Elevate Your IT Security with Bravura Privilege's Latest Upgrade

Review the Full Session Transcript

No time to watch the session? No problem. Take a read through the session transcript.

Speakers:

• Bryan Christ, Sales Engineer
• Ian Reay, Chief Technology Officer
• Carolyn Evans, Director of Marketing

Carolyn Evans (00:00):

Hello everyone. Thank you for joining us today. It's fantastic to have you with us. We are eager to explore all of the latest updates in Bravura Privilege with you. We have a full session planned. Our focus today is really to help you get more from your current B security investment and introduce you to some of the new features that will strengthen your security posture. We also have a spotlight added to this webinar discussion highlighting our new AI capabilities, which have been vetted by a third party and they are considered truly innovative in identity security right now gaining a lot of momentum with some of our customers. My name is Carolyn Evans. I'm the Director of Marketing here at Bravura Security and I'll be facilitating the discussion today. You are likely already familiar with Ian Reay, who is our CTO, and Bryan Chris who is our solution engineer sales engineer. They are both here looking forward to discussing any questions that you may have, so please feel free to bring those up. Let's get started. Over to you Bryan.

Bryan Christ (01:09):

Carolyn, thanks. Appreciate the introduction. Real quickly, I want to thank those of you who have tuned in today. We appreciate your participation and we hope that you get a lot out of the session today. Shelby, if you will just knock us forward a bit. So the agenda today is kind of parceled into two pieces. First, we'll look at new features in Bravura Privilege that comes with upgrades, and then in the second half we'll look at things that get unlocked in terms of new capabilities, compliments to Bravura Privilege after upgrading Shelby Fuel. Go ahead. First we want to do is just take a quick look at the release cadence level set on where you are with your deployment of Bravura Privilege. As you can see here on the screen, I have called specific attention to version 12.3, which has moved into what we call best effort support.

(02:14):

Our current version is a 12 seven series, and so part of what we're talking about today is the deltas between those releases and where we're at now. The other thing I want to call your attention to is the fact that we have an opportunity if you'll book either a upgrade workshop or a health check session with us, both of which are complimentary, and if you do it before October 4th, lunch will be on us. The other thing I would be remiss in mentioning is that if you are a SaaS customer of ours, the health check or upgrade workshop will look more like a strategic advisement in all cases, super beneficial. So we would encourage you to take advantage of that offer. Also by booking, we will enter you into a drawing for some complimentary full passes to the Gartner IAM conference that will be held in Grapevine, Texas. Lastly, before we leave this slide, I just want to call your attention to the URL at the bottom. This slide up here has got a lot of dates, a lot of milestones on it, but you can always use that URL at the bottom to check where you're at in the current deployment lifecycle. Shelby, if you will move us onto the next screen.

(03:42):

So we're going to start, like I said, the first part of this discussion, talking about what's new since then. So not only are features and our product up to date and introduced with newer versions, but we're also tracking Microsoft who is constantly evolving and updating as well. So that means that we've spent some time ensuring compatibility with Windows 11 specifically for Bravura Privilege. That means our local workstation agents. So some of you may be familiar with the pull mode that Bravura Privilege operates in, which requires the local workstation agent that is compatible with Windows 11. Also, one of the moves that Microsoft has made over the last little bit is to sort of deprecate and abandon the old Internet Explorer architecture that their web browser was based on introducing Edge, which at the core is chromium or WebView two, and we have re-architected our secure browser around this technology.

(04:51):

For those of you who don't know what the secure web browser is, I'll just briefly talk about that. There is a recognition. It really started around the covid timeframe when the world sort of clammed to SaaS in order to deal with the problems of a remote workforce. But with that came privileged access that lives in the SaaS world, and so to solve the sort of lack of standards in terms of session management, we introduced this secure browser which allows you to launch a secure web browser session for doing privileged activities with all of the full session management capabilities that Bravura Privilege include. It's an optional component, so folks may not have deployed it, but we would certainly like to help you do that if your use case is, we would find that beneficial, Shelby, if you will. Let's go onto the next screen. The other thing that we have done recently is we have increased the amount of support that we have for multifactor authentication within our adaptive authentication framework.

