1 00:00:09,700 --> 00:00:13,000 You're listening to the identity of the center podcast, this is 2 00:00:13,000 --> 00:00:15,600 the show that talks about identity and access management 3 00:00:15,700 --> 00:00:18,600 and making sure you know who has access to what let's get 4 00:00:18,600 --> 00:00:26,000 started. Welcome to the identity of the 5 00:00:26,008 --> 00:00:27,900 center podcast I'm Jeff and that's Jim. 6 00:00:27,900 --> 00:00:30,500 Hey Jim hey Chef, how are you not too bad yourself? 7 00:00:30,600 --> 00:00:34,700 Good broadcasting here from the RSM podcast. 8 00:00:34,700 --> 00:00:38,900 Sweet here in hot. Las Vegas is very hot. 9 00:00:38,900 --> 00:00:41,000 Not so hot in here though. I've kept it real cool. 10 00:00:41,400 --> 00:00:47,700 Yeah, but we've been doing this series when the I am Summit here 11 00:00:47,800 --> 00:00:50,600 in Las Vegas and it's been fantastic. 12 00:00:50,600 --> 00:00:54,100 Having those podcasting sweet. Really excited about the Sun. 13 00:00:54,300 --> 00:00:58,200 And that we have here today, we're going to talk about, ITT 14 00:00:58,200 --> 00:01:00,900 are ya identity, threat, detection, response. 15 00:01:00,900 --> 00:01:03,800 Help us with that conversation. We've got head Cadets, he's a 16 00:01:03,800 --> 00:01:06,200 CEO and co-founder at Silver for welcome head. 17 00:01:06,400 --> 00:01:08,500 Hey, great to be here. Yeah, thanks so much for taking 18 00:01:08,500 --> 00:01:10,400 the time and so we have tradition here. 19 00:01:10,400 --> 00:01:13,100 When we have someone on the show, we have to find out about 20 00:01:13,100 --> 00:01:15,900 their identity origin. Story is identity, something 21 00:01:15,900 --> 00:01:17,900 that you chose or did it Choose You? 22 00:01:19,600 --> 00:01:24,300 It's a good question. You know I kind of went into the 23 00:01:24,300 --> 00:01:29,200 whole cyber security space like a lot of Father you know, easily 24 00:01:29,200 --> 00:01:35,300 alleys in this space to the to the minute of 8,200 unit before 25 00:01:35,300 --> 00:01:37,600 that, I thought I'm going to be an artist. 26 00:01:37,600 --> 00:01:41,100 I didn't even think I'm going to go into Tech but when I was 18, 27 00:01:41,200 --> 00:01:45,100 you know, 8200 just bought me in and I loved it. 28 00:01:45,100 --> 00:01:47,700 I stayed up for six years. It was a group leader. 29 00:01:48,900 --> 00:01:54,100 It's five teams though doing like cybo campaigns and then 30 00:01:54,100 --> 00:01:56,600 after that walked for governments on similar things. 31 00:01:57,700 --> 00:02:02,500 So you know, because I had this experience with, let's say the 32 00:02:02,500 --> 00:02:06,800 offensive side of security, it became very clear to me that at 33 00:02:06,800 --> 00:02:09,100 the end of the day, I mean everybody's talking about 34 00:02:09,199 --> 00:02:11,900 zero-day attacks and fancy things, but if you want to 35 00:02:11,900 --> 00:02:17,900 tackle identity is just the easiest way in and it's almost 36 00:02:17,900 --> 00:02:19,700 crazy. How easy it is. 37 00:02:20,100 --> 00:02:23,400 Like if you really want to go like, bleach into a network of 38 00:02:23,400 --> 00:02:27,000 move laterally inside of it. Why would you bother do anything 39 00:02:27,000 --> 00:02:30,300 else? It's just so easy and exposed 40 00:02:31,800 --> 00:02:34,500 and that, that drove me to find you. 41 00:02:34,500 --> 00:02:37,000 Think about why is it like this? I mean obviously there are a lot 42 00:02:37,000 --> 00:02:40,300 of solutions. So that, that is what attracted 43 00:02:40,300 --> 00:02:44,000 me to the space is knowing that those such a clear problem. 44 00:02:44,200 --> 00:02:46,200 And even though there are hundreds of Solutions in the 45 00:02:46,200 --> 00:02:48,700 market, the problem is not solved still the majority of 46 00:02:48,700 --> 00:02:51,100 data breaches involved stolen identities. 47 00:02:51,700 --> 00:02:54,300 So why is that? And is there any way to do it 48 00:02:54,300 --> 00:02:57,600 differently? That's something that I taught a 49 00:02:57,600 --> 00:03:00,900 lot about and, you know, really want to do something on the 50 00:03:00,900 --> 00:03:05,200 time, I'm very glad they did. So this space called identity 51 00:03:05,200 --> 00:03:09,200 threat detection or spots. I TDR, I feel like this Maybe it 52 00:03:09,200 --> 00:03:11,900 was started with you be a at some point in the past and maybe 53 00:03:11,900 --> 00:03:14,800 it's evolved or maybe I'm not thinking it in the correct terms 54 00:03:14,800 --> 00:03:17,500 but that's why we got you here to help educate myself and 55 00:03:17,500 --> 00:03:21,300 others. What is itd are in your 56 00:03:21,300 --> 00:03:24,600 perspective? So for a long time, identity 57 00:03:24,600 --> 00:03:29,600 security was kind of mixed into just I am identity 58 00:03:29,600 --> 00:03:33,100 infrastructure. You know, if you have an I am 59 00:03:33,100 --> 00:03:35,100 platform. It has some security features, 60 00:03:35,200 --> 00:03:38,200 obviously. But I think we got to a point 61 00:03:38,200 --> 00:03:40,900 where because there are so many attacks that are leveraging, 62 00:03:40,900 --> 00:03:43,200 stolen identities and credentials, people are 63 00:03:43,200 --> 00:03:45,900 realizing that we need to look at identity security as a 64 00:03:45,900 --> 00:03:48,000 standalone thing that we have to solve. 65 00:03:48,800 --> 00:03:52,600 And it kind of can't be a feature in that identity 66 00:03:52,600 --> 00:03:56,200 platform because most companies have a few different identity 67 00:03:56,200 --> 00:03:57,900 platforms. They have, they have active 68 00:03:57,900 --> 00:04:02,300 directory, on-prem, and they have a GED or OCTA in the cloud. 69 00:04:02,300 --> 00:04:04,600 And they have something for the privileged access management and 70 00:04:04,600 --> 00:04:07,000 they have something in the perimeter and all of these all 71 00:04:07,000 --> 00:04:10,000 from different vendors that Are competing with each other. 72 00:04:10,700 --> 00:04:16,800 So there has to be a standalone category or solution that would 73 00:04:16,800 --> 00:04:20,899 look at identity threats across all these things and really 74 00:04:20,899 --> 00:04:25,800 focus on on the securing the identities, securing these this 75 00:04:26,100 --> 00:04:28,500 this attack surface that people I think for a long time didn't 76 00:04:28,500 --> 00:04:30,200 really think about it as a major attack surface. 77 00:04:30,200 --> 00:04:34,400 But it is, you know, one of the biggest we see that with every 78 00:04:34,400 --> 00:04:36,400 rainstorm or attack. All right. 79 00:04:36,400 --> 00:04:38,500 We'll it just spreads in the network. 80 00:04:38,600 --> 00:04:41,600 So easily, no matter what kind of security tools you have 81 00:04:41,800 --> 00:04:45,800 simply because you can take, you know, stolen account for active 82 00:04:45,800 --> 00:04:48,000 directory, and use it to move to any other computer in the 83 00:04:48,000 --> 00:04:49,100 network. Nobody will stop you. 84 00:04:50,600 --> 00:04:54,700 So I TDL is really about detecting and stopping this 85 00:04:54,700 --> 00:04:57,900 disease, entity threats and looking at identity as an attack 86 00:04:57,900 --> 00:05:01,500 surface. Yeah, to me this, the whole itg 87 00:05:01,500 --> 00:05:06,000 are explanation that you just gave is really what we call 88 00:05:06,000 --> 00:05:08,300 identity at the center. So if you think about the name 89 00:05:08,300 --> 00:05:11,600 of this Broadcast is the idea that you have all these tools 90 00:05:11,900 --> 00:05:14,000 throughout the network. Some of them are identity tools. 91 00:05:14,000 --> 00:05:18,300 Some of them are other tools like you gr but that identity 92 00:05:18,300 --> 00:05:21,700 and tying off who the person is, who has a counseling, all those 93 00:05:21,700 --> 00:05:23,900 environments as touching. All those environments doing? 94 00:05:23,900 --> 00:05:27,900 All those things ties back to a person and if you have that 95 00:05:27,900 --> 00:05:31,400 intelligence and you can take action, you know, that's a big 96 00:05:31,400 --> 00:05:33,200 thing. It's not just throwing a bunch 97 00:05:33,200 --> 00:05:35,500 of alerts, right? It's being able to take action. 