1 00:00:00,000 --> 00:00:02,700 You're only one misconfiguration away from a 2 00:00:02,700 --> 00:00:04,360 breach. What are your thoughts when you 3 00:00:04,360 --> 00:00:07,640 hear a quote like that? I think when I hear a quote 4 00:00:07,640 --> 00:00:09,620 like that, it is absolutely true. It 5 00:00:09,620 --> 00:00:11,820 is an asymmetric problem. Attackers 6 00:00:11,820 --> 00:00:13,660 have to find just one weakness to get in. 7 00:00:14,079 --> 00:00:16,460 Defenders, as a customer, have to 8 00:00:16,460 --> 00:00:18,880 have their 100 % coverage. But 9 00:00:18,880 --> 00:00:20,380 it's not that you got to do everything perfect. 10 00:00:21,520 --> 00:00:22,660 That's going to be, you're never 11 00:00:22,660 --> 00:00:24,080 going to stop attacks. You're 12 00:00:24,080 --> 00:00:26,100 never going to, you know, if there's going to be 13 00:00:26,100 --> 00:00:28,300 some challenges coming in, it's what is the risk of 14 00:00:28,300 --> 00:00:31,260 inaction? What is the risk of this 15 00:00:31,260 --> 00:00:33,000 access? So people are built identity 16 00:00:33,000 --> 00:00:35,540 systems for the last two decades. But 17 00:00:35,540 --> 00:00:37,720 the concept of risk of an identity, the fact if I'm 18 00:00:37,720 --> 00:00:41,040 giving access to Jim means I'm taking on a risk. I'm 19 00:00:41,040 --> 00:00:43,120 hoping Jim is a legitimate employee. He 20 00:00:43,120 --> 00:00:45,060 does legitimate actions, but sometimes that's not the 21 00:00:45,060 --> 00:00:46,840 case. Sometimes your account could be 22 00:00:46,840 --> 00:00:48,560 compromised. So the solution threat vector 23 00:00:48,560 --> 00:00:51,360 we are looking at right now means every account has 24 00:00:51,360 --> 00:01:00,280 a risk. This is identity at the center. 25 00:01:01,280 --> 00:01:02,940 If it has anything to do with 26 00:01:02,940 --> 00:01:07,540 IAM, this is the go to podcast. Now 27 00:01:07,540 --> 00:01:18,100 your hosts, Jim McDonald and Jeff Steadman. Welcome 28 00:01:18,100 --> 00:01:19,840 to the identity at the center podcast. I'm 29 00:01:19,840 --> 00:01:22,200 Jeff and that's Jim. Hey, Jim. Hey, 30 00:01:22,240 --> 00:01:24,460 Jeff, how are you? Oh, and that's a bad yourself. 31 00:01:25,280 --> 00:01:26,740 I'm doing great. I'm, 32 00:01:26,900 --> 00:01:30,820 as always, very excited for this episode. I 33 00:01:30,820 --> 00:01:35,900 discovered Venkat a while back at an event and Ian 34 00:01:35,900 --> 00:01:38,560 Singh, who probably most people who are listening to 35 00:01:38,560 --> 00:01:42,300 this podcast know Ian. He's very much a contributor to 36 00:01:42,300 --> 00:01:47,540 our community on LinkedIn and various other formats 37 00:01:47,540 --> 00:01:50,580 as well. He introduced me to Venkat. I 38 00:01:50,580 --> 00:01:53,140 got to learn a little bit about the Stack Identity 39 00:01:53,140 --> 00:01:55,940 product. And so I'm glad we're able to 40 00:01:55,940 --> 00:01:59,600 bring their message to our community. Yeah, 41 00:01:59,660 --> 00:02:01,040 we're looking forward to this one. And 42 00:02:01,040 --> 00:02:02,320 definitely want to give a shout out to Ian for the 43 00:02:02,320 --> 00:02:03,440 connection. He's also been a great supporter 44 00:02:03,440 --> 00:02:06,800 for the show. So shout out to Ian. Today's 45 00:02:06,800 --> 00:02:09,080 episode is a sponsored episode, something that we 46 00:02:09,080 --> 00:02:10,820 developed these in collaboration with our 47 00:02:10,820 --> 00:02:13,480 friends over today at Stack Identity. If 48 00:02:13,480 --> 00:02:15,540 you don't know a Stack Identity, they are your co 49 00:02:15,540 --> 00:02:17,400 -pilot to solve identity security problems. We're 50 00:02:17,400 --> 00:02:18,860 going to find out what that means. You 51 00:02:18,860 --> 00:02:23,040 can learn more about them at stackidentity .com. And 52 00:02:23,040 --> 00:02:26,180 so we've got Venkat Raghavan, founder and CEO 53 00:02:26,180 --> 00:02:28,700 at Stack Identity. Welcome to Identity at the Center. 54 00:02:29,060 --> 00:02:31,600 Venkat. Thank you, Jeff. Thank 55 00:02:31,600 --> 00:02:33,500 you, Jim. Good morning. So 56 00:02:33,500 --> 00:02:35,080 thanks for taking the time. One 57 00:02:35,080 --> 00:02:36,680 of the things we like to do is really find out 58 00:02:36,680 --> 00:02:38,740 about the background and the origin stories of 59 00:02:38,740 --> 00:02:40,660 people who appear on our show. So 60 00:02:40,660 --> 00:02:43,420 let's start with that. How did you get into the IAM 61 00:02:43,420 --> 00:02:46,660 industry? What set up your or ignited 62 00:02:46,660 --> 00:02:49,320 maybe your passion for this sector of cybersecurity? 63 00:02:50,140 --> 00:02:51,900 Gosh, I got to go back 25 years 64 00:02:51,900 --> 00:02:56,000 back here. So my first start was I'm an 65 00:02:56,000 --> 00:02:59,600 engineer by trade. So built early distributed 66 00:02:59,600 --> 00:03:04,800 systems for companies. And I was working on a 67 00:03:04,800 --> 00:03:08,980 specification called security assertions markup language, 68 00:03:08,980 --> 00:03:13,120 or SAML, as it's very popular these days, which 69 00:03:13,120 --> 00:03:16,440 is the kind of the rule break of identity today. I 70 00:03:16,440 --> 00:03:18,920 got really excited about the opportunity to kind of 71 00:03:18,920 --> 00:03:21,100 have a common language by which we can speak identity 72 00:03:21,100 --> 00:03:23,760 to each other electronically. And 73 00:03:23,760 --> 00:03:25,720 so that got me excited. Somebody's 74 00:03:25,720 --> 00:03:30,120 in a dug in this a bit more and joined a startup 75 00:03:30,120 --> 00:03:33,740 called Ascom, based for pioneers and using SAML to 76 00:03:33,740 --> 00:03:38,300 build the first generation of identity management and 77 00:03:38,300 --> 00:03:41,800 single sign on systems, which powered the lot of 78 00:03:41,800 --> 00:03:44,000 Java applications back in the first days of Internet 79 00:03:44,000 --> 00:03:47,600 era. So had a great experience in 80 00:03:47,600 --> 00:03:51,760 this identity space. And never left, frankly, got to 81 00:03:51,760 --> 00:03:55,360 know SAML, build products, was part of a start up on 82 00:03:55,360 --> 00:03:57,960 BASCA, we got acquired by IBM. And 83 00:03:57,960 --> 00:04:03,140 I am still head 25, we said, still doing this. So 84 00:04:03,140 --> 00:04:04,720 you've got a long history in this space. So 85 00:04:04,720 --> 00:04:07,060 let's talk about stack identity. What's 86 00:04:07,060 --> 00:04:09,640 the core problem that stack identity looks to solve 87 00:04:09,640 --> 00:04:12,100 for? And this is a very competitive 88 00:04:12,100 --> 00:04:14,440 space. How do you set yourself apart 89 00:04:14,440 --> 00:04:16,820 from others in such a crowded market? I 90 00:04:16,820 --> 00:04:18,440 think it's useful to kind of go back and look at 91 00:04:18,440 --> 00:04:20,620 how industries evolved in the last two decades, 92 00:04:20,940 --> 00:04:22,440 right? I mean, then we first started 93 00:04:22,440 --> 00:04:25,180 BASCOM and worked on the early generation of 94 00:04:25,180 --> 00:04:27,140 activities technologies. The problem we were trying to 95 00:04:27,140 --> 00:04:31,680 solve was simplifying granting of access. And 96 00:04:31,680 --> 00:04:33,260 so that was very complicated. IT 97 00:04:33,260 --> 00:04:35,940 was growing, leaps and bounds. And 98 00:04:35,940 --> 00:04:37,820 people had a lot of applications and so on and 99 00:04:37,820 --> 00:04:40,540 so single sign on, nothing a single password is a 100 00:04:40,540 --> 00:04:42,620 big, big issue, big pain point. That 101 00:04:42,620 --> 00:04:44,780 we saw that we saw successfully the last 25 102 00:04:44,780 --> 00:04:48,980 years or so. But now the issue is granting 103 00:04:48,980 --> 00:04:52,480 of access is the easy part. Removing 104 00:04:52,480 --> 00:04:55,700 access is quite difficult, quite challenging. Why? 105 00:04:55,960 --> 00:04:58,480 When you're able to access people's free mature, you 106 00:04:58,480 --> 00:05:00,720 don't like it. And they feel like they've 107 00:05:00,720 --> 00:05:02,760 taken something away. They were taken something away 108 00:05:02,760 --> 00:05:06,380 from their daily work. What a reason becomes immortal, 109 00:05:06,800 --> 00:05:10,260 cultural, sometimes political. And 110 00:05:10,260 --> 00:05:13,240 so what happens is that if you don't remove the access 111 00:05:13,240 --> 00:05:15,160 under whatever pressure you're in, in companies, 112 00:05:15,840 --> 00:05:19,440 then what happens? There's some access for all. A 113 00:05:19,440 --> 00:05:23,320 hordes of access lying around years and years. And 114 00:05:23,320 --> 00:05:25,920 it's easy picking for attackers. The 115 00:05:25,920 --> 00:05:30,000 last 100 breaches, attackers always compromised the same 116 00:05:30,000 --> 00:05:32,660 pattern, a compromised identity, but with a 117 00:05:32,660 --> 00:05:35,940 compromised or re -credential that should have been 118 00:05:35,940 --> 00:05:38,580 removed, that wasn't removed. And 119 00:05:38,580 --> 00:05:40,120 we only find out after the fact. So 120 00:05:40,128 --> 00:05:41,980 the problem that Stake is solving is to kind of 121 00:05:41,980 --> 00:05:44,740 figure out, how do I simplify and make it easy, 122 00:05:45,220 --> 00:05:48,640 an easy button, but removing access? And 123 00:05:48,640 --> 00:05:50,320 so that's, I think, the innovation we're applying. 124 00:05:50,640 --> 00:05:51,940 And it's very difficult to 125 00:05:51,940 --> 00:05:54,960 convince people to remove the access, but we got to 126 00:05:54,960 --> 00:05:56,320 do that. And that's what we're empowering 127 00:05:56,320 --> 00:05:59,880 teams to go do that. So I'd love to find out also 128 00:05:59,880 --> 00:06:01,100 about the names of companies. How 129 00:06:01,100 --> 00:06:04,920 did you come up with the name Stack Identity? Well, 130 00:06:04,920 --> 00:06:06,900 I think if you look at at least even a decade ago, 131 00:06:06,900 --> 00:06:09,860 we were operating just Active Directory WSU L 132 00:06:09,860 --> 00:06:11,400 -BAPs. That's it. In 133 00:06:11,407 --> 00:06:13,540 a today's world, companies, you know, there's 25, 30 134 00:06:13,540 --> 00:06:15,900 different identity systems. You 135 00:06:15,900 --> 00:06:20,020 have your AD, your L -BAPs, you have EntraID, you have 136 00:06:20,020 --> 00:06:23,060 Aqta, your applications that have their own identities, 137 00:06:23,340 --> 00:06:26,960 and it goes on and on. So the sprawl of identities 138 00:06:26,960 --> 00:06:29,960 was massive. So now we're seeing identities 139 00:06:29,960 --> 00:06:32,360 built into your operating systems and clouds and 140 00:06:32,360 --> 00:06:34,940 applications and databases. So 141 00:06:34,940 --> 00:06:36,940 we see stacks of identities. You 142 00:06:36,940 --> 00:06:38,360 know, all over the place. And 143 00:06:38,360 --> 00:06:41,740 so for customers, it's very difficult to manage all the 144 00:06:41,740 --> 00:06:43,360 identity populations they have. And 145 00:06:43,360 --> 00:06:46,520 so the stack is named to kind of reflect the fact 146 00:06:46,520 --> 00:06:48,680 there's now a distributed identity system. And 147 00:06:48,680 --> 00:06:50,520 it's going to be that way for the next several 148 00:06:50,520 --> 00:06:53,040 decades. How do we still bring the 149 00:06:53,040 --> 00:06:55,500 unified perspective of identities and what they're 150 00:06:55,500 --> 00:06:56,620 doing in the environment? So 151 00:06:56,620 --> 00:06:58,280 that's what we're trying to accomplish here with Stack. 152 00:06:59,540 --> 00:07:00,880 You know, Venkata was thinking, 153 00:07:01,260 --> 00:07:05,100 oh, stack could also mean the stacks and stacks of 154 00:07:05,100 --> 00:07:08,000 entitlements that people accumulate over time. 155 00:07:08,300 --> 00:07:09,740 Because that's really what it 156 00:07:09,740 --> 00:07:11,760 sounds to me like, the problem that you're solving, 157 00:07:11,900 --> 00:07:15,660 right, is that this entitlement creep scenario 158 00:07:15,660 --> 00:07:19,120 where you keep getting more and more access, whether 159 00:07:19,120 --> 00:07:22,000 it's, you know, I don't think it's intentional, 160 00:07:22,180 --> 00:07:24,320 right? Nobody's out there trying to do the 161 00:07:24,320 --> 00:07:26,840 wrong thing. But we, you know, as 162 00:07:26,840 --> 00:07:30,580 consultants in our day -to -day lives, Jeff and I see 163 00:07:30,580 --> 00:07:33,940 scenarios where companies are still doing what we 164 00:07:33,940 --> 00:07:37,220 call model after. So Venkata joins the company 165 00:07:37,220 --> 00:07:40,700 and he's, you know, backfilling for Jeff. Make 166 00:07:40,700 --> 00:07:42,980 him like Jeff. Well, what they don't realize is 167 00:07:42,980 --> 00:07:46,180 that Jeff has been working here for 15 years, and now 168 00:07:46,180 --> 00:07:48,820 he has all this different access. So 169 00:07:48,820 --> 00:07:53,420 that's one scenario. But kind of what I'm very 170 00:07:53,420 --> 00:07:58,780 interested in is, where do you fit into that life 171 00:07:58,780 --> 00:08:03,340 cycle or that workload of getting from the point 172 00:08:03,340 --> 00:08:06,040 where it's like, you're provisioning these 173 00:08:06,040 --> 00:08:08,840 entitlements to now you have them and you may or 174 00:08:08,840 --> 00:08:11,380 may not be using them? Where 175 00:08:11,388 --> 00:08:15,600 does stack solve the problem? Which 176 00:08:15,600 --> 00:08:19,040 part of that workflow is it? Yeah, 177 00:08:19,240 --> 00:08:21,860 great question. So you're right, it's all 178 00:08:21,860 --> 00:08:24,640 about stacks of identities. And 179 00:08:24,640 --> 00:08:26,420 we should be clear, it's both human as well as non 180 00:08:26,420 --> 00:08:28,440 -human. Because most of the time we are 181 00:08:28,440 --> 00:08:30,580 seeing a new era of machine identities coming in 182 00:08:30,580 --> 00:08:34,580 workloads and whatnot, APIs, AI applications and so on 183 00:08:34,580 --> 00:08:35,700 and so forth. So we have stacks of 184 00:08:35,700 --> 00:08:38,700 identities, so stacks of permissions, stacks of 185 00:08:38,700 --> 00:08:41,679 privileges, stacks of policies, right? So 186 00:08:41,679 --> 00:08:45,880 that's a complete mess we have. So 187 00:08:45,880 --> 00:08:48,040 granting access is easy, right? Many 188 00:08:48,040 --> 00:08:49,940 tools do it effectively. So we're not solving that 189 00:08:49,940 --> 00:08:54,160 problem. Once access is granted, what 190 00:08:54,160 --> 00:08:57,480 happens on day two, day three, day five, day 10, 191 00:08:57,640 --> 00:09:02,060 day 100? Are you using the access? Or 192 00:09:02,060 --> 00:09:05,180 is some of, do you have more access than necessary? 