Identity and access management welcome to the identity at the center podcast. This is Jeff and that's Jim. Hey, Jim hey Jeff, how's it going? Pretty good. Good, you getting ready for vacation next week? Oh wait.
You know, me going on vacation to a hot spot of, please, please do not contract anything because I'm going to be swamped if not if so. You know what I find ironic though is I'm going to Florida for in because no, and I booked it like three months ago when it looked like Florida was the safe place compared to New York and New Jersey well. Now, New York and New Jersey are saying, hey, if you're coming from Florida, you're going to need to self quarantine for two
weeks. Well, isn't that ironic? Yep, that's the way it works. We're doing a great job of containing this but I don't want to get political on it because like everything else. It's now everything is political political except The Insider threat.
That is still a political I'm excited about having that as, you know, our main topic today and, you know, I've always felt like, oh, maybe maybe does get political but I've always felt like it's an ignored area because it Take the focus is so much on getting hacked from the outside. And, you know, since I've been in it that the standard approach has been hard, crunchy shell and kind of soften the inside.
In other words, have a firewall really guard, the perimeter of your network and then trust the people inside, heck, Jeff. You and I work with clients all the time where we hear, you know, well only we only have this number of people with administrative accounts and what it boils down to is. These are the people that we trust, but The Insider threat is very real. And, you know, we we have one slide that we pulled from the Gartner, IM Summit back in.
Nineteen feels like a century ago, but back in 19 and it talked about you know, the percentage of actors who make up each data breach and was the Insiders are like over 30 percent so it's a very real issue.
Shoo. Yeah, I think that traditional thinking of the you know the M&M right, the crunchy shell and the soft gooey Center is something that was you know 20 years ago you know maybe even ten Outta ten years ago but you know this whole zero trust framework has come about what you think is good and you do have to watch the out for The Insider threat, a third of a tax, you know, roughly come from the inside and it's typically you know you don't want to You don't really
care about your normal users other than as a means to an end, right? They want to get into the accounts that actually have access to things that are important from a data perspective or from a social engineering perspective, right? If you can breach the executive account, you can pretty much ask for whatever you want, people give it to you. So that's one way to do it.
So, it's a good thing that we're talking Insider threat because we also have a guest today we have for preamp security film analysis. Welcome Phil. Hey, thank you. Great - yeah. So we know one of the things that we like to get into with all of our guests as before we get into, kind of the topic here is kind of their background and I am and you know what? They've been working on and maybe we can start there Phil. Where did, how did you get into? I am.
Let's start there. Sure. So I started my career in and really software engineering and post sales Professional Services. And then when I started in, I am was about 10 years ago. I joined a company called in Privada, which focuses on strong authentication and single sign-on for hospitals and Healthcare Systems. I wanted to get into pre-sales engineering so I started there as an inside SE and then moved
into selling in the field. After a couple years, then started to manage a team of about 82 Tennessee's from there. I had a year in network security as a little bit. Gap but then I missed it so much. I came back to I am focusing on security where I am now at cramps. She actually started with I am, which is kind of interesting because most of the folks that we talked to Lisa and my experience my.
So, my theory is that most people who are in, I am didn't start there, they started somewhere else, and then kind of fell into the, I am space. So, thanks for pulling that up for me. Appreciate that. What? So I was a software engineer. I was on the post Hillside that. That was, that was not. I am that was complete, so it's for your theory. Does still stand. Okay, good safe. Appreciate you. So now you're a preamp security, can you tell us a little about what preamp does and what you're
doing for them? Yep. Preamp. So Prim takes a, look at your users identities. Just behaviors the different risks are user or an endpoint has and combine those all together to understand where the risks in your environment. How can we proactively address those risks and then putting in place, the ability to do things, like, trigger MFA or conditionally block access when rules are in place to to decide the user shouldn't be doing what they're supposed to do.
Doing, or maybe they're doing something suspicious or malicious. That should be contested. So, basically the perfect person to have on to talk about Insider
threat, huh? So there's a report that you guys are now we're working on and you guys have been kind enough to, you know, share maybe some stats before that gets gets out there and we'll have a link to it as part of our show notes for people who are listening out there, I know that you guys have been working on this for a while and it's around the hidden risks of Workforce identities. Maybe we can start with that.