98 00:05:35,800 --> 00:05:39,500 So I want to take a step back. We could be because you have a 99 00:05:39,500 --> 00:05:42,500 booth here. So you're getting to interact 100 00:05:42,500 --> 00:05:45,800 with a lot of identity practitioners, the people who 101 00:05:45,800 --> 00:05:47,800 listen to this show. I'm wondering. 102 00:05:47,900 --> 00:05:51,200 What are those people asking you at your booth about your 103 00:05:51,200 --> 00:05:55,100 products about itg are, are they at the point where they really 104 00:05:55,100 --> 00:05:58,300 have a firm understanding or they just kind of Dipping their 105 00:05:58,300 --> 00:06:00,900 toe in the water of what the space is all about? 106 00:06:01,200 --> 00:06:03,100 I think most of them don't understand it yet. 107 00:06:03,100 --> 00:06:06,900 And this is by the way, why we have time to talk about what we 108 00:06:06,900 --> 00:06:10,200 actually do. Instead of just putting a title, 109 00:06:10,300 --> 00:06:13,800 you know, itdo it's kind of similar to how a lot of vendors 110 00:06:13,800 --> 00:06:16,000 are using zero tasks as the title ID. 111 00:06:16,100 --> 00:06:18,400 It's a concept, it's a framework is a very important. 112 00:06:18,400 --> 00:06:23,300 One eye to the other as well, but we should talk to customers 113 00:06:23,300 --> 00:06:25,400 about what is it that we actually do? 114 00:06:25,400 --> 00:06:27,700 What is the solution? How does it work? 115 00:06:28,100 --> 00:06:29,500 So that's what we try to do at the person. 116 00:06:29,500 --> 00:06:33,100 People really get it feel like people respond to it very well. 117 00:06:33,100 --> 00:06:35,600 We had hundreds of good conversations here. 118 00:06:36,200 --> 00:06:40,200 I did a session that, you know, a lot of People came to talk to 119 00:06:40,200 --> 00:06:46,000 me after we also had, you know, I was very glad to find out that 120 00:06:46,000 --> 00:06:49,500 some point that Andrew cannon from General Motors did a 121 00:06:49,500 --> 00:06:53,300 session about their whole strategy for identity security 122 00:06:53,300 --> 00:06:55,900 and 0 tasks. Any yet a whole slide with our 123 00:06:55,900 --> 00:06:58,300 we are like the missing piece because they're one of our 124 00:06:58,300 --> 00:07:02,000 customers. That obviously got a lot of 125 00:07:02,000 --> 00:07:03,400 people to come to our boussinesq. 126 00:07:03,400 --> 00:07:05,000 You know, how can we do the same? 127 00:07:05,000 --> 00:07:07,800 That's a good. Get, you just expand it in a way 128 00:07:07,800 --> 00:07:09,500 by the way. I think expanding way that this 129 00:07:09,500 --> 00:07:13,100 is better than how I do it in certain ways, just so simple. 130 00:07:13,200 --> 00:07:15,800 By the way, I think in general, that's what the industry needs. 131 00:07:16,800 --> 00:07:19,300 Much much simpler explanations that are much more 132 00:07:19,300 --> 00:07:21,800 straightforward without a lot of marketing fluff. 133 00:07:21,800 --> 00:07:25,200 Like this is what we do, this is how it plugs into your existing 134 00:07:25,200 --> 00:07:28,400 Solutions and this is what you get and that's what I'm trying 135 00:07:28,400 --> 00:07:30,500 to do. I feel like every year it's a 136 00:07:30,500 --> 00:07:35,100 fort or story became become simpler instead of adding more 137 00:07:35,100 --> 00:07:37,000 and more complexity. It's actually a simple story 138 00:07:37,000 --> 00:07:39,400 every year and it just works. Well, that's been a theme. 139 00:07:39,400 --> 00:07:42,000 I think, for this conference, we've seen some of the Keynotes 140 00:07:42,000 --> 00:07:44,200 were around storytelling and sort of human element and 141 00:07:44,300 --> 00:07:49,000 Distilling things down into simpler easier to understand 142 00:07:49,000 --> 00:07:50,800 Concepts. Because if you can't articulate 143 00:07:50,800 --> 00:07:53,000 what it is that you're doing. If a very difficult time, 144 00:07:53,000 --> 00:07:55,100 getting any traction, especially, because there's so 145 00:07:55,100 --> 00:07:58,100 many vendors and I do think we're doing something very 146 00:07:58,100 --> 00:08:00,800 differently. So if we just use the same terms 147 00:08:00,800 --> 00:08:03,700 like everybody, it's all designed to really explain what 148 00:08:03,700 --> 00:08:06,400 is it that we do? And by the way Jim I think that 149 00:08:06,400 --> 00:08:08,000 you hit on exactly these two things. 150 00:08:08,200 --> 00:08:15,300 It's before the that I TDL needs to evolving because I mean, you 151 00:08:15,300 --> 00:08:19,800 guys are right in many ways, this is just, this could be just 152 00:08:19,800 --> 00:08:24,100 trim blending of some existing things like Huey, be a, but I 153 00:08:24,100 --> 00:08:26,500 think it will not think it will be much more than that, and it's 154 00:08:26,500 --> 00:08:29,200 especially because of two changes that I think. 155 00:08:29,200 --> 00:08:32,200 And I hope I did. I will blink versus the old. 156 00:08:32,299 --> 00:08:37,900 You know, Huey be a about one is the response. 157 00:08:38,200 --> 00:08:40,600 Which I think a lot of people are still trying to figure out 158 00:08:40,600 --> 00:08:44,400 what is that response, but it cannot be about detecting 159 00:08:44,400 --> 00:08:46,300 anomalies in sending alerts to the same. 160 00:08:47,300 --> 00:08:50,100 The last thing people need is a more alerts. 161 00:08:50,700 --> 00:08:54,000 Nobody, I mean, they said, there's a shortage in talent in 162 00:08:54,000 --> 00:08:55,700 the market. Nobody has enough people to 163 00:08:55,700 --> 00:08:59,900 handle all these alerts. It has to come with some kind of 164 00:08:59,900 --> 00:09:03,100 real-time automated response that will stop the attack. 165 00:09:03,100 --> 00:09:06,200 Especially when were talking identity attacks, they are so 166 00:09:06,200 --> 00:09:09,600 fast. When you got an attacker in your 167 00:09:09,600 --> 00:09:14,200 network with a domain admin account, they will take over 168 00:09:14,200 --> 00:09:17,600 your network, you know, within an hour they will not wait until 169 00:09:18,000 --> 00:09:19,900 you get a bunch of a little to your serum and you go 170 00:09:19,900 --> 00:09:23,100 investigate them and it will it's way too late. 171 00:09:23,100 --> 00:09:27,100 So I think the response part is what a lot of the solutions. 172 00:09:27,900 --> 00:09:31,300 Started as mobile fed detection, tools will now need to evolve 173 00:09:31,300 --> 00:09:32,900 in. And that's I think one of the 174 00:09:32,900 --> 00:09:34,700 managers will be where we innovated. 175 00:09:35,300 --> 00:09:38,400 And the second is has to be course platform. 176 00:09:39,100 --> 00:09:42,300 It cannot be something that works only for the cloud or only 177 00:09:42,300 --> 00:09:45,400 for the on-prem. Only for one type of users. 178 00:09:46,000 --> 00:09:49,600 It has to be across the board, by the way, that is in my 179 00:09:49,600 --> 00:09:52,600 opinion, the biggest failure in identity security. 180 00:09:53,100 --> 00:09:57,400 Until now, if you think about it identity is one of the only 181 00:09:57,800 --> 00:10:00,500 Categories. Well, security is just a feature 182 00:10:00,600 --> 00:10:02,800 inside the infrastructure platform, right? 183 00:10:03,000 --> 00:10:05,300 So, if you got a jewel and you're using the security 184 00:10:05,300 --> 00:10:08,500 features for the identities of using achter de of Dell security 185 00:10:08,500 --> 00:10:12,000 features in other categories Securities, it's not like that. 186 00:10:12,100 --> 00:10:18,400 Think about endpoint security you by your endpoints themselves 187 00:10:18,400 --> 00:10:22,800 from one vendor or fulfill, you know, Lenovo HP Dell, you don't 188 00:10:22,800 --> 00:10:25,600 buy endpoint protection from each of them, that only works 189 00:10:25,600 --> 00:10:28,700 for their own endpoints. You go to Vendors that 190 00:10:28,700 --> 00:10:32,600 specialize in endpoint security and you buy a solution that 191 00:10:32,600 --> 00:10:36,400 works, on top of all the platforms, all the laptops, same 192 00:10:36,400 --> 00:10:38,700 with network, you can buy network security solution, 193 00:10:38,700 --> 00:10:40,700 regardless of what kind of switches and routers, you have. 194 00:10:40,700 --> 00:10:43,900 It's a security solution that works everywhere, but identity 195 00:10:43,900 --> 00:10:47,600 is not in identity. If you have five different 196 00:10:47,600 --> 00:10:51,300 platforms for identity because your hybrid multi-cloud, 197 00:10:51,300 --> 00:10:56,300 whatever, Each of them has its own security features within the 198 00:10:56,300 --> 00:10:59,200 infrastructure. Those actually not I mean I 199 00:10:59,200 --> 00:11:03,200 think I think we are but I think those not a good solution all 200 00:11:03,200 --> 00:11:07,300 the hasn't been for a long time. That is really a security layer, 201 00:11:07,400 --> 00:11:09,900 the track on top of all of them because they are competing with 202 00:11:09,900 --> 00:11:12,900 each other Michael's of dr. Ping Starbuck they will not 203 00:11:12,900 --> 00:11:16,900 allow the other one to apply policy on their platform. 