(06:01):

So in the past, many of these same factors that you see up here, Okta Duo were well supported for things like from the SAML perspective, right? So these options would serve as an IDP and we could consume a SAML assertion as an sp, but we have implemented new functionality with many of these. So I'll take Microsoft for example, and so if you want to have native push notification to a Microsoft enrolled Authenticator application for your user population, you can do that with our latest and greatest. It also is an adaptive authentication framework. It may be news to you, so I'll just cover it really quickly. What that means is that we can treat different user populations differently in terms of what we challenge 'em with. When you think about privileged access, you always want to use at least two factors of authentication, but there may be a case where you want to say, for example, treat a contractor who accesses Privilege different than someone who may is an employee.

(07:11):

So we do have those capabilities in the newer versions and that might be of interest to some folks on the line. Shelby, if you will. Go ahead. Emergency brake glass mode. So this is just a really important feature that probably doesn't get the attention it deserves, so I'm going to talk about it a little bit here. Privilege access is one of those things that you really don't want to not have access to when an emergency happens. So when catastrophe strikes, in fact, there's sort of this symbiotic relationship between privilege access and the need to recover in a disaster situation prefer Privilege has always had multi-master active active replication, making it highly available. And so for folks that take our guidance and deploy at least three nodes of geographic separation, we commend you for doing that. We automatically do that in our SaaS environments, but emergency brake glass mode is a special scenario that gets deployed on top of that high availability architecture, what it allows us to do is to provide a discreet login.

(08:31):

So when you're in that emergency mode, you've got an emergency account. The nice thing about that discreet account is it's designed to ensure a separation of duty. So you'll have your firefighter team, and so the emergency access account simply allows you to turn firefighter mode on or off, and that's generally our guidances. Don't allow those persons to be part of the firefighter community. So you have a set of individuals that can turn the mode on and off, and then you have a distinct population that is actually doing the recovery and accessing those accounts. So that's sort of the idea behind simplifying the workflow. So once that emergency access is turned on, the firefighter team can get in there, get the credentials they need to remediate the disaster situation at hand. We also raise transparency during this time. So this is a bit of a challenge because there's a recognition that depending on the size and scope of the disaster, many systems could be offline.

(09:35):

So we'll due diligence to send out email notifications, send out SMS notifications, anything we can to raise awareness that the system is operating in emergency mode, and despite having simplified the workflow for access to these accounts, we are at all times preserving a full audit trail. So even when you go into this mode, you can have confidence that you have accountability of who did what and then ultimately the emergency, those that have access to the emergency account can turn that mode off when things have been remedied. Shelby, if you will, some other improvements that have come to the platform that may not be as obvious to your user population, especially for our on-prem customers, or sorry, our SaaS customers that have on-prem assets or maybe customers that are running in a hybrid environment. We've always needed a little bit of a footprint in your environment in order to manage those on-prem assets.

(10:35):

That's done to a connector proxy. The challenge has been that the connector proxy up until recently required an inbound connection from the cloud environment, and so that often involved a little bit of red tape with the port forwarding, the firewall rule, the DMZ, we still support that mode. However, we have now added functionality that allows the reverse proxy to traverse the firewall in the other direction, which is usually little or no red tape because it's just a simple outbound connection on a web socket port, so IT phones home makes that connection and then everything from that point forward is business as usual. In terms of the connector proxy, many of our customers have wanted to expand the use of the tool for the remote workforce. That means putting the login screen on the internet so that folks can log in. Obviously we do that with our SaaS environment and for this reason it's really important to deter bot automation and we have introduced support for recapture version three to facilitate that.

(11:52):

Another improvement we've made in terms of security is our rest API endpoint policy. We'll go ahead Shelby and jump us to the next slide where we'll talk about that a little bit more. So in the past, the rest API was sort of an all or nothing mechanism, and since then, I think beginning at around version 12.6 of Bravura Privilege, each endpoint has its own policy. So we ship a default set of policies. You can see here on the screen a sample from a code from Notepad plus plus code editor where the policy has been pulled up, it's crafted in rego, which is not a language I'm familiar with, but fortunately it's a very well-known language outside of me and it's good for the AIs. So if I had to change a policy on an endpoint, I might not know how to do that, but I can use natural language with AI and it can refactor that policy to meet my needs, and then you can simply apply that policy.