You know, are there? Either you know what's what are some of the key findings that you think you took away from what you might find in that report? I think some of the biggest ones that I was surprised by were just taking a look at users and all users in general. We could found that 10% of all users were found to be high
risk. So whether it's a privileged user, a regular user without privileges, a service account ten percent of those users had risks associated with them that considered that user to be high risk. So things that contribute to high risk, things like does the user is the user using a compromise or weak password. That's been part of a known. Breach, our are their password policies, not strong enough. So do they have a password policy that doesn't require? Let's say, over 10 characters or
the complexity is minimal. So those are just a couple of examples of Factors contributing to high risk, users one other one. Other stat. I thought that that was that stood out. 15% of accounts are still authenticating with with ntlm every week. That's a week, Microsoft active directory protocol that has been replaced by by Kerberos, but there's still plenty of applications out there that require Or ntlm.
So the fact that that that protocol is still out there and still is being used not just by regular users, but by privileged users as well, really exposes them to two different types of attacks. Yeah, ntlm is really kind of designed for interoperability, right? So a lot of, you know, that's what happens when you try to try to do too much with one thing, right? You're trying to make things Backward, Compatible.
You have to inherit, maybe some security weaknesses that come along with that Jimmer. You say something cause you're saying, you know, pretty much exactly what you said, but I was also going to say that ntlm and teal and man I guess antisense for new technology, right? Because that package And T 3 .5 + NT 4.0 days. That was new technology. But ntlm has been around for a long time, right? And one of the ogs right, when it comes to Windows authentication. Yeah.
It's oh gee. Okay. I think maybe they need to Rebrand. It may be new technology isn't the rate monitor for it? But I think it's too late now. Yeah. A ilm. Yeah, so it's definitely something Felton plan, man. We make it sound very new. Four against a film. Sorry. I was just going to say, we're, you know, we're definitely seeing customers, trying to remove the amount of NT elements used in their environments. And it's, it's a struggle.
It's hard to to, to fight that battle and understand who is using that protocol where it's being used, where it's forced to being used. We see a lot of security tools using using ntlm and requiring ntlm. So it's a, it's Like the password. It's it's it's something that will will be around for a while. Let's try it. We're trying to remove it from an Enterprise's but it's a tough thing to to completely abolish.
Yeah. Especially because a lot of these accounts, maybe our service accounts, right? Or things along those lines which may not have multi Factor associated with it, because of the nature of it, right? You don't have a service account. You have some, some poor guy out there with the fennec are just going off. Every second to approve everything. So, you know what? I guess, maybe we should kind of work its way backwards from.
So if you've got an ntlm, hash right, where the Kerberos ticket might be going against, that's something that can be exported out of an organization and you could run Brute Force attacks on that. Is that right?
That's right. So, one of the, one of the common attacks that we see is an attack called Kerberos Ting and what that is. Where you typically service accounts have what's called an ESPN associated with them, a service principal name that allows them to uniquely identify them and allows them to request an application to request that service authenticate and what users can do? It's in. It's a very any user can do. This is request all the accounts in active directory.
That has Of an Espeon associated with them. So it could be a service account, it could be a human account as well. So once that's done requesting those, those Kerberos tickets for all those users who is where is Aunt, was where an attacker can can take those tickets and attempt to correct those hashes offline, The Brute Force.
So if any of those users, whether human or service account has a password that is is weak because of Having a bad password policy or its week because it's been compromised, or part of a known bridge that that password, or that hash can be easily cracked. Yeah, I think, you know, I think that's really important for people understand is that this
is an offline attack, right? Once you've exfiltrated those password hashes, you can spend as much time as you want, trying to crack it. And, you know, those accounts or those, those hashes I should say, without ever, you know, coming up on anyone's radar essentially. So, really, the key is to kind of catch people who are requesting, maybe the ESPN's within an organization, right? Or requesting in a normal amount.
Out of Kerberos tickets, you know, those sort of things to try and, and identify a potential, you know, compromise kind of incident. So I think that's, I think that's really important to understand is that you said something, he there is that, you know, any active directory, user can request it. Right and active directory users
are typically insiders, right? So you know, if you've got someone who is either assume the identity of one of your insiders or one of your insiders and is looking to do some damage, you know that's a great way. To kind of work on it on your
own time and come back. And, you know, if you especially if you've got service accounts that are using weak passwords or cracked passwords, this is why you want to have really strong passwords for those accounts that are randomize and never used anywhere else make it. You don't want to make it easy for people to kind of roast you from the inside.
