The Security Podcast of Silicon Valley, a YSecurity.io Production

Jon McLachlan and Sasha Sinkevich

Welcome to ”The Security Podcast of Silicon Valley,” a https://YSecurity.io production that now features a compelling blend of our traditional cybersecurity insights and the innovative new sub-series, ”The Founder’s Guide to Compliance.” Hosted by Jon McLachlan and Sasha Sinkevich, this podcast dives deeper into the human element of cybersecurity, bridging the gap between technical challenges and the human stories behind them. ”The Security Podcast of Silicon Valley” has always been your gateway to the heart of innovation and resilience in the cybersecurity world. Our discussions unveil the trailblazers in security—entrepreneurs, engineers, and leaders who navigate not just the technical landscapes but also the human challenges that define today’s security industry. We create a shame-free zone for open, candid conversations about the real issues, triumphs, and the sometimes daunting journey through the world of cybersecurity. With the addition of ”The Founder’s Guide to Compliance,” we expand our horizon to focus on the critical aspect of compliance in the startup ecosystem. This new sub-series aims to demystify compliance standards like SOC, NIST, HITRUST, and others, making them accessible and actionable for founders, startups, and anyone vested in the intersection of technology, security, and regulation. Jon and Sasha bring their expertise and personal experiences to the forefront, offering insights into overcoming the hurdles of compliance while fostering innovation and resilience. Each episode, approximately 45 minutes long, is a journey into the minds and stories of those who dare to think differently and act boldly. From the dilemmas of real entrepreneurs to the strategies of seasoned operators and engineers, our podcast brings to light the cutting-edge technologies and techniques that offer tangible solutions to pressing security concerns. ”The Security Podcast of Silicon Valley” with ”The Founder’s Guide to Compliance” is more than a podcast; it’s an essential resource for professionals in the field and anyone intrigued by the critical role of humanity in shaping the future of security. Whether you’re a founder navigating the complex landscape of compliance or a seasoned professional looking for insights into the latest in cybersecurity, our podcast promises a wealth of knowledge, stories, and inspiration that pave the way to a safer tomorrow. Join us on this expanded journey as we continue to explore the intersection of humanity and cybersecurity, offering listeners a comprehensive view of how to thrive amidst the challenges of the modern cybersecurity landscape. Tune in, discover, learn, and be inspired. Visit us at https://YSecurity.io to start listening today. We’d love to hear from you, too. Drop us a note at contact@ysecurity.io read less
TecnologiaTecnologia

