 --> 00:01:30,320 yet somehow people will know that that is signal and identity 30 00:01:30,320 --> 00:01:32,800 at the center, which is amazing. Yeah, brains are amazing. 31 00:01:34,560 --> 00:01:36,440 So this is your first time being with us. 32 00:01:36,440 --> 00:01:38,400 I always like to find out how people got into the identity 33 00:01:38,400 --> 00:01:40,120 space. It's such a varied kind of skill 34 00:01:40,120 --> 00:01:42,000 set and background. So let's start there. 35 00:01:42,000 --> 00:01:44,360 Eric, how did you get into the IM space? 36 00:01:44,360 --> 00:01:46,760 Is it something that you chose or did it choose you? 37 00:01:47,840 --> 00:01:52,680 You know, in some ways I'd say it was both back, what was it, 38 00:01:52,680 --> 00:01:56,520 2011? My Co founder, my current Co 39 00:01:56,520 --> 00:01:58,920 founder, Scott and I were working running identity and 40 00:01:58,920 --> 00:02:02,880 product at a, of all things, a fantasy sports gaming company. 41 00:02:02,880 --> 00:02:07,040 We built games for the NBA. We're B to B, so we built and 42 00:02:07,040 --> 00:02:09,080 operated the games under somebody else's brand. 43 00:02:09,280 --> 00:02:12,560 So we did things like NB as games, World Cup games, we did 44 00:02:12,560 --> 00:02:14,880 NASCAR's game. We did some TV shows like The 45 00:02:14,880 --> 00:02:17,120 Bachelorette. It was a lot of fun. 46 00:02:17,880 --> 00:02:21,800 We were using all SAS products. Basically people weren't even 47 00:02:21,800 --> 00:02:25,040 using that term at that point. You know, you had the sales 48 00:02:25,040 --> 00:02:26,480 forces of the world, they existed. 49 00:02:27,240 --> 00:02:30,120 And you know, at that point we were, we were just hired guns 50 00:02:30,120 --> 00:02:32,080 there. We were employees and the 51 00:02:32,080 --> 00:02:34,800 company is being sold off and we were there to help transition it 52 00:02:34,800 --> 00:02:37,200 over. We got done with that and we're 53 00:02:37,200 --> 00:02:39,440 looking around going, well, what do you want to work on next? 54 00:02:39,440 --> 00:02:42,560 Let's go, let's start a company. But what's the problem we can 55 00:02:42,560 --> 00:02:45,920 solve? And we kind of realized, hey, 56 00:02:47,120 --> 00:02:48,640 everything we're using is cloud based. 57 00:02:48,640 --> 00:02:50,960 We have this whole IT department, they use Active 58 00:02:50,960 --> 00:02:54,160 Directory, we've got Exchange, it's all running on our own 59 00:02:54,160 --> 00:02:55,920 hardware that's in some data center. 60 00:02:55,920 --> 00:03:00,640 We're managing it all. And that group has no clue about 61 00:03:00,640 --> 00:03:01,680 any of the web things we're doing. 62 00:03:01,920 --> 00:03:03,560 Like they don't know how people get access to them. 63 00:03:03,560 --> 00:03:04,760 They don't have to remove people. 64 00:03:04,760 --> 00:03:07,040 We were, you know, obviously transitioning the company to 65 00:03:07,040 --> 00:03:09,080 someone else. You're removing access to 66 00:03:09,080 --> 00:03:11,200 things. So you said how, how are people 67 00:03:11,200 --> 00:03:13,560 going to solve this problem with these web applications? 68 00:03:13,560 --> 00:03:17,160 There's going to be a million of them, which, yeah, at that point 69 00:03:17,160 --> 00:03:19,040 wasn't the most popular consensus. 70 00:03:19,040 --> 00:03:21,280 I got laughed at a few times for suggesting that. 71 00:03:21,760 --> 00:03:23,360 It's like, Oh no, it's all going to be just sales force. 72 00:03:23,360 --> 00:03:25,800 They're going to own everything. It's like there's no barrier to 73 00:03:25,800 --> 00:03:27,880 entry to make a a web application. 74 00:03:28,520 --> 00:03:31,080 And so we started looking around and we ran across this start, 75 00:03:31,080 --> 00:03:32,400 this little start up called Okta. 76 00:03:33,000 --> 00:03:35,040 And we looked at Okta where we're like, huh, this is kind of 77 00:03:35,040 --> 00:03:37,800 what they do. But it seems really tied into 78 00:03:37,800 --> 00:03:40,000 Active Directory. And I'm not sure about this. 79 00:03:40,440 --> 00:03:43,800 Like we could do a better job. And so, you know, there were two 80 00:03:43,800 --> 00:03:48,280 years into it or so we, we said let's go raise some money and 81 00:03:48,280 --> 00:03:50,480 start a company we called that that was called Bidium. 82 00:03:50,920 --> 00:03:53,360 And we built an identity platform. 83 00:03:53,360 --> 00:03:55,880 We didn't actually even know much about identity at that 84 00:03:55,880 --> 00:03:57,920 time. We were mostly focused on, you 85 00:03:57,920 --> 00:04:01,000 know, credential vaulting what we came that, but we built in 86 00:04:01,000 --> 00:04:04,760 all the typical things, single sign on, SAML, open ID, connect, 87 00:04:05,600 --> 00:04:08,280 directory sync, provisioning, all that stuff. 88 00:04:08,680 --> 00:04:10,200 And we did that for about 6 years. 89 00:04:10,240 --> 00:04:14,760 So we kind of stumbled into it, but I guess of our own volition 90 00:04:14,760 --> 00:04:17,160 because we are going down this path of starting this company, 91 00:04:18,200 --> 00:04:22,120 you know, sort of Fast forward, that brings us to 2017. 92 00:04:22,920 --> 00:04:24,480 We were fully competing with Octa. 93 00:04:24,480 --> 00:04:27,240 We were winning deals. I think we won like Bank of 94 00:04:27,240 --> 00:04:30,760 America against them and Liberty Mutual and they filed to go 95 00:04:30,760 --> 00:04:33,200 public. Oh man, what's this going to 96 00:04:33,200 --> 00:04:35,720 mean for us? Like what happens, you know, 97 00:04:35,720 --> 00:04:37,360 we're, we're a lot smaller than they are now. 98 00:04:37,360 --> 00:04:38,560 They're going to be a public company. 99 00:04:38,560 --> 00:04:39,800 Like, are we going to be able to compete? 100 00:04:40,600 --> 00:04:45,000 And that actually catalyzed the entire industry to go, hey, this 101 00:04:45,000 --> 00:04:47,960 identity thing seems real is now a public company that's, you 102 00:04:47,960 --> 00:04:51,200 know, an identity provider. And every one of the partners we 103 00:04:51,200 --> 00:04:53,360 had. So we, we took, we took a very 104 00:04:53,360 --> 00:04:54,760 cloud forward approach to things. 105 00:04:54,760 --> 00:04:57,600 We weren't trying to tie back to traditional LDAP systems. 106 00:04:57,600 --> 00:05:01,200 We were looking at HR systems, we were looking at skim, we were 107 00:05:01,200 --> 00:05:04,560 looking at Google Cloud as identity sources to allow you to 108 00:05:04,560 --> 00:05:07,400 authenticate. And so these partners all 109 00:05:07,400 --> 00:05:09,360 reached out to us and we actually ended up selling the 110 00:05:09,360 --> 00:05:12,720 company to Google and that became part of Google Cloud 111 00:05:12,720 --> 00:05:16,520 identity, which is their single sign on provisioning directory 112 00:05:16,520 --> 00:05:18,800 sync product. And I, I ran a big chunk of the 113 00:05:19,200 --> 00:05:21,560 single sign on portion directory sync for about two years at 114 00:05:21,560 --> 00:05:24,720 Google as Scott came along to and worked a bunch of 115 00:05:24,800 --> 00:05:27,600 interesting things. So that's kind of how I got in 116 00:05:27,600 --> 00:05:29,400 the identity space. I guess, you know, prior to that 117 00:05:29,400 --> 00:05:32,440 I was just doing software, various kind of enterprise 118 00:05:32,440 --> 00:05:36,480 software and it just it, it made sense to us and been on that 119 00:05:36,480 --> 00:05:39,520 journey ever since. So as a recovering fantasy 120 00:05:39,520 --> 00:05:42,280 football player, I don't know if I should be shaking your hand or 121 00:05:42,520 --> 00:05:45,920 trying to tear it off because I've had good and bad seasons. 122 00:05:45,920 --> 00:05:47,840 But I won't go over there with this one. 123 00:05:47,840 --> 00:05:51,160 I introduced you as ACPO and that's a chief product officer. 124 00:05:51,600 --> 00:05:54,320 Tell me about that role. What is what is ACPO? 125 00:05:54,480 --> 00:05:56,640 And tell me a little bit like what is a normal day? 126 00:05:56,640 --> 00:05:59,440 And maybe it's a normal week or average week, whatever you want 127 00:05:59,440 --> 00:06:04,640 is portrayed as it's a so at signal. 128 00:06:04,640 --> 00:06:07,440 What I do as a chief product officer is I oversee. 129 00:06:08,520 --> 00:06:10,600 Both the engineering team and the product team. 130 00:06:10,600 --> 00:06:14,560 So I have very solid product lead and engineering lead 131 00:06:14,560 --> 00:06:17,240 underneath me and they take care of their respective teams, make 132 00:06:17,240 --> 00:06:20,120 sure things get built, make sure our products released, talk to 133 00:06:20,120 --> 00:06:23,960 customers, be happy. My job is really actually the 134 00:06:24,000 --> 00:06:26,600 way I formulated is to talk to a lot of customers. 135 00:06:26,600 --> 00:06:28,560 I try to talk to as many customers during the week as 136 00:06:28,560 --> 00:06:30,120 possible. I try to go along on sales 137 00:06:30,120 --> 00:06:32,080 calls. I try to talk to customers that 138 00:06:32,080 --> 00:06:34,400 have been deployed, what are their problems? 139 00:06:34,400 --> 00:06:37,560 And I try to, I'm trying to kind of see around the corner like 140 00:06:37,560 --> 00:06:40,200 what's coming next? Like when someone says something 141 00:06:40,200 --> 00:06:43,480 interesting or customer A says, hey, I want this sort of, I'm 142 00:06:43,480 --> 00:06:46,920 trying to solve these problems and customer B will probably 143 00:06:46,920 --> 00:06:48,760 tell me they're trying to solve completely different problems. 144 00:06:48,760 --> 00:06:52,000 But I realized there's some Venn diagram overlap between those 145 00:06:52,000 --> 00:06:54,440 things. I'm like, OK, my ears will perk 146 00:06:54,440 --> 00:06:57,040 up and I'll bring that back to the team and we'll work on, OK, 147 00:06:57,040 --> 00:06:59,280 how do we develop that? How do we turn that into product 148 00:06:59,360 --> 00:07:03,600 road map and product features? So I think my job is to listen 149 00:07:03,600 --> 00:07:06,560 as much as possible to the market, reflect that back 150 00:07:06,560 --> 00:07:09,360 internally and then take what the teams are coming up with too 151 00:07:09,560 --> 00:07:11,160 and bring it out and say, Hey, what do you think? 152 00:07:11,200 --> 00:07:14,320 You know, customer X, what do you think of this sort of thing? 153 00:07:14,320 --> 00:07:16,560 We built something like this. Is this interesting? 154 00:07:17,080 --> 00:07:20,480 And then for pre sales, the customers who have we're not 155 00:07:20,480 --> 00:07:24,640 working with yet. So prospects, I guess see if it 156 00:07:24,640 --> 00:07:26,840 fits them. Where are they on their journey 157 00:07:26,840 --> 00:07:29,160 in the identity space? What we're building at signals 158 00:07:29,160 --> 00:07:31,880 pretty new. And so there's a lot of 159 00:07:31,880 --> 00:07:34,920 education in the market. It's it's there's definitely 160 00:07:34,920 --> 00:07:37,760 people out there who are way more advanced than we are in 161 00:07:37,760 --> 00:07:39,480 their thinking and they're like, yes, this is what we've been 162 00:07:39,480 --> 00:07:43,000 looking for, but there's also a lot there like what is signal to 163 00:07:43,000 --> 00:07:45,000 wait? Like, isn't that some messaging 164 00:07:45,000 --> 00:07:45,840 app? Like what do you guys? 165 00:07:45,840 --> 00:07:50,200 Do so I want to start up with how did you get the company name 166 00:07:50,200 --> 00:07:53,760 together there SGNL signal like how did you come up with that? 167 00:07:54,840 --> 00:07:58,400 So Wes, we're thinking through this what we're now calling 168 00:07:58,400 --> 00:08:04,440 continuous identity back in just probably mid 2021, we were about 169 00:08:04,440 --> 00:08:08,600 to leave Google. We were Scott and I were sitting 170 00:08:08,600 --> 00:08:09,440 down. We're like, hey, what do you 171 00:08:09,440 --> 00:08:12,680 want to call this company? And we start thinking about this 172 00:08:12,680 --> 00:08:17,600 is broadly in the authorization space where post login. 