The good and the information economy as a rod. The world is teeming with innovation as new business models reinvent every industry. Inside Analysis is your source of information and insight about how to make the most of this exciting new era. Learn more at Inside Analysis dot Inside analysis dot com. And now here's your host, Eric Kavanaugh. Keep each other, we have some all right, lady and gentlemen, Hello and welcome back once again, so the only coast
to coast radio show all about the information economy. It's time for Inside Analysis. Your truly is here with a very special guest. Che a problem that never goes away and never will go away. It's always going to be a challenge. It's changing by the day. We're talking to Archer goes it called bright if it's b R I T i v E. Security. It's one of these issues that only a handful of people at the company ever really care
about it. And my British business partner one time cracked a joke. He said, there's only one person who has about scape goat, meaning the person who was in charge of security just gets blamed when something goes wrong. And they've like us, they do the same kind of stuff. But one of the more clever comments I've heard about. I think this is very, very true. I'm sure you'll agree with this, is that security is not a thing. It's not one object. It's not a technology, it's not a
process. It's a whole amalgam of education, of protocols, of technologies, of observability, and just paying attention. You have to pay attention all the time, but this stuff. And I can tell you, folks, in the last four or five months, I've had my corporate debit card hacked twice, which is annoying. Once is okay, because that way I can see
and remember all the stupid things I've signed up for. You get all the emails that, oh, your credit card was declined, like, yeah, I know, because it got hacked, and I didn't really want to go back to you guys. And luckily the legislators around the country here in America at least, have done some good work in not allowing these organizations to keep hammering you with late fees after it goes away. These days, you just
don't get your service anymore and it goes away. But nonetheless, the secure issue is to not be important, so you always need this cocktail of technologies, processes, and then even still you're going to get hacks sooner or later. So what's your path to remediation? But if you choice words or tell us a bit about yourself and Bright Eve and how you got into the space and what you folks are doing. Yeah, thank you, thanks for having me here. I got into security, and back then it was more about
network security or it security as they call it. It's certainly involved quite a bit since then, it's become you know, arguably even at board level here that you know that we see today, you know, hacks or attacks just network breach to steal some data to one. Cyber warfare or cyber crime and ransomware is one that is so lucrative these days for the criminals and so disruptive for many companies in the industries. Right, So it's a very different world
today that we live in. Before this company, before Bright I've I've been in a space mostly from consulting and services industry in that industry and started ten years ago in identity and access banishment services space event truly which led you know, excitive that can brentifically problem in a space or cloud public cloud technologies and building a product to the market that helps reduce the security risks and the market
that helps reduce the security risks and vulnerabilities that are preventing businesses from adopting and expanding their public clouds consumption or their clouds adoption. Right, well, let's let's talk about how you do that, because there are lots and lots of ways, and I do like that you're focused on identity management because, let's face it, if you're trying to log into a system, the system is trying to understand, okay, are you the person that you say you are?
And historically that's been largely done by passwords, which of course is a pain because you have to remember the passwords, and a lot of people use the same password for everything, and that, of course is putting yourself in jeopardy because then folks can hack in and do all kind of stuff. And you know, it was my business partner, doctor Robin Blore, who years
ago taught me that this whole crime network is not just individuals. In fact, the whole narrative around the guy in the hoodie being the one who's going in and hacking your system is very disingenuous. It's not a guy in a hoodie. Sometimes it is, but usually there's this whole industry involved. There are people who specialize in getting access or people who specialize and exploiting that access,
and then we'll just kind of sell their access to other players. And then you have cases like the Colonial Pipeline, which some folks may recall a while back before the Russian invasion of Ukraine took down the East Coast's ability to get gas to gas stations. And you know, when I saw that, I thought to myself, this is an active war. This is not just some ransomware. And the government has never come out and said that, but
I believe it was an active war. And it goes to show you how vulnerable we all East Coast, and that will be a very significant inconvenience and in fact put people in jeopardy, right ambulances, things that can't get gasoline. That's a pretty big problem. So it's not just individuals. I mean, to your point, there is cyber warfare that goes on state sponsored actors, and I think the folks at Google and Facebook and Yahoo and these other
big organizations certainly work very hard to stop all that. But maybe tell us about your role and how you fit into this bigger picture. What do you do to enable identity management that you can then sort of provide to all these cloud providers. Yeah, that's that's very very good background, just kind of how you've illustrated like the state of the world really and I why identity was so important and why we decided to really invest in building in technology. There's
a very important thing to talk about here. With the clouds technologies and adoption of public cloud, there was a huge change in paradigm shifts really in the in the world of you know, security and identity. Specifically back in when everything all the critical itasis when the day to data center from outside in so there was a perimeter aside from the world of course, but there was a perimeter security network you know, firewalls and ideas and so one, and identities
existed inside the firewall. With public cloud, that was a complete opposite. They essentially became the first and last line of defense when we could clouds infrastructure and applications. It's fun that became the first and biggest secure elements to protect. And what that means from like examples should give of course Azure and GCP
and AVS. They all have pretty robust security controls and identity models. The challenges for any organization that operates across different technologies and they also operate top of the of the cloud providers infrastructure to build their own security and controls across the different providers, and they're not uniform. Azure security is very different than AVS and it's very different from DCPPE when it comes to how they protect the identity
and how they protect the access. That's why Right came to market with a solution that works across the cloud providers. Another very important thing that we did, and this was something that we saw as we were entering the market,