(12:57):

The benefit here is obviously you get that fine grain control over the API so that you restrict access in that sort of principle of these privileged way for the user or application that's calling that API, restricting it to only the functions of the API that are absolutely necessary. Shelby, if you will take us onto the next stream. Another piece of functionality that it's not obvious, but it is just a really nice feature, is the fact that we've had somewhere between 120, 140 native connectors that we've built over the decades. We also have about or dozen or so universal connectors, and these are very feature rich that they can do the provisioning, deprovisioning randomization of passwords. And so it used to be that in order to talk to the connectors, you would have to call APIs, which got routed through the whole workflow engine. That's still fully supported and there's plenty of use cases for that including our own product.

(14:10):

But there is also a recognition that many of our customers simply want to wire up some sort of integration that maybe doesn't require workflow and they just want to do something that maybe is unique to their business process. And so with minimal effort, we have exposed the connector, API through an SDK, such that you can leverage those connectors largely directly again with the little bit of minimal integration work. And so you can create those integration experiences that perhaps are uniquely tailored to your business. Shelby, go ahead and take us onto the next rating. So that sort of summarizes things in terms of what comes, what do I get when I upgrade, what gets brought to the table. We're going to look at some new capabilities that after upgrading these are complimentary. Three, they really provide a better experience with Bravura Privilege. So we'll take a look at those next if you want to go ahead and move us on.

(15:21):

So I'll talk a little bit about Bravura Cloud before I talk specifically about this slide. So Privilege Insight is powered by Bravura Cloud. Bravura Cloud is our next generation cloud first platform, which basically consumes data from the security data engine. So that's not something I've talked about at this point, so I'll stop and just kind of explain what that is. So the engine that makes Bravura Privilege do what it does so well in terms of discovery, provisioning, deprovisioning, looking at attributes, building out those user classes, all of that is what constitutes the security data engine. And so Bravura Cloud can consume data from your privileged deployment through that security data engine and aggregate it and surface interesting data in meaningful ways through reporting and analytics, which is privilege insight. I'd also be remiss in not mentioning that the PVE Cloud platform can consume data from other sources.

(16:32):

So primarily from our perspective, we're reaching out and we're talking to Bravura Privilege and that security data engine to get those insights, but we can consume it from other sources too, like a SIM system or some sort of database that you maintain or some sort of endpoint software where maybe there's an API that provides interesting data so we can aggregate data from a number of different places. What that allows us to do is what you see here on the screen, for example, with our compliance dashboard. So Privilege Insights features a compliance dashboard where you can craft rules that make sense for your organization, and at a glance we'll call attention to things that maybe need a little bit of investigation or remedy. This is not an exhaustive list, but I've thrown a few thought provoking questions up here on the screen, which can be answered by the compliance dashboard.

(17:27):

For example, do I have any orphaned entitlements that are privileged, right? Are they just kind of lurking out there and they don't have ownership, right? Or do I have accounts by virtue of a group membership that are elevated and it's standing and they shouldn't be that way? So the insights dashboard, compliance dashboard can really surface those at a glance for your team that really needs to keep apprised of that kind of stuff. Shelby, if you'll move us on to the next screen, there's also Privilege Insights brings a powerful analytics dashboard. So that was the compliance dashboard. There's an analytics dashboard as well. Again, it's kind of the same idea, which is we want you to be able at a glance to understand various facets of your security posture, especially with relationship to privileged accounts. Again, a few questions here just to sort of tease out some thoughts, but things that we can answer from the analytics dashboard, which by the way is extensible.

(18:28):

So if for example, you think of something that we're not surfacing, it's largely a matter of just collecting that data from whatever source, likely our security data engine, but aggregating it in such a way that we can build out a dashboard. So it is extensible, but just again, here's an idea of some things that you could surface through the analytics. Where are most of my shared admin accounts located? What percentage of them are being governed? I'm not going to read this whole list, but you get the idea. It's very powerful, very flexible, and it's going to answer at a glance those questions that are really important to your security team. Next, if you will, Shelby, risk scoring is another component of Privilege insight. Risk scoring has been around in the product for a bit of time already, so you have the ability today and prefer Privilege to apply a risk score to a user.