193 00:09:06,960 --> 00:09:07,960 And are you approving access 194 00:09:07,960 --> 00:09:12,240 that's not required? And so we look into, how do 195 00:09:12,240 --> 00:09:15,100 we understand and help customers understand where 196 00:09:15,100 --> 00:09:18,880 are they over -permissioned in their environments? Where 197 00:09:18,880 --> 00:09:22,080 are unusual access patterns, unusual behaviors of access? 198 00:09:22,860 --> 00:09:24,340 Because anytime there's an access, 199 00:09:24,580 --> 00:09:27,220 there's a risk of somebody doing an exfiltration or an 200 00:09:27,220 --> 00:09:29,720 attack on your critical systems. So 201 00:09:29,720 --> 00:09:31,800 we are always focused on continuing to understand the 202 00:09:31,800 --> 00:09:35,260 access, attack surface, and always helping you to 203 00:09:35,260 --> 00:09:36,860 automate the reduction of this. So 204 00:09:36,860 --> 00:09:40,080 the primary goal that we're trying to solve is post 205 00:09:40,080 --> 00:09:43,300 -grant of access for any identity, machine or human. 206 00:09:44,340 --> 00:09:45,300 How do we make sure they only 207 00:09:45,300 --> 00:09:47,300 get the right access for the right reasons, for the 208 00:09:47,300 --> 00:09:49,600 right duration, for the right purpose, and that's 209 00:09:49,600 --> 00:09:52,520 it. And help customers to continue 210 00:09:52,520 --> 00:09:54,740 to operate in least -for -permission mode. That's 211 00:09:54,740 --> 00:09:57,140 our goal, and that's our IP, but to the company. 212 00:09:58,400 --> 00:10:00,280 Yeah, that's fantastic. You 213 00:10:00,288 --> 00:10:03,200 know, one of the things that Jeff mentioned is, you 214 00:10:03,200 --> 00:10:04,820 know, he asked a question of how did you come up 215 00:10:04,820 --> 00:10:08,040 with the name of Stack? I'm 216 00:10:08,040 --> 00:10:10,400 also interested to understand, so you've got 217 00:10:10,400 --> 00:10:15,420 this tagline around co -pilot for identity security. 218 00:10:15,979 --> 00:10:17,380 So what is that all about? 219 00:10:17,500 --> 00:10:18,840 What was the mentality there? 220 00:10:20,100 --> 00:10:22,200 Yeah, if you look at every CISO 221 00:10:22,200 --> 00:10:25,000 you've talked to or an identity leader, they will 222 00:10:25,000 --> 00:10:27,300 internally talk to themselves, and they know 223 00:10:27,300 --> 00:10:28,700 they have to solve this problem. They 224 00:10:28,700 --> 00:10:30,680 know they have a challenge with access of access, 225 00:10:30,960 --> 00:10:34,440 access running a muck, whether it's employees, 226 00:10:34,740 --> 00:10:37,060 contractors, third parties, whatever it is, they know 227 00:10:37,060 --> 00:10:40,440 this. But they can put their arms 228 00:10:40,440 --> 00:10:45,200 around this problem. And so, so why is that? They 229 00:10:45,200 --> 00:10:47,100 know they have to do this, but they cannot do this, 230 00:10:47,699 --> 00:10:49,820 because things are too complex right now, right? 231 00:10:49,900 --> 00:10:50,820 They have to do many different 232 00:10:50,820 --> 00:10:53,620 systems. They're dealing with, you know, 233 00:10:53,820 --> 00:10:55,880 identity systems, access control systems, 234 00:10:56,260 --> 00:10:59,480 applications, databases and whatnot. So 235 00:10:59,480 --> 00:11:01,940 they're struggling to figure out, how do I get my arms 236 00:11:01,940 --> 00:11:06,160 around this? And so the answer for customers 237 00:11:06,160 --> 00:11:09,960 is to help them leverage automation. So 238 00:11:09,960 --> 00:11:12,660 co -pilot is the ability for us to work and concert 239 00:11:12,660 --> 00:11:16,060 with the customers, and be almost like a co -pilot to 240 00:11:16,060 --> 00:11:18,060 the customers and environments. Watch 241 00:11:18,060 --> 00:11:20,840 over their environments continuously, understand 242 00:11:20,840 --> 00:11:24,280 where the problems are, and clearly, half of them are 243 00:11:24,280 --> 00:11:26,540 children, seeing there's a problem here. So 244 00:11:26,540 --> 00:11:28,820 co -pilot is all about the sort of AI world of 245 00:11:28,820 --> 00:11:31,860 automated visibility, automated access control, 246 00:11:31,980 --> 00:11:36,080 automated resolutions. So customers don't have to put 247 00:11:36,080 --> 00:11:37,760 human labor and all those things. And 248 00:11:37,760 --> 00:11:39,340 today, we've seen many, many companies that use 249 00:11:39,340 --> 00:11:42,420 spreadsheets and screen charts and emails back and 250 00:11:42,420 --> 00:11:44,700 forth just to just figure out, hey, this is actually 251 00:11:44,700 --> 00:11:47,180 required for Jim. That's a back and forth that 252 00:11:47,180 --> 00:11:49,720 happens for like a couple of weeks. So 253 00:11:49,720 --> 00:11:52,380 co -pilot takes a different approach. It's 254 00:11:52,380 --> 00:11:55,700 entirely automated. It's data driven. And 255 00:11:55,700 --> 00:11:57,900 through that approach, customers are informed of 256 00:11:57,900 --> 00:12:01,220 problems automatically in our console. So 257 00:12:01,220 --> 00:12:02,580 they kind of get to see, okay, these are the areas 258 00:12:02,580 --> 00:12:05,960 I'm focused on. These are my exposures. These 259 00:12:05,960 --> 00:12:08,720 are my exploit, things I need to go look after, 260 00:12:08,880 --> 00:12:09,900 right? And these are the ways I need 261 00:12:09,900 --> 00:12:12,640 to resize the right side of my policies. That's 262 00:12:12,640 --> 00:12:14,240 the whole idea of co -pilot is to give you the 263 00:12:14,240 --> 00:12:17,840 automation layer so you can automatically detect these 264 00:12:17,840 --> 00:12:22,740 unwanted access, unauthorized access, shadow access, and 265 00:12:22,740 --> 00:12:24,360 help customers to kind of go through a process of 266 00:12:24,360 --> 00:12:28,000 fixing these things as well automatically. Yeah, 267 00:12:28,040 --> 00:12:30,340 I thought that was one of the points that you made 268 00:12:30,340 --> 00:12:33,220 there was real interesting around not only the human 269 00:12:33,220 --> 00:12:35,880 identities. It's so easy to fall into the 270 00:12:35,880 --> 00:12:39,080 trap to think about identity as human beings, 271 00:12:39,160 --> 00:12:42,020 but there's also all these non -human identities, 272 00:12:42,160 --> 00:12:45,040 especially in your cloud environments. So 273 00:12:45,048 --> 00:12:49,600 let's kind of like shift into stuck meat and 274 00:12:49,600 --> 00:12:53,120 potatoes. So what are the environments, 275 00:12:53,400 --> 00:12:57,900 the cloud platforms that you guys support? And 276 00:12:57,900 --> 00:13:02,120 then if I'm wanting to use stack in that environment, 277 00:13:03,540 --> 00:13:07,420 what is the implementation of that like? In 278 00:13:07,420 --> 00:13:11,520 other words, how do I go about it at like a 10 ,000 279 00:13:11,520 --> 00:13:14,720 foot level? Yeah, it's quite simple. We 280 00:13:14,720 --> 00:13:17,680 support all the major cloud platforms today. We 281 00:13:17,680 --> 00:13:20,900 are a multi -cloud and a multi -IDP, multi -cloud 282 00:13:20,900 --> 00:13:27,400 mainly support AWS, Azure, GCP, and things like that. 283 00:13:27,540 --> 00:13:28,400 We also support multiple 284 00:13:28,400 --> 00:13:33,020 identity providers like Octa, Active Directory, 285 00:13:33,380 --> 00:13:36,040 EntryID. We also support identities that 286 00:13:36,040 --> 00:13:38,680 are built into databases, database identities, database 287 00:13:38,680 --> 00:13:41,340 admins, and things like that. So 288 00:13:41,348 --> 00:13:44,060 the platform is a SaaS platform. It's 289 00:13:44,060 --> 00:13:47,040 easy to deploy and onboard. And 290 00:13:47,040 --> 00:13:49,300 we take read -only access for a particular cloud 291 00:13:49,300 --> 00:13:51,640 account. Customers create a couple of policies 292 00:13:51,640 --> 00:13:54,800 for us and give a limited access scope. Through 293 00:13:54,800 --> 00:13:57,480 APIs, we ingest this data. It 294 00:13:57,480 --> 00:13:59,400 takes about five minutes to onboard a specific cloud 295 00:13:59,400 --> 00:14:02,880 account or an identity account for us, like Octa, 296 00:14:02,880 --> 00:14:05,420 for example. And then we do the analysis, 297 00:14:05,580 --> 00:14:08,840 we do the detections, and the time to initial value 298 00:14:08,840 --> 00:14:10,280 is about 60 minutes or less. So 299 00:14:10,280 --> 00:14:11,540 very simple to use to product. We 300 00:14:11,540 --> 00:14:14,320 have a nice dashboard that builds trust with our 301 00:14:14,320 --> 00:14:17,640 customers to tell, we tell some where things are in 302 00:14:17,640 --> 00:14:19,780 the global population space. What 303 00:14:19,780 --> 00:14:21,680 are the various activities, behaviors, what are the 304 00:14:21,680 --> 00:14:23,560 risks of identities, what are the over -informationed 305 00:14:23,560 --> 00:14:25,800 access? And we go through a guide and 306 00:14:25,800 --> 00:14:27,880 process to help customers to understand, agree, 307 00:14:28,080 --> 00:14:30,180 acknowledge, and then take action from the platform. 308 00:14:31,180 --> 00:14:32,580 So forgive me for sounding a 309 00:14:32,580 --> 00:14:35,280 little bit incredulous, but I'm going to paraphrase 310 00:14:35,280 --> 00:14:38,740 what you just said. If in about an hour you're 311 00:14:38,740 --> 00:14:40,500 able to pull all this information together and 312 00:14:40,500 --> 00:14:44,940 really start having actionable data across GCP, 313 00:14:45,340 --> 00:14:49,120 Azure, AWS, various IDPs, etc., you're pulling that 314 00:14:49,120 --> 00:14:51,580 data, that quickly, and really starting to be able 315 00:14:51,580 --> 00:14:54,000 to get your hands around the cloud, right? Which 316 00:14:54,000 --> 00:14:55,960 is kind of like this amorphous thing, right? How 317 00:14:55,960 --> 00:14:57,040 do you grab a cloud, right? You're 318 00:14:57,040 --> 00:14:59,940 kind of trying to get to it, but did I hear that 319 00:14:59,940 --> 00:15:02,360 correctly? Absolutely. I mean, I wish I could 320 00:15:02,360 --> 00:15:04,560 show you a demo right now, but maybe the next time, 321 00:15:04,680 --> 00:15:06,700 or the next episode here. But 322 00:15:06,700 --> 00:15:09,780 the point is, that's about all the cloud, right? API 323 00:15:09,780 --> 00:15:12,080 -based applications. So, you know, we're going to 324 00:15:12,088 --> 00:15:14,760 be assassins and API, we ingest this data, so it's 325 00:15:14,760 --> 00:15:17,900 easy for us to grab data, put it together. The 326 00:15:17,900 --> 00:15:20,480 power of our platform is not the ingestion, but the 327 00:15:20,480 --> 00:15:23,540 correlation, the detection, the analysis that we do 328 00:15:23,540 --> 00:15:25,540 automatically. And we're going to be throwing 329 00:15:25,540 --> 00:15:26,880 very large accounts too. So, 330 00:15:27,000 --> 00:15:28,800 we have customers who are kind of small, medium, or 331 00:15:28,800 --> 00:15:31,520 large, extra -large kind of accounts. So, 332 00:15:31,700 --> 00:15:34,020 you know, we are able to then, the IPU, the 333 00:15:34,020 --> 00:15:36,900 Birtistic, and understand and the entire populations. 334 00:15:37,600 --> 00:15:38,860 The challenge in this problem 335 00:15:38,860 --> 00:15:41,280 is always going to be, am I going to miss an island 336 00:15:41,280 --> 00:15:43,160 of identities lying around, which I'm not even touched, 337 00:15:43,400 --> 00:15:44,840 right? That's a problem. And 338 00:15:44,840 --> 00:15:46,540 that is an exposure, customers don't have the 339 00:15:46,540 --> 00:15:48,480 visibility. The idea is getting a 100 % 340 00:15:48,480 --> 00:15:51,740 visibility of all the identities across your 341 00:15:51,740 --> 00:15:53,940 environments. And that's what we do. So, 342 00:15:53,960 --> 00:15:55,560 that's an important statement. You 343 00:15:55,560 --> 00:15:58,080 start doing for one cloud or one platform and calling 344 00:15:58,080 --> 00:16:00,220 it a day, it's about looking at the entire 345 00:16:00,220 --> 00:16:03,000 identity populations that we live in, your cloud 346 00:16:03,000 --> 00:16:05,680 accounts, your identity providers, your databases, 347 00:16:06,440 --> 00:16:10,700 on -prem, hybrid, cloud -native, and whatnot. So, 348 00:16:10,740 --> 00:16:13,340 it's the comprehensiveness of our ingestion and the 349 00:16:13,340 --> 00:16:15,300 correlation with the customers' complete trust 350 00:16:15,300 --> 00:16:18,700 and visibility. It's their data. It's 351 00:16:18,700 --> 00:16:21,080 their story. And we just help them to kind 352 00:16:21,080 --> 00:16:23,580 of get to the quick conclusion and remember all 353 00:16:23,580 --> 00:16:26,100 the toil of managing, you know, spreadsheets and 354 00:16:26,100 --> 00:16:27,980 emails and back and forth and have them manage their 355 00:16:27,980 --> 00:16:30,180 policies. And automatically, we have the 356 00:16:30,180 --> 00:16:32,220 co -pilot, things that can take action quickly, right? 357 00:16:32,360 --> 00:16:33,180 And so, the goal is to 358 00:16:33,180 --> 00:16:35,740 continue to shrink this attack surface to lose 359 00:16:35,740 --> 00:16:37,820 automation. And I believe this is the way 360 00:16:37,820 --> 00:16:39,620 to go. At the end of the day, the 361 00:16:39,620 --> 00:16:41,600 customers don't have time, the resources are 362 00:16:41,600 --> 00:16:44,120 constrained. They're going to use technologists 363 00:16:44,120 --> 00:16:46,000 like General Bay App, which we were brought on our 364 00:16:46,000 --> 00:16:48,420 technology, to kind of bring this power of 365 00:16:48,420 --> 00:16:51,260 automation to market and get them to take action to 366 00:16:51,260 --> 00:16:53,080 kind of remove the access. That's 367 00:16:53,080 --> 00:16:55,420 a really important goal. Not 368 00:16:55,420 --> 00:16:57,020 to kind of show nice, pretty pictures, but to 369 00:16:57,020 --> 00:17:00,680 have them take action. Hey, Venkat, I want to get your 370 00:17:00,680 --> 00:17:05,359 thoughts on a statement or a quote that I've heard a 371 00:17:05,359 --> 00:17:07,900 few times, which is that you're only one 372 00:17:07,900 --> 00:17:12,339 misconfiguration or maybe is one over entitled account. 