we saw a huge issue what we call these overprivileged access. So a lot of times organizations with intention to bring us and lookt to support their businesses and growth, we really had to do things from secure amppoint in a way that we're not ideal, like giving a lot of access to users assuming they're going to need that or they may be needed at some point but no longer needed later. That created this exposure risk, exposure when access existed but nobody needed
it. Well. Of course, attackers love that situation. That's why you started seeing breach after breaching Capital One was one of the earliest, like clouds privileged access breaches that we came to the problem that we noticed early on how the current access or the traditional access model didn't really translate well to cloud. What I mean by that is when you give somebody access with assumption they needed twenty four by seven, an access always sits there and the only thing that
prevents somebody else to gain access is a login name and password. It's a terrible security and it's a very vulnerable security. So we decided to change that with Brighter. We really kind of invented the new to eliminate everything when the user doesn't need that access. So when it comes to human users, none of us can sit in front of a computer at twenty four by seven by sixty five, right, We can do our job for an hours, but
after that we don't need that access. So what Brighter does is automatically grants that access when the user needs but also removes automatically when that access is no longer needed until the next time the user needs it. That's a massive reduction
of the risk exposure and then attacks surface. Yeah, well, and I know for sure that one of the things that you could do to better secure your environment is to identify where someone logs in, what office are they in, are they in a different office than they normally are in, and that would be in a profile around the user. So the identity management of Chuck, let's say, is that he dials in from Pittsburgh, Pennsylvania. That's where he works. And if he goes traveling somewhere, you know, wouldn't
it be great to know that he's traveling. And of course these banks have systems they don't always work very well when they say, hey, are you going to be traveling and you say, yes, we'll be traveling to Austria next week. So if my credit card comes across in Austria, it's me, So don't block me out when I'm trying to log into my systems from Austria. Well that's a nice way to do it, but it's expensive,
it's a bit time intensive. But these days it seems to me it should be relatively place to identify the pattern of what is normal, And the normal pattern for Chuck would be he logs in at nine am, he logs out at five pm, kind of deal. And if he logs in at two o'clock in the morning, well, maybe you kick in an extra security loop to say, hmm, are you really you? And of course people know these captures. The captures drive me completely bonkers. I hate it, especially
on my phone because I'm like, I just give up. I'm like, I won't go in. I don't care, I'm not going to go Is this a bike? Is this a bike? Is? Okay, it's very annoying. But the point I'm making here is that you can build a profile around the user and then understand who that person is and when they're doing things like they normally do, you still have security, but at least it's a lower level of security when they're doing things they're not normally doing. That's when
you kick in a higher level of security. Is not about right, and you're correct that technology today has come a long way and being able to actually do that and do it with a minimal disruption to your point catches and years ago, I think you know, to expand on that little bit, right, I think yes, there's a lot of opportunity to improve that both from super standpoint. So one of the things that we're doing along those lines, when you look at a pretty significant a number of years for a bit of
automotors, that's one. These folks just have to do a lot of different things during the day, and there's definitely it's not a very static, sort of a linear pattern of work, so they jump around a lot of doing this here and something else there. What we do, what we try to do is gather activity across you know, during the day, across the environments
that the data from the from the patternston point. Over time, let's say, you know, over let's say ninety days, the normal pattern for this type of user has been x, y, and z. Why that's important is because we could also detect when something goes completely right. That allows us to kick off triggers to say something is not looking and feeling right, so
the security teams can quickly take a look and understand is it normal? Could they could be a legitimate instance of that situation, but we'd rather verify that
than let it go right. So that helps us also enhance you know, the model, because that also helps the data, same data, and that is analyzing the data helps us understand what next time next patch or users, what is the normal pattern of access they shouldn't So we can make those grants very easily and get people with Basically, if I understand it, you're I mean, security has to sit in between systems, right, So into a
cloud environment that may have of twenty different applications. And I have developer friends and they tell me that the biggest pain in their job just then logging back into that system. People in the consumer world, Now you have all these different protocols. Oh, it's got to be ten characters and a special character. It can't be two characters side by side, like you know, two characters in a row. All this these goofy sort of bespoke rules that mean
you have to come up with different passwords. None of course Google allows you to do that password management feature, and there a system and that's what I use. But of course if someone hacks into that, now they've got access to all your stuff. I mean, these security issues the sword cuts both ways, because both ways. I thought about the Kiva. They're like, oh, KEYVAP, that's great unless someone gets your key going like this till
they find your goal. And it's like some of these security measures wind up being security risks. Essentially. How do you balance that out? And how do you sit in between particular clients You're out of their environment they're moving to us about that quickly. Yeah, And early in my career in the security space, somebody said this and it really stuck in my head. The best security is invisible security, so the end user can't see there. It's been
very hard to actually get get to that stage. But I think we're getting getting definitely we're moving in the right direction. We're not quite there realizing. I'm realizing we're up in our first break. So after you're listening to the incident, now do you want to time share? Well, face the facts. You made a mistake, you made a bad purchase. A timeshare is not an investment. It's a money pit that continues forever. If you use
your time share, that's great. But if you don't and you want illegally get out of your contract, call my friends right now at the time Share Exit Hotline. They're an experienced team of lawyers who help good people like you get out of a time share contract that they just don't want. Don't throw away your money on maintenance fees, use it for things you really want. We can help you end your time share contract and stop the money drain immediately.