204 00:11:16,900 --> 00:11:18,400 Right. Each of them is only doing its 205 00:11:18,400 --> 00:11:20,200 own thing, looking at their own piece of the puzzle. 206 00:11:20,900 --> 00:11:22,600 And we'll trying to be the new ciao. 207 00:11:22,700 --> 00:11:26,200 Security layer on top. And this is why I think I did. 208 00:11:26,200 --> 00:11:31,300 L is such an important thing because identity security has to 209 00:11:31,300 --> 00:11:33,900 stop being just a feature in the infrastructure. 210 00:11:33,900 --> 00:11:37,300 It has to evolve into something separate from I am gets on 211 00:11:37,300 --> 00:11:38,700 capability, essentially? Yeah. 212 00:11:38,700 --> 00:11:41,800 Because it has to be Standalone. It has to be something that 213 00:11:41,808 --> 00:11:44,200 works on top of old identity platforms. 214 00:11:44,200 --> 00:11:47,700 So I'm kind of wondering like, who from an organization then 215 00:11:47,700 --> 00:11:50,800 identifies that there's a problem that needs to be solved. 216 00:11:50,800 --> 00:11:54,400 Is it the folks that run? On the EDR and realize that, 217 00:11:54,400 --> 00:11:56,700 wow, we're not getting all the data that we need. 218 00:11:56,700 --> 00:12:00,200 This is the folks from the, I Am side that realize that we're 219 00:12:00,200 --> 00:12:03,100 managing identities and all these different places. 220 00:12:03,100 --> 00:12:07,300 And we just have to be able to kind of make what's happening 221 00:12:07,300 --> 00:12:10,600 over here. And we need to be able to flow 222 00:12:10,600 --> 00:12:16,400 our actions positive or negative two, other places where that 223 00:12:16,400 --> 00:12:19,200 identity has access. It's a great question. 224 00:12:19,200 --> 00:12:21,500 And I think it illustrates exactly the problem I just 225 00:12:21,500 --> 00:12:25,300 mentioned, because Think about it right now in companies you 226 00:12:25,300 --> 00:12:28,600 got I am teams. What is that exactly? 227 00:12:28,600 --> 00:12:32,200 Is that infrastructure? Is that security for end point 228 00:12:32,200 --> 00:12:35,400 it's clear right? You got one team managing the 229 00:12:35,400 --> 00:12:38,700 end points themselves from an IT perspective and you got another 230 00:12:38,700 --> 00:12:43,300 team doing endpoint security. Why is the identity one team 231 00:12:44,000 --> 00:12:45,500 sometimes? Reporting to the Seesaw, 232 00:12:45,500 --> 00:12:48,700 sometimes reporting to the CIO to the city, oh, but it's one 233 00:12:48,700 --> 00:12:50,900 team that has to take care of the infrastructure and the 234 00:12:50,900 --> 00:12:52,600 security. These are two separate things. 235 00:12:53,400 --> 00:12:56,400 Right now we are seeing companies from, you know, some 236 00:12:56,400 --> 00:12:58,400 companies have it on the right tea and then these people 237 00:12:58,400 --> 00:13:01,400 usually kill more about, you know, the the infrastructure 238 00:13:01,400 --> 00:13:03,800 side, some companies have it on do security. 239 00:13:04,400 --> 00:13:08,200 But I think that, I hope that as this Market evolves. 240 00:13:08,200 --> 00:13:10,800 And as identity security, right EDR. 241 00:13:10,800 --> 00:13:14,100 Become a separate thing from I am infrastructure. 242 00:13:15,200 --> 00:13:18,000 Companies were also evolved and have separate teams that are 243 00:13:18,008 --> 00:13:21,700 doing, identity infrastructure, and identity security. 244 00:13:22,700 --> 00:13:25,900 But right now, it is confusing. And yes, sometimes it's coming 245 00:13:25,900 --> 00:13:29,500 from people who like, the endpoint team or the stock team, 246 00:13:29,500 --> 00:13:34,100 or but it shouldn't, you know, identity is important enough to 247 00:13:34,100 --> 00:13:37,600 have a team dedicated to identity security specifically, 248 00:13:38,700 --> 00:13:40,900 some companies have them, but usually, very large ones. 249 00:13:41,400 --> 00:13:47,700 So, so, as I TDR, A product class, like IGA or is a 250 00:13:47,700 --> 00:13:52,400 framework like zero trust. It's a good question. 251 00:13:52,400 --> 00:13:56,500 I think that in many ways, it's a flame Oak, I think a lot of 252 00:13:56,600 --> 00:14:00,300 different solutions will now say that they'll doing it DL. 253 00:14:00,700 --> 00:14:03,000 Because in many ways they are all of these. 254 00:14:03,000 --> 00:14:07,600 Like, if you're doing, you know, MFA or Pam or many of these 255 00:14:07,600 --> 00:14:12,000 other things in many ways, you o, part of idea. 256 00:14:12,700 --> 00:14:17,300 But I do think that idea is more about the brain that controls 257 00:14:17,300 --> 00:14:19,500 all of these different things, right? 258 00:14:19,500 --> 00:14:23,000 So yes, you got em f. You got Pam, you got, you know 259 00:14:23,000 --> 00:14:26,100 monitoring you got all these different things, but there has 260 00:14:26,100 --> 00:14:29,300 to be something in the middle, which this is what how I think 261 00:14:29,300 --> 00:14:34,100 about idea like the brain that the Plies, all of these controls 262 00:14:34,100 --> 00:14:35,900 in the right time. So if we detect something that 263 00:14:35,900 --> 00:14:38,700 looks like lateral movement or like an anomaly, okay, maybe we 264 00:14:38,700 --> 00:14:42,300 then call the MFA, by the way. The MFA doesn't even do need to 265 00:14:42,300 --> 00:14:45,400 be part of our platform. We, for example, walk with all 266 00:14:45,400 --> 00:14:48,900 the MFA vandals, if we detect a threat in the network, we will 267 00:14:49,100 --> 00:14:51,300 they go do. I will take out the Azure MFA? 268 00:14:51,500 --> 00:14:54,600 Will to go OCTA. It doesn't do to be a part of 269 00:14:54,600 --> 00:14:56,400 it. What we are is really the policy 270 00:14:56,400 --> 00:14:59,600 engine, the ones that detect the traps and decides what is the 271 00:14:59,608 --> 00:15:02,600 right response to it? Is it to trigger MFA? 272 00:15:02,600 --> 00:15:05,400 Is it to block the user? Is it sending an alert? 273 00:15:06,000 --> 00:15:08,400 You know, there are many things you can do and they they don't 274 00:15:08,400 --> 00:15:11,300 necessarily have to be part of the itd. 275 00:15:11,300 --> 00:15:15,200 How policy engine, they can be things that companies already 276 00:15:15,200 --> 00:15:17,500 have. We're saying to customers a, you 277 00:15:17,500 --> 00:15:21,400 already have MFA. Just like now you're using it as 278 00:15:21,400 --> 00:15:24,400 a pretty simple control. That sits on your perimeter and 279 00:15:24,408 --> 00:15:26,800 maybe your Cloud applications how'd you like to take this 280 00:15:26,800 --> 00:15:31,900 existing MFA solution that you already have an extended into 281 00:15:31,900 --> 00:15:34,900 the place as well attacks actually happen within the you 282 00:15:34,908 --> 00:15:37,900 know the identity infrastructure, all these things 283 00:15:37,900 --> 00:15:41,400 that the MFA Solutions don't cover you know, command line, 284 00:15:41,400 --> 00:15:45,900 tools and Industrial Systems. And you know all these foul 285 00:15:45,900 --> 00:15:49,300 shells and on-prem particles that end. 286 00:15:49,400 --> 00:15:52,800 Just doesn't walk Focus right now, it's all in the VPN in the 287 00:15:52,800 --> 00:15:57,800 cloud applications web apps. But you don't need to replace 288 00:15:57,800 --> 00:16:00,600 it. We're just extended to these 289 00:16:00,600 --> 00:16:02,900 places. We're bring the modern security 290 00:16:02,900 --> 00:16:05,300 into the places where he doesn't walk the Legacy systems. 