373 00:17:13,140 --> 00:17:15,359 You're only one misconfiguration 374 00:17:15,359 --> 00:17:18,260 away from a breach. To me, that puts a lot of 375 00:17:18,260 --> 00:17:22,960 onus on the identity management practitioner. But 376 00:17:22,960 --> 00:17:25,180 I kind of feel like that just means you have to 377 00:17:25,180 --> 00:17:27,800 have the right tools. But what are your thoughts when 378 00:17:27,800 --> 00:17:30,440 you hear a quote like that? I 379 00:17:30,440 --> 00:17:32,460 think when I hear a quote like that, it is absolutely 380 00:17:32,460 --> 00:17:34,300 true. It is an asymmetric problem. 381 00:17:34,980 --> 00:17:36,320 Attackers have to find just one 382 00:17:36,320 --> 00:17:37,980 weakness to get in. Defenders, 383 00:17:38,500 --> 00:17:41,480 as a customer, have to have the 100 % coverage. 384 00:17:42,060 --> 00:17:43,140 But it's not that you got to 385 00:17:43,140 --> 00:17:46,600 do everything perfect. You are never going to stop 386 00:17:46,600 --> 00:17:49,440 attacks. You're never going to, if there's 387 00:17:49,440 --> 00:17:51,140 going to be some challenges coming in, it's what is 388 00:17:51,140 --> 00:17:54,800 the risk of inaction? What is the risk of this 389 00:17:54,800 --> 00:17:56,520 access? So people are built identity 390 00:17:56,520 --> 00:17:59,060 systems for the last two decades. But 391 00:17:59,060 --> 00:18:01,220 the concept of risk of an identity, the fact if I'm 392 00:18:01,220 --> 00:18:04,580 giving access to Jim means I'm taking on a risk. I'm 393 00:18:04,580 --> 00:18:06,640 hoping Jim is a legitimate employee. He 394 00:18:06,640 --> 00:18:08,600 does legitimate actions, but sometimes that's not the 395 00:18:08,600 --> 00:18:10,380 case. Sometimes your account could be 396 00:18:10,380 --> 00:18:12,100 compromised. So the solution threat vector 397 00:18:12,100 --> 00:18:14,880 we are looking at right now means every account has 398 00:18:14,880 --> 00:18:18,500 a risk at that evening understand and take action. 399 00:18:18,940 --> 00:18:20,560 So the focus is really not 400 00:18:20,560 --> 00:18:23,880 about do the basis correct. For 401 00:18:23,880 --> 00:18:26,740 example, if there's over permissioned access, clean 402 00:18:26,740 --> 00:18:28,640 it out. If there are unused access, 403 00:18:28,880 --> 00:18:29,940 clean it out. If there are excessive access, 404 00:18:30,080 --> 00:18:31,680 clean it out. If you have poor posture, 405 00:18:31,860 --> 00:18:35,120 clean it out. Doing the basics correct and 406 00:18:35,120 --> 00:18:37,720 having complete visibility around these basic hygiene, 407 00:18:37,920 --> 00:18:41,700 if you will, solves 80 % of the problem in this 408 00:18:41,700 --> 00:18:44,400 market. Now you've got 20 % to go. The 409 00:18:44,400 --> 00:18:46,920 remaining 10 % now we've got the hygiene done. It's 410 00:18:46,920 --> 00:18:51,040 comfortable with that. Now look at the next 10%. How 411 00:18:51,040 --> 00:18:53,860 do I look at the critical clown jewels? In 412 00:18:53,860 --> 00:18:56,960 a data, in a databases, in a customer data, supply 413 00:18:56,960 --> 00:18:59,000 chain, look at external actors who want to come 414 00:18:59,000 --> 00:19:01,480 in, tighten those things up. That's 415 00:19:01,480 --> 00:19:05,540 another 10%. Another 5 % is where are my policy 416 00:19:05,540 --> 00:19:08,720 gaps? Where are my blind spots? Fix 417 00:19:08,720 --> 00:19:11,300 that. Now you get a 95 % pretty 418 00:19:11,300 --> 00:19:12,720 much. And the remaining 5 % is just 419 00:19:12,720 --> 00:19:14,500 to excuse you to accept. So 420 00:19:14,500 --> 00:19:18,060 by methodically looking at brass tacks, hygiene, 421 00:19:18,800 --> 00:19:22,640 configuration practices, least -fruits practices, 422 00:19:23,920 --> 00:19:27,500 better posture, improved posture, and tightening your 423 00:19:27,500 --> 00:19:30,940 policies, tightening your guardrails, education, you 424 00:19:30,940 --> 00:19:33,420 get to the 95 % mark and then the remaining 5 % is 425 00:19:33,420 --> 00:19:34,900 the risk of doing business. That's 426 00:19:34,900 --> 00:19:37,760 why I think about it. That way you can make progress. 427 00:19:38,640 --> 00:19:39,440 It's never going to be about 428 00:19:39,440 --> 00:19:41,660 100%. But it's always about having a 429 00:19:41,660 --> 00:19:44,840 method in place. And tools currently don't have 430 00:19:44,840 --> 00:19:47,140 this methodology. They built for 20 years ago for 431 00:19:47,140 --> 00:19:49,400 compliance and audit and automation for productivity 432 00:19:49,400 --> 00:19:51,640 purposes. Now I didn't even speak about 433 00:19:51,640 --> 00:19:54,220 thread dimension. Access is a thread dimension. This 434 00:19:54,220 --> 00:19:56,280 is the change the market is using in the last 435 00:19:56,280 --> 00:19:58,900 decade. It's going to get worse with 436 00:19:58,900 --> 00:20:01,900 the arrival of AI and machine identities and 437 00:20:01,900 --> 00:20:05,700 things like that. So that's a new part here. So 438 00:20:05,708 --> 00:20:10,960 I asked you earlier about lifecycle. We 439 00:20:10,960 --> 00:20:13,000 have to now leverage thread as part of the identity 440 00:20:13,000 --> 00:20:15,980 lifecycle, which we've never done before. So 441 00:20:15,980 --> 00:20:18,720 the notion of thread as part of a lifecycle of 442 00:20:18,720 --> 00:20:21,040 identity management has to be a front and center 443 00:20:21,040 --> 00:20:23,520 thought. And that's the area where it 444 00:20:23,520 --> 00:20:26,980 will be a part of the great innovation around. You 445 00:20:26,980 --> 00:20:29,300 know, another thought that what you just said, they're 446 00:20:29,300 --> 00:20:33,040 triggering another thought to me, which is a lot of 447 00:20:33,040 --> 00:20:39,000 the cloud environments were spun up not with the 448 00:20:39,000 --> 00:20:42,620 inclusion of informational security and the IAM 449 00:20:42,620 --> 00:20:46,520 strategists and practitioners within an organization. 450 00:20:47,240 --> 00:20:50,480 Application development teams were given 451 00:20:50,480 --> 00:20:52,020 like, hey, make this happen. We 452 00:20:52,020 --> 00:20:55,880 need to have this data lake and this great WISBANG 453 00:20:55,880 --> 00:20:58,200 project. And they went out and they 454 00:20:58,200 --> 00:21:01,900 built it. And a lot of times they're not 455 00:21:01,900 --> 00:21:04,920 security minded. So they weren't trying to get 456 00:21:04,920 --> 00:21:08,480 each account down to least privilege. Now 457 00:21:08,480 --> 00:21:12,860 this is someone says to see so, hey, buddy, the 458 00:21:12,860 --> 00:21:14,580 buck stops at your desk. You're 459 00:21:14,580 --> 00:21:20,180 responsible for protecting our data. And 460 00:21:20,188 --> 00:21:23,500 now the see so he or she has to figure out, oh, 461 00:21:23,560 --> 00:21:26,580 we've got this. We've got those crown jewels out 462 00:21:26,580 --> 00:21:30,680 there in this cloud. Now I need to figure out how 463 00:21:30,680 --> 00:21:32,980 to make it more secure. And 464 00:21:32,980 --> 00:21:35,960 I think one of the great places, sorry, it's not 465 00:21:35,960 --> 00:21:37,860 going to give you everything, but a great 466 00:21:37,860 --> 00:21:40,380 place to start would be to start looking at, especially 467 00:21:40,380 --> 00:21:43,180 this machine accounts, but all accounts, which ones 468 00:21:43,180 --> 00:21:47,380 are over provisioned? A great point. Yeah, 469 00:21:47,400 --> 00:21:49,600 the power of the cloud, right, this automation, I 470 00:21:49,600 --> 00:21:51,580 saw the cloud, we love the cloud so much, it's 471 00:21:51,580 --> 00:21:53,720 tremendous amount of power, right. Things 472 00:21:53,720 --> 00:21:56,780 like using, for example, you know, infrastructure is 473 00:21:56,780 --> 00:21:58,960 code, like Tataform, for example, you can spin a 474 00:21:58,960 --> 00:22:02,020 cloud in like five minutes, right. You 475 00:22:02,020 --> 00:22:04,240 can imagine you can set up a database in 30 seconds, 476 00:22:04,360 --> 00:22:07,060 you can put up a database, right, and have an upward 477 00:22:07,060 --> 00:22:10,020 customer data and do it, right, and go away. So 478 00:22:10,020 --> 00:22:12,000 the environment is quite difficult. So 479 00:22:12,000 --> 00:22:16,660 by all accounts, most cloud environments are 480 00:22:16,660 --> 00:22:18,020 automatically over provisioned because of 481 00:22:18,020 --> 00:22:21,460 automation, you know, and developers are driven by, 482 00:22:21,540 --> 00:22:24,180 that are their KPIs or productivity and velocity of 483 00:22:24,180 --> 00:22:28,060 code, not examination privileges. That's 484 00:22:28,060 --> 00:22:30,740 not their job. So they want to go where they 485 00:22:30,740 --> 00:22:32,800 want to build cool applications and monetize 486 00:22:32,800 --> 00:22:35,660 data, bring the latest AI, ML model, general AI, show 487 00:22:35,660 --> 00:22:38,160 value, right, and run and create value for the 488 00:22:38,160 --> 00:22:40,960 business. Security teams are pretty much on 489 00:22:40,960 --> 00:22:42,540 the outside and looking at this cloud. It's 490 00:22:42,540 --> 00:22:45,440 so fast and growing so fast. So 491 00:22:45,448 --> 00:22:48,560 when the buck stops for the security teams, they 492 00:22:48,560 --> 00:22:50,200 struggle, right. At the end of the day, they 493 00:22:50,200 --> 00:22:52,060 didn't have any policy control over this 494 00:22:52,060 --> 00:22:55,300 environment. And so what we're trying to do 495 00:22:55,300 --> 00:22:57,160 is to kind of bridge the gap, is to kind of bridge, 496 00:22:57,320 --> 00:22:59,440 help the security teams understand the risk of 497 00:23:00,199 --> 00:23:04,460 already over permissioned access, all the over, you 498 00:23:04,460 --> 00:23:07,080 know, exporters created. Coming 499 00:23:07,080 --> 00:23:09,260 to data assets, because it's so easy to spin up a 500 00:23:09,260 --> 00:23:12,040 data asset of the cloud and build an application to 501 00:23:12,040 --> 00:23:14,700 share data. So data sharing is ubiquitous. 502 00:23:15,040 --> 00:23:16,920 Like imagine how easy it is for 503 00:23:16,920 --> 00:23:19,040 us to, you know, not to share, you know, a Google 504 00:23:19,040 --> 00:23:21,540 sheet, right? Or, you know, it takes two 505 00:23:21,540 --> 00:23:23,420 minutes for us to create a spreadsheet or doc and 506 00:23:23,420 --> 00:23:25,940 share it with you. Done. Imagine now you're dead, 507 00:23:26,080 --> 00:23:28,700 you're sharing the same terabytes of data. With 508 00:23:28,700 --> 00:23:31,100 that, with that lot of simplicity, I can share my 509 00:23:31,100 --> 00:23:34,660 Google Drive or my Stoflake instances to my third 510 00:23:34,660 --> 00:23:37,160 parties and do interesting applications. So, 511 00:23:37,520 --> 00:23:40,800 and I just in two minutes, you have changed the world 512 00:23:40,800 --> 00:23:43,760 from, you know, kind of highly change control 513 00:23:43,760 --> 00:23:47,260 environment to a completely, you know, sort of, you 514 00:23:47,260 --> 00:23:50,840 know, ad hoc way to share data of our customers and 515 00:23:50,840 --> 00:23:54,700 whatnot to various third parties using APIs. So 516 00:23:54,700 --> 00:23:56,800 there's no visibility to these entire things. So 517 00:23:56,808 --> 00:23:58,520 that's why I go back to the Copilot. Thought 518 00:23:58,520 --> 00:24:02,340 is we need to bring the part of automation to work 519 00:24:02,340 --> 00:24:04,800 to solve this problem. The very, this problem is going 520 00:24:04,800 --> 00:24:06,440 to be automation in the first place in the cloud. 521 00:24:06,820 --> 00:24:07,740 So let's leverage automation 522 00:24:07,740 --> 00:24:11,020 and AI together to bring the early visibility, to 523 00:24:11,020 --> 00:24:12,720 bring that, you know, continuous visibility to 524 00:24:12,720 --> 00:24:15,180 practitioners of identity and security. So 525 00:24:15,180 --> 00:24:17,320 they can kind of keep up with this thing and start 526 00:24:17,320 --> 00:24:20,000 to figure out how they can speak about risk, right? 