If you are ready to move on with your time share call our team right now. Yas your time share now with a free call eight hundred two nine oh six seven O five eight hundred two ninezero six seven O five eight hundred two nine O six seven O five. That's eight hundred two nine oh sixty seven O five. Do you own a time time share? We'll face the facts. Made a bad purchase. A timeshare is not edit that continues forever. If you use your time share don't and you want a legal contract,
egally, get out of your contract. Call my friends right now at the Timeshare Exit Hotline. They're an experienced team of lawyers who help good people like you get out of a timeshare contract that they just don't want. Don't throw away your money on maintenance fees. Use it for things you really want. We can help you end your time share contract and stop the money drain
immediately. If you are ready to move on with your time share, call our team right now that I know six seven O five that's eight hundred two nine oh sixty seven O five. Do you own a timeshare? Well, mistake, you made a bad purchase. A timeshare is not an investment.
It's a money pit that continues forever. If you use your time share that's great, But if you don't get out of your contract, call my friends right now at the Timeshare an experienced team of lawyers who help good people like you get out of a time share contract that they just don't weigh your money on maintenance fees, use it for things you really want. We can help end your time share contract and the money drain immediately. Time pall our team
right now. Cancel your time Share now with a free call. Eight hundred two eight nine O four one three eight hundred two one three, eight hundred two eight nine O four one three. That's eight hundred two eight nine zero four thirteen. Sudden cardiac event brought a national football game to a halt. It's shown a spotlight on youth sports in full Swingation is rallying parents and coaches to be ready in an emergency in hands only CPR. It's a skill anyone
can wins only CPR hands only cpry Elephant's Health Foundation. Now you can fly anywhere in the world and paid prises on your airline tickets. Book a flight to day to London, Paris, Madrid, or anywhere else you want to go and pay a lot less guarantee. Call the International Trouble Department right now at low cost airlines eight hundred two nine five seven eight three, eight hundred two nine eight five seven eight three. That's eight hundred two nine eight fifty
seven eighty three. Welcome back to Inside Analysis. Here's your piet. Okay, folks, back here Inside Analysis or true the air kabanomic art for goes in of brightest br ti D. We're talking all about security, getting access to systems, how annoying security can be, but how important it is because when someone gets in, especially with ransomware, and they hold all your stuff hostage. Like I said, the Coloney pipeline shows you how much can be
held hostage. Major hospitals have been held hostage by these things, and that's a real problem. But arc you were talking a moment ago about how the ideal security is invisible security, which you know out of the covers can be very powerful these days because you can test all kinds of things. Right,
where is this person? What device is it? I mean to me, that's one of the key characteristics, right, is like, is this the device that the person normally used so much focused on these mobile devices these days? And there it is because there's a signature. There's an IP addressed and there's the unique signature of that device. I'm using that device and it's me. It's at a run that Okay, that's probably a good a good person too, as and how you folks do it? Yeah, so how do
you approach this? As certainly a combination of different things, and it doesn't something you mentioned, right, So instead of constantly being destructive and forcing the user to re authentic it or prove to the system who they are, we use data. We use some things that we can gather without you in fear activity in the system that helps us be fairly confident that we're still they still the legitimate user. There's also systems that we gather the outside of, right
that we gather that from. So like the authentication service provider, which could be anything from Microsoft Dactor or to Actor or whatnot, they do have data that that is very valuable. We also gather our own that helps us prove and validating the user. Ultimately, though I think there's definitely enough awareness already even in the end user, you know, communities that security is important.
So if you are going to if we are going to essentrally enforce certain security rules along the break along the process, that we do it in a way that they understand why this is important, especially in communities like developers, right, because they deal with a lot of very sensitive infrastructure and data. So we do we do have some control in the place that are when the when,
the time, and the trigger is there we need to enforce. So one of them would be to let's say, have them re reauthenticate or step up authenticated call to put that they're still roles to make it at least disruptive and allow them to do their job. I would have to think that the vast majority of breach incidents occur upon logging in. Other words, if someone's
logged in already, you know, usually they're gonna be working. I suppose they lock away at log out that kind of thing and then come up to their main I mean, that does happen, but I'm just guessing that the vast majority of breaches are at logging lime a fresh hold breach? Is that, right, Kennily, I don't know what the stats are truly about that, but that is definitely a a very likely scenario. It's a good guess.
Yeah, it's it's you know, when once the users in the session, right, that that's now an active you know session that if packer was able to you know, used to be as type of tackle the man in the middle. So if that was the scenario, then yeah, the legitimate user wouldn't even know somebody else is piggybacking from that session. Right. I think there's another very concerning type of attacks is when the human users, not
even us, not even involved. Example, again, when it comes to cloud technologies, there's there's a lot that's already you know, visible and accessible to epis and attackers who would love to just exploit that rather than trying to a user session, right, And that's what we also have again as an industry, we're playing a catch up game here trying to protect these non interactive
you know, doors and access points into cloud data and cloud applications. So, for example, how broader does that is we have this constant of non human you know or synthetic or machine identity used in calling that we allow the customers to define any process, any technology that requires access to their infrastructure and data to authenticate much like human being and provide like validation that who who as a non human identity machine identity who it is or functionality, what API,
what service they can access before they allow that? Right, So this again adds another component of security here that instead of just assuming whoever's access an API is legitimate, trust and verify. Yeah, I love the trust and verify
thing. And you pick up a really good point about API access and just machines machine conversation time constantly twenty four seven a new security thread or relatives mimicking machine security thread or a relatively new security threat of people mimicking machine behavior in order to get behind an API, grabs some information, pull it back out. It looks normal. It looks like the normal call that goes from into
it quick books to my bank for example, back and forth. I mean, those are the really precious connections to infiltrate, right is when you're going from one place to another. And I mean I remember, I think the target breach came in through an HVAC system or something through an IoT system. So it's like, wow, it wasn't some you, it was the machine to machine conversation that was co opted. And that's just as dangerous as any human log in, right exactly. Yeah, that was an excellent example.