(19:26):

You have the ability to apply it to an account that they may want to check out. You have the ability to apply it to other resources like target systems and aggregate those and make some intelligent decisions based on those. However, through Privilege insight, we're making it very easy to surface those risk scores. And the other thing that we have done is we've ensured that as we're building this out, all of this, it is AI friendly, and so you can take the risk scores and you can allow AI to augment and supplement that risk score with its world knowledge. So what I mean by world knowledge is that these ais, the large language models, they're trained on just about everything in the world that authors permit them to train on, and so they have a pretty expansive understanding of what's risky and what's not. And so you can enable your risk scoring mechanisms not only to be surfaced by Privilege sites, but also to be augmented such that it makes real world sense in terms of risk. Now, I've sort of just teased out ai, our CTO, Ian Reay is going to talk about some of the AI advancements that we're bringing to the market. And so with that, Ian, I will leave it here on this screen and you can round us out and take it away.

Ian Reay (20:50):

Sounds good. Thanks Bryan. And yeah, with respect to risk scoring, one of the critical things here, and I think this is really a recurring theme as we bring AI capabilities in to platforms, is that they allow you to start to really help solve repetitive tasks, things that might be a little tedious, things that you just never could get the time to do before. And that really opens up a lot of options, and this is going to be a key theme as we go through things here. So again, risk scoring, being able to do that comprehensively can take an incredible amount of time to risk score everything based on also to the things that make your organization unique, your policies, your procedures, your naming conventions, the kind of things that allow you to really express this is how things should be, and then things that aren't lining up with that then start to interpret the kind of risk that underpins them.

(21:51):

And the ais are very powerful at doing that. And so again, you're going to see this through some subsequent slides here as well about how can we make things that were just never before realistic to accomplish. Now something that can be done in minutes in many regards, and that really helps you to make sure that no idea MD is left behind and that you are not securing the front door of the house while leaving the back door open just because of the lack of time and focus here. So yeah, so let's continue on to one of the next slides here, and we're going to talk through a few different AI enablement strategies focused on Privilege related scenarios here. And so if you continue to the next slide, this platform that we are building on top of cloud, everything that you're seeing here is powered through cloud.

(22:44):

The underlying strategy here is that you need to have spectacular data in order to be able to automate tasks and to trust that the AI is working in the way that you need it to work. And so insights, power, everything. Then on top of that is the tooling that is necessary to collect those insights, to identify those compliance failures in order to retrieve the information when it's required. And then that feeds into the ai. The insights and the tooling are kind of like theiss eyes and ears to the world. And without it, it's not overly interesting, but when it has the right eyes and ears, it can do some pretty impressive things. And this is something that we're working with a number of customers on here, some of them in the list here right now, and they are live and we are continuing to work with them going forward here as we can help to tease out efficiencies as well as help to secure their operations.

(23:53):

So the next slide here. Now we're also taking a holistic view of how AI can help to improve operations. And so we are helping to improve operations from integration building to their application, to their troubleshooting, to role analysis, to assessing the security of applications. We are looking at it as a broad enablement capability because most organizations have gaps in multiple areas, we want to make sure that none of them are left exploitable here. And so under the underlying strategy of doing this here, we'll go into the next page here or the next slide, we can start to see what it looks like in action here where for example, we can build out AI assisted integrations now much more rapidly than we could in the past. So for example, for privileged platforms need to be able to reach out and interrogate the identity state. They need to have an understanding of what the current state, which accounts are privileged, what the status is of the passwords, and be able to take action promptly for just in time access flows.

(25:13):

And so we need to be able to make sure that we can build out these integrations rapidly, rapidly. In this example here, this is a scenario where we've built an expertly tuned assistant and the assistant can help with creating new integrations. It's taught and informed what a good integration looks like, what are best practices, what are the kind of operations that get highlighted to Bryan's point, continuing to build on that library of connectors that we've created to date here and making sure that they're comprehensive, that when we build an integration that it can support the privileged cases, but also the identity cases and the password management cases, making sure that we bring people the tools consistently in ways that they can achieve success with quickly. And so in this case here we are retrieving sample code and the AI is leveraging its general world knowledge about how the GitLab APIs operate and creating an integration to GitLab based on our samples, based on our SDK, based on our best practices.