527 00:24:21,160 --> 00:24:22,480 The job of the C -SOS is not 528 00:24:22,480 --> 00:24:24,440 to talk about, you know, not to take on risk, but 529 00:24:24,440 --> 00:24:26,940 to speak about risk. If this is where I'm exposed, 530 00:24:28,180 --> 00:24:30,160 this is where the risk is, and this is where the 531 00:24:30,160 --> 00:24:32,380 impact is going to be. You guys take a call on this. 532 00:24:32,700 --> 00:24:33,680 So we're going to help C -SOS 533 00:24:33,680 --> 00:24:36,200 and the board ultimately take a call, and these are 534 00:24:36,200 --> 00:24:38,400 the exposures, but now we're going to make it 535 00:24:38,400 --> 00:24:41,000 super simple, super easy. And 536 00:24:41,000 --> 00:24:43,320 that's the reason why we so thrilled about, so 537 00:24:43,320 --> 00:24:47,400 worked about AI and machine learning and data lakes and 538 00:24:47,400 --> 00:24:48,880 whatnot. So this ability for us to 539 00:24:48,880 --> 00:24:52,300 bring that continuous visibility as things happen, 540 00:24:52,300 --> 00:24:55,260 you're able to respond to events and other shut it 541 00:24:55,260 --> 00:24:59,340 down or take action. That's super compelling. And 542 00:24:59,340 --> 00:25:01,000 go back in the day of, you know, change management, 543 00:25:01,240 --> 00:25:02,820 and you have three months to do reactions reviews 544 00:25:02,820 --> 00:25:05,120 today. And people don't even do 545 00:25:05,120 --> 00:25:07,140 reactions reviews today, you know, three months, every 546 00:25:07,140 --> 00:25:09,560 manager hates it. And when you want to review 547 00:25:09,560 --> 00:25:11,740 actions for your employees or your reports, you go 548 00:25:12,300 --> 00:25:14,860 find your favorite tool. I won't name these tools 549 00:25:14,860 --> 00:25:19,020 today, but you can find select all button and bulk 550 00:25:19,020 --> 00:25:20,780 approve. Done. It's a headache. I'm 551 00:25:20,780 --> 00:25:23,400 done. So nobody's examining access 552 00:25:23,400 --> 00:25:25,860 trivillators. It should be there. So 553 00:25:25,860 --> 00:25:28,540 when it doesn't happen through either a fraud 554 00:25:28,540 --> 00:25:33,840 process or a complex process, access accrues. So 555 00:25:33,840 --> 00:25:36,820 we want to bring automation and simplicity, because 556 00:25:36,820 --> 00:25:39,840 without simplicity and data, our customers will not take 557 00:25:39,840 --> 00:25:41,720 action. That's the differentiating aspect 558 00:25:41,720 --> 00:25:45,300 of what stack does. So how do you, how do you 559 00:25:45,300 --> 00:25:48,980 use something like stack to measure the success of the 560 00:25:48,980 --> 00:25:50,960 implementation or the data you're getting out of it? 561 00:25:51,000 --> 00:25:52,300 Because you talked about risk, 562 00:25:52,560 --> 00:25:53,580 right? And access permissions and 563 00:25:53,580 --> 00:25:56,460 cleanup, etc. I have to imagine that you've 564 00:25:56,460 --> 00:25:59,460 got, you know, customers right now that are using 565 00:25:59,460 --> 00:26:02,040 the product. How do they measure success to 566 00:26:02,040 --> 00:26:03,560 know that they've gotten a return on the investment 567 00:26:03,560 --> 00:26:06,380 they've made? Yeah, let me give an example of 568 00:26:06,380 --> 00:26:09,080 this, you know, you know, our customers and talk to 569 00:26:09,080 --> 00:26:12,100 the security teams, even the CISO, right? Their 570 00:26:12,100 --> 00:26:14,420 job is raise risks and awareness. And 571 00:26:14,420 --> 00:26:16,560 so now let's say they have an environment in which 572 00:26:16,560 --> 00:26:19,480 they found all the risks of AWS. They're 573 00:26:19,480 --> 00:26:21,640 going to knock on their colleagues, VP of 574 00:26:21,640 --> 00:26:23,420 engineering, who owns the cloud, hey, you got to go 575 00:26:23,420 --> 00:26:26,640 fix this buddy. The VP of engineering says, you 576 00:26:26,640 --> 00:26:29,640 know what, I don't have time for this. I'll 577 00:26:29,640 --> 00:26:31,560 look at it when I can, right? So 578 00:26:31,560 --> 00:26:34,920 now we have surface intelligence and the risk. 579 00:26:35,820 --> 00:26:37,460 The CISO has told his peers 580 00:26:37,460 --> 00:26:40,400 you got to go fix it, but nothing happens. So 581 00:26:40,400 --> 00:26:42,120 what happens now? A month goes by, still 582 00:26:42,120 --> 00:26:44,640 nothing happens. It's like, so now there's a 583 00:26:44,640 --> 00:26:47,180 back and forth, right? So what we do is it can be 584 00:26:47,180 --> 00:26:48,800 a bit SLAs out of the product. Now, 585 00:26:49,020 --> 00:26:50,980 you know, if that risk you're generating, but it's 586 00:26:50,980 --> 00:26:54,160 a high severity risk, it's got to be fixed within one 587 00:26:54,160 --> 00:26:57,200 week, right? And now we become the broker. 588 00:26:58,160 --> 00:26:59,160 So our ticketing mechanism 589 00:26:59,160 --> 00:27:03,580 includes this SLA. So now the cloud engineering 590 00:27:03,580 --> 00:27:06,940 VP has to respond to this. They 591 00:27:06,940 --> 00:27:08,760 can say, look, I accept the risk, I'll fix it 592 00:27:08,760 --> 00:27:12,380 within a week. I will accept the risk. I 593 00:27:12,380 --> 00:27:15,040 will fix it in two weeks. I 594 00:27:15,040 --> 00:27:17,300 will not accept the risk escalate. This 595 00:27:17,300 --> 00:27:19,840 is the business. So our job is to kind of 596 00:27:19,840 --> 00:27:21,340 make sure they come together, collaborate, 597 00:27:21,420 --> 00:27:24,140 collaborate on the single platform, cost tag, identity 598 00:27:24,140 --> 00:27:28,440 risks of high fidelity, high urgency has to be 599 00:27:28,440 --> 00:27:30,740 taken care of. And at least everybody's on the 600 00:27:30,740 --> 00:27:32,800 same page. That's the same data they're 601 00:27:32,800 --> 00:27:36,160 looking at the CISO and the identity of looking at 602 00:27:36,160 --> 00:27:39,060 the same data as the DevOps and security teams 603 00:27:39,060 --> 00:27:40,860 are looking at. So we're able to bring this, 604 00:27:41,180 --> 00:27:44,380 this collaborative platform through SLA. So 605 00:27:44,380 --> 00:27:46,780 the end of the day, it's not, you know, I'll do it 606 00:27:46,780 --> 00:27:48,840 when I can. Let's look at the risk. And 607 00:27:48,840 --> 00:27:51,640 if you can resolve this at this level, we elevate this 608 00:27:51,640 --> 00:27:54,300 to the, the head of operations or the business 609 00:27:54,300 --> 00:27:56,160 unit data, whatever it is. Our 610 00:27:56,160 --> 00:27:58,680 goal ultimately is to kind of keep on nudging, nudging 611 00:27:58,680 --> 00:28:00,860 through SLA. So somebody can actually remove 612 00:28:00,860 --> 00:28:03,180 the access. Until such point in time access 613 00:28:03,180 --> 00:28:05,860 is not removed, you're not done a job. And 614 00:28:05,860 --> 00:28:07,440 that's where it goes to kind of take that last 615 00:28:07,440 --> 00:28:11,540 mile, help leaders and owners and stakeholders and 616 00:28:11,540 --> 00:28:14,400 risk managers and teams understand the risk, agree 617 00:28:14,400 --> 00:28:17,120 on the risk, and then I've delivered plans to fix 618 00:28:17,120 --> 00:28:19,860 these problems. So measurement of what our 619 00:28:19,860 --> 00:28:22,700 product is, how many of these tickets have we, have 620 00:28:22,700 --> 00:28:25,840 we sold have actually removed the access? Is 621 00:28:25,840 --> 00:28:28,100 it growing? Is it shrinking? How's 622 00:28:28,100 --> 00:28:29,480 it happened on the last, you know, however, what is 623 00:28:29,480 --> 00:28:30,780 the trending? So when they see the trend 624 00:28:30,780 --> 00:28:33,620 lines coming down, they see value in the product that 625 00:28:33,620 --> 00:28:35,780 we're able to now, you know, take a fairly chaotic 626 00:28:35,780 --> 00:28:39,700 environment of unbroadened access and brought it down 627 00:28:39,700 --> 00:28:43,100 to manageable sort of issues and risks and be 628 00:28:43,100 --> 00:28:45,140 able to provide continuous visibility and operational 629 00:28:45,140 --> 00:28:47,780 fidelity around this. So that's what customers 630 00:28:47,780 --> 00:28:49,400 measure, right? And do it in a very automated 631 00:28:49,400 --> 00:28:52,020 fashion, which means they're not repurposing their teams 632 00:28:52,020 --> 00:28:53,760 to go to this, you know, co -pilot takes it further 633 00:28:53,760 --> 00:28:56,600 automatically. You talked about those nudges 634 00:28:56,600 --> 00:28:58,520 and I, and I see this as well as sort of in the 635 00:28:58,520 --> 00:29:00,940 real world is people are always hesitant to take 636 00:29:00,940 --> 00:29:03,040 away access because they're not sure what it does. 637 00:29:03,040 --> 00:29:04,580 It's going to break something. 638 00:29:04,840 --> 00:29:05,800 And so they just kind of leave 639 00:29:05,800 --> 00:29:10,460 it, I guess, you know, is that fair where we're at 640 00:29:10,460 --> 00:29:12,120 today where people just don't know what they're, 641 00:29:12,120 --> 00:29:14,640 what they're, what they're human and sometimes non 642 00:29:14,640 --> 00:29:16,080 -human accounts are doing. And 643 00:29:16,080 --> 00:29:18,760 so that, that hesitancy is real. How 644 00:29:18,760 --> 00:29:20,720 do you take something like that and say, okay, well, 645 00:29:20,720 --> 00:29:22,620 here's a better way to do it. Maybe 646 00:29:22,620 --> 00:29:25,040 there's more context around what this account does or 647 00:29:25,040 --> 00:29:27,500 the continuous evaluation, right, of what the access 648 00:29:27,500 --> 00:29:30,120 is doing and shrinking attack surfaces and things 649 00:29:30,120 --> 00:29:31,680 like that. Can you talk a little bit 650 00:29:31,680 --> 00:29:35,680 about why you see those nudges being needed still 651 00:29:35,680 --> 00:29:38,180 and then how does that reduce the attack surface 652 00:29:38,180 --> 00:29:41,180 once you get through the nudge factor? Yeah, 653 00:29:41,480 --> 00:29:44,540 most of them, for example, you know, when you're 654 00:29:44,540 --> 00:29:46,020 trying to remove access, you don't have the full 655 00:29:46,020 --> 00:29:48,180 context, right? Because the removal that access 656 00:29:48,180 --> 00:29:49,920 could impact other downstream applications, 657 00:29:50,240 --> 00:29:52,480 legitimate reasons, right? Why 658 00:29:52,480 --> 00:29:54,400 users could be disabled and not get access to the 659 00:29:54,400 --> 00:29:55,940 system. So the worry is, am I going 660 00:29:55,940 --> 00:29:57,940 to break something down the line? So 661 00:29:57,940 --> 00:29:59,380 the first thing you do is give you the complete 662 00:29:59,380 --> 00:30:00,760 picture. If you remove this access, 663 00:30:00,880 --> 00:30:02,140 this is going to be the impact, right? Of 664 00:30:02,140 --> 00:30:05,140 all these systems, we build that map and we show that 665 00:30:05,140 --> 00:30:06,980 graph. So we build trust in our data 666 00:30:06,980 --> 00:30:09,720 itself, number one. So the first thing is to 667 00:30:09,720 --> 00:30:12,380 avoid confident, hey, nobody's access is the last 668 00:30:12,380 --> 00:30:15,680 90 days. Okay. And you know, this access 669 00:30:15,680 --> 00:30:17,280 is very risky. It's got a high degree of 670 00:30:17,280 --> 00:30:19,900 impact. You know, I think of some of 671 00:30:19,900 --> 00:30:21,720 the breaches that's happened over the last, you know, 672 00:30:21,860 --> 00:30:24,540 massive breaches, right, you know, you've seen in a 673 00:30:24,540 --> 00:30:28,120 time and again, and you got to take action on and 674 00:30:28,120 --> 00:30:31,400 so that's one example is to kind of give visibility. 675 00:30:32,240 --> 00:30:33,620 The second area we have helped 676 00:30:33,620 --> 00:30:35,440 customers is look, even if I have to remove the 677 00:30:35,440 --> 00:30:38,180 access, you know, some people call it the screen 678 00:30:38,180 --> 00:30:40,040 test, right? You don't access on a screen. 679 00:30:41,160 --> 00:30:42,040 Oh my God, I need access. 680 00:30:42,220 --> 00:30:43,300 Okay. If you need screen, you 681 00:30:43,300 --> 00:30:45,600 need to do screen test. You 682 00:30:45,600 --> 00:30:48,280 go out to a URL and you'll request access again. 683 00:30:48,980 --> 00:30:49,820 You'll access the store 684 00:30:49,820 --> 00:30:53,320 immediately. So we remove the issue of, 685 00:30:53,440 --> 00:30:56,900 you know, we remove the issue of, you know, if we, 686 00:30:57,060 --> 00:31:00,660 if customers do need access, you know, and take 687 00:31:00,660 --> 00:31:03,280 enough for some reason, you can now give them access 688 00:31:03,280 --> 00:31:06,380 back, but now it's more just in time because you're 689 00:31:06,380 --> 00:31:08,320 only using it once in 90 days. So 690 00:31:08,320 --> 00:31:09,900 we're able to kind of bring in, bring this 691 00:31:09,900 --> 00:31:12,040 process together to kind of institutionalize a behavioral 692 00:31:12,040 --> 00:31:14,520 change. It's a behavioral change. And 693 00:31:14,520 --> 00:31:16,200 behaviors won't change overnight. It 694 00:31:16,200 --> 00:31:18,540 needs data. It needs impact to downstream 695 00:31:18,540 --> 00:31:21,160 applications. And what happens if I do make 696 00:31:21,160 --> 00:31:23,160 a mistake and I resort that this day quickly, 697 00:31:23,160 --> 00:31:25,340 that's the third point, all three things are part of 698 00:31:25,340 --> 00:31:27,980 the art platform. So customers are comfortable. 699 00:31:28,180 --> 00:31:29,020 Hey, even if I remove the 700 00:31:29,020 --> 00:31:31,560 access, you're going to scream at me, go to the 701 00:31:31,560 --> 00:31:33,580 swing or request access within 30 seconds, we'll 702 00:31:33,580 --> 00:31:36,620 reprovision the access. But now we can give you a 703 00:31:36,620 --> 00:31:37,960 limited based access, right? Now 704 00:31:37,960 --> 00:31:41,900 I've culturally removed the access and also kind of 705 00:31:41,900 --> 00:31:44,340 give you more of a time -based approach. So 706 00:31:44,340 --> 00:31:48,340 I've made, you know, great progress in the behavior 707 00:31:48,340 --> 00:31:50,260 and sentiments of these problems. So 708 00:31:50,260 --> 00:31:52,140 those are the couple of areas we really customers 709 00:31:52,140 --> 00:31:53,580 like this. And again, all of this is 710 00:31:53,580 --> 00:31:56,200 automated. So there's no kind of back 711 00:31:56,200 --> 00:32:00,000 and forth around this to remove the human toil. And 712 00:32:00,000 --> 00:32:02,380 that's a big issue. Now these things are more 713 00:32:02,380 --> 00:32:04,840 complex in the machine editor days, right? And 714 00:32:04,840 --> 00:32:07,580 there's nobody to tap in the verify access. You 715 00:32:07,588 --> 00:32:10,860 know, so we see a lot of cases, for example, when 716 00:32:10,860 --> 00:32:12,800 people are using machine editor days and abusing it, 717 00:32:12,980 --> 00:32:16,220 human users, vice versa. So we kind of have all these 718 00:32:16,220 --> 00:32:18,800 environments where, look, where there's a risk of 719 00:32:18,800 --> 00:32:22,580 access or an abuse of access, but things are sort 720 00:32:22,580 --> 00:32:24,940 of awry, we kind of bring it back. But 721 00:32:24,940 --> 00:32:26,680 at the end of the day, we take a lot of pride in 722 00:32:26,680 --> 00:32:28,980 operationally making sure customers are able to 723 00:32:28,980 --> 00:32:32,440 manage this entire problem within their culture, within 724 00:32:32,440 --> 00:32:35,020 their workflows, within their environments. Only 725 00:32:35,020 --> 00:32:37,000 then we see, you know, a big adapt happening in our 726 00:32:37,000 --> 00:32:42,080 customers. So you mentioned, we've been 727 00:32:42,080 --> 00:32:43,740 talking awful a lot of the cloud, I think, early on 728 00:32:43,740 --> 00:32:45,800 you mentioned that there were also some capabilities 729 00:32:45,800 --> 00:32:49,440 