You know the problem is again legacy type of mindset and approaches don't work when it comes to cloud. What I mean, for example, to detect the user human user breach, typically security would review the human login attempts. They wouldn't necessarily look at API log in attempts. Right, So it's a fundamental issue. Is there enough visibility? Is there enough data that's being sort of you know, filtered and reviewed through security processes to detect all possible access points.
Arguably most organizations miss that, you know, miss something. That's that's why breaches keep happening, right, Yeah, and that as we suggest, that can be all that's necessary to get into a system. What should in terms of the API management stuff, how do you how do you solve for that? I mean, does your technology have a sort of pattern recognition component where you can watch normal behavior for a period of time and say, okay,
this looks normal. Then once you define normal, you can define what is abnormal. I think the type of use are approachdizing to try to standardize and make it similar to the human interactive model, where security controls can be enforced kind of more as a matter of you know, a guard rail or
a gay or security control upon the time of that access. Right, So, like as I was describing that process that's going, API has to prove and validate, you know, and be sort of on the white list before they re allow when it comes to really defining patterns for the non like the human activity, and yeah, it's it's one of these one of the most complex problems that well, so let's talk about the multi cloud side are a
useful bit of functionality. I can tell you from a this perspective because I don't want to have to care about the difference between as your and GCP and Amazon Web services. You folks can care about that, and you folks can care about adhering to their protocols, which I'm guessing they update on some relatively
frequent basis so you stay on top of. But of course, with IS, ideally you don't want to have to decorate APIs, right, they're APIs that you want them to stay the same such that everyone can use it the same way they were using it. But in terms of these different class sort of that can say okay, this is for as your, that can say okay, this is for your so use this functionality, this is for GCP,
use that functionality. How does that work. Yeah, that's a great point actually that a lot of people don't even think about the whole ongoing you know, ongoing aspect of how do you maintain how do you keep up with
a very dynamic world of you know, cloud technology and APIs. So so that's that's actually one of the inherent benefits of what bide of offers that we are we maintain that we are a constantly monitoring and you know, detecting changes and the key functionality that that right of itself relies on, I say it's GCP or azure or whatever functionality that our system depends on to function. That's
our job. That's what comes with the value of right that the customers don't don't have to you know, worry about that that you know individually, they don't need to monitor because we do. And that's part of our little bit of our ip of how we do that so we never we never becomes or
the point of destruction for the customer right right now, that's important. So basically you are solving for the security challenge across these cloud environments for companies that have people using a AWS for one thing, using as you were, for something else and you just have your profile for the users and then you just map that to the new environment. Basically, it's that right, and you work for the correct do all the three major ones? Is that right?
Actually we do more than that. We do for major ones, including Oracle cloud infrastructure okay, and there's a couple of dozen non infrastructure clouds like Snowflake Service now opposite sixty five it's one mm. That's a full time job. Man. How big is your company? How many people? We are? Soort for fifty full time team members, but yeah, we're growing fast and it is what I'm in more than that. What percentage are actual developers and
engineers? Like, out of fifty people, what percentage are people who are coders or engineers or people of that technical nature? Eighty eight percent? Yeah, that sounds about right, because you can't you can't stay on top of everything. I mean, these each one of these environments keeps changing. They have updates all the time, and you have to stay on top of that stuff. Uh, it's and it's changing rapidly these days. It seems to
be. How concerned we got a couple minutes up there, How concerned are you about quantum computing and quantum going mainstream, which IBM I guess indicates should be happening in two to five years or so. Because one of the concerns I've heard is tactics you can put in place to rebuff those sorts of attacks, like you know, distributed to knowledge service tax things of this nature. There are things you can put a place to you know, throttle those things,
but it'll be a very signifant risk that's coming down the pike. What are your thoughts about quantum. I'll be very quick, So I think it's revolutionary for sure, right, but I also know the reaching the attacks happen because it's very basic and because of very basic issues and like not following security hygiene more than not having strong enough encryption in place. So I think as an industry we need to get our act together first of all to eliminate like
these easy paths and for attackers to get in. But with quantum, I think it's also the benefit of having better technology for security as well, so there's a leverage property then we will also have better defense, right, So it goes both ways. Basically, the good guys, bad guys get it. Yeah, it is you know that we're talking to someone's account and make the money away. And our most recent attack on my debit card, it made it look like it was Google ads, like we were just buying Google
ads, and lucky for me, we don't buy Google ads. So I'm like, hmm, that's interesting. I have a whole bunch of And they started small, and they started ranting up. It was lighty dollars forty three. Why am I broke again? I know, I'm not that foolish, and yeah, because I was hacked again. It's the end user to have these experiences because you think, shouldn't the banks beyond this kind of stuff?