291 00:16:05,300 --> 00:16:09,400 The service accounts, the infrastructure So in a way I 292 00:16:09,400 --> 00:16:13,300 did, the other is just, it's the policy engine of the brain. 293 00:16:14,200 --> 00:16:16,600 That enforces, the security control that you might already 294 00:16:16,600 --> 00:16:18,700 have. When it's the right time in the 295 00:16:18,700 --> 00:16:21,400 right place, I think you have the policy won't. 296 00:16:21,400 --> 00:16:24,700 One thing I was thinking about there is that, you know what? 297 00:16:24,700 --> 00:16:28,400 I think about IGA system implementation, especially like 298 00:16:28,400 --> 00:16:31,300 10 years ago. We're automating a lot of things 299 00:16:31,300 --> 00:16:34,200 that were happening manually, right? 300 00:16:34,200 --> 00:16:38,500 So, the business result was we were reducing the The 301 00:16:38,500 --> 00:16:41,500 organization by doing things in an automated way. 302 00:16:41,500 --> 00:16:44,200 We didn't have to have people running around and provisioning 303 00:16:44,200 --> 00:16:48,400 access or you know, exporting Excel files and somebody else 304 00:16:48,400 --> 00:16:50,200 turning them into an access for you. 305 00:16:50,200 --> 00:16:53,600 But I think what you're talking about with ITT, are these are 306 00:16:53,600 --> 00:16:57,500 things that don't happen today. So this the business result is 307 00:16:57,500 --> 00:17:00,400 reduction in Risk. You actually now have visibility 308 00:17:00,400 --> 00:17:06,200 into security data that today, you do not have these things are 309 00:17:06,200 --> 00:17:08,300 happening, but you can't do anything about it. 310 00:17:08,400 --> 00:17:11,700 It is why do we? I think the most exciting thing 311 00:17:11,700 --> 00:17:17,200 about itdo even as you know as opposed to other types of 312 00:17:17,200 --> 00:17:22,500 detection response tools that are not on the identity is that 313 00:17:22,599 --> 00:17:24,900 if you're talking about detection response outside of 314 00:17:24,900 --> 00:17:28,700 identity, the response is actually pretty limited. 315 00:17:28,800 --> 00:17:33,200 What you can do is usually Send an alert, you know, and do 316 00:17:33,200 --> 00:17:36,000 something retroactive, which is not great because nobody can 317 00:17:36,000 --> 00:17:37,700 handle these alerts. And you're missing the actual 318 00:17:37,700 --> 00:17:42,300 attack or you can block, you can block the endpoint, you can 319 00:17:42,300 --> 00:17:45,600 block the, the network access, you know, something that is very 320 00:17:45,600 --> 00:17:47,300 aggressive, you don't want to do that. 321 00:17:47,300 --> 00:17:50,400 Because most of the detection today is not necessarily 322 00:17:50,400 --> 00:17:51,900 accurate, right? You get a lot of false 323 00:17:51,900 --> 00:17:53,600 positives, so, you know, nobody wants to do that. 324 00:17:54,800 --> 00:17:58,200 So this choice between sending an alert or doing something very 325 00:17:58,200 --> 00:18:01,500 aggressive, is all you got when you're talking detection 326 00:18:01,500 --> 00:18:05,200 response, outside of identity. But in identity, you got a third 327 00:18:05,200 --> 00:18:07,800 option, you can step up the authentication. 328 00:18:08,300 --> 00:18:11,700 That's a great option because everybody's used to it. 329 00:18:11,700 --> 00:18:13,500 I'd getting an MFA Pompton saying. 330 00:18:13,500 --> 00:18:16,500 Yes, this is me almost two years, 22 years to it. 331 00:18:16,500 --> 00:18:20,200 By the way, they're going to do it less with idea because 332 00:18:20,200 --> 00:18:21,500 without i.d., all they need to do it. 333 00:18:21,500 --> 00:18:24,400 Every time they log in, we fight it out, they only need to do 334 00:18:24,600 --> 00:18:27,000 When we think the count is may be compromised. 335 00:18:27,000 --> 00:18:30,500 So it's actually less annoying and maybe they will be less 336 00:18:30,500 --> 00:18:32,700 automatically you know, right? Clicking on it. 337 00:18:33,600 --> 00:18:36,200 By the way, the other solutions for that, we have a whole whole 338 00:18:36,600 --> 00:18:41,400 block about that too. But the thing is step-up 339 00:18:41,400 --> 00:18:46,800 authentication as a response tool in many ways, is the most 340 00:18:47,000 --> 00:18:50,200 effective one, because you're basically, letting the usual 341 00:18:50,200 --> 00:18:53,700 tell you, is it you or not, why have the stock team 342 00:18:53,700 --> 00:18:55,600 investigates? Thousands of alerts. 343 00:18:55,900 --> 00:18:59,500 If we can simply ask the user is it, you can you prove it and 344 00:18:59,500 --> 00:19:01,200 within one click they will tell us. 345 00:19:01,200 --> 00:19:04,700 Yes, it is me and you're just annoying me for no reason. 346 00:19:05,300 --> 00:19:09,300 And please don't don't do it again and we can actually learn, 347 00:19:09,300 --> 00:19:12,500 we can train the algorithm. You know what, maybe for you. 348 00:19:12,500 --> 00:19:15,300 It is normal to login in the middle of the night from, you 349 00:19:15,300 --> 00:19:18,300 know, from another country. Maybe for you, it is normal to 350 00:19:18,300 --> 00:19:23,400 connect, 25 databases in all the weekend, if you can prove it 351 00:19:23,500 --> 00:19:26,400 that it's you. We can train our algorithms to 352 00:19:26,400 --> 00:19:28,400 understand what is normal. That's something you don't get 353 00:19:28,400 --> 00:19:30,900 with regular you. A ba doo ba, you know, 354 00:19:31,300 --> 00:19:34,100 theoretically, we can train it, but nobody does here. 355 00:19:34,100 --> 00:19:36,800 It's almost like you are crowdsourcing your alerts to the 356 00:19:36,800 --> 00:19:39,100 users, right? Let them tell us. 357 00:19:39,200 --> 00:19:42,700 What are the two positives? If I can tell the stock Team? 358 00:19:43,300 --> 00:19:46,200 All of these thousands of anomalies that I taught, or 359 00:19:46,200 --> 00:19:49,000 maybe another security product taught that are risky. 360 00:19:49,400 --> 00:19:52,100 You know what? We actually ask the users and 361 00:19:52,100 --> 00:19:54,400 these are the five were the user. 362 00:19:54,600 --> 00:19:57,300 Couldn't prove his identity. These are your real incidents, 363 00:19:57,600 --> 00:20:00,700 and by the way, we block them, we didn't let them too, but you 364 00:20:00,700 --> 00:20:03,500 can now focus on these five all the rest of them. 365 00:20:04,000 --> 00:20:06,500 You know what we target? Step-up authentication, the user 366 00:20:06,500 --> 00:20:09,100 told us that same. It's much, much less risky. 367 00:20:09,600 --> 00:20:12,800 Let's focus on the ones. We couldn't, this is unique to 368 00:20:12,800 --> 00:20:14,600 Identity. You don't get that with any kind 369 00:20:14,600 --> 00:20:16,800 of other detection response. At the end point that the 370 00:20:16,800 --> 00:20:19,500 network are sorry, as I think I did the others, even a bigger 371 00:20:19,500 --> 00:20:23,500 potential, the detection response to other platforms and 372 00:20:23,500 --> 00:20:28,000 forces the You give another words, we found a potential bad 373 00:20:28,000 --> 00:20:31,600 actor shut that bad actor off. Whereas what you're talking 374 00:20:31,600 --> 00:20:36,000 about is now we can do Step Up. We've confirmed a positive. 375 00:20:36,200 --> 00:20:40,800 Now, we can actually, you know, reduce that risk to our so that 376 00:20:40,800 --> 00:20:44,400 the user has a has less friction throughout their journey. 377 00:20:45,000 --> 00:20:48,100 I wanted to shift off exclusive is really generously trying, but 378 00:20:48,100 --> 00:20:51,000 there was one more thing I wanted to hit, which, is this 379 00:20:51,000 --> 00:20:56,200 itd, our space, it's just becoming He is entering my 380 00:20:56,200 --> 00:20:59,100 Consciousness, right? So it's kind of like new for me, 381 00:20:59,100 --> 00:21:03,600 anyway, and I'm kind of tracing it back to the Gartner hype 382 00:21:03,600 --> 00:21:06,600 cycle, right? Because I think if you look at 383 00:21:06,800 --> 00:21:12,200 product like single sign-on, IGA privileged access management, 384 00:21:12,200 --> 00:21:14,500 it's gone all the way through the hype cycle is probably at 385 00:21:14,500 --> 00:21:17,300 the what they called the plateau of productivity. 