And it comes with all the time when when customers conduct pain tests could roasting is one of the most Common techniques used by pentesters and usually is one of the findings that they have where they were able to successfully, grab an account credentials through through that type of attack.
You know, I learned to inject here, jet to just kind of talk a little bit about motives because I think sometimes when it comes to this, it's maybe a little bit, esoteric, for a see, CEO of a company that hasn't traditionally thought of themselves as a Target. Right?
They the Banking and Financial Services industry, has long held themselves a Target because hey, if I steal banking information from people or I can turn that into getting money but it's really the information that leads to either the financial crimes and pack. I mean I think what we're seeing going on in the world not just recent events but just over the past couple decades is is really that there's there are other motives than just Financial crimes Financial crime.
Still leads the is the majority. But you know just getting data about people. You know and stealing emails and things like that, you can either blackmail a company which of course the financial crime or you can just embarrass a company. And there are a lot of clients that we've worked with, who are very afraid of kind of having a Sony type incident where their emails were dumped out on the dark web. And, you know, it just really hurt their company from like a Branding perspective.
But I've talked to seizures before. He said, you know, we're not a bank. We make food, but as long as you are, the keeper of private information on, you have social security numbers, maybe you have even more more sensitive pii data, you could be a target for these Insider threat. So I guess the long and short of it is that I can't imagine any company that this isn't kind of an ace. Recent issue too. And I think everybody is listening. Should take this very seriously. Absolutely.
And I guess what I'd like to do is complete the pick, this kick this back to fill because you're working a lot of inside threads. What are you seeing in terms of industries, that seem to be more interested in this versus Industries, who are investing Less on The Insider threat or you see it pick up across the board? I think it's, you know, I think across of all the industries of think Financial Services is probably the highest, but really the, the the interest is across
the board. It's an issue in any vertical, and we're seeing that as we work with our, with our customers, it's Insider threats. It's its external threats. It's really It's something that every customer and you mentioned
that the Foodservice industry. Also the retail industry Healthcare there are there are there's data to be to be taken and and to be sold and whether it's for a malicious intent or whether it's for just somebody snooping, its users are are trying to access things that they're most likely not supposed to be in the find ways to do it, and that's it.
Back to service accounts. That's that's something that we often seek service accounts have elevated, privileges typically to do the tasks that they were, they were made to do, but there's a human that that has access to those service account credentials and sometimes the leverage, those credentials to perform their job quicker or easier because the credentials are available to them through that service account versus not having them too. Their own account.
So it's definitely understanding what a service account is doing
where it's going. What it's what it's accessing is is very important, especially how that, that service counters authenticating is it, is it doing that scheduled tasks or what it was meant to do on a scheduled basis or is it logging interactively be already P or an interactive logon where someone's actually using those credentials in a way they shouldn't be I think he's hit one of the things that Jim, and I see quite a bit when we're working with organizations
around privileged accounts is in service account. Specifically is a lot of these have passwords that I have been hard, coded, or set and are not change very often.
So if you have a user, who knows what that service account ID and password is, if it can be difficult to change it certainly in a timely manner, unless you've got tools in place that are helping you manage your Privileged access and, you know, people may walk out the door with that access then may keep it for a while until either the discovered or someone says
change the password. So, I think it's a port from a hygiene perspective to understand, you know, as a privileged access management keyholder, if you're responsible for those types of keys is to make sure that those are being changed on a routine basis. And you know that when you have a, you know, termination event type thing that anybody who It had access to that, that you make sure that you definitely
change those accounts. Yeah, I say we see that everyday wear and application was brought in to an Enterprise and back in 2005 and then a service account was created specifically for that application. It was set with, you know, high privilege, has a password set to never expire. And then, Here Comes 2020. And we see that that same the the password has been Unchanged in 15 years, it's still set to
never expire. And now it's been part of a known Bridge. So it's considered a compromise password so the combination of the high privileges not being changed in a long time, not needing to be changed and the worry of an Enterprise to change that password because they're nervous about what they're going to break if they do change that password because they don't know what that service count is
doing. It's a very real concern but it's also like if you have a house and you know you know your electric bills $200 a month and you know that there's all these leaks you've got to go around and start sealing them up. You can't just say there's so many leaks in this house that will never get to the mall. So we're not going to do anything because they think if you go around and you close up, you know, 50% of leaks, you're going to drop that electric bill
quite significantly. You know, I think that's one way of looking at it. It another words what I'm getting at is that you don't have to be perfect to be better and I think that's a big thing. That holds you back is that the enormity of the problem the enormity of how do we get our arms around this situation. We have so many service account you mentioned that service account after. And I know this this area very well.