173 00:08:17,600 --> 00:08:21,240 So we're not dealing with who the user is, not that part of 174 00:08:21,240 --> 00:08:23,640 identity. We're the what can the user do 175 00:08:23,640 --> 00:08:27,040 now once we know who they are that side of identity. 176 00:08:27,760 --> 00:08:31,560 And a lot of what we thought about was this is a game of what 177 00:08:31,560 --> 00:08:34,120 signals can you get in from existing systems? 178 00:08:34,440 --> 00:08:36,960 Can you get threat intelligence? Can you get signals from 179 00:08:36,960 --> 00:08:40,480 directories? Like thinking about as big way 180 00:08:40,480 --> 00:08:43,080 of meshing the data together that's already living in the 181 00:08:43,080 --> 00:08:46,440 enterprise and pulling it into a sort of what we now call a 182 00:08:46,440 --> 00:08:48,360 fabric. Like bringing all those 183 00:08:48,360 --> 00:08:51,560 relationships together to be able to understand what are 184 00:08:51,560 --> 00:08:53,800 people allowed to be doing at this moment in time. 185 00:08:54,400 --> 00:08:57,560 And so we knew we only used the word signal somewhere in the 186 00:08:57,560 --> 00:08:59,640 name. So I, we spent probably like 2 187 00:08:59,640 --> 00:09:02,760 weeks just texting random names back and forth to each other. 188 00:09:02,760 --> 00:09:04,760 Like what do you think of this? What do you think of that? 189 00:09:05,240 --> 00:09:08,680 And we'd then go look to see if the domain name is available. 190 00:09:08,680 --> 00:09:13,000 So eventually we came up with like, hey, if we take the word 191 00:09:13,000 --> 00:09:16,000 signal, I think I, I came up with this and remove the vowels 192 00:09:16,000 --> 00:09:18,040 from it. That's a short, that's a nice 193 00:09:18,040 --> 00:09:22,200 short domain name. sgnl.com. Somebody's got that and 194 00:09:22,200 --> 00:09:25,240 squatting on it. O dot AI. 195 00:09:25,240 --> 00:09:29,160 Let's do that then. This was pre open AI, like there 196 00:09:29,160 --> 00:09:32,920 wasn't ChatGPT at this point and coming from Google DNA or like, 197 00:09:33,080 --> 00:09:35,200 OK, machine learning AI stuff, that's a thing. 198 00:09:35,480 --> 00:09:38,640 And eventually, you know, we want to bring some of that into 199 00:09:39,160 --> 00:09:41,880 this system. So yeah, let's go with SGNL dot 200 00:09:41,880 --> 00:09:43,520 AI. Like that kind of encapsulates 201 00:09:43,520 --> 00:09:49,000 it. Some point later, one of our 202 00:09:49,000 --> 00:09:52,160 customers pointed out to me, like, do you realize that you 203 00:09:52,160 --> 00:09:54,160 just took the vowels out of the word signal and moved them to 204 00:09:54,160 --> 00:09:57,680 the dot after the dot? I'm like, yes, I'm really 205 00:09:57,680 --> 00:09:59,680 brilliant. No, I did not realize that. 206 00:10:00,800 --> 00:10:02,760 Yes, of course. Yes, we planned that all along. 207 00:10:02,800 --> 00:10:03,880 It's an. It's an anagram. 208 00:10:03,880 --> 00:10:05,680 Don't you get it? Yeah. 209 00:10:06,120 --> 00:10:08,360 We should also say Head of marketing then. 210 00:10:08,360 --> 00:10:10,560 I don't know. You know, you probably have one 211 00:10:10,560 --> 00:10:12,160 of those and I don't. Want we do. 212 00:10:12,600 --> 00:10:16,680 Steal from that person. So, you know, usually Eric, or I 213 00:10:16,680 --> 00:10:23,160 should say always when somebody has an idea for a company, a 214 00:10:23,160 --> 00:10:26,560 solution, it's a solution to a problem. 215 00:10:26,880 --> 00:10:28,920 So what is the? What is the problem that you 216 00:10:28,920 --> 00:10:31,600 guys are solving? Yeah, absolutely. 217 00:10:32,400 --> 00:10:36,680 So a lot of this has some roots inside when we were together at 218 00:10:36,680 --> 00:10:38,760 Google. So Scott and I were both there. 219 00:10:39,200 --> 00:10:42,720 You know, after we came in two years of stabilizing the 220 00:10:42,720 --> 00:10:47,400 acquisition, Scott took a role inside Google to look at how do 221 00:10:47,400 --> 00:10:49,960 you deal with authorization across the entire platform. 222 00:10:49,960 --> 00:10:53,840 So this is everything from like Waymo to Google Maps to ads to 223 00:10:53,960 --> 00:10:57,560 Nest, you know, every subsidiary that Google owns. 224 00:10:57,800 --> 00:10:59,960 How do you deal with policy across the board on that? 225 00:11:00,480 --> 00:11:04,280 And I was spending a lot of time with who's now our CTO, Otto, 226 00:11:04,920 --> 00:11:07,920 And he was wanting to propose this thing that is now we call 227 00:11:07,920 --> 00:11:11,040 Cape Continuous Access Evaluation Profile. 228 00:11:11,680 --> 00:11:13,680 And he wrote a blog on that. I actually was the guy who 229 00:11:13,680 --> 00:11:15,800 approved the blog being published in 2019. 230 00:11:15,800 --> 00:11:17,720 His manager came to me and said, does this make sense? 231 00:11:17,960 --> 00:11:19,600 I'm like, Yep, that is brilliant. 232 00:11:19,600 --> 00:11:23,040 I want to talk to this Otto guy. And so we were thinking about 233 00:11:23,040 --> 00:11:26,520 these these problems, specifically what Scott, the 234 00:11:26,520 --> 00:11:29,320 pain points Scott was being asked to solve is Google has, 235 00:11:29,320 --> 00:11:31,400 you know, they've got a couple engineers they can they can do 236 00:11:31,400 --> 00:11:34,440 some stuff over there. And they've built for themselves 237 00:11:34,440 --> 00:11:37,200 pretty much every possible type of security and identity 238 00:11:37,200 --> 00:11:40,760 technology and probably own licensing to have like all the 239 00:11:40,760 --> 00:11:43,440 other ones anyway. But they ran into this issue 240 00:11:43,440 --> 00:11:45,760 where, you know, for geopolitical reasons, they 241 00:11:45,760 --> 00:11:49,480 wanted to lock down user access in Hong Kong. 242 00:11:49,680 --> 00:11:54,600 And they want to lock it down so that only customer data for 243 00:11:54,600 --> 00:11:57,360 customers that were located their headquarters are in Hong 244 00:11:57,360 --> 00:11:59,560 Kong could be accessed by employees who are assigned to 245 00:11:59,560 --> 00:12:02,160 work in their very big building in Hong Kong at the time and 246 00:12:02,160 --> 00:12:05,320 probably still do. There are a lot of engineering 247 00:12:05,320 --> 00:12:08,120 teams from different parts of the company working in that 248 00:12:08,120 --> 00:12:12,200 building. And so how do you actually do 249 00:12:12,200 --> 00:12:14,000 that? And it sounds like a simple 250 00:12:14,000 --> 00:12:16,600 problem, but it actually gets complicated is like, how do you 251 00:12:16,600 --> 00:12:18,560 know the customer's base there? How do you know it's the 252 00:12:18,560 --> 00:12:19,880 headquarters? How do you know the users not 253 00:12:19,880 --> 00:12:24,000 just like passing through temporarily and then office, 254 00:12:24,000 --> 00:12:25,800 they don't actually work this. You have to pull all these data 255 00:12:25,800 --> 00:12:27,880 feeds in to be able to solve those kinds of problems. 256 00:12:28,280 --> 00:12:30,040 And it wasn't something that could be done quickly. 257 00:12:30,200 --> 00:12:32,520 And obviously, you know, geopolitics doesn't move fast, 258 00:12:32,520 --> 00:12:35,760 but it does move, you know, in weeks, not in years. 259 00:12:36,200 --> 00:12:40,120 And so realize, hey, this is a probably a blind spot to our 260 00:12:40,120 --> 00:12:42,360 systems that we can't do policy fast. 261 00:12:43,120 --> 00:12:45,400 How do we solve that? Hey Scott, you seem like the 262 00:12:45,400 --> 00:12:47,160 delusional entrepreneurial type of guy. 263 00:12:47,640 --> 00:12:49,960 Can you solve this? And so he went off and, and they 264 00:12:49,960 --> 00:12:51,960 built this platform for like 2 years or so. 265 00:12:52,480 --> 00:12:54,920 And when he got done with it, I was comparing notes with him 266 00:12:54,920 --> 00:12:57,720 because I had been always kind of interested in the post 267 00:12:58,120 --> 00:12:59,920 authentication, the post login problem. 268 00:12:59,920 --> 00:13:02,880 Like how do you know what people are supposed to do right now? 269 00:13:03,440 --> 00:13:06,240 Atul is obviously interested in this too with Cape being focused 270 00:13:06,240 --> 00:13:09,240 on session transitions. And so we were comparing notes 271 00:13:09,240 --> 00:13:12,200 like that seems like a really good problem to solve. 272 00:13:12,200 --> 00:13:14,200 It doesn't seem like there's, you know, but is this just a, 273 00:13:14,640 --> 00:13:18,280 something that you have to be Google or you have to be Amazon 274 00:13:18,280 --> 00:13:22,040 to have these, this is that big of a scale issue or do sort of 275 00:13:22,040 --> 00:13:24,960 mere mortal enterprises actually have this problem? 276 00:13:24,960 --> 00:13:28,240 So we went out, we talked to some CSO's at large companies, 277 00:13:28,240 --> 00:13:31,680 like, what are you all doing? And the answer we got back to 278 00:13:31,680 --> 00:13:34,600 them was like, there's nothing good in the space that does this 279 00:13:34,600 --> 00:13:35,800 for us. We were probably going to 280 00:13:35,920 --> 00:13:38,840 assemble a team of people together and do this ourselves. 281 00:13:39,880 --> 00:13:41,720 That's enough. We were at the time where we had 282 00:13:41,720 --> 00:13:42,800 this sort of stick around at Google. 283 00:13:42,800 --> 00:13:46,440 So like, hey, let's quit our jobs next week and let's go 284 00:13:46,440 --> 00:13:49,400 found a company. You know, let's let's get the 285 00:13:49,400 --> 00:13:51,360 band back together. So that's what we did. 286 00:13:52,520 --> 00:13:55,520 So many questions based on what you said, and I'm going to stick 287 00:13:55,520 --> 00:13:59,760 with the one that we entered the show with and talked about this 288 00:13:59,760 --> 00:14:03,840 term, continuous identity. I mean, it has so much meaning 289 00:14:03,840 --> 00:14:10,160 to me and it's something that has been, you know, needed for 290 00:14:10,160 --> 00:14:12,960 such a long time. But I wanted you to get want to 291 00:14:12,960 --> 00:14:16,440 give you an opportunity to put in your words what is meant by 292 00:14:16,440 --> 00:14:20,160 continuous identity. What is the the dream behind 293 00:14:20,160 --> 00:14:25,280 that? Yeah, it's a great question for 294 00:14:25,280 --> 00:14:29,080 continuous identity and I'm really glad the market's 295 00:14:29,080 --> 00:14:31,320 starting to, you know, customers are starting to use this 296 00:14:31,320 --> 00:14:33,840 terminology. I heard it a lot at Identiverse 297 00:14:33,840 --> 00:14:36,080 this year. I've heard it come up in just 298 00:14:36,080 --> 00:14:39,600 natural conversations now because it hasn't had a name. 299 00:14:39,600 --> 00:14:43,160 In some ways I think of it if if you think of the kind of 300 00:14:43,160 --> 00:14:47,760 asynchronous, always on sharing first architecture that 301 00:14:47,760 --> 00:14:51,000 something like Cape and the shared signals framework 302 00:14:52,280 --> 00:14:56,080 envisions being there. Continuous identity is kind of 303 00:14:56,080 --> 00:14:59,720 that solution. It is continuous identity is the 304 00:14:59,720 --> 00:15:03,880 idea that you should be always pulling in signals and 305 00:15:03,880 --> 00:15:07,040 information from your systems and they should be evaluating 306 00:15:07,040 --> 00:15:09,800 that in real time whenever a user's doing something. 307 00:15:10,080 --> 00:15:12,520 And on top of that, you should be broadcasting it back out so 308 00:15:12,520 --> 00:15:14,880 everybody knows about it, all the other systems know about it. 309 00:15:15,240 --> 00:15:21,040 So really simple example is, and I guess I should add, time is 310 00:15:21,040 --> 00:15:23,080 important to this, right, The time factor. 311 00:15:23,080 --> 00:15:26,280 And we'd often think, don't think about time when we think 312 00:15:26,280 --> 00:15:29,160 about identity policies. We should think in terms of more 313 00:15:29,160 --> 00:15:31,680 what I call static access. Like I can do a thing. 