386 00:21:17,700 --> 00:21:20,600 You look at zero trust it's kind of like gone through it. 387 00:21:20,600 --> 00:21:23,900 And now it might be, you know, might start at some point is 388 00:21:23,900 --> 00:21:26,800 going to get into Us. Trough of disillusionment. 389 00:21:26,900 --> 00:21:30,200 And the reason I say that is not because to put down zero trust, 390 00:21:30,200 --> 00:21:34,200 I think 0 trusses fantastic. But if there's the mentality 391 00:21:34,200 --> 00:21:37,300 that hey I'm just going to be able to Cobble together some 392 00:21:37,300 --> 00:21:41,200 products or maybe by one Suite of products in b0, trust. 393 00:21:41,200 --> 00:21:43,000 That's the joke. That's not what it is. 394 00:21:43,300 --> 00:21:48,000 So, what I wanted to ask you is, where is ited? 395 00:21:48,000 --> 00:21:54,100 Are in this in this hype cycle? And would you say that like a 396 00:21:54,108 --> 00:21:55,600 year? For now, how does it look 397 00:21:55,600 --> 00:21:57,600 different? Our people is it more and more 398 00:21:57,600 --> 00:22:00,200 people's Consciousness. Are people saying this is just 399 00:22:00,200 --> 00:22:03,300 something you have to do. It's a great question and I 400 00:22:03,300 --> 00:22:06,900 think that we all that it time well, a lot of angels will say 401 00:22:06,900 --> 00:22:10,100 we do idea and a lot of customers were wrongfully. 402 00:22:10,100 --> 00:22:13,700 Think that idea is just one product you buy and you'll good. 403 00:22:13,700 --> 00:22:16,000 And it's not just like zero tossed. 404 00:22:16,000 --> 00:22:19,000 It's an approach. You need to get all your 405 00:22:19,000 --> 00:22:25,700 solutions to walk together around it so I think The will be 406 00:22:25,700 --> 00:22:28,200 for the next year or two, a lot of confusion. 407 00:22:28,700 --> 00:22:31,500 A lot of people will look at things that are actually mostly 408 00:22:31,500 --> 00:22:35,400 detection tools as I TDR. And, you know, a lot of products 409 00:22:35,400 --> 00:22:38,800 that will you be a or doing different things to detect 410 00:22:38,800 --> 00:22:42,800 threats will now say I was doing idea and our response is that we 411 00:22:42,800 --> 00:22:45,500 send an alert to the sock and then they do something about it. 412 00:22:46,400 --> 00:22:50,700 And what I hope will happen is you know slowly people will 413 00:22:50,700 --> 00:22:56,700 realize that the detection part has been though for But will it 414 00:22:56,700 --> 00:22:58,200 really? You know what I did? 415 00:22:58,200 --> 00:23:01,100 That was really an opportunity is to really connect the 416 00:23:01,108 --> 00:23:04,600 detection to the real-time active response to the 417 00:23:04,600 --> 00:23:07,200 enforcement. If we can do that, if we can 418 00:23:07,200 --> 00:23:09,700 take the detection that has been though. 419 00:23:09,800 --> 00:23:14,300 I mean, it is improving now but it's has been done for years and 420 00:23:14,300 --> 00:23:18,300 we finally connected to the enforcement to the MFA to the 421 00:23:18,300 --> 00:23:20,800 conditional access policies to the things that actually stop 422 00:23:20,800 --> 00:23:22,700 attacks. If we finally make that 423 00:23:22,700 --> 00:23:24,400 connection that is the opportunity of idea. 424 00:23:24,500 --> 00:23:26,700 Ha, and I think for the next year or two people are going to 425 00:23:26,700 --> 00:23:29,700 be confused or going to look at detection tool that has 426 00:23:29,700 --> 00:23:32,000 repackaged as ideal as if this is. 427 00:23:32,500 --> 00:23:33,900 You know, this is what they need. 428 00:23:34,600 --> 00:23:36,900 And I think slowly they will realize okay that's just sending 429 00:23:36,900 --> 00:23:39,800 us another alert. It will not actually stop the 430 00:23:39,800 --> 00:23:42,300 attacks force and they will understand it. 431 00:23:42,300 --> 00:23:46,200 Ideas about the connection between detection and response 432 00:23:46,300 --> 00:23:50,400 active response, it actually stops attacks and that is where 433 00:23:50,400 --> 00:23:52,000 it will get to a certain maturity. 434 00:23:52,000 --> 00:23:56,500 Well, I do think that the it Back to once it matures one, 435 00:23:56,500 --> 00:24:00,700 people do Ido this way. I think that the impact of this 436 00:24:00,700 --> 00:24:03,000 will be huge. I think that, in terms of 437 00:24:03,000 --> 00:24:06,400 actually stopping attacks, this will be one of the most 438 00:24:06,400 --> 00:24:12,700 effective Concepts or tools ever simply because so many attacks 439 00:24:12,700 --> 00:24:16,000 involving identities without the identity element to probably 440 00:24:16,000 --> 00:24:18,500 much, much less risky they will probably stay on one two 441 00:24:18,500 --> 00:24:20,800 devices. The not be able to take over the 442 00:24:20,800 --> 00:24:23,700 entire network without the identity element. 443 00:24:24,500 --> 00:24:27,400 It is used to propagate and second because I think the 444 00:24:27,400 --> 00:24:32,700 response at the identity level step-up authentication is such a 445 00:24:32,700 --> 00:24:36,000 great option for response because it's the perfect 446 00:24:36,000 --> 00:24:39,400 combination between security and productivity. 447 00:24:40,200 --> 00:24:44,200 You take action real action to prevent the attack without 448 00:24:44,200 --> 00:24:47,200 blocking your real legitimate users that are simply trying to 449 00:24:47,200 --> 00:24:50,600 walk. You use Step Up aggregation 450 00:24:50,600 --> 00:24:54,200 almost as a filter. To stop only the real threats 451 00:24:54,800 --> 00:24:57,200 without bothering the legitimate users. 452 00:24:58,000 --> 00:25:02,300 I think this is where idea is going to be a game-changer, but 453 00:25:02,300 --> 00:25:05,000 yes, it will take time for everybody to understand what is 454 00:25:05,200 --> 00:25:08,600 really active and what is maybe just a piece of it like 455 00:25:08,600 --> 00:25:10,000 detection. Yeah, thank you. 456 00:25:10,000 --> 00:25:13,300 It's very, very educational, very eye-opening. 457 00:25:13,300 --> 00:25:16,600 And it's going to be very interesting to watch this 458 00:25:16,600 --> 00:25:22,200 unfold, you know, over the next year to see, you know, I think 459 00:25:22,500 --> 00:25:25,500 Kind of I hear one of your predictions is that they're 460 00:25:25,500 --> 00:25:29,000 going to be vendors trying to repackaged Old products as like 461 00:25:29,200 --> 00:25:35,000 hey this is now I TD R zero trust and ideas are so you just 462 00:25:35,000 --> 00:25:38,400 like take care of all your problems with with our product. 463 00:25:38,400 --> 00:25:42,500 That's what I'm afraid of is the dilution of the terms but was 464 00:25:42,500 --> 00:25:47,700 happens but I think customers will realize eventually to take 465 00:25:47,700 --> 00:25:50,600 time but it's okay you know if every category but people will 466 00:25:50,600 --> 00:25:52,100 realize what is actually bringing them. 467 00:25:52,200 --> 00:25:55,100 The value. And also, I think that the 468 00:25:55,100 --> 00:25:57,100 detection tools still have a place. 469 00:25:57,100 --> 00:26:00,300 I think that, you know, I don't believe that any Vendo has the 470 00:26:00,300 --> 00:26:04,700 solution for everything, we obviously don't, you know, we 471 00:26:05,000 --> 00:26:07,200 really try to connect with all of the other security products 472 00:26:07,200 --> 00:26:09,400 in order to work together. By the way, that's another 473 00:26:09,400 --> 00:26:12,100 concept Governor is talking about the mesh, right? 474 00:26:12,600 --> 00:26:15,700 Everything's to work together. So yes, the detection tools. 475 00:26:15,700 --> 00:26:17,700 Also have a place they can detect certain things. 476 00:26:18,000 --> 00:26:21,700 Maybe there's another product that can enforce, you know, and 477 00:26:21,700 --> 00:26:23,700 it all To all these different identities. 