Shouldn't the banks be watching for these kinds of things? And if you get into the system back and forth, well you have to have some identity somewhere that can be trapped and managed, right, I mean, I just kind of fact that these guys aren't infiltrating banking systems because there has to be a signature of where they came from. I mean, I know in the security were a lot of times to use proxies to kind of bounce around the game
from you out. I mean, you're grabbing all kinds of metadata of what system it was on, what the operating system was, what the browser was, what the looks captured. I'm kind of surprised we don't have more success or maybe we do and I just don't hear about it. What are your closing thoughts on the dative security in this worlds of problem? And certainly a long way you know again, twenty years been a long enough times for me to see that, I, you know, security's job. There was an
interesting you know how made earlier. Is security being a scapegoat? Right? It's it's it's a very tough job to have because they always scurity versus you know, a business, you know, priorities and jens especially interfere or anything that's important for the business, right, so and we trade offs. I think it. I think you know, as an industry, you know, as the practitioners out there in the field, you know, make decisions and
sometimes, hopefully most of the times are the right decisions. Sometimes they're not. And you see outcome do you see uh consequences from the vendor community. I think we are really making some really big, you know, headways into bringing technologies to to the practitioners, to the uses of the world to actually make that balance or decision easier. Where Sey doesn't have to cost productivity, security doesn't have to cost the business a Jildian so one that's I think as
an industry we're making a big, big step towards right. I feel like that that's for the next decade or so. This would be a huge should be a huge factor in how the how we improve them overall posture of the industry and the security. Well, that sounds good, Art, Well, thank you so much for your time. Folkos with talking to Art Progosti and looking up online. Right if briibe dot com will be about to listen?
What if you could own a piece of the future. What if you could build your next castle not on sand, but on the bedrock of a modern blockchain ecosystem. The first Internet gold Rush made millionaires, the second wave is minting billionaires, but the third wave is just gathering now and anyone can get in on the action. Hop online to block and cool of innovating in this globally connected world. That's crowdpoint tech dot com. You in an untrusted world.
What's the longest running radio show world? M Radio Want to be a guest sometime? Send an email to Info at dm radio dot biz. That's Info at dm Radio dot biz. Can your IRA stand up to the next financial crisis? That our top economists are saying is that our doorsteps. By allocating a percentage of your IRA into physical gold and silver with a tax free rollover, you can diversify in some turbulent markets and economic downturns by putting your
IRA back on the gold standard. Find out how to safeguard your assets hold over with a Genesis Gold IRA, the only IRA that can hold physical press metal Call in silver Guy are simple phone call and learn how to thousand dollars in free silver called Genesis Gold Group. Empowering Faith driven Stewardship eight hundred six four four eight six one one eight hundred six four four eight six one one eight hundred six four four eight six one. That's eight hundred six eleven.
If you served in the Marine Corps by none know about the contaminated water problem at Camp Lejeune. If you were stationed or worked at Camp Lejune from nineteen fifty three to nineteen eighty seven, you probably have a lot of questions. We have some answers. You could be entitled to compensation. Billions of dollars are being allocated to pay for damages to anyone's cant at Camp Lejune during that time. Unfortunately, appears that officials may have known the contaminated water problem existed
and did little to protect their men. The Semper five code was not honored. If you or someone in your families developed serious illness, including various forms of cancer, called this Camp Lejeune Legal Support line right now. You can't turn back the clock and change when you're right, call eight hundred two five four three two one eight or three two one eight. That's eight hundred two five four thirty two eighteen paid for by Legal Alert Line. When a player's
sudden cardinal football game to a it shortance of CPR readiness. Now, with youth sports in full swing, the American Heart Association is rallying an emergency to be ready. Learn hands only CPR. It's a skill anyone can learn in minutes. Just visit Heart dot org slash hands only CPR. Hands only CPR is nationally supported by Elephant's Health. Now you can fly anywhere in the world and pay discount prices on your airline tickets. Book a flight today to London,
Paris, Madrid, or anywhere else you want to go. It's guarantee. Call the International Travel Department right now at low cost Airlines eight hundred eight three eight hundred drew nine eight five seven eight three. That's eight hundred two nine eight fifty seven eighty three. Welcome back to Inside Analysis. Here's your host, Eric Tabanaugh. Okay, so back you're on Analysis tucking all things identity management these days, identity resolution. Who are we out of the systems
we use? Know who we are and validated issue. We were just talking to Art from right to all about that and I was reminded of some cults are doing and something that we're actually working on. So a little special treat for our avid listeners to give you a stick preview of something that we've been working on here at Inside Analysis, at the Blur Group with some of our partners. And the example I wanted to give Sean Brem from Crowdpoint Technologies and
what they've built so federated idea is at the heart of their mission. What they've really built is a ecosystem, an e commerce ecosystem that's based upon a blockchain and proprietary blockchain that they've built which also doubles as a database, so it's low blockchain style data structure. But they've done some very clever things in that regard. But I find really compelling about their approach is the fact that there are focused on giving values or for the data of theirs that is used
to train algorithms. So if you look at all the hubbub, for example, in these lawsuits that have been filed, what did they basically alleged? They say that open ai went out and scraped all kinds of content, including copyrighted content, and they use all that material to build out their model, their generative AI model. Well, it's a good argument. If I've used someone's copyrighted material to train my engine, which I then made money from,
well shouldn't the people who's come piece of that? How these things work. I did see just the other day that there was a judgment rendered in a court somewhere in the US that basically said gen AI generated content cannot be copyrighted. Now, how they would know what engine generated the content in the first place is beyond me, and I think that's frankly an open question. But
at least a standard has now been set. So what does that mean, Well, it means that there's going to have to be some more work to be done. I heard that open Ai also truncated their sniffing engine, their engine that would determine whether or not content was created by an open Ai engine or a chat GPT, which also is interesting. Obviously they see the lawsuits coming. Now there's something going to happen here. So what does this all mean. Well, I can tell you that these large language models, these
foundational models, are absolutely amazing. They are spectacularly powerful, very very interesting about the trust side of things, of the fact that this is going on. Getting back to Federated ID that vin and their idea is the engine and their idea is that they're going to pay attention to when your data is used for something and then pay you for that small amounts of money first pennies, then dimes and dollars down the road. Is at least how the theory goes.