314 00:15:32,280 --> 00:15:35,240 But now really you want to ask like I can do a thing right now. 315 00:15:35,520 --> 00:15:41,040 So imagine your dev OPS and you're supposed to go out, You 316 00:15:41,040 --> 00:15:43,120 know, today's the day I'm supposed to go to AWS and I'm 317 00:15:43,120 --> 00:15:47,600 supposed to do ADNS update to deploy some new system into 318 00:15:47,600 --> 00:15:49,600 production. Or maybe I'm supposed to do it 319 00:15:49,600 --> 00:15:53,680 in staging it better. And I go there and I have 320 00:15:53,680 --> 00:15:56,200 access. And now as soon as I get into 321 00:15:56,200 --> 00:16:01,120 that environment, I realize like, hey, I have, I'm waiting 322 00:16:01,120 --> 00:16:03,680 for something to happen. I click a link and I'm boom, 323 00:16:03,680 --> 00:16:06,920 I've got malware on my device. I still have that session open. 324 00:16:06,920 --> 00:16:09,240 That malware might be harvesting those credentials, getting me in 325 00:16:09,240 --> 00:16:11,400 there. There's systems. 326 00:16:11,400 --> 00:16:13,800 Crowdstrike does a great job of detecting those sorts of things. 327 00:16:13,800 --> 00:16:21,040 But how does Crowdstrike tell my IDP to tell AWS that it should 328 00:16:21,040 --> 00:16:24,560 cut me off? Or let's say I'm actually not 329 00:16:24,560 --> 00:16:26,760 supposed to be in. I was supposed to be in staging 330 00:16:27,040 --> 00:16:29,560 making this change, the prep for next week's production release, 331 00:16:29,880 --> 00:16:31,880 and I accidentally clicked on the tile for production. 332 00:16:31,880 --> 00:16:34,280 And now because I am the guy that deploys the production and 333 00:16:34,280 --> 00:16:36,800 I'm in production, I make this change too and I break things. 334 00:16:37,320 --> 00:16:40,840 All these problems have to do with standing axis and a problem 335 00:16:40,840 --> 00:16:43,840 of not sharing information. So you think of continuous 336 00:16:43,840 --> 00:16:47,560 identity as, hey, we pull the data in real time from systems, 337 00:16:48,080 --> 00:16:54,200 we react to that changing state. You were OK from a crowd strike 338 00:16:54,200 --> 00:16:56,080 point of view. You're no longer OK now from a 339 00:16:56,080 --> 00:16:58,480 crowd strike point of view or you're on call this week, you're 340 00:16:58,480 --> 00:17:00,880 not on call this week or you're supposed to be the tickets for 341 00:17:00,880 --> 00:17:04,119 staging in service now, the tickets for production, 342 00:17:04,119 --> 00:17:05,640 ServiceNow, these are all state changes. 343 00:17:06,079 --> 00:17:11,640 And when that state or better, I think for a, a less nerdy way of 344 00:17:11,640 --> 00:17:15,240 saying that is, you know, think about context, the context of me 345 00:17:15,240 --> 00:17:19,280 doing my job, that changes our identity system should react to 346 00:17:19,280 --> 00:17:22,359 that. This is a really common concept 347 00:17:22,359 --> 00:17:24,720 in the kind of cybersecurity land. 348 00:17:24,960 --> 00:17:29,160 We have threat detection and automation and sores and Sims 349 00:17:29,160 --> 00:17:31,880 and all these tools. How do you bring that into the 350 00:17:31,880 --> 00:17:33,440 identity play? And then how do you have the 351 00:17:33,440 --> 00:17:34,680 identity? And for the security side, 352 00:17:34,680 --> 00:17:37,280 these, you know, we've been treating these two industries as 353 00:17:37,280 --> 00:17:39,680 separate for a really long time and I see them really kind of 354 00:17:39,680 --> 00:17:45,600 converging. Yeah, I mean, the the podcast 355 00:17:45,600 --> 00:17:48,600 name identity at the center has been all about the story that 356 00:17:48,600 --> 00:17:51,120 you just relayed there. You know, I think a lot of 357 00:17:51,120 --> 00:17:55,360 people think, OK, well, identity is new perimeter identity center 358 00:17:55,360 --> 00:17:58,240 is kind of a play on that. But it's really that the 359 00:17:58,240 --> 00:18:02,600 identity and what's happening in all these systems kind of comes 360 00:18:02,600 --> 00:18:04,400 back to the center and drives things. 361 00:18:04,400 --> 00:18:08,040 Because you made a great point there about, OK, crowd strike 362 00:18:08,040 --> 00:18:11,080 detects us. Does that information just kind 363 00:18:11,080 --> 00:18:15,280 of die there or does that become identity data that comes back to 364 00:18:15,280 --> 00:18:17,680 the center? And I think, I think where we're 365 00:18:17,680 --> 00:18:22,960 going with this is that then that data becomes usable for 366 00:18:23,160 --> 00:18:27,800 making smart identity decisions. And not only just making smart 367 00:18:27,800 --> 00:18:31,600 decisions or throwing information on a dashboard, but 368 00:18:31,600 --> 00:18:35,160 in real time saying this is a session that looks like it's 369 00:18:35,800 --> 00:18:38,720 from an identity that's been compromised over here. 370 00:18:39,120 --> 00:18:43,160 Let's do something about, let's temporarily shut off access, for 371 00:18:43,160 --> 00:18:45,200 example. Is that kind of what you're 372 00:18:45,200 --> 00:18:47,560 getting at exactly? Exactly. 373 00:18:48,000 --> 00:18:51,320 It's that idea of like and I, I like to think about it as that 374 00:18:51,320 --> 00:18:54,920 identity comes from the perimeters back to the center 375 00:18:54,920 --> 00:18:58,320 and then is processed mixed with other information from other, 376 00:18:58,440 --> 00:19:00,840 other systems and then rebroadcast back out. 377 00:19:01,160 --> 00:19:05,560 So not only are you getting all these superpowers of I can do 378 00:19:05,560 --> 00:19:08,920 things in real time, I can take all this rich information that 379 00:19:09,080 --> 00:19:12,440 we, hey, we already have inside the company and I can make 380 00:19:12,440 --> 00:19:14,440 better use of it. But you actually make all your 381 00:19:14,440 --> 00:19:17,520 other products better too. Because suddenly your, let's 382 00:19:17,520 --> 00:19:21,000 call it your Okta instance or your Entre instance is suddenly 383 00:19:21,560 --> 00:19:24,640 a lot smarter because now it's getting data feeds piped into it 384 00:19:24,640 --> 00:19:27,360 from your Crowdstrike solutions. And Crowdstrike's smarter 385 00:19:27,360 --> 00:19:32,320 because it sees somebody's probing at the at the IDP and it 386 00:19:32,320 --> 00:19:35,080 can bring that stuff back into Crowdstrike or bring it to a 387 00:19:35,080 --> 00:19:37,600 sore. And you can run a playbook 388 00:19:37,600 --> 00:19:40,280 against that saying, hey, well, if Jim's keeps hitting the thing 389 00:19:40,280 --> 00:19:45,160 that says deny, deny, deny repetitively, maybe that's not 390 00:19:45,160 --> 00:19:47,400 Jim doing that. That's right. 391 00:19:47,800 --> 00:19:49,560 Yeah. And by the way, so we you said 392 00:19:49,560 --> 00:19:52,160 there with identity is at the perimeter comes back to the 393 00:19:52,160 --> 00:19:53,880 center that goes back out to the perimeter. 394 00:19:54,160 --> 00:19:57,400 We thought of that as a podcast name, but we decided just to go 395 00:19:57,400 --> 00:19:59,600 with Identity center. It's a little long. 396 00:19:59,600 --> 00:20:01,280 Yeah. It's a little long. 397 00:20:01,520 --> 00:20:07,360 It's hard to search for, but yeah, kind of what I wanted to 398 00:20:07,360 --> 00:20:10,360 get at is something that I think you're talking about. 399 00:20:11,960 --> 00:20:16,240 And for me, this has been one of my big questions about Signal is 400 00:20:16,520 --> 00:20:20,520 what are the systems that you want to collect this data from? 401 00:20:20,880 --> 00:20:23,600 You met your crowd strike. Give us some more examples. 402 00:20:23,880 --> 00:20:27,520 Yeah, absolutely. So there's probably 3 big 403 00:20:27,520 --> 00:20:29,720 categories of data. I'd say there's traditional 404 00:20:29,720 --> 00:20:32,160 identity data. So think your directories, your 405 00:20:32,240 --> 00:20:38,120 HR systems, your groups policy information, that's all identity 406 00:20:38,120 --> 00:20:40,280 data. There's security data. 407 00:20:40,280 --> 00:20:44,400 So your crowd strikes, I'd say your device compliance data, if 408 00:20:44,400 --> 00:20:48,560 you have a device management platform, if you like a jam for 409 00:20:48,560 --> 00:20:52,240 an Intune, it's that's the security feeds. 410 00:20:52,560 --> 00:20:54,960 Maybe you've got other sources of data, other types of 411 00:20:54,960 --> 00:20:56,960 telemetry that you've wired up in the enterprise. 412 00:20:57,720 --> 00:21:00,920 Maybe you've got VPN logs or something if you're still using 413 00:21:00,920 --> 00:21:03,440 that type of topology. And then you get your 414 00:21:03,440 --> 00:21:05,840 operational data. This is your tickets, your 415 00:21:05,840 --> 00:21:09,200 ServiceNow, your pager duty. Hey, I'm on call this week. 416 00:21:09,200 --> 00:21:10,520 I'm the guy that's supposed to be going in there. 417 00:21:11,360 --> 00:21:14,600 If I'm not on call, well, I shouldn't be able to get access 418 00:21:14,600 --> 00:21:18,120 to things. Or if I'm on vacation, you know, 419 00:21:18,160 --> 00:21:20,200 unless I'm working for that kind of company where I'm should be 420 00:21:20,200 --> 00:21:24,440 dialing in from Hawaii to do my do my work mostly, I probably 421 00:21:24,440 --> 00:21:27,520 shouldn't have access. Because if, if I'm coming in and 422 00:21:27,520 --> 00:21:31,640 work day says I'm actually out of office right now without any 423 00:21:31,640 --> 00:21:33,720 other information, you should probably assume that I'm an 424 00:21:33,720 --> 00:21:35,800 attacker. But I'm not actually me. 425 00:21:36,040 --> 00:21:38,440 But somehow I've been compromised or from suddenly 426 00:21:38,440 --> 00:21:40,880 coming from a strange IP address I've never shown up before in a 427 00:21:40,880 --> 00:21:45,120 browser you've never seen. So it's that type of business 428 00:21:45,120 --> 00:21:48,520 telemetry and all these things exist in the enterprise. 429 00:21:48,520 --> 00:21:52,000 We just stick them in silos and don't ever talk to them again. 430 00:21:53,520 --> 00:21:58,000 So that concept of silos leads me to a very interesting 431 00:21:58,000 --> 00:22:01,040 question. I think is the concept of data, 432 00:22:01,840 --> 00:22:06,640 is stale better stale data better than no data or is no 433 00:22:06,640 --> 00:22:09,000 data better than stale data data, I can't even say it 434 00:22:09,000 --> 00:22:12,080 correctly, you know, but the better or stale data or no data, 435 00:22:12,080 --> 00:22:16,240 like what is what is the thought process behind that I think? 436 00:22:17,080 --> 00:22:19,360 I usually try to flip this around when when customers bring 437 00:22:19,360 --> 00:22:22,440 this up and I say, let's start with the policy instead. 438 00:22:22,720 --> 00:22:25,280 What are you trying to accomplish and how if you had 439 00:22:25,280 --> 00:22:27,560 like write that down, like literally write it down a piece 440 00:22:27,560 --> 00:22:30,640 of paper. I only want on call engineers 441 00:22:31,000 --> 00:22:33,240 who have a ticket assigned to them to go to a production 442 00:22:33,240 --> 00:22:34,880 system. That's like the most basic 443 00:22:34,880 --> 00:22:37,960 policy a company's going to have that gets them in trouble. 444 00:22:38,320 --> 00:22:40,640 I think no one thinks their cloud systems are the most 445 00:22:40,640 --> 00:22:44,440 secure they could be in that scenario. 446 00:22:44,440 --> 00:22:45,640 How would you go about proving that? 447 00:22:45,920 --> 00:22:48,760 Forget real time. Forget non real time. 448 00:22:48,760 --> 00:22:51,480 Like actually, literally like if you had the if your job was to 449 00:22:51,480 --> 00:22:54,960 go check out if Jeff's allowed to be in this system right now 450 00:22:55,200 --> 00:22:58,160 by manually checking things, what systems would you go to? 451 00:22:58,720 --> 00:23:00,720 OK, I need to know about tickets. 452 00:23:00,720 --> 00:23:02,040 I I where would I go? Service. 