478 00:26:23,700 --> 00:26:26,500 Silos, that will be connected. Everybody needs to work 479 00:26:26,500 --> 00:26:27,600 together. No, no. 480 00:26:27,600 --> 00:26:28,900 Single. Vendor can say, I have the 481 00:26:28,900 --> 00:26:32,400 solution for everything and I think customers are starting to 482 00:26:32,400 --> 00:26:35,500 get that. And I think, well, it will 483 00:26:35,500 --> 00:26:38,100 become very clear as once these Solutions. 484 00:26:38,100 --> 00:26:41,700 And we always think it with our product will actually stop a lot 485 00:26:41,700 --> 00:26:45,200 of attacks that our daughters. Don't we stop an attack. 486 00:26:45,200 --> 00:26:47,700 Almost every week. Now, real data breach on one of 487 00:26:47,700 --> 00:26:51,100 our customers and I think people are telling each other that 488 00:26:51,100 --> 00:26:52,000 those saying. Hey you know what? 489 00:26:52,000 --> 00:26:54,600 I Other than some of attacking my network and you know, some of 490 00:26:54,600 --> 00:26:57,800 what actually saw it stepped up the authentication to my user, 491 00:26:57,800 --> 00:27:01,100 the user didn't respond and it stopped it stayed on the One 492 00:27:01,100 --> 00:27:06,700 initial endpoint on patient zero and let move anywhere else and 493 00:27:06,700 --> 00:27:07,900 they'll telling each other about it. 494 00:27:07,908 --> 00:27:09,800 You know what, it actually stopped the attack. 495 00:27:10,400 --> 00:27:13,200 Another thing that is driving awareness and influencing the 496 00:27:13,200 --> 00:27:17,100 industry is cyber insurance. A few years ago, I think people 497 00:27:17,100 --> 00:27:20,500 didn't really know what it will become, I think, just like in 498 00:27:20,500 --> 00:27:22,800 other Industries, eventually, it's not there yet, but 499 00:27:22,800 --> 00:27:27,300 eventually cyber insurance will signal to the customers. 500 00:27:27,300 --> 00:27:31,600 What they need to do because they have a lot of data and they 501 00:27:31,600 --> 00:27:35,800 have a strong incentive to actually get you to buy the 502 00:27:35,800 --> 00:27:37,700 product that stop attacks because otherwise they would pay 503 00:27:37,700 --> 00:27:40,700 a lot of money. So if they recognize and I think 504 00:27:40,700 --> 00:27:43,500 they are starting to that this is going to actually stop 505 00:27:43,500 --> 00:27:45,400 attacks and stop ransomware attacks. 506 00:27:45,600 --> 00:27:49,400 Especially do going to force everybody to buy this and I 507 00:27:49,400 --> 00:27:53,000 think it's a good thing because any single customer can beg get 508 00:27:53,000 --> 00:27:55,800 confused with all these different vendors and messages. 509 00:27:56,100 --> 00:27:59,600 It's actually a good thing that, you know, insurance will tell 510 00:27:59,600 --> 00:28:01,400 you. You know what we have data from 511 00:28:01,400 --> 00:28:04,100 tens of thousands of customers. And we can tell you if you get 512 00:28:04,100 --> 00:28:07,400 this product or this type of product, your risk actually goes 513 00:28:07,400 --> 00:28:09,700 down. So we'll only give you insurance 514 00:28:09,700 --> 00:28:11,700 if you buy it. I think that's a good thing. 515 00:28:12,000 --> 00:28:14,900 It's not there yet but it's it will get them carry saying a lot 516 00:28:14,900 --> 00:28:16,900 of maturity. D and cyber Insurance 517 00:28:16,900 --> 00:28:19,200 questionnaires that are going out and my faith a couple years 518 00:28:19,200 --> 00:28:19,700 ago. What do you mean? 519 00:28:19,708 --> 00:28:20,800 You're not doing MFA? Okay. 520 00:28:20,900 --> 00:28:22,900 Now you need to because you got to follow the money. 521 00:28:23,300 --> 00:28:27,600 I think it's maybe the least is still not the for list of what 522 00:28:27,600 --> 00:28:31,900 people should do, but it's good because it kind of puts a mirror 523 00:28:31,900 --> 00:28:34,300 in front of people. Like these are the things you 524 00:28:34,308 --> 00:28:36,600 need to do. Because we believe that they 525 00:28:36,600 --> 00:28:40,500 reduce the risk. The most And it's good because 526 00:28:40,500 --> 00:28:42,900 it doesn't, it means that not every small company will need to 527 00:28:42,900 --> 00:28:46,300 do their own research and come to these conferences. 528 00:28:47,900 --> 00:28:51,400 You know, they will actually get a list of, you know, this is 529 00:28:51,400 --> 00:28:54,900 what you need to do to have a lower risk. 530 00:28:57,700 --> 00:28:59,600 And I think I did, I was going to be a big part of it. 531 00:28:59,600 --> 00:29:02,500 I mean now it's MFA and privileged access but eventually 532 00:29:02,500 --> 00:29:04,900 all these things tie together into idea. 533 00:29:05,000 --> 00:29:08,800 It's protecting the identities that's key to stopping a tax. 534 00:29:09,700 --> 00:29:12,900 Even very eloquent and helping us understand itd are so I want 535 00:29:12,900 --> 00:29:16,100 to put that eloquence on display. 536 00:29:16,500 --> 00:29:18,600 What's the 30 second? Elevator pitch that you give to 537 00:29:18,600 --> 00:29:20,800 somebody when you're like okay what do you do? 538 00:29:20,800 --> 00:29:28,600 Like I'm sober for okay so me so So what we do is we extend 539 00:29:29,300 --> 00:29:32,900 identity security controls such as multi-factor, authentication 540 00:29:32,900 --> 00:29:37,300 conditional access everywhere, even in two places where they 541 00:29:37,300 --> 00:29:39,800 don't work. Today, the Legacy protocols, the 542 00:29:39,800 --> 00:29:43,800 service accounts, you know, command line, tools, all these 543 00:29:43,800 --> 00:29:48,000 things that people actually targeting in a way that doesn't 544 00:29:48,000 --> 00:29:50,900 require you to change any of these systems because we sit 545 00:29:50,900 --> 00:29:53,100 behind your existing identity infrastructure. 546 00:29:53,700 --> 00:29:57,500 We detect threats Enforce the security controls so that we can 547 00:29:57,500 --> 00:30:01,100 protect your identities everywhere even in the places. 548 00:30:01,100 --> 00:30:04,900 Well, security for identity is not available today. 549 00:30:07,000 --> 00:30:09,400 And by the way, as you can understand from this, you know, 550 00:30:09,500 --> 00:30:12,300 short explanation. I'm not focusing on. 551 00:30:12,300 --> 00:30:15,700 I TDR, I think that in many ways, this is idea, but I think 552 00:30:15,700 --> 00:30:18,300 that people will slowly understand what I did there is 553 00:30:18,300 --> 00:30:21,000 and we can, you know, we can do, we can help them. 554 00:30:21,900 --> 00:30:24,200 And the fact that you guys are doing this, obviously helps 555 00:30:24,200 --> 00:30:26,800 people understand. But for now, we need to talk 556 00:30:26,800 --> 00:30:30,300 about the things that people really need to do and it's about 557 00:30:30,300 --> 00:30:33,600 securing identities. Will I think one of the biggest 558 00:30:33,600 --> 00:30:35,300 gaps? You know, putting itd have a 559 00:30:35,308 --> 00:30:40,200 site for second is the fact that modern identity security is only 560 00:30:40,200 --> 00:30:42,600 available for modern applications. 561 00:30:43,000 --> 00:30:45,200 It's available in the cloud in octane as already. 562 00:30:46,300 --> 00:30:50,600 But for the, for the Legacy infrastructure for the on-prem 563 00:30:50,700 --> 00:30:54,100 does nothing, people have to listen passwords and Legacy 564 00:30:54,100 --> 00:30:57,400 protocols in a tackles know. That's what the focus the 565 00:30:57,400 --> 00:31:00,700 command line tools, the file shows the service accounts in 566 00:31:00,700 --> 00:31:03,800 our machine to machine access the Legacy infrastructure. 567 00:31:03,800 --> 00:31:08,000 That's where they go. So this is the main thing we 568 00:31:08,000 --> 00:31:11,000 actually talking about today. I believe itthere is the future. 569 00:31:11,000 --> 00:31:14,000 I believe, this is what we're going to focus on this, what 570 00:31:14,000 --> 00:31:17,100 we're going to do, but right now to simplify this for the 571 00:31:17,108 --> 00:31:19,700 customers and help them solve a much more clear than immediate 572 00:31:19,700 --> 00:31:22,200 pain. My focus is actually on this. 573 00:31:22,900 --> 00:31:25,100 I'm telling them you already have. 574 00:31:25,200 --> 00:31:28,300 Eight Solutions, you know, I show it is a great solution, it 575 00:31:28,300 --> 00:31:31,100 has MFA in conditional access and everything, but it only 576 00:31:31,100 --> 00:31:34,900 works for your web applications, it doesn't work for all these 577 00:31:34,900 --> 00:31:37,300 things. I just mentioned, we can extend 578 00:31:37,300 --> 00:31:39,900 that because we work, with all these vendors, we can extend 579 00:31:39,900 --> 00:31:42,700 your Azure ad and agile MFA to these places. 