We're their service accounts. Like where are all the places it could be it's being used and things like that. But You have a service account seeing around for long enough. A lot of people who are no longer with your organization potentially know that password or a potentially that passwords gotten out on the internet, probably the passwords very we could be could be proved forced potentially.
If that comes back to those part of a breach, you can bet your bottom dollar, they're going to change that password. So they're going to figure out a way to Julie. So why are we eating till After the breach has occurred, that's unfortunately, that's what we see a lot in the industry is that when two things get taken seriously, after they've gone too far right after a breach has occurred. Now, we're going to take it seriously. Well, you know, too bad, we take it seriously before that, right?
It's understanding where those those risks are as far as, from a user perspective or from a, an end point perspective and Proactively cleaning them up just you know you again like you said, you can't be perfect but it helps a great deal if he can do it ahead of time before before something bad happens. One of the things that Jeff and I talked about a lot because comes back in various reports and surveys that are done is how long it takes to realize that a breach has occurred.
And I don't think that the numbers are consistent because there's a report that came out recently that you know shortened versus what I've seen in the password. Just, you know, I'm on the magnitude of six months plus to discover breach, but I think, you know, when I think about what has happened in, I am over the past five years, the definition of I am is changing from who has access to what to who has access to, what plus was being done with that access.
And that's to me, you know, really the next Frontier Choose ensure, you know, expanding our scope to buy and not just to make sure that the right accounts have the right access and we have shown controls or who can log in. But then monitoring the use of that access and being able to, you know, Define patterns for normal behavior and identify when that normal behavior is not being followed.
So, you know, today, this account that only logged in as a sir, Discount once in a while logged in through the VPN, it's a legit through the VPN before. Whoa. Well, maybe somebody better look into that, right? And I think that that's, that's the biggest change I've seen in I am recently. I think there are a lot of things happening with AI and and things like that, but to me the understanding of what identities are doing on the network is
really the big next. Sure. And it helps with Insider threats and it helps with external outside or breaches as well. Man if only there was a podcast that you know, focused on identity and why it's important cheese where can I find something like that? I don't know.
There's one that's been around for about a year it's going up on that but I you you bring up a really interesting point in that is that, you know, identity really is at the center of a lot of these things, especially when it comes to threat detection, Phil, what kind of role do you see identity playing when it
comes to identifying threats? It's so one interesting stat I saw her recently was that 80% of the text breach, the identity store or credential compromise or an Insider using credentials inappropriately, so focusing on identity based attacks just makes sense. It's if we're seeing the majority of attacks or on this the identity side, it's obviously the best place to start to start to look at.
How are we going to detect these different types of attacks and also prevent them prevent them from continuing on prevent them from from moving across the network? What are some of the things that organizations can look for when it comes to Identity and trying to find, you know, indicators of
compromise? So really things like as Jim was just mentioning before being able to identify a user or an endpoint user, typically accessing servers, a b and c. Now, all of a sudden for the first time ever there, They're accessing server D, is that something that is should be allowed? Should we should? Do you want to take an action on that?
Do you want to alert somebody, the fact that that happened trigger MFA should up block that access being able to see again, starting with visibility understanding where the risks are in your environment on a per user per endpoint bases. Being able to clean that up as much as possible, but But where you can, when you see indicators where somebody's doing something suspicious being able to take, take an action on that Jim, what
about you? What do you see as some other ways to look at identity and figure out if there's maybe a potential incident? Well I think you know, again kind of I think where I get energy comes into play is that in the past, were we Had like a sock or knock focus on wear breeches. May be taking place, it's been IP based, so it's been devoid of the context of identity. We've looked for, hey, there's some weird activity that's coming from this IP address across our network.
But it said, identity context, that tells you whether or not that fits in from a user Behavior, Standpoint and to me, that's really the key is Larry and identity, like I mentioned earlier with the, you know, they're both important IP is very important as well because you have a computer that all of a sudden is like scanning the network. It doesn't matter what I didn't either using, that's a problem.