453 00:23:02,040 --> 00:23:04,840 Now I have some data there. Do I need all the data to be 454 00:23:04,840 --> 00:23:08,880 perfect over in ServiceNow? No, I need some basic ticket 455 00:23:08,880 --> 00:23:11,680 information available to me. Maybe I need a process that I 456 00:23:11,680 --> 00:23:13,880 actually open tickets. But that's your policy. 457 00:23:13,880 --> 00:23:16,000 I hope you're following your policy or else you've got 458 00:23:16,000 --> 00:23:19,920 different problems. Do I need to go look at device 459 00:23:19,920 --> 00:23:20,720 compliance? Yes. 460 00:23:20,720 --> 00:23:22,320 OK. Like, should people be in the 461 00:23:22,320 --> 00:23:27,680 production system if they're on their old unpatched Windows 2000 462 00:23:27,680 --> 00:23:29,560 laptop that's sitting in their garage? 463 00:23:30,040 --> 00:23:32,440 No, I probably want them to be on a company managed defeat 464 00:23:32,440 --> 00:23:35,400 machine if I'm letting them do really serious things. 465 00:23:35,400 --> 00:23:40,120 So I'd say you need some data. You need to have a good handle 466 00:23:40,120 --> 00:23:42,720 on your data, probably more than you need to have good data. 467 00:23:43,360 --> 00:23:45,640 Knowledge of data is probably the number one thing. 468 00:23:45,720 --> 00:23:51,360 Just where are the systems? You can paper over quite a bit 469 00:23:51,920 --> 00:23:55,920 by taking data from multiple systems and then organizing and 470 00:23:55,920 --> 00:23:58,240 then signal helps you kind of stitch it all together. 471 00:23:58,560 --> 00:24:00,000 And that creates a lot of power for you. 472 00:24:00,200 --> 00:24:02,760 It doesn't need to be perfect. It doesn't all need to be 473 00:24:02,760 --> 00:24:05,680 pristine. But if you know the different 474 00:24:05,680 --> 00:24:08,480 systems that you you'd use to force your policy, like if you 475 00:24:08,480 --> 00:24:12,480 can put your hands on that manually, then you can start. 476 00:24:12,480 --> 00:24:14,920 And I think that's a better position than just saying, oh, 477 00:24:14,920 --> 00:24:17,520 it's all in these silos. And I just not like, I, I don't 478 00:24:17,520 --> 00:24:18,760 know, I'm not even going to go after it. 479 00:24:18,760 --> 00:24:23,000 I'm not even going to try. So Eric, it seems to me what 480 00:24:23,480 --> 00:24:26,960 you're talking about here is that most of the signal data 481 00:24:26,960 --> 00:24:31,640 that you get the most value from is from your own IT systems, 482 00:24:31,640 --> 00:24:37,800 whether they're stash systems. So what about getting data from 483 00:24:37,800 --> 00:24:43,120 like big ID PS, like a Facebook or something like that? 484 00:24:43,440 --> 00:24:46,280 Does that make any sense? Does it, do you ever see a 485 00:24:46,280 --> 00:24:49,760 future where it's like, you know, you're you're getting this 486 00:24:49,760 --> 00:24:52,360 from a broker, in other words, you're plugging into some kind 487 00:24:52,360 --> 00:24:57,440 of central broker data hub, or does that just go against what 488 00:24:57,440 --> 00:25:01,560 you're trying to achieve? I, I, I like to be more agnostic 489 00:25:01,560 --> 00:25:03,000 about where the data might come from. 490 00:25:03,000 --> 00:25:05,640 I think the easy, the low hanging fruit is your internal 491 00:25:05,640 --> 00:25:13,320 systems, but you know, it's a sibling standard to Cape is 492 00:25:13,320 --> 00:25:16,520 Risk, which is for account takeover feeds and Google 493 00:25:16,520 --> 00:25:19,600 publishes one and the US government publishes one for 494 00:25:19,760 --> 00:25:21,720 account takeovers. That's reasonable. 495 00:25:21,720 --> 00:25:25,040 If you're dealing with consumer identities, that might be handy 496 00:25:25,040 --> 00:25:28,160 to, to grab that data feed and use that in your policies. 497 00:25:28,560 --> 00:25:33,120 There's lots of sources of IP reputation, data, threat 498 00:25:33,120 --> 00:25:36,000 signatures, there's lots of vendors of that information. 499 00:25:36,360 --> 00:25:39,960 And so I think for the the enterprise use case or the 500 00:25:39,960 --> 00:25:43,000 second party like the contractors, vendors, use cases, 501 00:25:43,400 --> 00:25:44,880 your internal systems are great for that. 502 00:25:45,360 --> 00:25:48,840 For consumer use cases, which we're starting to see some more 503 00:25:48,840 --> 00:25:51,360 customers tiptoe towards building those sorts of things, 504 00:25:51,640 --> 00:25:54,800 Yeah, they might be good public sets mixing it all together. 505 00:25:54,800 --> 00:25:58,640 Those the real, the real power comes from, because the more you 506 00:25:58,640 --> 00:26:01,760 layer into the system, the more you map out the connectivity, 507 00:26:02,440 --> 00:26:04,720 just this gets exponentially more powerful for you. 508 00:26:05,560 --> 00:26:08,960 You have a lot more capabilities as you start to expand the 509 00:26:08,960 --> 00:26:11,040 network of data that's coming into this. 510 00:26:11,040 --> 00:26:12,760 What you know, we think of it, we call it the identity data 511 00:26:12,760 --> 00:26:14,040 fabric. It's stitching. 512 00:26:14,040 --> 00:26:16,160 You've got to weave all those threads in together. 513 00:26:16,360 --> 00:26:19,280 So I'd say, yeah, I can see a world where there's going to be 514 00:26:19,280 --> 00:26:21,120 public feeds. I don't necessarily think I'd 515 00:26:21,120 --> 00:26:23,200 see a world where that's the only source of feeds. 516 00:26:23,600 --> 00:26:25,640 Companies are always going to have their internal systems. 517 00:26:25,640 --> 00:26:27,680 They're going to have their home grown things and they're going 518 00:26:27,680 --> 00:26:30,000 to want to use those for their own business reasons. 519 00:26:31,480 --> 00:26:35,960 I'd love that. Answer So one more, which is, 520 00:26:36,080 --> 00:26:40,440 you know, around kind of whose signals built for, is it built 521 00:26:40,440 --> 00:26:43,080 for? You know, who's going to use it? 522 00:26:43,360 --> 00:26:48,080 I, I, I'd love the answer if it would be IAM practitioner. 523 00:26:48,360 --> 00:26:52,840 I also think the role of the IAM practitioner is expanding, but 524 00:26:53,640 --> 00:26:57,920 where in the organization do you see folks getting excited about 525 00:26:57,920 --> 00:27:02,520 this and kind of reaching out to you and you know, being 526 00:27:02,520 --> 00:27:05,240 interested in the product and potentially buying on? 527 00:27:06,640 --> 00:27:08,760 I'll, I'll make your day at the identity partitioners. 528 00:27:08,800 --> 00:27:11,120 It's really the IAM architects that we see. 529 00:27:11,520 --> 00:27:16,640 We, we deliberately designed signal though to handle two 530 00:27:16,640 --> 00:27:18,360 different personas in the organization. 531 00:27:18,840 --> 00:27:21,800 So the identity partitioner is the main operator. 532 00:27:21,800 --> 00:27:27,000 They, the architect, they manage the system, they define, we call 533 00:27:27,000 --> 00:27:29,560 them policy snippets inside the system. 534 00:27:29,840 --> 00:27:31,160 Think of them as like they're the nouns. 535 00:27:31,160 --> 00:27:34,080 So they've built the Lego building blocks that we use to 536 00:27:34,080 --> 00:27:38,200 assemble how signal operates inside your company, because we 537 00:27:38,200 --> 00:27:40,800 want to do that because they understand the identity 538 00:27:40,800 --> 00:27:43,320 principles that the enterprise wants to put in place. 539 00:27:43,880 --> 00:27:46,960 But then we give an interface where a business analyst or 540 00:27:46,960 --> 00:27:49,400 someone who's closer to the application we're trying to 541 00:27:49,400 --> 00:27:54,520 protect, we refer to that as a protected system, that persona, 542 00:27:55,280 --> 00:27:59,240 they should get a very simplified, not simplistic, but 543 00:27:59,520 --> 00:28:04,400 easy to use way to say, here's what I want to do and do that by 544 00:28:04,400 --> 00:28:07,120 taking those Lego blocks and then snapping them together. 545 00:28:07,120 --> 00:28:09,880 I, if you're familiar with Mad Libs, it's kind of like Mad 546 00:28:09,880 --> 00:28:11,600 Libs, like there's just the policy. 547 00:28:11,600 --> 00:28:14,480 And let me throw in who's the principal? 548 00:28:14,960 --> 00:28:17,840 What are the actions, what are the assets they're trying to 549 00:28:17,840 --> 00:28:19,360 protect here and what are some conditions? 550 00:28:19,480 --> 00:28:23,640 Those are all pre canned. My local identity architect has 551 00:28:23,640 --> 00:28:26,320 already come up with those based on the data sets we've pulled in 552 00:28:26,320 --> 00:28:28,520 the signal and I just seem to put them together and layer 553 00:28:28,520 --> 00:28:31,400 that, hey, now I have a policy and let me go stack up a couple 554 00:28:31,400 --> 00:28:33,920 policies. We really want to think about 555 00:28:33,920 --> 00:28:37,440 reuse. So I want that policy like I can 556 00:28:37,440 --> 00:28:41,600 go to the cloud if I have a ticket and my device and I'm not 557 00:28:41,600 --> 00:28:46,000 a compromised device that should apply if I'm multi cloud. 558 00:28:46,120 --> 00:28:48,800 That's literally the same policy we shouldn't care about. 559 00:28:49,200 --> 00:28:53,280 Yeah, GCP uses a different identifier from Azure uses a 560 00:28:53,280 --> 00:28:56,760 different identifier from AWS. Or even if I've got a couple 561 00:28:56,760 --> 00:29:00,520 different ID PS in the mix, which is really common, the 562 00:29:01,080 --> 00:29:05,560 person who's trying to put that policy in place shouldn't have 563 00:29:05,560 --> 00:29:09,280 to worry about those details. Let this graph, let this fabric 564 00:29:09,280 --> 00:29:12,360 handle that, let it do the on the on the fly translation. 565 00:29:13,680 --> 00:29:17,960 And that's so the architect role defines the terms of use in a 566 00:29:17,960 --> 00:29:20,520 way. And the business analyst or the 567 00:29:20,560 --> 00:29:25,080 end person who's after maintain their job is to maintain a 568 00:29:25,080 --> 00:29:28,080 system. That person is also a persona 569 00:29:28,080 --> 00:29:30,240 and signal. So we usually come in and talk 570 00:29:30,240 --> 00:29:33,560 to the architects first. They're kind of like the hero of 571 00:29:33,560 --> 00:29:37,240 the journey, and then they bring it to their internal teams who 572 00:29:37,240 --> 00:29:40,800 rely on them to get things done. You're pushing all my buttons. 573 00:29:40,800 --> 00:29:43,160 In the right way, when you start mentioning things like Lego and 574 00:29:43,160 --> 00:29:47,800 Mad Libs and things like that, I, you know, I think right or 575 00:29:47,800 --> 00:29:51,000 wrong, the industry likes to put things into a box. 576 00:29:51,000 --> 00:29:56,720 And so we already have boxes like IGA, Pam, Kim, and a whole 577 00:29:56,720 --> 00:29:58,720 bunch of other ones that, you know, would take forever to kind 578 00:29:58,720 --> 00:30:01,280 of list off. Where does Signal fit into that 579 00:30:01,320 --> 00:30:04,120 ecosystem? Is this a new category or is 580 00:30:04,120 --> 00:30:07,240 this creating something new? Does it complement things that 581 00:30:07,240 --> 00:30:09,120 already exists? Tell me a little bit about like 582 00:30:09,120 --> 00:30:11,920 where you see Signal fitting into the ecosystem. 583 00:30:12,280 --> 00:30:14,200 Sure. In some ways it's a bit of all 584 00:30:14,200 --> 00:30:18,400 the above. We do complement, so we go into 585 00:30:18,520 --> 00:30:20,800 companies. They already own everything. 586 00:30:20,840 --> 00:30:23,800 They probably already own 3 or 4 versions of everything. 587 00:30:23,840 --> 00:30:27,520 Like I've got octoping onto running around, I've got 588 00:30:27,520 --> 00:30:33,160 division over here that uses Curity, I've got sale point from 589 00:30:33,160 --> 00:30:35,440 this thing and oh, this acquisition we made there on 590 00:30:35,440 --> 00:30:40,440 Savvy and I've got Cyber Ark. So we work with all those 591 00:30:40,440 --> 00:30:42,840 systems, we stitch them together and we make them all better. 