(26:20):

And it can do this in minutes and then people can take it, they can start to test it and validate it. Again, perfection isn't necessarily achievable in all cases, but what we can do is generate effective solutions, get you 90% of that way there and do that rapidly aligned to what our best practices are, reducing the long-term maintenance costs here and then helping you to achieve to make sure that you're seeing the privilege access across your organization. And furthermore, while in this case, we're depending on world knowledge that the AI has been trained on about how to integrate with ai, with APIs or with GitLab in particular here, we can also do the same thing with closed APIs, the ones that are behind paywalls by taking their documentation and being able to upload it to the AI and give it to the assistant so then it can write solutions tailored to those.

(27:16):

And it can do that across a wide range of areas. REST APIs, GraphQL APIs and soap APIs are of course common ways to do it. But since we also can leverage a Python ecosystem, a.net ecosystem, a Java ecosystem of integrations, those can also be built out with the strategy in rapid ways. So something that used to take maybe days or weeks aiming for hours going forward here, real material cost savings. So now we'll go to the next one in the slide here, furthermore, and this is a case where something that can be a challenge in organizations that don't have an automation first strategy is being able to see the current status of who has privileged access in your environment right now and through the tooling that has been created using the past example, we can now provide those real-time insights and reach out in this example to Salesforce and run the real queries against the real system to extract out that identity state and be able to then make certain decisions rapidly about what is good and what is problematic about that state.

(28:33):

Be able to identify accounts that look like they're orphaned. And furthermore, as we grow on here, other cases that we'll be publishing and promoting here soon to help with deciding about is an account orphaned or not, is if you teach the AI, the tools that a person would use to make that decision, like reaching out to say a SIEM system, the AI can reach out to the SI system as well. It sees an account that might be orphaned, it could reach out and check the status on that. When was the last time that account was logged in from the SI system? What are some of its behavioral elements that are in play? If you have an indicator of compromise, it might indicate that an account is compromised. Again, what's its status in Salesforce? What are the other elements that are being flagged in the same system to help come to a rapid decision quickly?

(29:25):

And that kind of amalgamation of tools of knowledge is what really starts to set things apart when you're looking at how AI can be integrated in because AI integrated to the perverse security fabric is powerful. But when you also factor that in with AI integrated with some of the other security tools that underpin your operations, all of a sudden now you're getting insights and minutes that otherwise would've taken potentially hours. And that matters a lot when you're trying to assess blast radiuses and you're trying to make good informed decisions. You want to make sure that everything's at people's fingertips quickly and easily. And if we continue on this here to the next slide, we can also leverage the AI's knowledge about what is the difference between human accounts, shared accounts, machine accounts, and being able to take a look and understand which machine accounts exist in, say like your Salesforce instance, which ones are being used, which ones might need to be cleaned up.

(30:29):

They may be there're from an old integration that no longer is being used or maybe is being provided to a third party who is doing some consulting work. Well, if you don't have an firm understanding of what those accounts are, those accounts can rapidly become your next critical security vulnerability that people will then access your environment through and begin the process of creating an event that none of us want to encounter in our careers. And so if we can quickly interrogate this data, then the AI can help us with breaking it down, especially when it's taught and tuned and informed to what our policies and procedures are. What does some of our employee accounts look like? What does a shared account look like? What are these machine accounts and these service accounts look like here? What are some of that background, the history of what we've been doing and working on?

(31:24):

Say for example, you could take this information and consult a ticketing system to see when was that auto proc account requested and created via ServiceNow? And you can understand rapidly what the history is of that in case it's an issue that you need to look into. That's where again, joining on this information, helping people rapidly come to those decisions. That's where we have real time savings moving forward here and how security software can truly turn into a business enabler here going forward. And then finally, if we go to our last slide here and trying to establish the zero trust principles, they are important principles to follow here, but it's also challenging to review and determine what is good, what is normal, what is common across other organizations. So now being able to leverage general AI best practices and knowledge about being trained on worldwide data allows for some practices to be recommended and advised to us.