around on -prem systems like Active Directory and 730 00:32:49,440 --> 00:32:52,320 Database. Are there differences in how 731 00:32:52,320 --> 00:32:55,140 that integration works? Is it relatively the same? 732 00:32:55,620 --> 00:32:56,600 Talk a little bit about sort of 733 00:32:56,600 --> 00:32:58,720 like the divide between cloud and then maybe on 734 00:32:58,720 --> 00:33:02,560 -prem resources. Yeah, I think mostly for cloud 735 00:33:02,560 --> 00:33:05,000 being such a modern platform, it's all API 736 00:33:05,000 --> 00:33:06,840 based. So most of the times we have 737 00:33:06,840 --> 00:33:08,900 very good APIs to integrate. So 738 00:33:08,900 --> 00:33:11,680 you don't have to have agents deployed on any 739 00:33:11,680 --> 00:33:14,360 systems. We can just use APIs. I 740 00:33:14,360 --> 00:33:17,100 use the cloud control plane to look at our data when 741 00:33:17,100 --> 00:33:20,260 it's really on -prem. Then there's no, you know, 742 00:33:20,500 --> 00:33:22,540 native cloud, there's no cloud native way to kind 743 00:33:22,540 --> 00:33:23,820 of talk to the resources, right? We 744 00:33:23,820 --> 00:33:25,340 need some sort of a connector or an agent where 745 00:33:25,340 --> 00:33:28,760 you deploy on the premise itself, which acts like a 746 00:33:28,760 --> 00:33:33,300 broker, right, to kind of to look at this. So, 747 00:33:34,120 --> 00:33:37,920 so, you know, so those are the ways that I think, you 748 00:33:37,920 --> 00:33:40,780 know, for on -prem environments, we do need 749 00:33:40,780 --> 00:33:42,940 some agents deployed, but that's really a consequence 750 00:33:42,940 --> 00:33:46,180 of where the technology is for the end of the day. 751 00:33:46,260 --> 00:33:47,220 It's all about the universal 752 00:33:47,220 --> 00:33:50,660 visibility, right? The single layer that aggregates 753 00:33:50,660 --> 00:33:52,780 all the information together at a single place. And 754 00:33:52,780 --> 00:33:54,640 so we kind of build this abstraction where whether 755 00:33:54,640 --> 00:33:56,720 it's cloud, whether it's on -prem, whether it's hybrid, 756 00:33:57,380 --> 00:33:59,560 whether it's cloud native or, you know, customer 757 00:33:59,560 --> 00:34:01,780 managed, doesn't really matter. Good 758 00:34:01,780 --> 00:34:04,160 identities or where they are. And 759 00:34:04,168 --> 00:34:06,060 so we are job is to go pick up these identities 760 00:34:06,060 --> 00:34:10,860 and give, you know, give this focus. I'm 761 00:34:10,860 --> 00:34:12,620 also going to address one other issue, right, in 762 00:34:12,620 --> 00:34:14,679 terms of, I think, I think Jimmy brought this up early 763 00:34:14,679 --> 00:34:19,040 on around this access issue and we talk about stacks 764 00:34:19,040 --> 00:34:22,159 of identities and stacks of access, right? Now, 765 00:34:23,560 --> 00:34:26,800 stacks of access was always a problem given the 766 00:34:26,800 --> 00:34:29,219 complexity. Now with the stacks of 767 00:34:29,219 --> 00:34:31,920 identities coming in, you know, all these platforms 768 00:34:31,920 --> 00:34:34,900 in the cloud, enterprise, in database or whatnot, 769 00:34:35,880 --> 00:34:38,860 many cases, for example, right, a user is called 770 00:34:38,860 --> 00:34:41,760 multiple accounts. You might have five, six, seven 771 00:34:41,760 --> 00:34:46,580 accounts in your system and they cross cloud platforms 772 00:34:46,580 --> 00:34:49,300 and on -prem. And the idea that everything is 773 00:34:49,300 --> 00:34:52,280 going to be on a single identity or a single IM is 774 00:34:52,280 --> 00:34:55,400 almost impossible. That's the end of the station. 775 00:34:55,960 --> 00:34:56,980 For the last 20 years, we 776 00:34:56,980 --> 00:34:59,880 built a system with the premise that I can manage 777 00:34:59,880 --> 00:35:02,860 gyms out of any one single place. And 778 00:35:02,860 --> 00:35:05,360 that promise is gone. So now we're living in a 779 00:35:05,360 --> 00:35:07,080 world where you're going to have multiple identities, 780 00:35:07,260 --> 00:35:11,060 multiple personas, and multiple access. So 781 00:35:11,060 --> 00:35:15,060 for example, if you were to log in to a system and 782 00:35:15,060 --> 00:35:16,940 you've, you've, you've failed your passwords three 783 00:35:16,940 --> 00:35:19,660 times, today, what is the typical response for a 784 00:35:19,660 --> 00:35:21,620 company? They would automatically research 785 00:35:21,620 --> 00:35:24,780 a password, good practice, and they would do an 786 00:35:24,780 --> 00:35:28,480 Auduband MFA challenge, again, good practice. But 787 00:35:28,480 --> 00:35:30,020 nobody was going to look at whether or not these 788 00:35:30,020 --> 00:35:33,080 three password failures was really Jim forgetting the 789 00:35:33,080 --> 00:35:36,040 password or illegitimate attempt by an attacker 790 00:35:36,040 --> 00:35:38,880 trying to pawn Jim's account or do an account 791 00:35:38,880 --> 00:35:41,140 takeover. Because the fourth signal doesn't 792 00:35:41,140 --> 00:35:45,420 happen right away. So you have a process that's 793 00:35:45,420 --> 00:35:47,820 dear to password users when you move on. As 794 00:35:47,820 --> 00:35:49,520 a co -pilot, we watch you go at these things, say, 795 00:35:49,540 --> 00:35:50,820 what happened? Wait a minute, there's now a 796 00:35:50,820 --> 00:35:53,420 fifth attempt happened two days later. They 797 00:35:53,420 --> 00:35:54,740 put the three together, two together. Wait 798 00:35:54,740 --> 00:35:57,560 a minute, this is now early patterns of ransomware 799 00:35:57,560 --> 00:35:59,060 attack on a particular account. So 800 00:35:59,060 --> 00:36:01,280 these are the things we're doing is really, you know, 801 00:36:01,300 --> 00:36:03,140 this is difficult for humans to figure out. They, 802 00:36:03,160 --> 00:36:05,200 they're going to watch every event every time. So 803 00:36:05,200 --> 00:36:08,060 this automation that we've built helps us understand 804 00:36:08,060 --> 00:36:11,380 what are really legitimate access patterns, what are 805 00:36:11,380 --> 00:36:13,400 illegitimate and unauthorized, but I'm going 806 00:36:13,408 --> 00:36:14,960 to indicate attacks and whatnot. So 807 00:36:14,960 --> 00:36:16,400 I just want to kind of add the bit of a color as 808 00:36:16,400 --> 00:36:19,440 well as to what we do really at a product 809 00:36:19,440 --> 00:36:22,040 platform level. You know, it's just what I 810 00:36:22,040 --> 00:36:24,980 wanted to say there, Venkat, was early on with 811 00:36:24,980 --> 00:36:29,800 what you just said, you talked about, well, you 812 00:36:29,800 --> 00:36:33,860 know, primarily the, the on -prem infrastructure doesn't 813 00:36:33,860 --> 00:36:36,500 have all the connectors. I know if I was building a 814 00:36:36,500 --> 00:36:39,260 product right now, I'd focus on the cloud because 815 00:36:39,260 --> 00:36:43,220 my perspective is you've already seen cloud take a 816 00:36:43,220 --> 00:36:47,440 big bite out of on -prem infrastructure. And 817 00:36:47,440 --> 00:36:50,020 I think that five years down the road, 10 years 818 00:36:50,020 --> 00:36:52,400 down the road, I mean, it's going to be smaller 819 00:36:52,400 --> 00:36:53,800 and smaller. It's just like the same 820 00:36:53,800 --> 00:36:55,820 progression we saw with mainframes. I'm 821 00:36:55,820 --> 00:36:57,480 not saying that I think it'll ever go away. 822 00:36:57,920 --> 00:36:59,680 Mainframes are still around. They'll 823 00:36:59,680 --> 00:37:03,780 probably still be around when I retire, but you 824 00:37:03,780 --> 00:37:06,780 know, it's becoming a less significant piece over time. 825 00:37:07,020 --> 00:37:08,220 So that was where I would 826 00:37:08,220 --> 00:37:10,200 focus. But I think there's another 827 00:37:10,200 --> 00:37:13,060 thing at play here, which is that the cloud 828 00:37:13,060 --> 00:37:19,060 environments were built in a way that tools like 829 00:37:19,060 --> 00:37:24,860 Stack Identity have what they need in order to do 830 00:37:24,860 --> 00:37:26,220 the type of analysis, right? You 831 00:37:26,220 --> 00:37:28,800 need to know what the accounts are, what access 832 00:37:28,800 --> 00:37:31,960 they have, but then you also need to know what 833 00:37:31,960 --> 00:37:34,440 access they're actually using, right? Because 834 00:37:34,440 --> 00:37:37,320 it's the bumping up of those two things to say, 835 00:37:37,520 --> 00:37:40,700 hey, here's all this access this account has, that's 836 00:37:40,700 --> 00:37:42,840 not at use. Why is that important? So 837 00:37:42,840 --> 00:37:46,500 to me, and I'm hoping you can either validate or 838 00:37:46,500 --> 00:37:49,300 correct me, but why is that important? Okay, 839 00:37:49,360 --> 00:37:53,400 so this account has these seven roles that it's not 840 00:37:53,400 --> 00:37:55,600 using. Who cares? Well, 841 00:37:55,740 --> 00:37:58,580 it's about a tax surface, right? It's 842 00:37:58,580 --> 00:38:02,320 about, hey, if I have an account out there that has 843 00:38:02,320 --> 00:38:06,240 its over provisioned with entitlements and somebody 844 00:38:06,240 --> 00:38:09,300 gets control of that account, now they have all 845 00:38:09,300 --> 00:38:11,980 those entitlements. Even though those entitlements 846 00:38:11,980 --> 00:38:14,900 haven't been getting used, well, now they just open 847 00:38:14,900 --> 00:38:19,880 up a whole new door. Now that account could be taken 848 00:38:19,880 --> 00:38:21,540 over regardless, right? That's 849 00:38:21,540 --> 00:38:24,100 a totally separate control. But 850 00:38:24,100 --> 00:38:27,360 do you want that account to be least privileged? Or 851 00:38:27,360 --> 00:38:31,100 do you want it to have least privilege plus who 852 00:38:31,100 --> 00:38:33,800 knows how many additional privileges? So 853 00:38:33,808 --> 00:38:37,300 am I, and like I said, the cloud environment, the 854 00:38:37,300 --> 00:38:41,760 cloud platforms have the pieces and parts to make 855 00:38:41,760 --> 00:38:45,360 that determination. If it was, if the on -prem 856 00:38:45,360 --> 00:38:48,180 environment had all those things, this would have 857 00:38:48,180 --> 00:38:50,800 been getting done 10, 15 years ago because the 858 00:38:50,800 --> 00:38:54,200 problem existed then, and people wanted to solve it 859 00:38:54,200 --> 00:38:58,160 then, but they just, they didn't have visibility to 860 00:38:59,140 --> 00:39:01,060 where all the accounts were being used. And 861 00:39:01,060 --> 00:39:03,560 we had SIM and we tried to pull all this 862 00:39:03,560 --> 00:39:05,600 information together, but everyone knew it wasn't 863 00:39:05,600 --> 00:39:07,860 complete. So if you just started taking 864 00:39:07,860 --> 00:39:11,920 access away, that's that part that you started off 865 00:39:11,920 --> 00:39:14,500 the conversation with is like, that's scary. You 866 00:39:14,500 --> 00:39:16,460 start taking away roles just because you think 867 00:39:16,460 --> 00:39:18,280 they're not being used, but they actually are being 868 00:39:18,280 --> 00:39:22,380 used problem, right? But in the cloud environment, 869 00:39:22,380 --> 00:39:25,420 you have a higher level of confidence, maybe 100 % 870 00:39:25,420 --> 00:39:28,900 confidence that that role is actually not being used. 871 00:39:29,780 --> 00:39:30,980 Yeah, absolutely. And 872 00:39:30,980 --> 00:39:32,100 that's it. Do you put the nail on the 873 00:39:32,100 --> 00:39:36,140 head? You know, if you look at the 874 00:39:36,140 --> 00:39:38,300 pattern of ransomware attacks, you know, the big 875 00:39:38,300 --> 00:39:40,040 one or another health group and all those, it's all 876 00:39:40,040 --> 00:39:43,280 the same pattern, a compromise identity. And 877 00:39:43,280 --> 00:39:46,380 then that's not enough. You need privileges and 878 00:39:46,380 --> 00:39:49,040 permissions to elevate yourself and laterally move 879 00:39:49,040 --> 00:39:50,020 across the organization. It's 880 00:39:50,028 --> 00:39:53,000 all about lateral movement, right? What 881 00:39:53,000 --> 00:39:54,960 any worse lateral movement? It's 882 00:39:54,960 --> 00:39:57,820 access and privileges. So if you can cut off these 883 00:39:57,820 --> 00:40:02,080 links by removing access, right? And, 884 00:40:02,160 --> 00:40:04,080 and, you know, then you can, you can limit the 885 00:40:04,080 --> 00:40:06,380 damage you can contain the, the attack, you know, and 886 00:40:06,380 --> 00:40:11,220 so, so understanding how our leaders can move within 887 00:40:11,220 --> 00:40:14,200 the enterprise, how can they flow and what actions 888 00:40:14,200 --> 00:40:16,620 they can use to get from a to V to C to D to go 889 00:40:16,620 --> 00:40:20,480 to the target, that's crucial, which means that 890 00:40:20,480 --> 00:40:22,580 in cloud, even in regular environments, we need to 891 00:40:22,580 --> 00:40:26,480 look at not just the provisioned access, but how 892 00:40:26,480 --> 00:40:28,760 is Jim using this access or a service to condensing 893 00:40:28,760 --> 00:40:31,440 this access? That means you got to look at, 894 00:40:31,520 --> 00:40:33,980 for example, what's happening over a period of 895 00:40:33,980 --> 00:40:36,880 time? And on the time could be in a 896 00:40:36,880 --> 00:40:40,080 90 days, for example, or 120 days. Okay. 897 00:40:40,340 --> 00:40:43,220 What's happening with this time boundary? Now, 898 00:40:43,280 --> 00:40:45,900 the user, if it regularly, if there's a regular role, 899 00:40:46,260 --> 00:40:49,320 you'll be using this account to, you know, to 900 00:40:49,320 --> 00:40:51,960 do things, right? There'll be some activity on this 901 00:40:51,960 --> 00:40:53,940 account. There'll be some actions on the 902 00:40:53,940 --> 00:40:56,520 target resource. There could be some, you know, 903 00:40:56,600 --> 00:40:59,900 some behaviors. But if none of them are 904 00:40:59,900 --> 00:41:03,240 present, then the problem is you just under our 905 00:41:03,240 --> 00:41:06,280 necessary access. So the access or type surface 906 00:41:06,280 --> 00:41:08,540 is really by product of you, if you're not using 907 00:41:08,540 --> 00:41:11,080 the access, you got to give up the access. That 908 00:41:11,080 --> 00:41:12,820 should be the very simple process. If 909 00:41:12,820 --> 00:41:14,340 you're not using the access, you should just 910 00:41:14,340 --> 00:41:16,720 give up the access automatically. Now, 911 00:41:16,740 --> 00:41:19,040 today, we don't have these tools for doing some cloud 912 00:41:19,040 --> 00:41:22,040 is very easy, right? But you also need two data 913 00:41:22,040 --> 00:41:24,640 points. One is, what's your access and 914 00:41:24,640 --> 00:41:28,780 are you using it? So we automate that, that the 915 00:41:28,780 --> 00:41:33,280 time based analysis that we can easily give you without 916 00:41:33,280 --> 00:41:34,880 a without any false positive, right? We 917 00:41:34,880 --> 00:41:37,640 clearly really you're not using this access. There's 918 00:41:37,640 --> 00:41:39,480 proof. And so you don't need access. 