So that helps solve the identity resolution problem at least in their world. But what we're going to do here, and this is how I'm going to fuse these topics together here at the end of our show today, is we're creating something that we're calling the rubric, and the rubric is going to use a large language model as its text generation tool or engine. But the moorings, the anchors of truth, the embeddings, if you will, those are
going to come from trusted experts. And so what we're going to do is you could publish your papers or your works, your articles, research reports, etc. Then use them and other reports, other trusted reports as the anchors of truth for the rubric to help folcake decisions about which analytic tool to use, how to use, can be used in conjunction with it. How could you build a stack basically what does they look like? And we're planning on
building that out right now. So it actually uses a technology that I've already had built called media lens, and media lens I built it. It's a lens with a Z. It runs inside open source dot right now, inside hyphen open source, and it uses that right now. What I wanted was an engine that I could use to spin up a high focused the stream of that would be useful for a research or so. I wanted to stay on
top of the open source community. So that's where we've targeted first. And all I did was went out and found all these different folk and source technologies who follow their handles. Media lens tracked the different handles that I've given them
to watch out for. And then what it'll do is it'll grab any URL that is shared by these folks with hashtags like open source or MEO or Apache or the other terms, the key terms that are associated with that particular industry, and that publishes them as pending posts in my environment, and that I can choose to post them or not. And every time I post, what I'm essentially doing is built lake and so do help that will sort of pin
downs of truth. That will sort of pin down the truth and allow the generative AI functionality to spin appropriate words around the concepts that the prompt delivers. So what are we talking about? I mean, really, if you think about Siri and these other engines that are now currently used for these purposes, they're valuable. They can sort of find information for you, but they're not
really trusted experts in a particular domain. And one reason for that is because it would be a big thing to chew off, to bite off, if you will, for the current engine. So right now, Siri is just kind of pointing you to different things on the web or giving you information that is readily available, like the weather or what time of meeting is things of
that nature. But when you start getting into really dense areas of content, like in trade press around analytics, for example, well you're going to need more than that, and that's what we're focused on. So we're focused on finding the right experts to provide their materials in a trusted fashion, and then whenever that material gets used via the rubric by a paying client, the people whose insights were used in that immediate it's sort of real time mind meld,
they will get rewarded with credits. Now, it's going to take a while to build this thing up, but the point is we're going to try to create a center of gravity around the topic of analytics because there's a finite number of vendors or a finite number of people who focus on this, and we're looking for help to do that. So, like I say, if you're hearing this and you think it sounds like a good idea, send me email
info at DM radio dot biz or info at inside Analysis dot com. Both of those come directly to me, and we'll be curious to talk to you and maybe show you a preview of this thing. But the idea is that you really, right now folks are paying lots and lots of money for Gardner and Forrester and some of these other consultants or Boston Consulting Group. A lot of very smart people at these companies, but it's hard to get access to these people. And they are just finite human beings, so they don't know
everything, but they know a lot about a particular domain for example. Well, if you think about the power of these foundational models to piece together vectors of information from multiple sources, if you get to a critical mass of embeddings, and this is the key, you need a critical massive embeddings from trusted sources, then all of a sudden you have a very interesting intelligent chat bond.