592 00:30:43,400 --> 00:30:49,720 I'd say the way I really think about it, it is a new way of 593 00:30:49,720 --> 00:30:55,360 looking at the identity stack. And so there's some parts of IGA 594 00:30:55,360 --> 00:30:59,760 in here in terms of the ability to deal with users and groups. 595 00:30:59,760 --> 00:31:02,640 Like a lot of times in I when you're trying to solve this with 596 00:31:02,640 --> 00:31:07,360 an IGA hat on, you go make more roles, you make more groups, but 597 00:31:07,360 --> 00:31:10,600 really you're trying to emulate policies rather, but you're 598 00:31:10,600 --> 00:31:13,000 doing it statically. And that eventually gets this 599 00:31:13,000 --> 00:31:16,560 problem where you have like 3.3 groups per every user or 600 00:31:16,560 --> 00:31:21,920 employee of your company and your, you know, Sarbanes-Oxley 601 00:31:21,920 --> 00:31:25,040 quarterly access reviews start exploding because you just have 602 00:31:25,040 --> 00:31:27,400 way too many things for all your managers to review. 603 00:31:28,240 --> 00:31:30,920 Or you might approach it with a privileged access management 604 00:31:31,680 --> 00:31:34,800 lens and go, all right, well, yeah, this is early. 605 00:31:34,800 --> 00:31:37,440 I need to step up. I need a special token to go and 606 00:31:37,440 --> 00:31:41,640 do something that that technology is very based on 607 00:31:42,080 --> 00:31:44,120 credentials. It's passwords you're checking 608 00:31:44,120 --> 00:31:46,400 in and out. Yeah, they might be piped 609 00:31:46,400 --> 00:31:49,480 through something, but it's it's inherently different from the 610 00:31:49,480 --> 00:31:52,480 single sign on workforce identity world that we live in 611 00:31:52,480 --> 00:31:56,200 in 2025. So we pull some aspects of Pam, 612 00:31:56,320 --> 00:31:58,280 we pull some aspects of IGA together. 613 00:31:58,840 --> 00:32:02,000 But I really argue like we wouldn't build identity 614 00:32:02,000 --> 00:32:04,600 solutions the way they're built right now. 615 00:32:04,600 --> 00:32:06,320 Like these things came up over time. 616 00:32:07,040 --> 00:32:10,480 Pam arose from pre cloud. This is like, how do I deal with 617 00:32:10,480 --> 00:32:14,520 my Cisco routers and root passwords on Linux boxes, not 618 00:32:14,520 --> 00:32:16,400 even thinking about single sign on at that point. 619 00:32:17,000 --> 00:32:19,600 IGA that came out of Sarbanes-Oxley. 620 00:32:19,600 --> 00:32:21,640 Like we're in this sort of generational change. 621 00:32:21,640 --> 00:32:25,200 Like these technologies and techniques had been around like 622 00:32:25,200 --> 00:32:29,240 25 plus years. It's kind of time to rethink how 623 00:32:29,240 --> 00:32:32,880 we're doing stuff because we build this massive identity 624 00:32:32,880 --> 00:32:35,160 edifice and yet we still have problems. 625 00:32:35,160 --> 00:32:36,680 We still get hacked, we still get breached. 626 00:32:37,160 --> 00:32:40,360 Like we're clearly we're not doing like everything's 100%, 627 00:32:40,360 --> 00:32:43,240 there's never going to be 100%, but we're clearly not doing 628 00:32:43,240 --> 00:32:45,600 something right in the identity space that we can't even keep 629 00:32:45,680 --> 00:32:48,680 basic use it as a basic security tool for us. 630 00:32:48,680 --> 00:32:51,560 So I do think this is a new way of looking at the problem. 631 00:32:52,400 --> 00:32:56,080 I don't, I don't want to have the hubris that a startup can 632 00:32:56,080 --> 00:32:58,920 define a brand new category and be like, tada, here's the silver 633 00:32:58,920 --> 00:33:02,080 bullet magic beans. But I do see we're reflecting 634 00:33:02,080 --> 00:33:04,120 the trend of where the industry is starting to go in terms of 635 00:33:04,120 --> 00:33:06,440 thinking about these problems. And we want to help with that. 636 00:33:06,880 --> 00:33:09,120 But we also, we will play nice with the existing stack. 637 00:33:09,120 --> 00:33:12,800 We don't come in and say, hey, yeah, like we don't coexist with 638 00:33:12,800 --> 00:33:14,360 these things. No, we coexist with everything. 639 00:33:14,520 --> 00:33:15,560 Like, that's actually part of the. 640 00:33:16,680 --> 00:33:20,560 It's a nice aspect of the way the system works, and the way it 641 00:33:20,560 --> 00:33:23,720 works best is when it integrates everything together that has a 642 00:33:23,720 --> 00:33:25,560 nice property of. Will work with what you have 643 00:33:25,560 --> 00:33:28,560 too, so there has. The reason I bring this up is 644 00:33:28,560 --> 00:33:30,840 because I know we have all these different acronyms and one of 645 00:33:30,840 --> 00:33:33,920 the ones that's kind of newer, at least to me is this idea of 646 00:33:33,920 --> 00:33:37,280 authorization and Gartner has a term for authorization 647 00:33:37,280 --> 00:33:41,000 management platform or AMP. At the same time, we're seeing 648 00:33:41,000 --> 00:33:44,960 things like P back policy based access controls kind of rearing 649 00:33:44,960 --> 00:33:48,320 its head up again as people try to solve for, you know, well, 650 00:33:48,320 --> 00:33:50,800 RBAC just stinks. It just takes forever to get it 651 00:33:50,800 --> 00:33:52,560 right. And it's, it's outdated as soon 652 00:33:52,560 --> 00:33:56,440 as you press, you know, submit. So where do you see, you know, 653 00:33:56,680 --> 00:33:58,920 the, the industry going? But also how does signal like 654 00:33:58,920 --> 00:34:04,080 aligned with things like AMP or PBAC or you know STAR dot back, 655 00:34:04,080 --> 00:34:06,960 you know, whatever acronym you want to put in front of the the 656 00:34:06,960 --> 00:34:11,840 access control? So I say we're pretty aligned 657 00:34:11,840 --> 00:34:14,280 with this idea of amp. Like I really like when I was 658 00:34:14,280 --> 00:34:16,920 Paul Mozzaro, who wrote that. If you have a Gartner 659 00:34:16,920 --> 00:34:18,880 subscription, I highly recommend giving it a read. 660 00:34:18,880 --> 00:34:20,679 It's it's, it's going in the right direction. 661 00:34:20,679 --> 00:34:23,679 You know, if you talk to Paul himself, he'll, you know, it's, 662 00:34:23,679 --> 00:34:26,040 this is evolving still. This is the first foray into 663 00:34:26,040 --> 00:34:30,080 trying to find this movement that's happening in the identity 664 00:34:30,080 --> 00:34:32,840 space. It hits on a lot of things that 665 00:34:32,840 --> 00:34:35,199 really resonate with me and with signal. 666 00:34:35,440 --> 00:34:38,199 So it it asked like Paul, like, hey, what's the what? 667 00:34:38,199 --> 00:34:40,280 How do you differentiate this from what's come before? 668 00:34:40,639 --> 00:34:41,920 And it's this orchestration layer. 669 00:34:42,800 --> 00:34:44,600 And that's where the Cape side of things, that's where the 670 00:34:44,600 --> 00:34:48,000 signals, the emitting of signals, that's the we send 671 00:34:48,000 --> 00:34:50,520 information from the edge to the center and send it back. 672 00:34:50,520 --> 00:34:52,840 That's the orchestration portion of this. 673 00:34:53,560 --> 00:34:56,120 You need policy on top of that because you need that. 674 00:34:56,120 --> 00:35:01,080 You need the rules of the road. How am I steering my car or, you 675 00:35:01,080 --> 00:35:02,800 know, on my steering my ship? Pick your analogy. 676 00:35:03,600 --> 00:35:05,560 That has to be part of it. And then you need the data 677 00:35:05,560 --> 00:35:07,600 fabric underneath it. And those are the three main 678 00:35:07,600 --> 00:35:12,560 legs of the signal stool policy engine orchestration layer, 679 00:35:12,840 --> 00:35:15,840 which looks a lot like policy, but you, you think a little bit 680 00:35:15,840 --> 00:35:18,880 more asynchronously with the orchestration and then the 681 00:35:18,880 --> 00:35:22,320 fabric that powers both of them, which is the aggregation of the 682 00:35:22,320 --> 00:35:24,600 data. You want to back up all your 683 00:35:24,600 --> 00:35:26,600 policies. And you know, we call them 684 00:35:26,600 --> 00:35:29,240 triggers in the in the orchestration tool. 685 00:35:30,240 --> 00:35:32,320 All those things kind of come into play here for us. 686 00:35:32,840 --> 00:35:35,640 And so, you know, P backs an interesting term. 687 00:35:35,640 --> 00:35:39,160 I think there's lots of really solid P back tools out there. 688 00:35:39,680 --> 00:35:43,200 But historically, like if you think back to like as ACMOL 689 00:35:43,640 --> 00:35:46,840 days, like 25 something years ago, if you can remember that 690 00:35:46,840 --> 00:35:50,320 long ago, those are kind of meant to be more developer 691 00:35:50,320 --> 00:35:52,520 tools. Like I just want to build a 692 00:35:52,520 --> 00:35:56,960 better framework within my application for dealing with 693 00:35:57,360 --> 00:35:59,720 these problems. And what we've seen is a lot of 694 00:35:59,720 --> 00:36:03,040 customers who are not successful trying to apply those concepts 695 00:36:03,360 --> 00:36:05,720 horizontally inside their enterprise. 696 00:36:05,720 --> 00:36:09,840 If you try to take a a classic, you know, Zac Amol tool, or if 697 00:36:09,840 --> 00:36:12,240 you get to like alpha and stop having to deal with XML and you 698 00:36:12,240 --> 00:36:18,080 can use Jason, it is, you know, 2025 now, it's still difficult 699 00:36:18,080 --> 00:36:21,720 because they're not they weren't designed to think about the 700 00:36:21,720 --> 00:36:24,520 enterprise state. You need to have these things 701 00:36:24,520 --> 00:36:26,840 all work in concert, but you need that backbone saying like 702 00:36:26,840 --> 00:36:29,600 this is what I'm trying to apply across horizontally, across the 703 00:36:29,600 --> 00:36:31,680 board, not down into the application. 704 00:36:31,680 --> 00:36:35,080 So you know, when, when you're all were asking about personas, 705 00:36:35,080 --> 00:36:38,240 like I did not talk about developers, like we're not a 706 00:36:38,240 --> 00:36:40,480 developer focused tool. I think they're great P back 707 00:36:40,480 --> 00:36:43,520 tools out there like OPA that are good for a developer wanting 708 00:36:43,520 --> 00:36:47,320 to do something better than hard coding authorization logic into 709 00:36:47,320 --> 00:36:50,240 the system. But as soon as you need data 710 00:36:50,560 --> 00:36:54,400 that's not resident to that application, who's on vacation? 711 00:36:54,400 --> 00:36:55,960 Unless you're building an application that manages the 712 00:36:55,960 --> 00:36:59,240 vacation schedule, you want to get that from somewhere else and 713 00:36:59,240 --> 00:37:02,160 you don't want to deal with the stale data problem of that. 714 00:37:02,160 --> 00:37:04,040 And how do I synchronize that information and maybe some of 715 00:37:04,040 --> 00:37:06,760 that sensitive like, you know, obviously vacations might not be 716 00:37:06,760 --> 00:37:10,120 that sensitive, but think of something like it's a legitimate 717 00:37:10,120 --> 00:37:13,000 policy. Citizenship might come into 718 00:37:13,000 --> 00:37:15,600 play. Maybe I have to be a certain 719 00:37:15,640 --> 00:37:18,200 citizenship to see some piece of government data. 720 00:37:18,520 --> 00:37:22,360 That's a very common regulatory policy, difficult to enforce. 721 00:37:22,360 --> 00:37:26,360 And I don't think we wanna be pushing what citizenship my 722 00:37:26,360 --> 00:37:29,320 employees are to every single one of the applications in the 723 00:37:29,320 --> 00:37:30,840 enterprise. I'm sure that'll get you in 724 00:37:30,840 --> 00:37:35,920 trouble in Europe, if if not in the US to do those sorts of 725 00:37:35,920 --> 00:37:37,800 things. So feedback tools are 726 00:37:37,800 --> 00:37:40,200 interesting and they're, I think they're a useful part of the 727 00:37:40,200 --> 00:37:44,880 system, but it doesn't solve this problem. 728 00:37:44,880 --> 00:37:48,480 And I think amps on the right direction as we start seeing the 729 00:37:48,480 --> 00:37:51,280 space emerge and these architectures get real mileage 730 00:37:52,040 --> 00:37:55,600 in the space and more adoption, I think that will also evolve a 731 00:37:55,600 --> 00:37:57,320 little bit too. But it's, it's promising. 