Pray, that's a potential compromise that has happened within your within your network, but I mentioned that idea of okay, we Service account that logs in I don't know twice a year because that's how often those servers give rebooted for example and all the sudden the logs in from the VPN, you know, that one time event of logging into a VPN for an IP standpoint. Doesn't look like any kind of issue at all.
Especially if the login is happening from some, you know, normal location either, you know, within the home country of that of that company or If the global company, who knows there's no there's nothing about that. Login, that looks suspicious until you take the identity context and wrapped around it. So to me that's what's so important around. You know, Building A View From identity standpoint of what is normal behavior so that you can then identify, what is abnormal behavior?
I think those building blocks are really important, right? You have to have to know who has access to what and then what are they doing with? It is really important. I think it also to it like I am hygiene when it comes to inactive accounts dormant accounts.
Right. A lot of times you have accounts out there that haven't been used in a year, two years, three years and people are afraid to remove them or you know, do whatever to clean them up because of the potential impact of what it might cause versus, you know, the Of what could happen if someone gets ahold of one those accounts that there's I think there's a lot of different ways that the identity
plays in that. Is there any difference between trying to figure it out at the identity layer versus maybe just taking a log based approach? May be something like through a Sim or a tool similar on those lines. I guess. Phil. Maybe that's a question for you, sure. So when you when you're able to look at it authentication as it happens at the protocol level. So looking at Things like in parade active directory as an example.
Ntlm, Kerberos ldap held at best understanding and having the advantage to detect things that are, that just aren't as easy to detect when looking at logs, things like attacks. Like pass the hash ntlm relay, we talked about curb roasting log based analysis is going to always be primarily detection. Tried to take an action and stop something suspicious and potentially malicious, that happened minutes or hours ago. It's just, it's just way too late.
You need to be able to, to, to Really prevent something from from happening or prevent it from continuing to happen quickly. You really need to, to be able to look at the the authentications as they're
taking place. Yeah, I think this is where artificial intelligence and machine learning is really kind of become a Force multiplier for security operations and other folks who are looking at this because I know that my past one of the things that had been historically challenging as trying to find those needles in the haystack right? When we're looking at tons of logs all day long right?
Need help and this is an area that you know, robots do really good at spotting patterns and helping kind of fluff things up the top not perfect, but if they can reduce the The chaff that's out there, it makes it easier to respond on approach to and you know in a fully mature and you know, Cutting Edge, I am system or I am program where you've got a bunch of different
Technologies working together. You can even automate some of those things where, you know, maybe you do see a service account login through VPN for the first time ever, and you've got that connected up with your IGA, in your, your privileged access management systems and you do something about it, right? Maybe you change the password on it or you disable it or, you know, throught and Fay or something on those lines to try and mitigate those attacks.
Yeah, it's it's something. Where you know, if you're if an analyst is receiving Ten Thousand Words a day, it's going to be hard for them to decide which ones to react to and respond to an investigate. It's much easier to after the fact, after the incidents occurred to look back and say, oh, okay. Oh, we did detect this in our logs, but it was one of 10,000, which we didn't catch. So the Fidelity of the different types of awards that you're receiving, has to be, has to be high.
Yeah, absolutely. I think that's, I think, I think that's just, it's super important, right? If you can find it, you need to know what to do about it. And I think the f is a big part of the of the problem. Some are there, any specific types of threats that I'd any information that can help stop? Whether it's at the credential or the identity store level? Just looking at the Deep look at the identity store on its own provides, a ton of useful
information. So just understanding that the basic ability to understand who your privileged users are not the ones, not just the ones that are easy to find, you know, in, well, defined groups like domain, admins Enterprise, admins account operators but also the ones that are considered, you know, what we call Shadow admins are stealthy admins ones that have been granted, privileges. Images, individual delegated privileges over time. Do they still need those privileges?
You know, they might have had a role in a company where they were part of the helpdesk team and they were resetting passwords. Now, they've moved on to a, maybe a customer success for Professional Services role where they don't need that, that privileged anymore, but it was never taken away from them. So, being able to identify the Privileges of a you User of all your users and being able to decide. You know, does this user still need? This privilege is super important. Absolutely.