Another very important thing to understand. It's a lot of times some technologies don't work together so well and some do so Knowing which technologies work well in which environments also very useful stuff. Just best practices, I mean, knowing how to go about setting up a sequel statement to find certain pieces of information. I mean a lot of people know that a lot of people on a sequel, but nonetheless a lot of people don't. And we're at this very
out in the world. So our rubric is going to be built out as an assistant to help folks understand enterprise technology, get out of the weeds, do do some playing around and get some better answers faster and less expensively. Right, Because if you bring together all these our minds and get good content from people who know what they're talking about, and find ways to wait those scores, to wait the information and to align it to topically, And that's
what these settings do. I mean, just to kind of cap it off here, embeddings are mathematical representations of text strengths. That's really what they boiled down to. And what the folks did building these large language models is, you know, they did some amazing work at information text. So they turn it into numbers such that you can do statistical analysis more easily in fine patterns in data. Okay, this word is used in this context. It's also
used in that context. When does it mean this? When does it mean that? These are the kinds of solutions that these large language models can provide. They can give you really good information about what should be in a certain context and what should not. But the key again is the embeddings. The embeddings allow you to get certain closer to the truth. Just wanted to tease
that fun stuff to you. Folks. Hop onlineside analysis dot com. You want to go anectric punt sels you can listen pat If you plan to run for any public office, or if you're an elected official with a tough campaign ahead, you definitely need a radio show on CACAA to build your brand and
attract voters. Think about it. You can broadcast and podcast a weekly show on CACAA for one hundred and fifty dollars a week for an entire year, production included, and spend less than the cost of a fancy mailbox stuffer. At voters, they're on the trash. Your one hour radio program will be carried on ten fifty AM and one oh six point five FM. So if you plan to run for any public office, call us at two eight one
five nine nine ninety eight hundred and hours. CITO will personally help you get started today on KAA the stations that leave no listeners behind, call two eight one five nine nine ninety eight hundred for details. Now here's a new concept digital network advertising for businesses. Display your ad inside their building. If a picture is worth a thousand words, your company is going to thrive with digital network advertising. Choose your marketing sites or jump on the DNA system and advertise
with all participants. Your business ad or logo is rotated multiple times an hour inside local businesses where people will discover your company. Digital network advertising DNA a novel way to be seen and remembered. Digital network advertising with networks in Redlands and KAIPA call in the nine on nine area two nine two nine three for
introductory pricing. That's nine O nine two two two nine two nine three for digital network advertising one last time Digital network advertising nine O nine two two two nine two nine three. Tihebot Club's original pure Poudi Arco Superta comes from the only tree in the world that fungus does not grow on. As a result, it naturally has anti fungal, anti infection, anti viral, antibacterial,
anti inflammation, and anti parasite properties. So the t is great for healthy people because it helps build the immune system, and it can truly be miraculous for someone fighting a potentially life threatening disease due to an infection, diabetes, or cancer. The tea is also organic and naturally caffeine free. A one pound package of T is forty nine ninety five, which includes shipping. To order, please visit tebot club dot com. Tihebow is spelled T like tom,
A H E B like boy. Oh. Then continue with the word T and then the word club. The complete website is to hubot club dot com or call us at eight one eight six one zero eight zero eight eight Monday through Saturday, nine am to five pm California time. That's eight one eight six one zero eight zero eight eight to ebot club dot com. Be sure to join us each week on Big Sports Radio. We highlight the biggest games on campus, great analysis from experts, interesting interviews and yes and occasional
joker two three guys who never take ourselves too seriously. It's a fast paced hour guaranteed to get you ready for the coming weekend. Find out why radio producers and execs alike are saying, Hey, you guys are pretty good. Join me, Larry Smith and my buddies Mike Kegley and Brad Sturdy for Big
Sports Radio every Friday at three right here on CACAA. With sixty years of fascinating facts, This is the man from yesterday and back in time too, this time in nineteen seventy, Janie Choplin, just twenty seven, is found
deceased in the bedroom of her Hollywood Motel of heartment. Police say the singer's friends became concerned when they didn't hear from her read It's just another word fall, nothing left, nothing, Nothing on a eight three and from October of nineteen eighty five ABC TV Friday Nights, Mister Belvedere, different strokes, Benson Spencer for higher and this one webster Mom Now my mother, I do oh
because I was making breakfast. No, because you're ruining. And also from this time in nineteen eighty five, what a sound moving up the charts. It's a Norwegian band called Aha would take on Me. MTV has given this video a lot of play and it's part of its success. With Moore at Man from yesterday dot com. The Tri City Shopping Center in Redlands is serving up some really cool ice cream at Lamicho Akana. Then get your chocolates and
other delights from Seas Candies. Moms and future moms who visit the mall can cool off and relax while they get treated like royalty at Shiny Nails or Francis Nails, and then pampered at Texture Hair. The Tri City center is filled with retailers who care about you. Shop at the Tri City Center in Redlands and see why they call it the mall with a heart. In the world of work, what two occupations might seem to have the very least in common?
How about long haul truck drivers and school librarians. Yes, an odd pairing, but solidarity forever. Start with truckers. The job is literally a grueling hall. You're wrangling a massive eighteen wheelers, some five hundred miles a day for two three weeks straight, putting up with traffic jams, stormers, bad roads, lunatic drivers, helter skelter scheduling, truck stop food, sleeping
in the truck, and battling fatigue aches, you're bladder and loneliness. Trucking used to be a good union job with decent pay in conditions until the deregulation craze four decades ago brought in Wall Street profiteers and fast buck hustlers who turned the industry into anti union exploiters. As a result, the yearly quit rate
for drivers is almost a hundred percent. But rather than retaining drivers by upping pay and stopping their tortuous treatment, the corporate bosses have rushed to Washington, demanding access to an even cheaper pool of low wage workers teenagers. Yes, put an eighteen year old on that eighteen wheeler and keep them profits rolling.