732 00:37:58,200 --> 00:38:00,040 So Eric, I want. To go back to what you're 733 00:38:00,040 --> 00:38:03,880 talking about with the agenda architects. 734 00:38:03,880 --> 00:38:08,560 So the one that once that pull you in, they went under and I, I 735 00:38:08,560 --> 00:38:13,320 realized like making the case to those folks is no easy task 736 00:38:13,320 --> 00:38:16,440 because they need to really understand this. 737 00:38:16,880 --> 00:38:21,520 So at that, at that point that you achieve like, OK, they get 738 00:38:21,520 --> 00:38:23,360 it, they buy. And I'm thinking of like some 739 00:38:23,360 --> 00:38:26,560 really smart people who could probably do both sides of this 740 00:38:26,560 --> 00:38:29,040 equation. So you know, I'm thinking of 741 00:38:29,040 --> 00:38:31,080 Shawn Odell, thinking of Andrew Cameron. 742 00:38:31,320 --> 00:38:36,080 They first you have to sell them on the tech right after that. 743 00:38:36,200 --> 00:38:41,920 These are guys who can speak the the language of business to make 744 00:38:41,920 --> 00:38:45,080 the case. I'm wondering, you know what, 745 00:38:45,080 --> 00:38:48,280 what does that sound like? Help us out for the people who 746 00:38:48,280 --> 00:38:51,200 are listening who are like excited about this and maybe 747 00:38:51,200 --> 00:38:54,040 when we dig into the tech, that's great. 748 00:38:54,080 --> 00:38:55,880 Eventually you get them sold on that. 749 00:38:56,120 --> 00:38:59,320 Now you have to explain it to somebody who's used nothing 750 00:38:59,320 --> 00:39:02,560 about the tech and probably doesn't care and you have to put 751 00:39:02,560 --> 00:39:06,880 it in the language of business. So how do they do that? 752 00:39:06,880 --> 00:39:09,840 How are they successful? Yeah, absolutely. 753 00:39:10,320 --> 00:39:13,200 I think, you know, it's kind of like what does it look like to 754 00:39:13,200 --> 00:39:15,680 win in a company when we go into it? 755 00:39:15,800 --> 00:39:18,680 And this is where I, I usually start with something. 756 00:39:18,680 --> 00:39:23,640 I think Ian Glaser put this on a on a blog of his called, you 757 00:39:23,640 --> 00:39:26,760 know, we endearingly inside a signal called the pyramid of 758 00:39:26,760 --> 00:39:30,000 pain, which is if you think of all the applications in your 759 00:39:30,000 --> 00:39:34,640 company that you're using, which ones are you the most worried 760 00:39:34,640 --> 00:39:36,480 about? Like where is the biggest 761 00:39:36,480 --> 00:39:39,160 problem gonna be start there. That's the top of the pyramid. 762 00:39:39,160 --> 00:39:41,400 That's the most painful thing. And those are usually 763 00:39:41,400 --> 00:39:44,280 applications that you're you're not in it every minute of the 764 00:39:44,280 --> 00:39:46,360 day. It's not, it's not slack or 765 00:39:46,360 --> 00:39:48,960 e-mail or your calendar. It's your production 766 00:39:48,960 --> 00:39:51,560 environments, your your production systems, maybe your 767 00:39:51,560 --> 00:39:55,680 financial systems, maybe it's your CICD pipeline. 768 00:39:55,680 --> 00:39:59,160 So things that are like someone got in and just went haywire in 769 00:39:59,160 --> 00:40:01,920 there. That's potentially a company 770 00:40:01,920 --> 00:40:04,440 ending moment, if not at least a career ending moment for 771 00:40:04,440 --> 00:40:08,200 someone. Those are the most difficult. 772 00:40:08,280 --> 00:40:12,120 They require the most context. They require the the biggest 773 00:40:12,120 --> 00:40:15,560 need to reduce access to them so that you're not always able to, 774 00:40:15,560 --> 00:40:17,160 you know, it reduces the attack surface. 775 00:40:18,000 --> 00:40:19,760 That's where we try to frame people to start there. 776 00:40:19,960 --> 00:40:23,640 And then we look at, OK, can you reduce the number of roles and 777 00:40:23,640 --> 00:40:25,960 groups in the system? Can you reduce the amount of 778 00:40:25,960 --> 00:40:28,760 standing access? Can you be more responsive? 779 00:40:28,760 --> 00:40:33,640 Like the problem of if your Crowdstrike or your other 780 00:40:33,640 --> 00:40:37,400 security systems detect a problem with this user, can you 781 00:40:37,400 --> 00:40:38,880 react to that? And can you pull them out of an 782 00:40:38,880 --> 00:40:42,480 environment If the user's been no longer an employee, like they 783 00:40:42,480 --> 00:40:45,640 were terminated in the morning or they resigned in the morning, 784 00:40:46,280 --> 00:40:48,160 but they had an open session from the night before, or are 785 00:40:48,160 --> 00:40:50,480 they still I'll get access to things like, can you shut people 786 00:40:50,480 --> 00:40:54,640 off quickly in response to some type of HR event that goes on? 787 00:40:55,360 --> 00:40:57,880 So then those become wins for the business because the 788 00:40:57,880 --> 00:41:00,120 business recognizes this is a lot of risk. 789 00:41:00,440 --> 00:41:04,240 Or if I've got a lot of groups, I've got to do access reviews in 790 00:41:04,240 --> 00:41:07,120 those groups. And after I've got 100,000 791 00:41:07,120 --> 00:41:10,680 groups for 10,000 employees, that's a lot of work for people 792 00:41:10,680 --> 00:41:12,680 that's not really helping the business move forward. 793 00:41:13,000 --> 00:41:14,440 And so we can start to show value. 794 00:41:14,560 --> 00:41:16,760 It somewhat depends on who we're talking to. 795 00:41:16,760 --> 00:41:20,360 So if I'm talking to application owners, we might talk in terms 796 00:41:20,360 --> 00:41:24,360 of I give you dynamic access to things rather than, you know, I 797 00:41:24,360 --> 00:41:26,720 talked to identity person. I talk about 0 standing access. 798 00:41:26,720 --> 00:41:29,160 Like people don't have access when they're not supposed to, 799 00:41:29,600 --> 00:41:32,040 but magically the access is there when they need to use it. 800 00:41:32,280 --> 00:41:33,840 The business likes to hear it the other way around. 801 00:41:33,840 --> 00:41:36,920 Like it'll be there when I want it and it's not there when I'm 802 00:41:36,920 --> 00:41:39,440 not looking. That's the right stance to be 803 00:41:39,440 --> 00:41:41,600 in. And that ultimately drives a 804 00:41:41,600 --> 00:41:44,840 better security posture. I'm talking to kind of the CISO 805 00:41:44,840 --> 00:41:47,400 persona. They tend to be the ones they 806 00:41:47,400 --> 00:41:49,960 start thinking about. What are my risk signals in the 807 00:41:49,960 --> 00:41:52,720 organization? How do I lower overall risk the 808 00:41:52,720 --> 00:41:55,560 things and icing on the cake, can I make my business 809 00:41:55,560 --> 00:41:57,240 operational processes simpler too? 810 00:41:57,240 --> 00:42:01,320 Can I reduce access reviews? Can I reduce toil inside the 811 00:42:01,320 --> 00:42:02,800 company? Those are all wins for us. 812 00:42:03,400 --> 00:42:05,440 Yeah, that I. Mean that's a great business 813 00:42:05,440 --> 00:42:09,480 story about reducing risk, reducing that kind of overhead 814 00:42:09,560 --> 00:42:14,000 of things that help reduce the risk so that it makes it more 815 00:42:14,000 --> 00:42:16,480 effective. You actually start to steal from 816 00:42:16,480 --> 00:42:19,720 my next question, which was around what are the use cases, 817 00:42:19,720 --> 00:42:20,840 right? Because you think of a good 818 00:42:20,840 --> 00:42:25,040 picture there especially, and tied back to the continuous 819 00:42:25,040 --> 00:42:29,800 identity because you talked about, you know, someone has 820 00:42:29,800 --> 00:42:33,680 been terminated from the system, but maybe they have a a session 821 00:42:33,680 --> 00:42:36,480 open. I mean, literally, I've run into 822 00:42:36,480 --> 00:42:40,080 that before where it's like, well, yeah, we shut off their 823 00:42:40,080 --> 00:42:43,720 access, but if they still have their laptop and they're already 824 00:42:43,720 --> 00:42:46,800 logged in, you know, and we wouldn't know it. 825 00:42:46,800 --> 00:42:49,600 And I'm like, that's terrible. That is absolutely terrible. 826 00:42:49,600 --> 00:42:53,120 So this whole idea of, you know, being able to go in and like 827 00:42:53,720 --> 00:42:58,360 surgically kill sessions. The one thing that you'd 828 00:42:58,360 --> 00:43:01,120 mentioned earlier is I asked a question about what are the 829 00:43:01,120 --> 00:43:05,840 sources of these signals and then, you know, obviously you 830 00:43:05,840 --> 00:43:08,040 link that to them, we can take action. 831 00:43:08,240 --> 00:43:10,600 And the example used was the IDP. 832 00:43:10,760 --> 00:43:14,400 I'm wondering if you have any other examples, like is are 833 00:43:14,400 --> 00:43:17,960 there examples about going into IGA systems or privileged access 834 00:43:17,960 --> 00:43:21,800 management or anything else that, you know, maybe I didn't 835 00:43:21,800 --> 00:43:25,000 mention that. Just seems like, you know, when 836 00:43:25,000 --> 00:43:27,480 you want to brag about a little bit, yeah. 837 00:43:27,480 --> 00:43:30,240 Absolutely. You know, the the IDP to to 838 00:43:30,640 --> 00:43:33,760 cloud provider is probably our most popular use case. 839 00:43:34,480 --> 00:43:37,880 Closely related though, CICD pipelines, I've got my GitHub. 840 00:43:37,880 --> 00:43:41,040 If I can push code, I might as well have console access to the 841 00:43:41,040 --> 00:43:44,360 cloud. So predicting that I can't push 842 00:43:44,360 --> 00:43:46,200 unless I need policies. I have to be the release 843 00:43:46,200 --> 00:43:47,840 manager. Right now I'm assigned to do 844 00:43:47,840 --> 00:43:51,720 that and I'm on my a pash device and it's doesn't have malware. 845 00:43:52,080 --> 00:43:53,600 All those things are important to me. 846 00:43:54,720 --> 00:44:00,360 That's another popular use case. I'd say the other ones, API 847 00:44:00,360 --> 00:44:04,520 gateways is a big one for us. So I'm making API calls. 848 00:44:04,520 --> 00:44:07,000 This really comes into play. And I know we haven't used the 849 00:44:07,080 --> 00:44:11,200 AI Buds word yet, but you know, MCP or model context protocol 850 00:44:11,800 --> 00:44:15,440 that's just an API Gateway pattern protecting that we're 851 00:44:15,440 --> 00:44:17,840 getting a lot of interest in. How do you put policy in place 852 00:44:17,840 --> 00:44:21,200 for that, especially because it's really easy to vibe code 853 00:44:21,200 --> 00:44:24,040 out one of these things without thinking about any kind of 854 00:44:24,040 --> 00:44:26,120 identity security practices. Roll it out. 855 00:44:26,120 --> 00:44:29,240 And now I've done all kinds of egregious things like embedding 856 00:44:29,240 --> 00:44:32,280 tokens and not thinking about access control and not thinking 857 00:44:32,280 --> 00:44:34,720 about deployment and no one knows about it. 858 00:44:34,720 --> 00:44:37,880 So this is just a, a sort of accident waiting to happen here. 859 00:44:37,880 --> 00:44:40,480 We got, you know, pits with spikes at the bottom of them in 860 00:44:40,480 --> 00:44:45,000 this area. Working with IGA and Pam, those 861 00:44:45,000 --> 00:44:48,280 are good ones too. So we've got some nice use cases 862 00:44:48,280 --> 00:44:51,880 with say, sale point where maybe we want to do some of these 863 00:44:51,880 --> 00:44:55,680 checks against security systems. When someone comes into Cell 864 00:44:55,680 --> 00:44:58,400 Point and requests access to something, Cell Point could call 865 00:44:58,400 --> 00:45:02,400 it a signal, look for a policy. The signal says, yeah, the 866 00:45:02,400 --> 00:45:04,040 person, you know, Jeff looks good. 867 00:45:04,400 --> 00:45:06,560 He's, you know, his everything's fine with him. 868 00:45:06,560 --> 00:45:08,880 He's allowed to do this. Beyond this, the normal rules. 