580 00:31:43,300 --> 00:31:46,700 I didn't even mention, I TDR, or zero task to any of these 581 00:31:46,700 --> 00:31:47,800 Concepts. Thank you. 582 00:31:47,900 --> 00:31:51,200 It will actually help you achieve those things, all right? 583 00:31:52,000 --> 00:31:55,500 Because once you extend more than identity security, The 584 00:31:55,500 --> 00:32:00,300 everywhere, you will actually achieve zero Tarzan idea, but 585 00:32:00,300 --> 00:32:02,800 I'm trying to focus on. What are you actually getting 586 00:32:02,800 --> 00:32:05,500 what? What is not protected today that 587 00:32:05,500 --> 00:32:08,200 we will protect for you and I leave? 588 00:32:08,200 --> 00:32:10,700 I TDR and zero tolerance to these kind of conversations. 589 00:32:10,700 --> 00:32:14,500 Well, you know, I do hope that people will adopt these Concepts 590 00:32:16,200 --> 00:32:19,500 but I think people are tired of just seeing vandals, only talk 591 00:32:19,500 --> 00:32:22,000 about the buzz words, we need to talk about what the solution is 592 00:32:22,000 --> 00:32:24,200 actually does and how it does it. 593 00:32:25,700 --> 00:32:28,000 And that's really resonates with people. 594 00:32:28,000 --> 00:32:30,900 I feel like in this week was very, very clear. 595 00:32:31,200 --> 00:32:34,200 We just talked to people about, you know, what do you use today 596 00:32:34,200 --> 00:32:38,000 for MFA for identity security? And they will say, whatever. 597 00:32:38,000 --> 00:32:41,800 Vendor they have great probably works perfectly for your web 598 00:32:41,800 --> 00:32:43,300 applications, your modern applications. 599 00:32:43,300 --> 00:32:46,600 But how about all these other things, the Legacy stuff, the 600 00:32:46,600 --> 00:32:49,200 command line tools, the service accounts that's what attackers 601 00:32:49,200 --> 00:32:51,700 actually go because they know it's not protected. 602 00:32:52,000 --> 00:32:56,300 We can extend that solution that you already have or The and 603 00:32:56,308 --> 00:33:01,600 that's such a clear story that is letting them extend an 604 00:33:01,600 --> 00:33:03,800 existing solution that they already invested in. 605 00:33:03,900 --> 00:33:07,700 That gives them great results in one environment extend it to the 606 00:33:07,700 --> 00:33:10,400 out of. So if you ask me, what is the 607 00:33:10,400 --> 00:33:12,200 the easy way? What is the way I am? 608 00:33:12,200 --> 00:33:14,900 Expanding our product today. That's how I do. 609 00:33:14,900 --> 00:33:19,500 I think that We should really, I think every window should really 610 00:33:19,500 --> 00:33:23,200 try to focus on one of the clear issues that they solve and how 611 00:33:23,200 --> 00:33:26,400 they solve them. And yeah, we can talk about the 612 00:33:26,400 --> 00:33:29,900 concepts in order to educate the market, but otherwise it becomes 613 00:33:29,900 --> 00:33:32,000 too confusing for people to just heal these buzzwords. 614 00:33:33,300 --> 00:33:36,400 So that Simplicity in the language exo-k, explanation is 615 00:33:36,400 --> 00:33:39,800 something that is I'm finding to be more and more important 616 00:33:39,800 --> 00:33:43,300 because we get lost sometimes in Flowery language and it was you 617 00:33:43,300 --> 00:33:45,000 know, spend a focus here at the Gartner conference as well 618 00:33:45,000 --> 00:33:48,400 around storytelling and You know, really being articulate 619 00:33:48,400 --> 00:33:51,100 around the message, you've been really great through time and I 620 00:33:51,108 --> 00:33:52,800 just wanted to know if we have just a couple more minutes, I 621 00:33:52,808 --> 00:33:56,500 want to ask you more questions from like a CEO perspective. 622 00:33:57,300 --> 00:34:00,400 We were talking before we hit the record button and you 623 00:34:00,400 --> 00:34:04,000 mentioned something about retention and with where we are 624 00:34:04,000 --> 00:34:07,600 right now with great resignation and now quiet quitting, which is 625 00:34:07,600 --> 00:34:09,100 apparently, a new thing that's out there. 626 00:34:10,300 --> 00:34:13,600 What are some of the things that our secrets to success? 627 00:34:13,800 --> 00:34:16,100 And I'm sure you're going to show statistics, I hope you will 628 00:34:16,699 --> 00:34:19,199 around Round finding and retaining talent. 629 00:34:19,199 --> 00:34:20,900 Because I think there's a lot of people who are trying to build 630 00:34:20,900 --> 00:34:24,699 teams trying to find identity, people is really hard right now 631 00:34:25,000 --> 00:34:26,600 because you're taking care of hopefully the ones that are 632 00:34:26,607 --> 00:34:29,500 happy and if you're trying to build a team, the pool of talent 633 00:34:29,500 --> 00:34:33,800 is not as is not where it needs to be and I'm curious from your 634 00:34:33,800 --> 00:34:36,600 perspective, as you know, the CEO of a corporation, you know 635 00:34:36,600 --> 00:34:38,500 company. How are you doing that? 636 00:34:39,800 --> 00:34:42,199 It's very important topic. I think, I think everybody has 637 00:34:42,199 --> 00:34:45,400 this problem of talent in cyber security and identity. 638 00:34:46,800 --> 00:34:49,199 Its Oh, by the way, is something that is very important to me, 639 00:34:49,199 --> 00:34:51,800 specifically, like one of the reasons I actually started the 640 00:34:51,800 --> 00:34:56,400 company, you know, besides wanting to invent, you know, 641 00:34:56,800 --> 00:35:00,000 Heidi are in all these great thing is actually that they 642 00:35:00,000 --> 00:35:05,200 wanted to build a company that I would have liked to walk for 643 00:35:05,200 --> 00:35:09,800 like a place that is actually good for the people. 644 00:35:09,800 --> 00:35:12,900 A person who will people like working with each other and 645 00:35:12,900 --> 00:35:16,700 believe in what they do because I want to wake up in the 646 00:35:16,707 --> 00:35:19,100 morning. And go to a place where I enjoy 647 00:35:19,100 --> 00:35:20,100 what I do. All right? 648 00:35:21,600 --> 00:35:24,900 And it was very important for me all along to build this kind of 649 00:35:24,900 --> 00:35:28,900 culture where people really work together as one team without 650 00:35:28,900 --> 00:35:32,100 politics without ego. You know, just working as one 651 00:35:32,100 --> 00:35:36,400 team to the same goal and I think we were able to achieve 652 00:35:36,400 --> 00:35:39,400 that it becomes difficult when you go fast. 653 00:35:40,100 --> 00:35:43,000 So, you know, we've been going very fast instantly, you know, 654 00:35:43,000 --> 00:35:46,100 some of our teams like cells marketing tripled since the 655 00:35:46,100 --> 00:35:49,500 beginning of the It's hard to keep the culture. 656 00:35:49,500 --> 00:35:52,100 I still meet everyone who joins the company, by the way, before 657 00:35:52,100 --> 00:35:54,600 just do or even to interview them professionally. 658 00:35:54,600 --> 00:35:57,100 But just to understand that I'm not going to lose that special 659 00:35:57,100 --> 00:36:00,200 thing that we have. But I think the most important 660 00:36:00,200 --> 00:36:04,700 partner is just caring about the employees whether it's about the 661 00:36:04,700 --> 00:36:07,000 work-life balance or about the fact that they will be 662 00:36:07,200 --> 00:36:11,300 challenged with with interesting things to do, and just knowing 663 00:36:11,300 --> 00:36:13,800 that the company cares about them and then they care about 664 00:36:13,800 --> 00:36:17,700 the company, I don't believe in forcing people to Still the 665 00:36:17,700 --> 00:36:21,200 number of hours a day. And as people can, especially in 666 00:36:21,200 --> 00:36:23,400 the post covid World, it doesn't really matter. 