919 00:41:39,840 --> 00:41:41,480 Okay. So I'm going to remove the 920 00:41:41,480 --> 00:41:43,660 access. Let's say Jim says, you know, 921 00:41:43,720 --> 00:41:45,900 I'm going to use it once in 90 days, because it's a 922 00:41:45,900 --> 00:41:47,860 quarterly report, great. Then 923 00:41:47,860 --> 00:41:49,720 I'm going to give you a just in time access or one 924 00:41:49,720 --> 00:41:52,400 time access, you can just use it. So 925 00:41:52,400 --> 00:41:55,440 the number of ways we can look at data, and we can 926 00:41:55,440 --> 00:41:58,940 analyze activities and behaviors and actions to 927 00:41:58,940 --> 00:42:01,600 then compare with your intended goal of giving 928 00:42:01,600 --> 00:42:04,620 access and to solve this problem. In 929 00:42:04,620 --> 00:42:07,200 cloud, by the way, many cases because of automation, 930 00:42:08,100 --> 00:42:10,820 nobody even knows why an access was granted. Let 931 00:42:10,820 --> 00:42:13,520 me show our dashboard on our product. The 932 00:42:13,520 --> 00:42:15,420 first thing customers ask us is, I don't know why 933 00:42:15,420 --> 00:42:18,220 this happened. It's a very common refrain. I 934 00:42:18,220 --> 00:42:20,180 don't know why this access was given, which means 935 00:42:20,180 --> 00:42:24,300 there was no way for them to contemplate why somebody 936 00:42:24,300 --> 00:42:27,480 would give an access. Maybe it's an emergency access 937 00:42:27,480 --> 00:42:29,120 and just state permanent. So 938 00:42:29,120 --> 00:42:31,580 there are a lot of scenarios where at the end 939 00:42:31,580 --> 00:42:33,320 of the day, it's about are you using the access 940 00:42:33,320 --> 00:42:35,400 yourself for what purpose? You 941 00:42:35,400 --> 00:42:38,180 search behavior is going to be important for us. And 942 00:42:38,180 --> 00:42:41,140 I figure them along in a window, then we remove all 943 00:42:41,140 --> 00:42:42,780 the false positives, we remove all the problems, 944 00:42:42,940 --> 00:42:44,740 you remove access with 30 days, that's not a good 945 00:42:44,740 --> 00:42:46,080 practice. You might still need the 946 00:42:46,080 --> 00:42:49,640 access, but they will be for us to use automation 947 00:42:49,640 --> 00:42:52,340 and to provide the visibility and show evidence 948 00:42:52,920 --> 00:42:55,920 and compare with their policies to remove the 949 00:42:55,920 --> 00:42:57,760 attack surface. And those are the things I 950 00:42:57,760 --> 00:42:59,380 think we can get tremendous ROI. You 951 00:42:59,380 --> 00:43:02,280 can do this because these are all early signals that 952 00:43:02,280 --> 00:43:06,080 we're going to stop. By the way, every leader in 953 00:43:06,080 --> 00:43:08,660 the identity practice agrees with this. There's 954 00:43:08,660 --> 00:43:10,760 a survey done by one of the security group, one of 955 00:43:10,760 --> 00:43:13,760 the top identity groups and 96 % of the identity leader 956 00:43:13,760 --> 00:43:16,660 survey said they could have stopped an attack, they 957 00:43:16,660 --> 00:43:18,680 could have stopped an attack and they had signals 958 00:43:18,680 --> 00:43:21,420 available to them. They didn't say, wait a minute, 959 00:43:21,480 --> 00:43:25,580 this was a complex zero day, nothing about it. So 960 00:43:25,580 --> 00:43:29,020 96 % of saying, look, in retrospect, and I had they 961 00:43:29,020 --> 00:43:31,220 had a data evidence, I could have prevented this. 962 00:43:31,880 --> 00:43:33,880 So that's great, great 963 00:43:33,880 --> 00:43:36,180 opportunity for us startups to go look at, let's solve 964 00:43:36,180 --> 00:43:39,260 the problem and get the last mile out, remove the 965 00:43:39,260 --> 00:43:41,320 access somehow, and then all of a sudden, right? 966 00:43:41,320 --> 00:43:42,580 That's why you're seeing this 967 00:43:42,580 --> 00:43:44,860 broad moment to more just in time. And 968 00:43:44,860 --> 00:43:46,320 don't even get into the problem of managing access. 969 00:43:46,760 --> 00:43:47,740 If you need access anytime you 970 00:43:47,740 --> 00:43:51,620 have access, you know, just come in, make a request, 971 00:43:51,740 --> 00:43:53,560 you get access anymore one. Anyways. 972 00:43:54,640 --> 00:43:56,500 No, no, it's a great point. And 973 00:43:56,500 --> 00:44:02,860 I think so we've talked a lot about risk. And 974 00:44:02,860 --> 00:44:06,240 I'm wondering, I want to get your perspective on 975 00:44:06,240 --> 00:44:09,540 what is the biggest risk that CSOs face? Because 976 00:44:09,548 --> 00:44:12,000 to me, here's what it is. It's 977 00:44:12,000 --> 00:44:15,720 not the, it's not the mechanics of all this. It's 978 00:44:15,720 --> 00:44:19,940 the ability to identify the risks, communicate the 979 00:44:19,940 --> 00:44:23,260 risks, and assign the risks to somebody other than me. 980 00:44:23,540 --> 00:44:24,920 And that look, I'm not just 981 00:44:24,920 --> 00:44:27,300 trying to be Teflon Don here. But 982 00:44:27,300 --> 00:44:30,860 reality is, is either it's something I need to fix. 983 00:44:30,940 --> 00:44:33,180 And I probably need some money 984 00:44:33,180 --> 00:44:35,480 to fix it. Now, if I have everything I 985 00:44:35,480 --> 00:44:39,240 need, that I can go fix it, then I have nothing to 986 00:44:39,240 --> 00:44:41,360 worry about. It's completely within my control 987 00:44:41,360 --> 00:44:43,180 to go ahead and fix it. But 988 00:44:43,180 --> 00:44:45,920 a lot of times, these risks that pop up are 989 00:44:45,920 --> 00:44:49,360 things that other people need to do. Or 990 00:44:49,360 --> 00:44:51,740 I need additional investment. And 991 00:44:51,740 --> 00:44:54,180 so I need to be able to identify those risks, 992 00:44:54,440 --> 00:44:57,720 communicate those risks. And then if I am fulfilled 993 00:44:57,720 --> 00:45:00,640 with what I need, then I need to be able to go and 994 00:45:00,640 --> 00:45:03,500 remediate those risks. But I'm wondering, maybe you 995 00:45:03,500 --> 00:45:07,920 give a more insightful response on what is the 996 00:45:07,920 --> 00:45:10,840 biggest risk that CSOs face? I 997 00:45:10,840 --> 00:45:14,180 think if you look at all the ransomware attacks, you 998 00:45:14,187 --> 00:45:17,060 know, all these customers have tremendous amount of 999 00:45:17,060 --> 00:45:18,980 products, great technologies, right? And 1000 00:45:18,980 --> 00:45:22,120 they got 30, 40 plus tools. Yet 1001 00:45:22,120 --> 00:45:23,840 these things happen, right? Time 1002 00:45:23,840 --> 00:45:25,900 and again, it happens. You know, happens to great 1003 00:45:25,900 --> 00:45:28,260 companies. But there's something 1004 00:45:28,260 --> 00:45:29,700 fundamentally flawed here. That 1005 00:45:29,700 --> 00:45:32,200 is, how do we understand what is the biggest risk 1006 00:45:32,200 --> 00:45:33,440 is? And in our view, the biggest 1007 00:45:33,440 --> 00:45:36,120 risk is access. Access that could have been 1008 00:45:36,120 --> 00:45:40,080 prevented or revoked. And if you can have a truly, 1009 00:45:40,440 --> 00:45:42,300 you know, you know, we're not saying that's going to 1010 00:45:42,300 --> 00:45:43,820 be stopping all the attacks. But 1011 00:45:43,820 --> 00:45:45,640 I think what we are saying is that that's going to be 1012 00:45:45,640 --> 00:45:48,060 a number one priority in terms of investments going 1013 00:45:48,060 --> 00:45:50,960 forward. Because at the end of the day, an 1014 00:45:50,960 --> 00:45:53,400 attacker on adversary needs access to let me move and 1015 00:45:53,400 --> 00:45:55,200 get to where they want to go. So 1016 00:45:55,200 --> 00:45:57,800 by the way, every CSO will agree with this. There's 1017 00:45:57,800 --> 00:46:00,060 no dispute about this. Challenges, 1018 00:46:00,420 --> 00:46:03,740 you know, I have my on -prem projects. I 1019 00:46:03,740 --> 00:46:06,080 got my IGAs going. I got this and that going, 1020 00:46:06,200 --> 00:46:08,280 got Pam going. I'm looking at Pam for this. 1021 00:46:08,440 --> 00:46:09,640 I'm looking at X, Y for this. 1022 00:46:10,240 --> 00:46:11,420 So we are saying at the end 1023 00:46:11,420 --> 00:46:14,240 of the day, the environment is changing dramatically, 1024 00:46:14,620 --> 00:46:17,560 you know, and so it's time to relook at these 1025 00:46:17,560 --> 00:46:18,840 priorities. I mean, people are spending a 1026 00:46:18,840 --> 00:46:20,940 lot of money on identity projects today, even today. 1027 00:46:21,220 --> 00:46:21,860 It's one of the largest 1028 00:46:21,860 --> 00:46:24,720 investment categories in the budget. However, 1029 00:46:25,520 --> 00:46:29,380 this notion of risk is what is a new phenomena. I 1030 00:46:29,388 --> 00:46:31,380 mean, even analysts and gutters talk about this all 1031 00:46:31,380 --> 00:46:33,640 the time, like more and more continuous controls, 1032 00:46:33,760 --> 00:46:35,500 risk -based controls. So we are seeing this big 1033 00:46:35,500 --> 00:46:37,860 change happening. At the end of the day, you've 1034 00:46:37,860 --> 00:46:39,840 got to look at what the risk is, speak about the 1035 00:46:39,840 --> 00:46:42,280 risk. But you cannot speak about the 1036 00:46:42,280 --> 00:46:43,880 risk if you don't have visibility into what's 1037 00:46:43,880 --> 00:46:47,380 happening. You don't know how to explain 1038 00:46:47,380 --> 00:46:49,240 why something is happening. So 1039 00:46:49,240 --> 00:46:52,200 with our, you know, with our, you know, with our 1040 00:46:52,200 --> 00:46:56,020 automation and our approach to providing an easy way 1041 00:46:56,020 --> 00:46:58,700 to go look at this, everything in concert, we 1042 00:46:58,700 --> 00:47:02,300 are job is to provide evidence of the risk and 1043 00:47:02,300 --> 00:47:04,140 help to see so communicate the risk to the 1044 00:47:04,140 --> 00:47:07,380 stakeholders and to take action. So 1045 00:47:07,380 --> 00:47:10,300 that is the approach where we feel like, you know, 1046 00:47:10,660 --> 00:47:12,940 you know, that, you know, people cannot wait for 1047 00:47:12,940 --> 00:47:15,440 this, you know, process that they put up place 20 1048 00:47:15,440 --> 00:47:17,320 years ago, right? We have this quarterly order 1049 00:47:17,320 --> 00:47:19,700 process. But it will be actually done 1050 00:47:19,700 --> 00:47:21,980 for age of Sarbanes, Oxley and compliance, still 1051 00:47:21,980 --> 00:47:24,420 required. But now the landscape has 1052 00:47:24,420 --> 00:47:27,020 changed automatically. It's cloud first, data first, 1053 00:47:27,200 --> 00:47:29,700 API first, we live in. Speed 1054 00:47:29,700 --> 00:47:32,660 is not security's best friend. And 1055 00:47:32,667 --> 00:47:35,420 so at the end of the day, attackers know this, they 1056 00:47:35,420 --> 00:47:37,740 have these weaknesses. So our job is what if I can 1057 00:47:37,740 --> 00:47:40,620 come back and tell you within one hour, your 1058 00:47:40,620 --> 00:47:43,640 exposures, your exploiting, your bare pathways, which 1059 00:47:43,640 --> 00:47:47,160 are going to be exposed, your policy gaps, your 1060 00:47:47,160 --> 00:47:50,720 blind spots, your risky accounts and help you fix 1061 00:47:50,720 --> 00:47:53,500 it through automation, I can generate code and do 1062 00:47:53,500 --> 00:47:55,480 this. And now you can start to not 1063 00:47:55,480 --> 00:47:57,080 put this and say, wait a minute, I'm going to use 1064 00:47:57,080 --> 00:47:58,800 this product to figure out where do I need to product 1065 00:47:58,800 --> 00:48:00,740 as my investments in even ordinary in access 1066 00:48:00,740 --> 00:48:02,860 management, where do I invest in it? Rather 1067 00:48:02,860 --> 00:48:05,760 than going off and building a product, look at the 1068 00:48:05,760 --> 00:48:08,560 process. The world has changed now. So 1069 00:48:08,560 --> 00:48:10,580 do I have the right visibility into looking at 1070 00:48:10,580 --> 00:48:13,480 overall risks? Can I communicate these risks 1071 00:48:13,480 --> 00:48:15,900 to my peers and to the board? Now 1072 00:48:15,900 --> 00:48:18,900 based on the risks, can I not focus on actions in 1073 00:48:18,900 --> 00:48:21,560 these areas, particular on access and what not that I 1074 00:48:21,560 --> 00:48:23,820 can help you with? So this starts a different 1075 00:48:23,820 --> 00:48:25,760 paradigm. I think Jim, we're focused on 1076 00:48:25,760 --> 00:48:28,780 is that we're seeing the market go towards that. Is 1077 00:48:28,780 --> 00:48:30,600 that, you know, just look, you know, attackers are now 1078 00:48:30,600 --> 00:48:32,920 waiting for your quarterly audit reports. They're 1079 00:48:32,920 --> 00:48:35,400 finding a gap and zoom they're going in. And 1080 00:48:35,400 --> 00:48:36,900 so we're seeing that they're ready for us to 1081 00:48:36,900 --> 00:48:40,680 close the gap, give billboard assurance and more 1082 00:48:40,680 --> 00:48:45,440 confidence and data and help CISOs broker this 1083 00:48:45,440 --> 00:48:46,980 conversation. They're not, they cannot do it 1084 00:48:46,980 --> 00:48:48,860 alone. They're going to talk to their 1085 00:48:48,860 --> 00:48:52,620 colleagues, agree on what the risk is, agree on risk 1086 00:48:52,620 --> 00:48:56,340 types, agree on how they can remediate, time to 1087 00:48:56,340 --> 00:48:58,340 remediate. And these are all operational 1088 00:48:58,340 --> 00:49:01,580 things that we can go from findings to the operations. 