869 00:45:08,880 --> 00:45:12,840 And then or flip that around, something changes in a system 870 00:45:12,840 --> 00:45:16,920 and we could go say, hey, deeper vision Jim, like go take him out 871 00:45:16,920 --> 00:45:19,600 of this Active Directory group because you've got that all 872 00:45:19,600 --> 00:45:24,400 wired up anyway as part of your join remover lever settings in 873 00:45:24,400 --> 00:45:26,400 Cell Point. Let's just trigger that. 874 00:45:26,400 --> 00:45:29,160 We see something anomalous that comes in from the SoC. 875 00:45:29,760 --> 00:45:32,000 We can go tell cell Point to do that. 876 00:45:32,160 --> 00:45:33,960 And that can speed things up too. 877 00:45:33,960 --> 00:45:36,560 That can make you more reactive and make your existing 878 00:45:36,560 --> 00:45:40,040 investments better. Do something similar with Pam, 879 00:45:40,240 --> 00:45:42,040 like, hey, we know it's someone's compromised. 880 00:45:42,040 --> 00:45:44,120 We could tell it to rotate a credential or we can we could 881 00:45:44,120 --> 00:45:47,720 even potentially block access to the Pam system itself for that 882 00:45:47,720 --> 00:45:51,680 user so that they, if they they can't just go start doing X fill 883 00:45:51,680 --> 00:45:53,680 against all the passwords that are in the vault. 884 00:45:54,160 --> 00:45:57,680 So there's a lot that we can do in conjunction with those other 885 00:45:57,680 --> 00:45:59,880 systems. And these are all we tend to see 886 00:45:59,880 --> 00:46:03,640 people solve the and we encourage folks solve the easy 887 00:46:04,000 --> 00:46:08,640 problems first, like solve those and then expand because the way 888 00:46:08,640 --> 00:46:12,160 the platform's built, it's meant to keep going to more use cases. 889 00:46:12,160 --> 00:46:13,920 And we just see customers follow that pattern. 890 00:46:14,080 --> 00:46:18,240 They start with one use case or two, we nail them, we roll it 891 00:46:18,240 --> 00:46:20,240 out, everyone's happy. We're all, you know, popping 892 00:46:20,240 --> 00:46:22,680 champagne, celebrating. And then, hey, the next use 893 00:46:22,680 --> 00:46:26,440 case, the next use case, the next use case and so forth, we 894 00:46:26,440 --> 00:46:27,800 can pop some. Champagne in a little bit. 895 00:46:27,800 --> 00:46:29,320 I got a couple more questions for you. 896 00:46:30,640 --> 00:46:33,600 What is it that makes signal different from, you know, your 897 00:46:33,600 --> 00:46:36,400 contemporaries in this space? Tell me what sets you apart 898 00:46:36,400 --> 00:46:39,240 because this is my jaded CSO time where I say OK I already 899 00:46:39,240 --> 00:46:42,640 got a bunch of tools, why do I need signal and why is it signal 900 00:46:42,640 --> 00:46:46,280 over something else? I'd say there's really not much 901 00:46:46,280 --> 00:46:48,520 out there that does this in the way we approach it. 902 00:46:48,520 --> 00:46:51,680 So there are other tools out there that understand Cape 903 00:46:51,680 --> 00:46:54,160 signals and protocols. There's other tools that'll pull 904 00:46:54,160 --> 00:46:57,560 data in, like you could use Octa and they have a directory system 905 00:46:57,560 --> 00:47:01,240 that they use provisioning. But these weren't men and they 906 00:47:01,240 --> 00:47:03,800 weren't designed to think about it from an enterprise wide 907 00:47:03,800 --> 00:47:05,320 scale. They have kind of their corner 908 00:47:05,320 --> 00:47:07,680 and their main objective and they tiptoe into these other 909 00:47:07,680 --> 00:47:11,280 areas. So all the IGA tools have some 910 00:47:11,280 --> 00:47:13,360 kind of Pam module that can do some privilege stuff. 911 00:47:13,800 --> 00:47:16,600 All the Pam tools out there have now acquired some IGA vendor and 912 00:47:16,600 --> 00:47:18,200 they can do some simple IGA things. 913 00:47:18,880 --> 00:47:21,480 Sokta just announced, I think, you know, the other day that 914 00:47:21,480 --> 00:47:24,600 they've got, you know, they made an acquisition in the space and 915 00:47:24,600 --> 00:47:25,920 they've got some IGA and Pam things. 916 00:47:25,920 --> 00:47:28,720 So everyone's kind of tiptoeing around this, like refactoring of 917 00:47:28,720 --> 00:47:31,960 the identity stack right now. We built this from day one to 918 00:47:32,200 --> 00:47:35,760 solve this type of problem. How do I stitch my entire stack 919 00:47:35,760 --> 00:47:39,440 together, not just of identity data, operational data and 920 00:47:39,440 --> 00:47:42,680 security data, bring this all in one place and give you the 921 00:47:42,680 --> 00:47:47,000 ability to have this continuous identity architecture within the 922 00:47:47,000 --> 00:47:49,320 organization. That's what sets us apart is we 923 00:47:49,320 --> 00:47:51,600 were purpose built for this problem. 924 00:47:51,600 --> 00:47:55,320 We're not trying to retrofit this into an existing system. 925 00:47:55,680 --> 00:47:57,720 In some ways it's kind of like the innovator's dilemma issue, 926 00:47:58,120 --> 00:48:01,760 like you have to reinvent your IJ stacked work in real time or 927 00:48:01,760 --> 00:48:05,040 you'd have to reinvent your Pam system to understand workforce 928 00:48:05,040 --> 00:48:07,480 and single sign on none of these systems. 929 00:48:08,360 --> 00:48:10,720 They all kind of want to play in their own sandboxes if no one 930 00:48:10,720 --> 00:48:13,080 else exists. And I said, hey, this is 1 big 931 00:48:13,080 --> 00:48:14,480 sandbox, we all have to work in it. 932 00:48:14,480 --> 00:48:17,560 And maybe we should look, talk to the guys next door about the 933 00:48:17,560 --> 00:48:20,080 security stuff because that seems kind of important to us. 934 00:48:21,320 --> 00:48:23,160 Yeah, I can see. Definitely a lot of linkage with 935 00:48:23,160 --> 00:48:25,800 things like, you know, security operations center and some of 936 00:48:25,800 --> 00:48:28,280 the tools they have, right? It's, it's all data you're 937 00:48:28,280 --> 00:48:30,120 trying to pull in. The more data that you've got, 938 00:48:30,120 --> 00:48:33,520 the more interesting and educated decisions you can make 939 00:48:33,920 --> 00:48:35,600 on how you want to leverage it, right? 940 00:48:35,600 --> 00:48:37,880 Exactly. So let's take a look. 941 00:48:37,880 --> 00:48:41,280 At the broader range, industry at large here from an identity 942 00:48:41,280 --> 00:48:44,680 perspective, and I'm hoping I won't hear AI is the answer, 943 00:48:44,680 --> 00:48:47,240 although it probably is. What are some of the big trends 944 00:48:47,240 --> 00:48:50,640 that you see coming along that people should be keeping it out 945 00:48:50,640 --> 00:48:52,440 for? So I kind of call this of like 946 00:48:52,560 --> 00:48:55,520 skating to where the puck is going to be from an ice hockey 947 00:48:55,520 --> 00:48:58,280 analogy. What's coming up that you know 948 00:48:58,280 --> 00:49:00,880 that that is really kind of piquing your interest or is it 949 00:49:00,880 --> 00:49:03,680 just, hey man, AI is here and we've really got to got to get 950 00:49:03,680 --> 00:49:06,960 that figured out? I mean, definitely I'll, I'll 951 00:49:07,200 --> 00:49:09,280 we'll put the AI one out of the way like AI is here. 952 00:49:09,280 --> 00:49:12,440 We got to figure that out. I'm not smart enough to know all 953 00:49:12,440 --> 00:49:14,400 the impact it's going to have in the identity space. 954 00:49:14,400 --> 00:49:17,240 It's definitely having an impact and we'll continue to have one. 955 00:49:17,840 --> 00:49:20,640 I probably the only thing I won't be surprised by is that 956 00:49:20,640 --> 00:49:24,160 I'm going to be surprised about where we are in a 12 months in 957 00:49:24,160 --> 00:49:26,640 the AI world. So putting that one to the side 958 00:49:26,640 --> 00:49:30,240 for the moment, the two big trends that I see here right 959 00:49:30,240 --> 00:49:33,440 now, one, we've been kind of dancing around a little bit 960 00:49:33,440 --> 00:49:36,520 here, the convergence of identity and security together. 961 00:49:36,880 --> 00:49:39,600 And I actually think some drivers of this are it's 962 00:49:39,600 --> 00:49:43,520 becoming pretty common for your CSO to start taking over your 963 00:49:43,520 --> 00:49:47,520 traditional CIO roles or your CIO taking over CSO. 964 00:49:47,520 --> 00:49:51,240 This, those two leaders are morphing into one leader. 965 00:49:51,760 --> 00:49:55,120 A lot of things that the CIO looked after before probably 966 00:49:55,120 --> 00:49:59,600 live under like a COO, like what productivity suite we're going 967 00:49:59,600 --> 00:50:01,600 to use? Are we going to be on Slack or 968 00:50:01,640 --> 00:50:04,800 you know, teams? Are we going to be on Zoom or 969 00:50:04,800 --> 00:50:10,800 Google meet or you know teams? Those decisions aren't don't 970 00:50:10,800 --> 00:50:13,120 require a specialist as much as they require someone to 971 00:50:13,120 --> 00:50:17,160 negotiate price points on a per user per month pricing concept. 972 00:50:18,040 --> 00:50:20,680 So where's that leave the identity team? 973 00:50:20,840 --> 00:50:23,760 Because if you're thinking about identity systems and 974 00:50:23,760 --> 00:50:26,880 traditionally, you know, you guys know this probably better 975 00:50:26,880 --> 00:50:31,720 than I do, your IGA tools, your IDP tools kind of live in the IT 976 00:50:31,720 --> 00:50:34,600 world and kind of we're more like productivity things. 977 00:50:35,080 --> 00:50:38,840 And your Pam tools, if they weren't in identity land, they 978 00:50:38,840 --> 00:50:42,160 were more in the security land. And as those worlds come 979 00:50:42,160 --> 00:50:46,280 together, it stops being about just productivity. 980 00:50:46,480 --> 00:50:50,640 It starts being more about, OK, yes, single sign on gives me 981 00:50:50,640 --> 00:50:53,440 productivity and reduces passwords and I get MFA and all 982 00:50:53,440 --> 00:50:56,400 this goodness out of that. But I also started wanting to 983 00:50:56,400 --> 00:50:59,360 use this as security controls, which has historically been the 984 00:50:59,360 --> 00:51:01,560 sea sales world. So I think that's a massive 985 00:51:01,560 --> 00:51:04,720 trend right now. It's just the convergence and 986 00:51:05,120 --> 00:51:10,520 mind meld of those two sort of organizations together into one. 987 00:51:11,080 --> 00:51:14,720 And I'd say it's probably not a surprise that of our customers 988 00:51:14,720 --> 00:51:17,480 who are moving the fastest, who are the furthest ahead here and 989 00:51:17,480 --> 00:51:20,840 of the industry voices you hear they probably work in an 990 00:51:20,840 --> 00:51:25,600 identity security team. And obviously like you see, you 991 00:51:25,600 --> 00:51:28,960 know, Palo Alto's acquisition of Cyber Ark, you know, that 992 00:51:28,960 --> 00:51:32,360 happened a couple weeks back. They're talking about that as 993 00:51:32,360 --> 00:51:35,320 identity security. So this is in the air. 994 00:51:36,160 --> 00:51:39,160 The other big trend I see is this generational change. 995 00:51:40,160 --> 00:51:44,440 It's been 25 years since we kind of came up with the IGA and Pam 996 00:51:44,440 --> 00:51:46,960 things. It is that is a long time. 997 00:51:46,960 --> 00:51:51,960 Like there's whole generations of humans who grew up after 998 00:51:51,960 --> 00:51:56,080 those events, right after, you know, the Enron events of the 999 00:51:56,080 --> 00:52:00,840 world that drove Sarbanes-Oxley. It's time to rethink how we do 1000 00:52:00,840 --> 00:52:02,360 things. And so that's the other big 1001 00:52:02,360 --> 00:52:06,880 trend to see is we are coming up on massive replacement cycles of 1002 00:52:06,880 --> 00:52:11,520 two entire sets of sort of the core identity stack. 1003 00:52:11,520 --> 00:52:14,960 I'd say ID, PS and pass through lists are probably the latest 1004 00:52:14,960 --> 00:52:17,440 generation and even those are like those are 15 year old 1005 00:52:17,440 --> 00:52:21,880 things. So it's it's natural that we're 1006 00:52:21,880 --> 00:52:24,960 coming up on rethinking this. Yeah, some of these. 