(32:34):

It might not be the end state that we want to get to, but it might also give us a couple ideas that we'd want to enrich and take it and talk with a few of our peers and to try and figure out maybe this is a good idea here. We hadn't thought of that before, but maybe that's a great idea. And so in here we're showing an example of how the AI can assist using the information that's stored in the perverse security fabric servers about people's current levels of access, seeing what might be a shared account in this case here, understanding that the dash admin accounts or personal administrative accounts and that two out of those four people in that team have them, should the other two get them or should we be creating a just in time access role that could be requested through Bravura Privileges group set functionality?

(33:20):

Those are really good questions to ask once you see that the inconsistency exists and start to think through, okay, what should that future hold? And so as we tune these assistance and as we leverage the data that underpins the security fabric, we can help people navigate to this and make these pretty hard questions all of a sudden, a lot more approachable might not be automatic. You still need humans in the loop. We need to take points of responsibility. We need to make sure that what's being done aligns with our business needs, but it can help us get a lot closer to that very rapidly. And so that's kind of a bit of a summary of a number of the things that we're working on here and you will open up for some questions now.

Carolyn Evans (34:08):

Thanks, Ian. Yes, if you have any questions, please pop them in the q and a box or pop them in the chat or you can also raise your hand and I can unmute you. Another way of going about it, we had one come in a minute ago. This one might be for Bryan, does break glass mode work when AD is offline?

Bryan Christ (34:37):

Yes. Sorry, I was on mute there. Yes. So break glass mode does work and active directory is offline. So when this particular feature was built out, there was a just to general understanding that it's a disaster situation and there might be a lot of things offline, a lot of things that are unreachable. So the emergency account that I spoke of is what we call a console account. It's built into Bravura Privilege. And so our best practice recommendation is that the credentials, the login for the emergency count be parceled up possibly in a physical safe four eyes principle. And the important thing again about this account is that it serves one purpose and one purpose only, which is to toggle emergency access. So you can't really do anything else with it. It is just to turn on and off the mode. But the short answer is yes, you can log in and enable emergency access despite active directory being offline.

Carolyn Evans (35:53):

Okay, question. Thanks for that. For Ian, how do you think AI or Bryan actually, how do you think AI will affect privileged access in the future?

Ian Reay (36:07):

So one of the things that rapidly is going to be top of mind of most organizations is when they recognize that these ais are being given access to tools that have very, very broad capabilities to their underlying applications. Take for example, the ServiceNow cases that we were highlighting, there's potentially a lot of access if you can query anything out of ServiceNow through the ServiceNow query language, that's extremely powerful. It's very, very helpful for a number of tasks, but how do you make sure that it doesn't become your next attack vector? And that's where the ais are going to need just in time access and fine-grained access controls just like people need because it depends on the role that the AI is operating in about what level of access is appropriate to complete that task, possibly who is that AI servicing? And also that the AI might not be allowed to gain access to that information until say like a valid ServiceNow ticket is provided as part of that chat that can be confirmed and verified before the AI is allowed to reach out and run those queries.

(37:32):

Those are things that we need to really be thinking about here because otherwise the AI will become a notable risk. And so a lot of the work that is being done in the authorization communities like the open policy agent area, that's one reason why we've chosen it for including it in our rest APIs and it's now a fundamental part of our AI strategy going forward here that every tool and every assistant needs to have authorization applied about can this person interact with this assistant and can this assistant interact with this tool in this way? So those are fundamental elements being integrated in and then also applying the same filtering on the results that get returned out because sometimes the tools that are in play, the APIs that we need to integrate with, sometimes they don't support the fine grain controls that are required, but at the same point in time, we can't create security risks yet.

(38:37):

We do need to enable people. And so we need to bring those strategies to bear here to allow people to express who's able to ask these questions then control, okay, given the question being asked, make sure it's being executed in a way that respects the fine-grain access controls and then be able to also filter the resulting output in order to deal with cases where the underlying tooling can't do this here. And that's going to be very critical because when we build a tool such as for Salesforce here, that could enable sales and marketing teams to really gain a lot of value from the content that's stored within. But should they be able to do some of those administrative tasks like user reviews and Privilege access reviews? And conversely, if you have a person who should be able to do those access reviews here, should they have access to the sales contract information and other details there?