1089 00:49:01,820 --> 00:49:02,980 That's the area where we feel 1090 00:49:02,980 --> 00:49:06,900 like we can really help optimize investments and get 1091 00:49:06,900 --> 00:49:08,840 on this treadmill of getting this more 1092 00:49:08,840 --> 00:49:11,700 continuous, continuous access management, continuous 1093 00:49:11,700 --> 00:49:16,200 verification, continuous detection, continuous tuning 1094 00:49:16,200 --> 00:49:18,860 of policies. These are the areas we believe 1095 00:49:18,860 --> 00:49:21,720 we can, we can, we can help customers get to the 1096 00:49:21,720 --> 00:49:26,540 95 % quickly and manage those risks. So 1097 00:49:26,540 --> 00:49:30,180 I think you made a lot of good points there. It's 1098 00:49:30,180 --> 00:49:36,160 kind of like I want to rewind one of the security 1099 00:49:36,160 --> 00:49:41,060 architectural principles is like this layers of 1100 00:49:41,060 --> 00:49:45,320 security, defense in depth, but it's the idea that you 1101 00:49:45,320 --> 00:49:48,060 try to stop the hacker here, you try to stop the 1102 00:49:48,060 --> 00:49:51,320 hacker here, you just keep going and adding layers of 1103 00:49:51,320 --> 00:49:54,800 security. It's almost like you hear this 1104 00:49:54,800 --> 00:49:58,440 paradigm all the time, which is if you haven't 1105 00:49:58,440 --> 00:50:00,920 been breached, that just means you don't know you've 1106 00:50:00,920 --> 00:50:03,940 been reached or it's not a matter of if, but when. 1107 00:50:04,520 --> 00:50:06,160 And the idea is that, I mean, 1108 00:50:06,300 --> 00:50:08,120 you still look at like what's the most common 1109 00:50:08,120 --> 00:50:11,100 pattern that attackers use. It's 1110 00:50:11,100 --> 00:50:14,320 phishing, social engineering, right? These 1111 00:50:14,320 --> 00:50:17,060 things have literally been around for more than 20 1112 00:50:17,060 --> 00:50:19,920 years. And they're still the top two 1113 00:50:19,920 --> 00:50:21,980 ways that people get access. So 1114 00:50:21,980 --> 00:50:24,480 you almost can look at your accounts, say they're 1115 00:50:24,480 --> 00:50:26,640 going to be breached, someone's going to be able 1116 00:50:26,640 --> 00:50:29,140 to get access to them. The question is what can they 1117 00:50:29,140 --> 00:50:31,340 do when they get to access? So 1118 00:50:31,340 --> 00:50:35,580 that's that paradigm of least privilege access and 1119 00:50:35,580 --> 00:50:38,320 why it's so important. So I think you've made an 1120 00:50:38,320 --> 00:50:40,960 excellent case here today for what you're doing with 1121 00:50:40,960 --> 00:50:43,800 Stack Identity. And what I'd like to know is 1122 00:50:43,800 --> 00:50:48,380 if our listeners are interested in playing or, 1123 00:50:48,500 --> 00:50:51,620 you know, getting more hands on with Stack 1124 00:50:51,620 --> 00:50:55,240 Identity, what's available to them? Yeah, 1125 00:50:55,280 --> 00:50:58,380 we have a very easy way to assess the current risks 1126 00:50:58,380 --> 00:51:00,660 using our Shadow Access Risk Assessment Tool, they 1127 00:51:00,660 --> 00:51:03,120 call it CERA. So you plug it in, you 1128 00:51:03,120 --> 00:51:05,640 connect your accounts, you connect your IDPs. And 1129 00:51:05,647 --> 00:51:07,940 again, within an hour, you get a report that shows 1130 00:51:07,940 --> 00:51:11,640 you all the code of code access for all issues you 1131 00:51:11,640 --> 00:51:14,540 have, right? And then you start the cleanup 1132 00:51:14,540 --> 00:51:17,380 process, you know, cleaning up our units and access is 1133 00:51:17,380 --> 00:51:19,780 an important thing. Because the environments are grown 1134 00:51:19,780 --> 00:51:23,120 so widely now, you know, on -prem and cloud and 1135 00:51:23,120 --> 00:51:26,580 whatnot, that singular dashboard and singular view 1136 00:51:26,580 --> 00:51:29,220 of single pane of glass, the command and control of 1137 00:51:29,220 --> 00:51:30,900 all the risks that you have currently in your 1138 00:51:30,900 --> 00:51:33,840 environment, having a quick view of that is a starting 1139 00:51:33,840 --> 00:51:36,160 point. Now you look at these risks 1140 00:51:36,160 --> 00:51:38,080 and you look at what do we do about tax, like I 1141 00:51:38,080 --> 00:51:39,780 started to dig into this and figure out where you 1142 00:51:39,780 --> 00:51:42,200 need to, where are you exposed, what are the 1143 00:51:42,200 --> 00:51:44,660 critical systems, your crown jewels, whether it's third 1144 00:51:44,660 --> 00:51:46,000 party, all those things. But 1145 00:51:46,000 --> 00:51:50,560 it starts with where am I today? What 1146 00:51:50,560 --> 00:51:52,940 is the where am I exposed? Tell 1147 00:51:52,940 --> 00:51:56,580 me that, that view. Let me start with that, that 1148 00:51:56,580 --> 00:51:59,700 assessment view. We call it shadow access risk 1149 00:51:59,700 --> 00:52:02,500 assessment. Generally speaking, all these problems 1150 00:52:02,500 --> 00:52:05,800 are really, you know, a gap in access, that should 1151 00:52:05,800 --> 00:52:07,280 be that of the first place, we call it shadow 1152 00:52:07,280 --> 00:52:10,660 access, kind of the shadow IT as a term. So 1153 00:52:10,660 --> 00:52:13,280 you start with the shadow access, you know, discovery 1154 00:52:13,280 --> 00:52:15,940 and assessment tool. Then that gives you the 1155 00:52:15,940 --> 00:52:18,580 foundation to clean up all the identities, tighten up 1156 00:52:18,580 --> 00:52:22,060 all the weak identities, make them strong, look at 1157 00:52:22,060 --> 00:52:23,920 all the over permission access, start to reduce 1158 00:52:23,920 --> 00:52:26,100 your tax service, you can start to put an action in 1159 00:52:26,100 --> 00:52:28,440 place based on the data. So 1160 00:52:28,440 --> 00:52:30,940 initial thing is data gathering, data visibility, 1161 00:52:31,060 --> 00:52:33,500 and you know, a report that gives you a way to 1162 00:52:33,500 --> 00:52:35,300 kind of action that starting your program. And 1163 00:52:35,308 --> 00:52:37,460 again, it takes about an hour. So 1164 00:52:37,460 --> 00:52:39,600 it's not that we can effort together, but it 1165 00:52:39,600 --> 00:52:42,600 gives you enormous value add. I 1166 00:52:42,600 --> 00:52:44,680 go back to look at the example the day before any 1167 00:52:44,680 --> 00:52:47,740 breach, imagine if you had a report of all these 1168 00:52:47,740 --> 00:52:50,800 exposures, and imagine tomorrow you're going to be 1169 00:52:50,800 --> 00:52:54,640 breached, you will run fast to fix those things. So 1170 00:52:54,647 --> 00:52:56,440 you'll drop everything and then go fix it, right? 1171 00:52:57,160 --> 00:52:58,840 Imagine it's always a small thing, 1172 00:52:59,000 --> 00:53:01,340 you know, an S3 bucket or a startup chart permission, 1173 00:53:02,120 --> 00:53:04,260 or some lateral moment permission. Hey, 1174 00:53:04,320 --> 00:53:06,300 I never thought nobody's going to use it. Oops, 1175 00:53:06,500 --> 00:53:09,700 yeah, somebody used it. So it's all these small, small 1176 00:53:09,700 --> 00:53:12,620 things that is very difficult to spot. And 1177 00:53:12,620 --> 00:53:14,420 it's lying around, you know, creating these 1178 00:53:14,420 --> 00:53:16,540 pathways. Let's just blow them off, you 1179 00:53:16,540 --> 00:53:18,600 know, in a systematic fashion. So 1180 00:53:18,600 --> 00:53:20,440 yeah, the shadow actually has some sort of a 1181 00:53:20,440 --> 00:53:23,980 starting point. And customers can use it, it's 1182 00:53:23,980 --> 00:53:26,320 free of charge, and they get immediate visibility, 1183 00:53:27,040 --> 00:53:28,640 and get to see what we can do. And 1184 00:53:28,640 --> 00:53:31,200 that gives confidence then. And 1185 00:53:31,200 --> 00:53:33,380 then, and then from there, we can start to starburst, 1186 00:53:33,480 --> 00:53:35,100 and then many different ways to for them to cannot 1187 00:53:35,100 --> 00:53:37,600 take workflows and take action. Yeah, 1188 00:53:37,640 --> 00:53:39,780 I think that it's really great that you've made that 1189 00:53:39,780 --> 00:53:42,100 available as a free resource to our listeners. 1190 00:53:42,600 --> 00:53:44,920 Just so folks know, the URL 1191 00:53:44,920 --> 00:53:50,760 stack identity .com slash IDAC is where you can go 1192 00:53:50,760 --> 00:53:53,560 to get right there and get that thing downloaded. 1193 00:53:54,260 --> 00:53:55,880 Wanted to ask you one more 1194 00:53:55,880 --> 00:53:58,020 question, Venkat, I know you guys are going to be 1195 00:53:58,020 --> 00:54:00,860 at RSA. Sounds like you have a booth. 1196 00:54:01,340 --> 00:54:03,080 What's going on at RSA? What's 1197 00:54:03,080 --> 00:54:05,360 your presence there? A great, great plan at RSA. 1198 00:54:05,860 --> 00:54:07,900 Being super busy with this. First 1199 00:54:07,900 --> 00:54:10,200 time here at RSA, so super excited to be there as 1200 00:54:10,200 --> 00:54:13,220 well. So we have a number of devos 1201 00:54:13,220 --> 00:54:15,900 planned, customer sessions and meetings. So 1202 00:54:15,908 --> 00:54:18,300 please stop by our booth. And 1203 00:54:18,308 --> 00:54:21,460 we'll be running, devos, Ian is going to be there. 1204 00:54:21,960 --> 00:54:22,940 So we have a lot of great 1205 00:54:22,940 --> 00:54:26,720 team at RSA. So super excited about this. 1206 00:54:26,820 --> 00:54:28,920 Again, at the end of the day, 1207 00:54:29,260 --> 00:54:31,300 what we are trying to look at is how do they give 1208 00:54:31,300 --> 00:54:34,820 customers time back? How do the customers capacity 1209 00:54:34,820 --> 00:54:37,180 back? Those are the two things 1210 00:54:37,180 --> 00:54:38,140 customers don't have. Already 1211 00:54:38,140 --> 00:54:40,240 having a lot of projects. And 1212 00:54:40,240 --> 00:54:44,040 again, this is again, complex problem. Let's 1213 00:54:44,040 --> 00:54:47,460 make their jobs a bit easier and get them the 1214 00:54:47,460 --> 00:54:51,300 help they need. And every CSA I talk to knows 1215 00:54:51,300 --> 00:54:53,020 this problem. They feel in their hearts, they 1216 00:54:53,020 --> 00:54:54,960 got to do something about it. But 1217 00:54:54,960 --> 00:54:57,200 they're constrained by ongoing projects, this and 1218 00:54:57,200 --> 00:55:00,460 that. But so we are coming in and 1219 00:55:00,460 --> 00:55:02,700 saying, wait a minute, let's give you the unified 1220 00:55:02,700 --> 00:55:04,120 layer, the visibility layer. Just 1221 00:55:04,120 --> 00:55:08,100 talk to look at taking some control back. And 1222 00:55:08,100 --> 00:55:10,580 for CSA, the particular cloud has gone to the 1223 00:55:10,580 --> 00:55:11,880 sprawl. I mean, they're going to pull 1224 00:55:11,880 --> 00:55:13,660 rain this rain this back and put some policies 1225 00:55:13,660 --> 00:55:16,220 around it. So we think with our 1226 00:55:16,220 --> 00:55:21,200 automation and our data platform, and we can cannot 1227 00:55:21,200 --> 00:55:24,240 really have customers get quick time to value. That's 1228 00:55:24,240 --> 00:55:25,300 our main focus with demo. This 1229 00:55:25,308 --> 00:55:27,220 is RSA. We also want our one session 1230 00:55:27,220 --> 00:55:29,480 for the customers at RSA. So 1231 00:55:29,480 --> 00:55:33,320 please TSM, if you want to show a demo or discuss 1232 00:55:33,320 --> 00:55:36,220 more, we have a great team at hand to support your 1233 00:55:36,220 --> 00:55:39,080 doors customers at RSA. Yeah. 1234 00:55:39,380 --> 00:55:41,820 So Ian Singh on the spot again, he's given us 1235 00:55:41,820 --> 00:55:44,780 specific location where to find you. It's 1236 00:55:44,780 --> 00:55:49,320 booth N6564. It's in the North Expo hall. So 1237 00:55:49,328 --> 00:55:52,000 RSA is huge, right? There's a North and I think it's 1238 00:55:52,000 --> 00:55:54,800 South Expo hall and there's the tunnel in between where 1239 00:55:54,800 --> 00:55:56,560 everybody has collected all their swag and they had 1240 00:55:56,560 --> 00:56:00,080 their bags sort of wind up there. So 1241 00:56:00,080 --> 00:56:01,680 definitely go check it out. You 1242 00:56:01,680 --> 00:56:03,340 know, I think this is an area where you kind of 1243 00:56:03,340 --> 00:56:05,400 mentioned this, Venkat. It's like, you know, it's a 1244 00:56:05,400 --> 00:56:07,240 problem. What are you going to do about 1245 00:56:07,240 --> 00:56:09,080 it? There are solutions out there. 1246 00:56:09,400 --> 00:56:10,300 Stack Identity is one of them. 1247 00:56:10,800 --> 00:56:12,380 You know, you can't claim that 1248 00:56:12,380 --> 00:56:14,360 they're, you know, you don't have the right tools 1249 00:56:14,360 --> 00:56:16,100 or the arrows in your quiver right to solve this 1250 00:56:16,100 --> 00:56:17,780 issue. So I would definitely encourage 1251 00:56:17,780 --> 00:56:21,280 folks go to stack identity .com slash IDAC. There's 1252 00:56:21,280 --> 00:56:23,720 a link on there for Sarah, which is that shadow access 1253 00:56:23,720 --> 00:56:26,000 risk assessment. I think you also do office 1254 00:56:26,000 --> 00:56:28,140 hours, Venkat. If I remember, there's like a 1255 00:56:28,140 --> 00:56:29,940 link where you actually people can book time and 1256 00:56:29,940 --> 00:56:32,360 yeah, absolutely. I mean, for example, we are 1257 00:56:32,360 --> 00:56:34,940 getting out of inquiries on the new SEC, it's coming 1258 00:56:34,940 --> 00:56:36,600 with new rules for disclosures. Now 1259 00:56:36,600 --> 00:56:38,880 you cannot just be silent about disclosure incident. 1260 00:56:39,080 --> 00:56:40,620 You got to report it within 1261 00:56:40,620 --> 00:56:43,740 five days and then you got to report your 8K filing. 