1007 00:52:25,040 --> 00:52:26,640 Solutions are not old enough to vote. 1008 00:52:27,080 --> 00:52:30,120 Maybe you can drink exactly. They're old enough to rent a 1009 00:52:30,120 --> 00:52:32,400 car. You. 1010 00:52:32,560 --> 00:52:32,840 You. You've. 1011 00:52:33,040 --> 00:52:35,320 Been so gracious with your time. I want to kind of pivot here to 1012 00:52:35,320 --> 00:52:37,520 a little bit of a lighter note and kind of wrap the show up 1013 00:52:37,520 --> 00:52:40,040 here. We were talking before we hit 1014 00:52:40,040 --> 00:52:43,720 record and you mentioned that you are into cooking and I am 1015 00:52:43,720 --> 00:52:45,720 into eating. So I think this is going to be a 1016 00:52:45,720 --> 00:52:48,800 great conversation. So I would like to pose a 1017 00:52:48,800 --> 00:52:52,200 hypothetical to you. So let's say you've got to 1018 00:52:52,200 --> 00:52:55,880 create the perfect meal, and I'm going to put you on the spot 1019 00:52:55,880 --> 00:52:57,480 here. Not only create the perfect 1020 00:52:57,480 --> 00:53:01,240 meal, you have to create the perfect meal for me, OK. 1021 00:53:01,600 --> 00:53:04,520 What are you going to make? Why are you and why, you know, 1022 00:53:04,520 --> 00:53:06,800 why are you making decisions, decisions, you know, for what 1023 00:53:06,800 --> 00:53:08,680 you're going to make? And you can feel free to ask me 1024 00:53:08,680 --> 00:53:09,960 questions if that helps you in any way. 1025 00:53:09,960 --> 00:53:12,720 Yeah, yeah. Let me ask if you like, you 1026 00:53:12,720 --> 00:53:15,600 know, First off, like anything you don't like eating, like 1027 00:53:15,600 --> 00:53:18,040 what's you know, any, any areas to avoid? 1028 00:53:18,040 --> 00:53:23,160 Hey, I really hate, you know, spicy food or I don't eat fish, 1029 00:53:23,640 --> 00:53:25,240 you know, anything like that to be aware of. 1030 00:53:25,240 --> 00:53:27,920 Well, you hit two right there. So I'm not a fish person. 1031 00:53:28,360 --> 00:53:30,560 I'm generally not a seafood person with the exception of 1032 00:53:30,560 --> 00:53:32,440 shrimp. As long as the heads are cut 1033 00:53:32,440 --> 00:53:34,360 off. I don't, I don't dig on, you 1034 00:53:34,360 --> 00:53:35,920 know, the shrimp showing up with their heads on. 1035 00:53:36,000 --> 00:53:38,360 No, give it to me after the sushi. 1036 00:53:38,360 --> 00:53:40,840 I thought you liked sushi. Sushi is the one. 1037 00:53:40,840 --> 00:53:44,160 Exception, I will do something like tuna, maybe like a lighter 1038 00:53:44,160 --> 00:53:48,480 fish, but it has to be with like something else like in a roll or 1039 00:53:48,480 --> 00:53:52,160 something like that. Not spicy, although I can 1040 00:53:52,160 --> 00:53:55,600 tolerate a little bit of pain. And then mushrooms are just not 1041 00:53:55,600 --> 00:53:58,720 my jam at all. So other than that, I feel like 1042 00:53:58,720 --> 00:54:02,120 I've got a pretty open palette now that I've, you know, cut off 1043 00:54:02,120 --> 00:54:05,000 like a third of the of the menu. No, no, no. 1044 00:54:05,000 --> 00:54:07,120 So, yeah, So my thoughts are way out the window now. 1045 00:54:07,840 --> 00:54:12,120 No, I'm just kidding. I'd say let me think through 1046 00:54:12,120 --> 00:54:16,200 this. If tuna's on the menu, I'd say a 1047 00:54:16,560 --> 00:54:21,440 really nice piece of like ahi tuna that's just really well 1048 00:54:21,440 --> 00:54:24,440 seared, a little seasoning, a little salt, pepper, you know, 1049 00:54:24,440 --> 00:54:26,600 let the fish speak for itself. It'll probably be sort of I'd 1050 00:54:26,720 --> 00:54:29,560 anchor that around the main. Maybe a really good I I'm 1051 00:54:29,560 --> 00:54:32,720 thinking Japanese would be a a good venue to go down. 1052 00:54:33,560 --> 00:54:39,440 Go with a nice tuna over some nice rice, just like sliced up 1053 00:54:39,440 --> 00:54:41,440 for you. Like nice presentation. 1054 00:54:41,880 --> 00:54:43,840 Maybe a little seaweed salad on the side. 1055 00:54:44,040 --> 00:54:45,920 I'd probably think about a couple courses. 1056 00:54:46,640 --> 00:54:49,400 Make it really good miso soup to start with. 1057 00:54:50,720 --> 00:54:53,120 I like roasting vegetables a lot, so I'd probably roast up 1058 00:54:53,120 --> 00:54:55,200 some carrots. Look for some, you know, go see 1059 00:54:55,200 --> 00:54:57,560 what's fresh, what's interesting, what's going to be 1060 00:54:57,560 --> 00:54:59,400 colorful. Think about putting that 1061 00:54:59,400 --> 00:55:01,880 together and then maybe serving it out. 1062 00:55:02,240 --> 00:55:06,080 I like to do more family style, like put things out on plates, 1063 00:55:06,080 --> 00:55:08,640 share it around. I think that just makes for a 1064 00:55:08,640 --> 00:55:12,160 better conversation and it comes out nice because it uses a big 1065 00:55:12,160 --> 00:55:14,200 plate with lots of stuff on it looks always looks great. 1066 00:55:14,200 --> 00:55:16,560 So that's probably the direction I would take it in. 1067 00:55:17,360 --> 00:55:18,280 OK. So, Eric? 1068 00:55:18,360 --> 00:55:22,600 What time do I show up for this? Because you absolutely nailed 1069 00:55:22,600 --> 00:55:24,840 that. Like, that is totally my jam. 1070 00:55:24,880 --> 00:55:28,120 I am totally on top of that. So I'm going to invite myself 1071 00:55:28,120 --> 00:55:29,920 over for dinner at some point. Or maybe we'll just go out and 1072 00:55:29,920 --> 00:55:31,160 get a nice sushi dinner somewhere. 1073 00:55:31,640 --> 00:55:33,680 Yeah, no, whenever. Whenever you want, happy to 1074 00:55:33,680 --> 00:55:34,760 happy to cook for the both of you. 1075 00:55:35,280 --> 00:55:37,440 Next time you're up in the Bay Area, we'll, we'll make it a 1076 00:55:37,440 --> 00:55:39,320 date. Jim, how about? 1077 00:55:39,400 --> 00:55:43,080 Yourself like how does that strike you of like a dinner like 1078 00:55:43,200 --> 00:55:46,920 the AHI tuning as possible. Yeah, I'm pretty open minded. 1079 00:55:46,920 --> 00:55:51,480 The only thing I don't like is really strong cheese, like blue 1080 00:55:51,480 --> 00:55:53,000 cheese. I don't like feta. 1081 00:55:53,440 --> 00:55:56,600 It's just the smell turns me off and I've always been that way. 1082 00:55:57,240 --> 00:56:00,240 But other than that, I mean I'm pretty open. 1083 00:56:00,240 --> 00:56:04,120 I mean, I'll even eat like really strong meats, like organ 1084 00:56:04,120 --> 00:56:06,760 meat, like liver and stuff like that. 1085 00:56:07,920 --> 00:56:11,800 So yeah. And wild game, like, I know a 1086 00:56:11,800 --> 00:56:15,320 lot of people don't like that. I think it's interesting. 1087 00:56:15,560 --> 00:56:18,080 So yeah, I'm pretty much up for anything. 1088 00:56:18,320 --> 00:56:21,840 But if you put blue cheese on it, I might just leave. 1089 00:56:22,760 --> 00:56:25,040 Yeah, I'll leave the blue cheese off the nice piece of ahi. 1090 00:56:25,200 --> 00:56:28,200 So there you go that. Sounds good, I totally. 1091 00:56:28,200 --> 00:56:30,000 Appreciate that because blue cheese is one of the things I 1092 00:56:30,000 --> 00:56:34,040 absolutely detest because I spent the better part of 1093 00:56:34,040 --> 00:56:36,840 probably 7 or 8 years bartending and one of the things that we 1094 00:56:36,840 --> 00:56:39,680 had to do was stuffed blue cheese olives for our martinis. 1095 00:56:39,680 --> 00:56:42,640 And so if I never see blue cheese again, I will be totally 1096 00:56:42,640 --> 00:56:45,960 fine with that. I'll, I'll be the contrary and 1097 00:56:45,960 --> 00:56:48,920 say I I like blue cheese. I love a good piece of feta, but 1098 00:56:48,920 --> 00:56:51,680 I, I will probably eat most anything. 1099 00:56:52,520 --> 00:56:56,400 I early in my career, I spent a year in Hong Kong working on a 1100 00:56:56,400 --> 00:56:58,400 project. And yeah, before that I was a 1101 00:56:58,400 --> 00:56:59,880 little, I didn't eat as much seafood. 1102 00:56:59,880 --> 00:57:03,520 I didn't like eggs too much and I just went in with the mentai. 1103 00:57:03,520 --> 00:57:05,240 Like this is a totally new cuisine. 1104 00:57:05,240 --> 00:57:07,520 There's influences from all over Asia here. 1105 00:57:07,920 --> 00:57:09,840 I'm just going to eat whatever. So if it didn't crawl off my 1106 00:57:09,840 --> 00:57:13,160 plate, I'd eat it. And so now I'm a much, you know, 1107 00:57:13,160 --> 00:57:15,560 this has been a while now. It's been 20 plus years since I 1108 00:57:15,560 --> 00:57:21,560 was there, but it's definitely opened my palate quite a bit. 1109 00:57:22,480 --> 00:57:24,120 I was not always. An adventurous eater. 1110 00:57:24,120 --> 00:57:26,680 I would stay I'm, you know, starting to put my toe in the 1111 00:57:26,680 --> 00:57:28,760 water. I was very much like a grilled 1112 00:57:28,760 --> 00:57:31,240 cheese and, you know, chicken Nuggets growing up. 1113 00:57:31,680 --> 00:57:34,600 But as I found as I've gotten older, that I have been more 1114 00:57:34,600 --> 00:57:37,800 willing to try things. So I will try just about 1115 00:57:37,800 --> 00:57:40,800 anything once, just now. I know that like Daniel. 1116 00:57:41,160 --> 00:57:45,800 I mean you you either get experimental or you don't eat. 1117 00:57:47,320 --> 00:57:49,520 I will give a lot of. Credit to Daniel, so you know 1118 00:57:49,560 --> 00:57:53,320 our our boss here at RSM, but he has definitely taken me on some 1119 00:57:53,320 --> 00:57:55,560 excursions and I'm very grateful for that because I have tried 1120 00:57:55,560 --> 00:57:58,560 things that I would normally not have eaten and I've enjoyed some 1121 00:57:58,560 --> 00:57:59,600 of it. I won't say all of it. 1122 00:57:59,600 --> 00:58:02,800 I have enjoyed some of it I. Like, hey, I liked a lot of 1123 00:58:02,800 --> 00:58:06,640 things. I wasn't big on bone marrow, but 1124 00:58:06,640 --> 00:58:09,240 I mean, at the same time I could eat it again. 1125 00:58:09,520 --> 00:58:13,440 Just wasn't my favorite. Yeah, I hear you. 1126 00:58:14,320 --> 00:58:15,720 Yep. I think it's important to try it 1127 00:58:15,720 --> 00:58:17,280 once, see if you like it. You never know. 1128 00:58:17,280 --> 00:58:19,320 You'd be surprised. Yeah, that's how you. 1129 00:58:19,320 --> 00:58:21,680 Discover, you know, Hey, new things, you know, it's kind of 1130 00:58:21,680 --> 00:58:24,120 like music, right? You just like, oh, I didn't 1131 00:58:24,120 --> 00:58:26,360 discover The Beatles until I was 30, or I didn't discover 1132 00:58:26,360 --> 00:58:29,160 Metallica until I was, well, I discovered them, really, but you 1133 00:58:29,160 --> 00:58:30,920 get my drift. Exactly. 1134 00:58:30,960 --> 00:58:33,120 Exactly. Well, Eric, you've. 1135 00:58:33,120 --> 00:58:35,840 Been great and really appreciate you taking some time with us. 1136 00:58:35,840 --> 00:58:37,880 Thank you again for sponsoring an episode here with us. 1137 00:58:37,880 --> 00:58:40,560 I'm going to have links in our show notes here for people to 1138 00:58:40,560 --> 00:58:44,000 reach out to you on LinkedIn. Maybe, you know, share recipes 1139 00:58:44,000 --> 00:58:46,800 or other things, whether it's recipes for, you know, identity 1140 00:58:46,880 --> 00:58:50,160 data or other food items. Let's see what else. 1141 00:58:50,680 --> 00:58:54,360 Visit the website SGNL dot AI slash IDAC. 1142 00:58:55,280 --> 00:58:57,040 There'll be some information there that people can kind of 1143 00:58:57,040 --> 00:58:59,280 check out and that also show support for the show that hey, 1144 00:58:59,280 --> 00:59:01,000 you heard it here on on identity at the center. 1145 00:59:01,000 --> 00:59:03,480 So with that, we're going to go ahead and leave it for this 1146 00:59:03,480 --> 00:59:06,120 week. Thanks everyone for watching and 1147 00:59:06,120 --> 00:59:08,560 or listening and we'll talk with you all in the next one. 1148 00:59:11,080 --> 00:59:13,520 You've been. Listening to Identity at the 1149 00:59:13,520 --> 00:59:16,160 Center? We hope you've enjoyed the show. 1150 00:59:16,360 --> 00:59:20,480 Make sure to like, rate and review, and we'll be back soon. 1151 00:59:20,720 --> 00:59:23,000 But in the meantime, hit the website at 1152 00:59:23,000 --> 00:59:29,360 identity@thecenter.com. See you next time on Identity at 1153 00:59:29,360 --> 00:59:30,280 the Center.