I know we're coming up on time here and certainly appreciate you helping us out with this topic. I think cover roasting is the word of the day just because it's a great use of it. But before we wrap up here Jim, do you have any things you want to add to what we've discussed so far today? Yeah. And a couple thoughts on those holding onto your. So one of them is just, you know, I think we have a lot of,
I am practitioners out there. And I, you know, I think about what your question there earlier of, you know, logging and to me where you get your value from logging as what goes into the logs, like, what are you, what are you collecting? Is it just basic information? Or is there more to it? I think, isn't I am practitioner. It's our responsibility to establish a self-service, or a shared service, that is clear. Easy for application teams to
use. And to make sure that they're logging the information that we need.
Once we have the data, we can start to use the technology in the AI in the machine learning to give us value, but there's the whole thing, which is that, as I am practitioners, we don't control the applications and we are beholden to the applications at some level to provide us, the data, the logs, and so I think It's our responsibility to make it available which also leads me to think about another responsibility that we have, which is that, you know, we have audit using the air quotes
because there's a lot of different names where audit professionals, whether it's, your security risk, whatever you want to call it professionals within our organization, who play an oversight role as a kind of checks. And balances to what we what we do in I am Or what applications are doing and we're kind of the middleman making it available
for audit. So I just someone our listeners not to forget that we need to design system so that it serves the purposes of those checks and balances because ultimately at the end of the day it's providing services to Applications but it's also making it so that it's secure and the audit professionals play, a key role in that and kind of making sure that we understand their requirements. Moments, that usually, they're pretty technical people but not
the most technical people. And so we need to kind of frame things in kind of their business language. So that they can take the security information and make and be able to perform their activity, which is a checks and balance over over what we're providing. The last thing I wanted to say was just, you know, on the whole Insider threat thing. I think what should be very Very clear take away. If it wasn't already in your mind is that you know the trusting of people is is
Honorable, right? But within our industry and with in what we do for a living trust trust but verify I guess is you know it's a the catchphrase they often goes to this but trusting people is is not the way to go. I always go back to a story of I work for a company and there was a you know it's a little old lady. The grandmother brought in In chocolate chip, cookies and worked for the company for 20 years. And everybody trusted her. And for 20 years, she was embezzling money from the
company a little bit at a time. And that just goes to show you. If you can't trust her, you can't trust anybody. And when people have super administrative rights and they've been with the company for 10 15 years and they talk the talk and you just you still need to have the checks and balances and you still need to have the good governance processes over your identity and access management.
Information security as a whole. So that's what The Insider threat thing is all about is just because somebody works for you just because they've been a loyal employee doesn't mean that they're not doing things in the background, like Phil said, maybe it's for fun, maybe it's 44 game and, you know, really doesn't matter. People should be, you know, following the rules. I'm not not breaking into systems and things like that. So that's all I had to say about
that job, okay? Okay, I want to make sure that we're very clear here too. Is that chocolate chip chocolate chip? Cookies are totally fine to bring to the office. So don't take away that. That was that. That was - it was the embezzling part that was bad. The chocolate chunk, Ledger, good, glad you cleared that up. I'm sure people miss that point. All right, Phil anything you want to close up with, yeah, just to add to Jim's. Comment, a lot of times, insiders might be doing something.
Suspicious, or malicious and intentional, but oftentimes, it's completely unintentional. It's a mistake, they access something. They did something that they shouldn't have done, but it's not something that they were doing on purpose. So, you know, like you said, trust. But verify, make sure that the the user is is what they're doing is even though they might not be trying to do something harmful. If you can proactively stop that from happening, that's that's ideal. I think trust.
But verify is, is really important. And I like it, you said that, because I first heard that phrase many, many years ago from for mercy, so that I worked with Jim Kelly and that was kind of the motto at the time was trust. But verify, and I think that's stuck with me, you know, through the years is that trust is good, but you need to make sure that things are still being followed from a real perspective, I'm glad you brought that up. So that's good.
With the hottest hitch. Phrase right now. Jeff is your trust zero? Trust is zero trust but verify. There you go. That's the next extension. Yeah. All right. Well I think that's a pretty good spot that we can leave it for this week. Phil appreciate you taking the time to spend with us. I know that you're on LinkedIn and I'll be sure to put that profile on our show notes so that way people out there have questions, you know, for yourself or for preempt, they can get a hold of you there.
And looking forward to those findings getting published on the preamp website at some point and we'll provide a link to that as well. And the show notes and for folks who are falling off the show, you know, you can always visit us at identity the center.com and we'll go ahead and wrap it up for this week and stay happy and healthy, everybody, thanks for listening. You've been listening to the eye. Identity of the center podcast for more episodes of visit identity at the center.com.