1262 00:56:43,900 --> 00:56:45,880 So a lot of pressure is he's 1263 00:56:45,880 --> 00:56:49,260 putting on leaders to kind of report incidents and to 1264 00:56:49,260 --> 00:56:50,460 kind of drive these practices. So 1265 00:56:50,460 --> 00:56:53,760 let's help you stay ahead of these disclosures and 1266 00:56:53,760 --> 00:56:55,220 reports. Nobody wants to put their hand up 1267 00:56:55,220 --> 00:56:57,580 and say, I got a problem with the inverse more 1268 00:56:57,580 --> 00:56:59,340 scrutiny. So yeah, definitely office 1269 00:56:59,340 --> 00:57:01,120 hours is the way to kind of, you know, you know, 1270 00:57:01,120 --> 00:57:03,700 bring in our knowledge, you know, any topic you can 1271 00:57:03,700 --> 00:57:06,820 bring in and sort of time with us. And 1272 00:57:06,820 --> 00:57:09,120 again, one of the good things about being a 1273 00:57:09,120 --> 00:57:10,660 startup is, you know, we have extremely knowledgeable 1274 00:57:10,660 --> 00:57:13,620 people that are on the block a number of years, 1275 00:57:13,900 --> 00:57:16,240 you know, but first generation products, second 1276 00:57:16,240 --> 00:57:17,980 generation, not third generation. So 1277 00:57:17,980 --> 00:57:20,260 they can help customers to kind of get to the where 1278 00:57:20,260 --> 00:57:21,820 they want to go. And that's a unique value 1279 00:57:21,820 --> 00:57:23,800 beyond just the technology and platform that sort of 1280 00:57:23,800 --> 00:57:25,680 ring in as a huge amount of knowledge and approach 1281 00:57:25,680 --> 00:57:28,880 and practicality to solve very, very thorny issues 1282 00:57:28,880 --> 00:57:32,160 and then some deep technologies. So 1283 00:57:32,160 --> 00:57:34,260 we're going to wrap it up there, but we were talking 1284 00:57:34,260 --> 00:57:38,260 before we hit record that you play competitive tennis. 1285 00:57:38,420 --> 00:57:40,100 So I'm always curious about 1286 00:57:40,100 --> 00:57:44,040 sort of rituals or superstitions or things that 1287 00:57:44,040 --> 00:57:47,160 people do before they get into any sort of sporting 1288 00:57:47,160 --> 00:57:49,860 event, you know, where they're competing. Do 1289 00:57:49,860 --> 00:57:51,460 you have something like that that helps you kind 1290 00:57:51,460 --> 00:57:53,560 of get into the zone and mentally prepare or be 1291 00:57:53,560 --> 00:57:56,100 physically prepared for what's about to happen? 1292 00:57:56,860 --> 00:57:57,860 Yeah, absolutely. I 1293 00:57:57,860 --> 00:58:00,280 think, I think most tennis people, I would say they 1294 00:58:00,280 --> 00:58:04,660 are, you know, and for me, for example, certainly, you 1295 00:58:04,660 --> 00:58:06,820 know, warm up is an important aspect of ritual, 1296 00:58:07,120 --> 00:58:10,980 at least 30 minutes, a mental cadence of how 1297 00:58:10,980 --> 00:58:14,500 you're going to play out doing some, you know, some, 1298 00:58:14,660 --> 00:58:18,140 you know, very specific targeted drills for the 1299 00:58:18,140 --> 00:58:21,540 particular opponent in case. And 1300 00:58:21,540 --> 00:58:24,160 most importantly, kind of managed by my emotions, 1301 00:58:24,400 --> 00:58:27,060 because tennis is a very one on one sport. So 1302 00:58:27,060 --> 00:58:28,860 me, one of the things I do really well is the 1303 00:58:28,860 --> 00:58:31,860 alternate national breathing, which helps me calm down a 1304 00:58:31,860 --> 00:58:34,820 bit, about five minutes, just kind of research my 1305 00:58:34,820 --> 00:58:37,040 mind a bit. And it's just in the next 60 1306 00:58:37,040 --> 00:58:39,400 minutes is what a match. Because 1307 00:58:39,400 --> 00:58:41,580 as you know, we're getting a lot of messages and some 1308 00:58:41,580 --> 00:58:42,900 bad emails, all those things. So 1309 00:58:42,908 --> 00:58:45,660 at least being a place where you can kind of free 1310 00:58:45,660 --> 00:58:50,180 your mind, be calm, you know, you know, stable, you 1311 00:58:50,180 --> 00:58:53,120 know, focus on the likelihood and enjoy. So 1312 00:58:53,120 --> 00:58:55,940 there are a few things that I definitely go 1313 00:58:55,940 --> 00:58:58,940 through. And, and that's one of the 1314 00:58:58,940 --> 00:59:00,760 things I look forward to is the rituals as well. 1315 00:59:00,900 --> 00:59:01,920 Sometimes we can't control the 1316 00:59:01,920 --> 00:59:07,480 outcomes, or we certainly can control the rituals. I 1317 00:59:07,480 --> 00:59:09,780 love that reminder to enjoy, right? It's 1318 00:59:09,780 --> 00:59:10,640 supposed to be fun, right? I 1319 00:59:10,647 --> 00:59:12,200 mean, competition is competition. But 1320 00:59:12,200 --> 00:59:14,500 if you're, you know, playing a, you know, tennis 1321 00:59:14,500 --> 00:59:18,240 or basketball, or baseball, or football, whatever 1322 00:59:18,240 --> 00:59:20,540 version of football that you that you like, right, 1323 00:59:20,580 --> 00:59:22,140 you had this idea of like, this is still supposed to 1324 00:59:22,140 --> 00:59:23,820 be a game. It's supposed to have fun with 1325 00:59:23,820 --> 00:59:26,640 it. Jim, when it comes to yourself, 1326 00:59:26,660 --> 00:59:29,200 do you have any, you know, rituals or things that you 1327 00:59:29,200 --> 00:59:31,400 go through for if you're about to engage in 1328 00:59:31,400 --> 00:59:32,360 something? And maybe it's not even a 1329 00:59:32,360 --> 00:59:34,200 sport, maybe it's just getting in front of a 1330 00:59:34,200 --> 00:59:36,360 crowd and talking. We're doing a podcast. No, 1331 00:59:36,880 --> 00:59:42,080 it's definitely that. And it's also whatever sport, 1332 00:59:42,300 --> 00:59:44,880 you know, it's kind of become an unconscious thing. 1333 00:59:44,940 --> 00:59:46,240 And I think if you start to 1334 00:59:46,240 --> 00:59:50,300 incorporate those throughout your life, it'll happen 1335 00:59:50,300 --> 00:59:54,280 unconsciously, which is to visualize yourself doing the 1336 00:59:54,280 --> 00:59:57,560 activity in a successful way. And 1337 00:59:57,560 --> 00:59:59,760 you hear about it in almost every sport where 1338 00:59:59,760 --> 01:00:03,160 some people will play the entire match or the entire 1339 01:00:03,160 --> 01:00:05,500 game before they go out and play it. And 1340 01:00:05,500 --> 01:00:07,660 they do it very successfully. So 1341 01:00:07,660 --> 01:00:11,040 I mean, my fitness has really become going to the 1342 01:00:11,040 --> 01:00:14,760 gym and everything. And it's much more like a very 1343 01:00:14,760 --> 01:00:18,440 solitary sport. You're completely in control of 1344 01:00:18,440 --> 01:00:20,660 your results. Nobody else, you're not against 1345 01:00:20,660 --> 01:00:23,780 somebody else. So a lot of times, like 1346 01:00:23,780 --> 01:00:27,280 before I go and do a set of weightlifting, I'll 1347 01:00:27,280 --> 01:00:31,460 visualize that set. And I don't, like I said, I 1348 01:00:31,460 --> 01:00:33,220 don't even do it consciously anymore. I 1349 01:00:33,227 --> 01:00:36,820 just kind of wind up doing it. And 1350 01:00:36,820 --> 01:00:39,600 I think what you said for public speaking, that's one 1351 01:00:39,600 --> 01:00:41,460 of the things I do. I'd like sit there and 1352 01:00:41,460 --> 01:00:44,920 visualize myself presenting. And 1353 01:00:44,920 --> 01:00:47,800 the more I do that, I find the better results I 1354 01:00:47,800 --> 01:00:51,120 get. What about you, Jeff? I 1355 01:00:51,127 --> 01:00:54,960 know I'm probably a blend here of what Venkat said 1356 01:00:54,960 --> 01:00:56,880 in yourself. I subscribe to the 1357 01:00:56,880 --> 01:00:59,300 Littlefinger School of Thought, which is fight 1358 01:00:59,300 --> 01:01:01,100 every battle everywhere all at once. You'll 1359 01:01:01,100 --> 01:01:03,640 never be surprised. So to me, that's about 1360 01:01:03,640 --> 01:01:06,660 preparation. So, you know, for example, the 1361 01:01:06,660 --> 01:01:10,120 podcast, you know, I have meticulous detail that I 1362 01:01:10,120 --> 01:01:13,920 put into this to try to solve or anticipate every 1363 01:01:13,920 --> 01:01:15,940 single issue that can pop up. Now, 1364 01:01:16,000 --> 01:01:19,020 there's always something in the pops up, right? But 1365 01:01:19,020 --> 01:01:21,680 it's kind of like, okay, let me visualize how this 1366 01:01:21,680 --> 01:01:23,460 is going to work or, you know, in this case, listen 1367 01:01:23,460 --> 01:01:25,340 to how this might work or whatever it looks like. 1368 01:01:28,460 --> 01:01:29,740 And, you know, if I'm playing, 1369 01:01:29,920 --> 01:01:32,580 you know, basketball or something like that, sure, 1370 01:01:32,700 --> 01:01:34,860 research might point it, you know, do they tend to 1371 01:01:34,860 --> 01:01:38,000 break left, break right? Do they prefer a fadeaway 1372 01:01:38,000 --> 01:01:40,840 jumper versus a hookshot versus do they do a euro 1373 01:01:40,840 --> 01:01:43,060 step and want to cross you up, right? Things 1374 01:01:43,060 --> 01:01:44,860 like that. I think there's, there's 1375 01:01:44,860 --> 01:01:47,500 intelligence that you can gather and is part of the 1376 01:01:47,500 --> 01:01:49,140 reconnaissance. I say, okay, what am I, what 1377 01:01:49,140 --> 01:01:52,600 opponent am I facing? Now I sort of know what to 1378 01:01:52,600 --> 01:01:54,600 expect. Now, how am I going to counter 1379 01:01:54,600 --> 01:01:57,840 that? Okay. Whether it's basketball, you 1380 01:01:57,840 --> 01:01:59,400 know, speaking in front of a crowd or doing a 1381 01:01:59,400 --> 01:02:02,160 podcast, okay, well, I know that, you know, I want to 1382 01:02:02,160 --> 01:02:04,060 have good lighting because the camera is going to be 1383 01:02:04,060 --> 01:02:06,620 on or I want to have a good microphone because, you 1384 01:02:06,620 --> 01:02:08,360 know, this is going to happen or I want to have 1385 01:02:08,360 --> 01:02:09,780 my notes prepared because we're going to have 1386 01:02:09,780 --> 01:02:12,140 somebody really, really smart like Venkat on it. I 1387 01:02:12,147 --> 01:02:13,820 don't want to like an idiot, right? Things 1388 01:02:13,820 --> 01:02:16,320 like that. So I, again, it goes back 1389 01:02:16,320 --> 01:02:17,920 that little finger thought from Game of Thrones 1390 01:02:17,920 --> 01:02:22,260 preparation, you know, visualize, prepare for every 1391 01:02:22,260 --> 01:02:24,080 potential outcome and you can't, it's more difficult 1392 01:02:24,080 --> 01:02:26,960 to be surprised. So if you're playing basketball 1393 01:02:26,960 --> 01:02:29,600 against Karim Abdul -Jabbar, you know, he has killer 1394 01:02:29,600 --> 01:02:31,260 skyhook. Yep. What are you going to do? 1395 01:02:31,400 --> 01:02:33,520 Punch him in his knee? No, 1396 01:02:33,700 --> 01:02:35,300 I mean, well, there's obviously quite a high 1397 01:02:35,300 --> 01:02:38,020 advantage there that he would have over me, but 1398 01:02:38,020 --> 01:02:42,020 you know, he would, he had the skyhook and you know, 1399 01:02:42,020 --> 01:02:44,840 it was almost unblockable for people in the NBA. I 1400 01:02:44,840 --> 01:02:47,740 mean, it was, it was really down to his 1401 01:02:47,740 --> 01:02:51,160 execution and anything you can, you can put in front 1402 01:02:51,160 --> 01:02:53,440 of him to disrupt either the timing or the execution 1403 01:02:53,440 --> 01:02:56,000 was the important part. He was going to be able to 1404 01:02:56,000 --> 01:02:58,300 get over you. That's a good point, Jim. This 1405 01:02:58,300 --> 01:02:59,560 is a border risk management, right? You 1406 01:02:59,560 --> 01:03:01,380 give Karim his points, but he stopped the others, 1407 01:03:01,520 --> 01:03:04,580 right? You still win the game. That's 1408 01:03:04,580 --> 01:03:06,740 a good point. You hear that in sports a lot. 1409 01:03:07,060 --> 01:03:09,200 Don't let the superstar be the 1410 01:03:09,200 --> 01:03:11,320 one that beats you. Take the superstar out of the 1411 01:03:11,320 --> 01:03:13,660 game and let, let the rest of the team beat you. And 1412 01:03:13,660 --> 01:03:15,360 if that happens, that happens, but it's a 1413 01:03:15,360 --> 01:03:19,240 strategy. Exactly. That's a good spot. We'll 1414 01:03:19,240 --> 01:03:21,580 leave it for this week. If you want to learn more 1415 01:03:21,580 --> 01:03:23,700 about stack identity, you can find them on the web, 1416 01:03:24,060 --> 01:03:26,840 stack identity .com slash IDAC. It's 1417 01:03:26,840 --> 01:03:28,380 a nice little landing page where you've got a bunch 1418 01:03:28,380 --> 01:03:30,740 of different links to talk about everything or go to 1419 01:03:30,740 --> 01:03:32,560 everything that we talked about, including Sarah, the 1420 01:03:32,560 --> 01:03:35,280 shadow assist, a shadow access risk assessment, 1421 01:03:37,180 --> 01:03:39,180 Venkat's office hours and just getting more 1422 01:03:39,180 --> 01:03:40,580 information. And of course you guys will be 1423 01:03:40,580 --> 01:03:46,120 at RSA again, the North Expo Hall booth N6564. And 1424 01:03:46,120 --> 01:03:48,340 you can always connect with Venkat on LinkedIn. We'll 1425 01:03:48,340 --> 01:03:50,280 have a bunch of links in our show notes as well. So 1426 01:03:50,280 --> 01:03:52,520 make it easy for people to find and they'll also be 1427 01:03:52,520 --> 01:03:54,240 on our website. And then of course you could 1428 01:03:54,240 --> 01:03:55,600 always reach out to Jim and I. We're 1429 01:03:55,600 --> 01:03:57,060 all, we're both on LinkedIn. We're 1430 01:03:57,060 --> 01:03:59,040 always curious to see what people think if they have 1431 01:03:59,919 --> 01:04:03,400 ideas or, you know, direction on how they'd 1432 01:04:03,400 --> 01:04:05,300 like to see things go in the future. That's 1433 01:04:05,300 --> 01:04:06,440 something we're always open to. So 1434 01:04:06,440 --> 01:04:09,560 don't forget to visit us on the web, IDACpodcast 1435 01:04:09,560 --> 01:04:12,220 .com. Check out our still growing 1436 01:04:12,220 --> 01:04:14,820 YouTube channel. And the link to that will be 1437 01:04:14,820 --> 01:04:16,840 on our website as well. So with that, we'll leave it. 1438 01:04:17,240 --> 01:04:18,180 Thanks everyone for listening. 1439 01:04:18,420 --> 01:04:19,560 Venkat, thank you so much for 1440 01:04:19,560 --> 01:04:21,780 taking the time with us today. And 1441 01:04:21,780 --> 01:04:24,520 we'll talk with everyone in the next one. Thank 1442 01:04:24,520 --> 01:04:29,180 you, Jeff. Thank you, Jim. You've 1443 01:04:29,180 --> 01:04:32,420 been listening to Identity at the Center. We 1444 01:04:32,420 --> 01:04:34,340 hope you've enjoyed the show. Make 1445 01:04:34,340 --> 01:04:37,260 sure to like, rate and review. And 1446 01:04:37,260 --> 01:04:39,940 we'll be back soon. But in the meantime, hit the 1447 01:04:39,940 --> 01:04:44,240 website at identityatthesenter .com. See 1448 01:04:44,240 --> 01:04:47,760 you next time on Identity at the Center.