(39:37):

So that's where I think the introduction of AI technology is going to really fundamentally make us rethink our authorization strategy is going forward and if they're sufficient or not. And that will be probably the defining question I think in 2025 as we all grapple this with this because the benefits I think are undeniable. The trick here is how do we do this at scale with still keeping a great user experience and having that confidence that those controls can't be circumvented? It's going to lay bare A lot of the past history where we were depending on different people having different access and those people not coordinating with each other, and that starts to break down in the world of AI

Carolyn Evans (40:23):

Breakdown breakdown in the world of ai, like get

Ian Reay (40:32):

Well, those barriers start to disappear when it's the same underlying AI that's driving those two different personas so to speak. And so we need to make sure that those access controls are being respected regardless of which hat the AI is wearing at that time to do a task. So that's where the lines blur really rapidly in the world of ai. And that is where in the next few months, in 2025, how do we express those? And that's where I think open policy agent, the offend project and a few others are going to be very important next steps in a lot of our decision making.

Carolyn Evans (41:13):

Okay, another question, do you have chatbot integration?

Bryan Christ (41:21):

Ian, I'll leave that to you.

Ian Reay (41:23):

So in short, yes, as you can tell, we are bringing our own AI assisted chats to the market here, but also at the same in time is we can surface a range of different chat experiences depending on the topics that need to be handled. One of the things that for Privilege identity that we are doing is introducing operational monitoring that can send alerts to say like teams channels when issues might be developing. So say for example you're running a privileged server and maybe an integration is having problems, maybe it's starting to fail more often than otherwise you'd expect. So you can set alerts thresholds, get notified of that in a teams channel and then click a nice easy to click link to go in there and see a dashboard of how that integration is doing, what the problem is. Maybe there's some network instability, maybe there's recently updated the software and the API has changed, who knows?

(42:24):

But you can be alerted to that start to make those quick decisions and next steps. Furthermore, with S compliance rules, when you see an out bounds identity being added to privileged entry ID roles, we can now alert to those and send similar alerts to teams channels to trigger investigations to review was it just somebody not doing the paperwork right? Was it somebody circumventing for convenience? Are you under attack helping you to come to those decisions quickly and rapidly? Then also for the more SIC trying to integrate some of these capabilities so that they're as close as possible to the existing workflows that you users already are using such as ServiceNow. As you can tell here, we're using our APIs to build out these experiences and those same APIs can now be used to create ServiceNow integrations through their integration hub and realistically for any kind of chat experience there.

(43:17):

And that's where as we continue to build out these expert assistance, like the integration one that you saw with building out a new connector, we can start building these assistance for other ones like ServiceNow and help people create these integrations rapidly so that they can then plug them into their existing operations and align them as best as possible with the experience that people are already feeling or using and minimize that user friction that can occur when, because the last thing we want is 50 chat bots that every employee now has to think about which one to use. That will probably not be thought of nicely, but if we can introduce the right ones for the right purposes and integrate between them, then it becomes an approachable problem.

Bryan Christ (43:58):

Carolyn, I'll just chime in on this one. So I spend a lot of time in front of potential new customers prospects and I'll read the tea leaves a little bit on this one because what I see reading between the lines is this idea that I want to have Privilege access, but I want to do it in a really low friction user-friendly way, which is fire up a chat bot and say, Hey, make me a member of the domain admins group for four hours, right? And it needs to do reasonable a bit of authorization and validate you're who you say you are and you have the right to do that. But at the end of the day, I think that's the user experience that folks are wanting and it's totally plausible. It's just a matter of getting there safely as Ian mentioned earlier. So that's what I see when I shake that magic eight ball and look at what's coming.

Ian Reay (45:05):

And I think imagine this because again, we're going to be doing a few demos on this here very shortly, but take a ServiceNow ticket and just say I a sales a ServiceNow ticket, can you get me the access that I need to solve it here? And so the AI retrieves, the ServiceNow ticket interprets it, validates that you're the one who's assigned to it here, that it's active and open here and then based on the problem that's at hand makes a recommendation on the level of access. Like do you need domain admin? Do you maybe need a little color to it here and you need a different domain admin than maybe the default domain. Those kinds of things can be navigated and that's when you start getting a lot of operational benefits, especially when you might have new resources come into play here that it can be a lot easier and they don't have to quickly ask the guy beside them here, how do I get onto the system here? Oops, the guy who knows about this is on vacation and darn, okay, let's go dig in through some other tickets and see how it was done kind of thing. We can start to make this a lot more frictionless and help people make the right decisions where to go to with that privileged access. So it's being used responsibly.