And here's another good job suddenly turned ugly. School librarian. Yes. While student enrollments rise and the need for these nurtures of our society's literacy is greater than ever, their quit rate is soaring, not because of pay or long hours, but because of raw right wing politics. These dedicated, invaluable educators are literally being abused by demogogic goop politicians and their extremest partisans who've launched an
anti librarian crusade, including book banning and witch hunting. Come on, how twisted are you to pick on librarians? This is Jemai Tour saying, forget the law of supply and demand. Today's job market is being ruled by greedmeisters and political lunatics. Tahibow Tea Club's original pure power Darco Supertea helps build red corpusals in the blood, which carry oxygen to organs and cells. How organs and cells need oxygen to regenerate themselves. The immune system needs oxygen to develop
and cancer dyes in oxygen. So the tea is great for healthy people because it helps build the immune system, and it can truly be miraculous for someone getting a potentially life threatening disease due to an infection, diabetes, or cancer. The tea is also organic and naturally caffeine free. A one pound package of tea is forty nine ninety five, which includes shipping. To order, please visit Tihebow Tea Club dot com. Tihebow is spelled T light tom A
h E E B L boy. Oh. They continue with the word t and then the word club. The complete website is to Hibow Tea Club dot com or call us at eight one eight six one zero eight zero eight eight Monday through Saturday nine am to five pm California time. That's eight one eight six one zero eight zero eight eight to hibow t Club dot com. Wow, did you know here at KCA eight ten fifty am that we developed an app for all your Android devices. We're talking about your smartphone, your tablets,
you name it. You have an Android format. You can take KCAA with you everywhere you go. We're talking about our audio stream, our video stream, and even our podcast. Go to KCAA Express dot com. That's ka Express dot com, KCAA Express dot com. Space station crew members deny throwing things at Sweden. It's the Onion Radio News. This is Doyle Redland
reporting. International Space Station Commander Jenndy Padalka stated firmly today that neither heat nor his crew members had anything to do with pelting the nation of Sweden with water filled condoms. Padalka insists that any number of orbiting space vessels could have dropped the indecent payloads on the Scandinavian country. We are always too busy with really
experiments. Why is nobody pointing a finger at China? The Swedish King is willing to let the whole matter drop if someone will apologize for throwing a half full Budweiser tall Boy that left a mile wide crater in his yard. Doyle Redland or The Onion Radio News. Every Wednesday at three pm, It's The Uncommon Sense Democrat with host Eric Bowman. I love when his people talk about how old do Biden is, but he's just a couple of years behind it.
You'll get the best political commentary and stuff like this. Don't good night, Join us for the Uncommon sense Democrat every Wednesday at three pm on the stations that leave no listener behind KCAA ten fifty am man one oh six point five f M. It's a bird, it's a broom. No, it's super raw. Okay, a gimmicky opening for a commercial about super Roth universal life insurance, but I'm sure it got your attention. Now. What is
a super Wroth, you ask. It's a permanent indexed universal life insurance that's totally liquid and easily accessible once it matures. Can be used to supplement retirement savings or a death benefit or both. Has no income or contrabution limit, has no five year rule like roth iras, has no ten percent penalty for accessing the funds before age fifty nine and a half. Oh, and the
average historical returns are five to seven percent annually. Tax free. Super roths also lock in gains, which means you don't lose your money when the market is down. It sounds incredible, right, sounds super super Rocks are the way of the future, specifically your future. To see if you qualify for our super Roth, go online to the super Roth dot Com. Are you tired of the same world conversations that everyone keeps talking about want to hear something
new, fun and exciting. Listen to Whatever Works here on CACAA every Sunday at seven pm. We have amazing guests with interesting and unique topics. We do giveaways, and we have sponsorship opportunities. It's more than just a show, it's a lifestyle. You can also find us on CACA radio dot com or our website CACA Whatever Works dot Com to find upcoming and previous episodes.
Do you like to thank all the KCA listeners for supporting our show? NBC News Radio, I'm Chris Garraggio. Former President Trump is expected to be in New York City tomorrow for his civil fraud trial. Opening statements are set for ten am. In the case brought on by New York Attorney General Letitia James. She accused Trump and his family of inflating his net worth by saying his real estate portfolio was worth more than it was, which James said gave Trump
better terms than he deserved from lenders and insurers. Last week, the judge overseeing this case ruled that Trump had indeed been overvaluing his properties and is liable for fraud. One House Republican is already criticizing Florida Congressman Matt Gates's plans to oust Kevin McCarthy as speaker. By putting this motion of vacate on the floor, he's going to delay the ability to complete that work over the next forty
five days. Appearing on ABC's This Week, New York Congressman Mike Lawler referred to Gates's intentions as a diatribe of delusional thinking. Lawler, who is considered a centrist Republican, said bills need bipartisan support in a divided government. Gates announced earlier today that he plans to make a motion this week to have McCarthy removed as how speaker. This comes after a government shutdown was avoided yesterday with
a forty five day stop gap bill that passed with Democratic support. More than seventy five thousand Kaiser permanent day workers are gearing up for what would be the biggest healthcare strike in US history. Unions representing the workers notified the company more than a week ago that they could launch a three day strike this coming Wednesday, October fourth. Negotiations on pay, outsourcing, and staffing are stalled.
The strike would affet Kaiser hospitals and clinics in California, Oregon, Washington State, Colorado, Virginia, and Washington DC. A pair of college football programs swapped spots in the top five of the latest College Football Coach's Pole. Georgia, Michigan and Ohio State are once again the top three teams, followed by Texas up a spot as number four, in Florida State down a spot to number five. Penn State, USC, Washington, Oregon, and Alabama round
out the rest of the top ten. I'm Chris Garraggio, NBC News Radio, Philistina, KC