667 00:36:23,400 --> 00:36:26,400 People can not do anything and you will never know. 668 00:36:26,400 --> 00:36:28,800 It's very hard to know. So the only thing you can do is 669 00:36:28,800 --> 00:36:33,400 try to make them kill about it and that's never about the 670 00:36:33,400 --> 00:36:38,100 product or the even the money. It's usually about the people if 671 00:36:38,100 --> 00:36:40,400 you work with people that you like and you feel like they care 672 00:36:40,400 --> 00:36:45,100 about you and you feel like management is Is in the same 673 00:36:45,100 --> 00:36:48,900 boat with you people, actually liked it and stay. 674 00:36:48,900 --> 00:36:53,700 We had last year, little more than one percent of people 675 00:36:53,700 --> 00:36:59,600 leaving the company, we have 150 employees and I think it's 676 00:36:59,600 --> 00:37:02,300 because of that. So half a person left. 677 00:37:02,800 --> 00:37:05,500 How did that work? No, it was, it was too. 678 00:37:06,700 --> 00:37:13,000 But I think that another part of that is just how we react to the 679 00:37:13,000 --> 00:37:15,700 changes in the mouth. It, you know last year was 680 00:37:15,700 --> 00:37:18,700 crazy. So many startups did crazy 681 00:37:18,700 --> 00:37:21,700 funding rounds with valuations that have nothing to do with the 682 00:37:21,700 --> 00:37:25,700 actual performance side and they burned the money with, you know, 683 00:37:25,700 --> 00:37:29,000 fancy parties and whatever. And it's, you know, great for 684 00:37:29,000 --> 00:37:31,600 them. But now when the market is down 685 00:37:32,000 --> 00:37:34,700 at all of these companies are letting go a lot of employers 686 00:37:34,700 --> 00:37:37,700 and I think employees understand that you know, it's important to 687 00:37:37,700 --> 00:37:38,900 be in the company that kills about. 688 00:37:38,900 --> 00:37:41,500 It doesn't go crazy when the market is too optimistic and 689 00:37:41,500 --> 00:37:44,900 doesn't need to overcorrect at your Expense, right? 690 00:37:45,300 --> 00:37:48,300 Because the CEO is probably still, you know, tell. 691 00:37:48,300 --> 00:37:52,100 But at the expense of some of these employees when things are 692 00:37:52,100 --> 00:37:55,700 bad, that's a great Point. Yeah, I mean, the other thing, I 693 00:37:55,700 --> 00:37:58,500 just wanted to point out is, as a smaller company. 694 00:37:58,700 --> 00:38:03,600 I think if you make it bad hire bringing the toxic personality, 695 00:38:05,000 --> 00:38:11,000 just the the is has a magnifying effect of how how much damage 696 00:38:11,000 --> 00:38:13,100 that can do. I mean that can that can hurt 697 00:38:13,100 --> 00:38:16,400 even a big Buddy right. But with a small companies just 698 00:38:16,400 --> 00:38:20,700 magnified so you interviewing everybody as they come in just 699 00:38:20,700 --> 00:38:25,400 to make sure that you're not going to upset that corporate 700 00:38:25,400 --> 00:38:27,600 culture. I think is just so important. 701 00:38:28,200 --> 00:38:32,500 I just want to hire people that want to walk in this mentality. 702 00:38:32,500 --> 00:38:35,100 When we all work together, we help each other. 703 00:38:35,100 --> 00:38:37,700 Even if it's not exactly. You know someone's 704 00:38:38,300 --> 00:38:40,500 responsibility is not exactly getting paranoid. 705 00:38:40,600 --> 00:38:43,100 People were help each other because we all want to achieve 706 00:38:43,100 --> 00:38:44,000 the same goal. Urgh. 707 00:38:45,000 --> 00:38:46,800 And I want to find people like that. 708 00:38:46,800 --> 00:38:50,000 It's not easy by the way, but there are a lot of people like 709 00:38:50,000 --> 00:38:51,600 that. I feel like we have a great team 710 00:38:52,200 --> 00:38:54,400 and I will not continue to probably interview everybody, 711 00:38:54,400 --> 00:38:56,900 right? But I can't ask my my managers 712 00:38:56,900 --> 00:38:59,700 and executive to do that. I think they get it completely. 713 00:38:59,700 --> 00:39:03,800 And I think it's it's something that the whole company believes 714 00:39:03,800 --> 00:39:08,200 in, I think but also part of it is this, you know, knowing how I 715 00:39:08,200 --> 00:39:12,300 make decisions that I'm being responsible with the company's 716 00:39:12,300 --> 00:39:14,500 goals and money, I think. Care about that. 717 00:39:14,500 --> 00:39:18,000 Think they want to know that. And we are very transparent and 718 00:39:18,000 --> 00:39:21,500 basically showing to the team, every quarter, the same size I'm 719 00:39:21,500 --> 00:39:24,100 showing to the bolt. No, just this is where we are. 720 00:39:24,100 --> 00:39:26,200 This is all the data. This is the bad things to good 721 00:39:26,200 --> 00:39:27,900 things. I think people appreciate that 722 00:39:27,900 --> 00:39:31,800 because they want to know that we're doing the right things and 723 00:39:31,800 --> 00:39:34,300 they can continue to believe in where the company is going. 724 00:39:34,700 --> 00:39:37,200 And I think the company is going in, amazing direction will be 725 00:39:37,200 --> 00:39:41,100 having great traction. Now the potential of this space 726 00:39:41,100 --> 00:39:43,600 in general, but also just just, this solution is so big. 727 00:39:43,800 --> 00:39:46,800 Big. But, you know, it's it's not 728 00:39:46,800 --> 00:39:51,300 enough a lot of the other part of it is the people like, people 729 00:39:51,700 --> 00:39:54,100 people, leave great companies all the time because because of 730 00:39:54,100 --> 00:39:57,600 people because of the pressure energy or that colleague at the 731 00:39:57,600 --> 00:39:59,500 the saying, the strata-ray Europe people. 732 00:39:59,500 --> 00:40:02,800 Don't quit bad jobs, they quit bad managers for sure. 733 00:40:03,500 --> 00:40:05,700 I think this is really good advice for your we're talking 734 00:40:05,700 --> 00:40:08,500 about building company but a lot of times you're building teams 735 00:40:08,500 --> 00:40:10,800 within a company and this is great advice, you know, build a 736 00:40:10,808 --> 00:40:13,600 team that you want to be a part of, you know, could have said 737 00:40:13,800 --> 00:40:15,700 Myself and you've been very generous with your time. 738 00:40:15,700 --> 00:40:19,600 So I want to let you get back to the show but really appreciate 739 00:40:19,600 --> 00:40:21,500 you being here. I think you know for folks who 740 00:40:21,500 --> 00:40:23,800 are listening out there, want to learn more about solar Fort 741 00:40:24,000 --> 00:40:26,800 silver fork.com, I'll include a link in our show notes. 742 00:40:27,700 --> 00:40:29,500 Hopefully you're okay with you know connecting with people on 743 00:40:29,500 --> 00:40:32,200 LinkedIn because like those send out those LinkedIn connections 744 00:40:32,200 --> 00:40:35,200 directly happy to talk more about any of these topics. 745 00:40:36,200 --> 00:40:38,700 Thank you so much for inviting me and also for doing this. 746 00:40:38,700 --> 00:40:42,600 I mean, I think it really helps people in the industry to learn 747 00:40:42,600 --> 00:40:46,600 more about these things. So thank you for having me here 748 00:40:46,600 --> 00:40:48,800 and for doing this. Really appreciate that. 749 00:40:48,800 --> 00:40:51,000 Yeah, well, hopefully people are listening out there and if 750 00:40:51,000 --> 00:40:52,300 they're not, we'd still be doing it anyway. 751 00:40:53,100 --> 00:40:54,500 All right, we're going to go ahead and wrap things up a 752 00:40:54,508 --> 00:40:56,900 little bit here. Thanks again, to the RSM team 753 00:40:56,900 --> 00:40:58,100 for. Hooking us up with this nice, 754 00:40:58,100 --> 00:41:01,100 sweet guy, Z and Daniel are over in the other side of the room, 755 00:41:01,100 --> 00:41:03,900 being quiet as mice. Watching the magic happen for 756 00:41:03,900 --> 00:41:07,200 identity at the center, you can find us on the web identity at 757 00:41:07,200 --> 00:41:10,700 the center.com. We're on Twitter at IDC podcast 758 00:41:11,000 --> 00:41:12,000 and we'll have to leave it there. 759 00:41:12,000 --> 00:41:13,600 Thanks everyone for listening and we'll talk with you. 760 00:41:13,800 --> 00:41:19,100 On the next one. Thanks for listening to the 761 00:41:20,100 --> 00:41:22,000 podcast. If you like what you heard, 762 00:41:22,000 --> 00:41:26,500 don't forget to subscribe and visit us on the web.com.