Carolyn Evans (46:19):

Awesome. Yes, AI makes us more efficient, that's for sure. Or can another question, can you detect bad behavior with AI

Bryan Christ (46:31):

Ian? I'll definitely let you take that one.

Ian Reay (46:34):

So the ais are extremely good at detecting well, so lemme rephrase. I might use a little analogy here to explain where some things are going here quickly. There was some research that was done where they got some navy seals to try breaking into a place and they had some historical cases around or historical solutions around machine learning. And so the first time the Navy seals tried to break in, they were caught, the AI was able to detect them, but then what they did was one of the Navy seals had an idea, I wonder if I put a giant box over my head and a box that you would order a refrigerator with and then wonk very slowly past the cameras and get past. So needless to say, this guy was laughing a lot and the AI didn't recognize that somebody walking around with a refrigerator box on their head was weird because it didn't look like a person, so I wasn't going to alert to it here. And as a result, they were able to bypass the security protections and ultimately break in under this test.

(47:47):

This is where legacy machine learning had challenges where it needed to try to be taught around a range of areas that were likely to occur, but they had a tough time handling the unlikely current large language models now have such a solid understanding of world, what is common, what is weird that it can alert to, it's really weird that I'm seeing a refrigerator box moving around on its own and the sound of laughter coming from it, you might want to take a look at that. And those are, and while that's a contrived situation, it's one that is the kind of cases that will be factoring into Privilege access scenarios when we're looking at what is normal, what is weird. So again, when you're looking at people's standing elevated access, what is normal for a person with this position in a company to have? And it might be weird for them to have certain rights, maybe it was from a past situation that they operated in or again, when you're looking at some of the behavioral elements, like you're using one of the cases that we were talking about, say like if you see malicious activity on a ServiceNow account, retrieve the status on that ServiceNow user account, then be able to consult your seam system and the AI can make a lot of world driven knowledge case or decisions around is this likely weird?

(49:05):

Is this odd given this kind of situation? And when it does have a problem, you can then tune it with providing it a bit of guidance to let it know the context that is running it In that way you can really, with a few sentences, you can drastically improve the protections. And then something I think we're going to see in 2025 is the starting to be added to sale session monitoring and video streams because while the current technology isn't quite up to being able to do this cost effectively, the cost curves are changing very rapidly and that's where it will be good when some creative people can't put something on their head and then walk past or the equivalent of this when accessing your production financial systems or your AWS core infrastructure, it would be good to be able to detect that it's really weird that you are running these commands given what you are supposed to be doing in that ServiceNow ticket. I'm going to raise an alert that is where things are going in 2025 in my opinion.

Carolyn Evans (50:02):

Interesting. Okay, thank you for that. It looks like we actually don't have any other questions, Bryan. I know health checks are typically a service that's included in a premium SLA I believe, but we're offering them health checks or workshops right now. Could you explain a little bit about those two options and why a company would want to choose one or the other?

Bryan Christ (50:30):

Sure. Yeah, so the health check is primarily focused on your deployment as it is. So taking a look at perhaps your integrations, diving into some analytics and reporting around gaps of things that maybe aren't currently in scope with your existing deployment and looking at ways to close those gaps on the upgrade workshop. It's slightly different in the fact that it's looking at things that you could be doing based on new functionality. So some of the things that I went over today, for example, like that secure browser, do you have a lot of privileged accounts that are up in the cloud and you're not employing good session management with? So that's really the distinction. Again, if you are a SaaS customer, this is going to look a lot more like a strategic advisement, but in all cases I think you're going to just benefit from these complimentary sessions tremendously. Again, we would encourage you to book those before, I guess tomorrow because of the lunch that we'll provide to your team and to get enrolled in that drawing for the Gartner Identity Access Management passes, which will be in December and Texas.

Carolyn Evans (52:09):

Thank you, Bryan. Okay. Thank you everyone for your time today. We appreciate it. If you have any other questions, please get them to us through any channel through your account manager responding to any of our emails or reaching out. Thank you so much for your time. We look forward to speaking with you again soon.

Bryan Christ (52:33):

Thanks everybody. Thank you everyone.