Episódios

Founder's Guide to Compliance: The Introduction SOC2, ISO, NIST, HITRUST, PCI-DSS, FIPS, and more
Há 5 dias
Founder's Guide to Compliance: The Introduction SOC2, ISO, NIST, HITRUST, PCI-DSS, FIPS, and more
Welcome to "The Founder's Guide to Compliance," a YSecurity.io production, hosted by Jon McLachlan and Sasha Sinkevich. We tear down the complexity surrounding compliance standards like SOC2, NIST, FIPS, PCI-DSS, HITRUST and the myriad facets of cybersecurity. Whether you're a startup founder knee-deep in the trenches or a seasoned executive navigating the ever-evolving landscape of digital security, this podcast is your no-BS zone for getting to the essence of what these standards mean for you and your business. Jon, a Minnesota native and security enthusiast, brings his rich background from Apple and various startups to the table, sharing insights born from a life that embraces risk for greatness. With a passion for security that's as undeniable as his love for motorcycles, Jon's journey is about leading by example, turning challenges into stepping stones for success. Sasha, starting his cybersecurity journey in Silicon Valley, has been shaped by the brilliant minds around him. His experience spans working with heavily regulated industries, creating security solutions for global financial institutions, and navigating the startup world from the ground up. Sasha's story is one of transformation, leveraging complex compliance requirements into simple, actionable strategies. Together, Jon and Sasha aim to demystify compliance, making it accessible and understandable. They're here to show you how navigating these standards isn't just about ticking boxes but seizing opportunities to elevate your business. "The Founder's Guide to Compliance" is empowers you with the knowledge and tools to not only meet but exceed the expectations of your customers and investors. Dive into a world where compliance becomes your competitive edge, enabling your startup to thrive in the digital age. Join Jon and Sasha as they guide you through the what, why, when, and how of compliance, turning potential hurdles into launchpads for success. Welcome to the podcast where compliance meets clarity, and where your startup's security journey begins.
Elizabeth Nammour, Co-Founder and CEO of Teleskope, Navigating Data Security Frontiers
01-11-2023
Elizabeth Nammour, Co-Founder and CEO of Teleskope, Navigating Data Security Frontiers
Join us on a journey into the forefront of data security innovation in this captivating episode of a YSecurity.io production, featuring Elizabeth Nammour, Co-Founder and CEO of Teleskope. Elizabeth, or Lizzy as she's known, brings a wealth of experience and a deep passion for data security, honed during her time at Airbnb. There, she played a pivotal role in developing strategies to protect personally identifiable information (PII), ensuring compliance with GDPR, CCPA, and other critical data security regulations. Teleskope stands as a testament to Lizzy's commitment to advancing data security, leveraging artificial intelligence to offer protection by default. Through her leadership, Teleskope is redefining how businesses secure their most sensitive information, offering innovative solutions that meet the evolving challenges of the digital age. But this episode is more than a deep dive into the mechanics of data security. Lizzy shares personal stories that have shaped her journey, from her initial forays into the tech world to the founding of Teleskope. Her reflections offer invaluable insights for entrepreneurs and security professionals alike, highlighting how personal experiences and professional challenges can forge a path to innovation and success. Listeners will be inspired by Lizzy's perspective on the intersection of technology, security, and entrepreneurship. Her stories illuminate the challenges and triumphs of building a startup focused on one of the most critical issues facing businesses today: data security. Tune in to this YSecurity.io production for an engaging and enlightening conversation with Elizabeth Nammour. Whether you're an entrepreneur, a security enthusiast, or someone passionate about leveraging technology for a safer digital world, this episode promises a wealth of knowledge and inspiration, showcasing the power of AI in transforming data security and the journey of a visionary leader shaping the future of the industry.
Sergey Stelmakh, Head of Security Engineering at Yugabyte, on Innovation vs Security in Startups
03-08-2023
Sergey Stelmakh, Head of Security Engineering at Yugabyte, on Innovation vs Security in Startups
Explore the delicate dance between innovation and security in this enlightening episode of a YSecurity.io production, featuring Sergey Stelmakh. With a rich background that traverses the realms of mathematics and security architecture, Sergey delves into the crucial question of how to foster innovation while ensuring rigorous security. His journey, from an Assistant Professor of Mathematics at Belarusian State University to Head of Security at Yugabyte, MuleSoft (now part of Salesforce), and Symphony Communications, illustrates the deep interconnection between analytical thinking and practical security solutions. Throughout the conversation, Sergey shares his insights on building effective teams that can navigate the complexities of engineering-driven companies. He emphasizes the importance of striking a balance between embracing risk for innovation and implementing robust security measures to protect against potential threats. His experiences highlight the challenges and rewards of creating environments where innovation and security coexist harmoniously. Listeners will be treated to a thought-provoking discussion that not only covers the technical aspects of security engineering but also touches on the philosophical underpinnings of risk and protection in the digital age. Sergey's perspective sheds light on the essential role that security plays in enabling innovation, rather than stifling it, and how a strong foundation in theoretical disciplines like mathematics can provide a unique lens through which to approach these challenges. Tune into this YSecurity.io production for a deep dive into the world of security engineering with Sergey Stelmakh. Whether you're a security professional, a tech enthusiast, or someone intrigued by the intersection of innovation and risk mitigation, this episode offers a compelling exploration of the principles and practices that guide the safeguarding of our digital future.
David Carpe - How to Network, and The Myth of The Great Silent Resignation
19-05-2023
David Carpe - How to Network, and The Myth of The Great Silent Resignation
In this enlightening episode of a YSecurity.io production, David Carpe, Founder of Carpe Search Partners, shares deep insights on the professional value of networking (connecting with and offering service to the people around us) in the security community. We explore how to network effectively, offer a give, and how networking differs from charity, philanthropy, and everyday friends. Davides some profoundly personal views on the supposedly Great Silent Resignation, which may surprise you. We end with some gre. Youvice, you don't want to miss it. David breaks down the art of effective networking, highlighting the distinction between simply expanding one's contact list and genuinely offering value to those we connect with. He elucidates on the nuanced differences between networking, charity, philanthropy, and maintaining everyday friendships, offering listeners a comprehensive understanding of how meaningful connections can be forged and nurtured. Furthermore, David shares his provocative perspectives on the so-called Great Silent Resignation, challenging common perceptions and inviting listeners to consider deeper, more personal implications of this phenomenon. His views not only provoke thought but also encourage a reevaluation of the ways in which we engage with our professional journeys and the communities we are part of. The episode concludes with David offering invaluable advice that transcends the conventional wisdom on networking and career development. This guidance is not just practical but grounded in the real-life experiences and successes of someone who has mastered the delicate balance of professional growth and personal fulfillment. Tune into this YSecurity.io production for a session filled with profound insights and actionable advice from David Carpe. Whether you're deeply embedded in the security community, navigating the complexities of professional networking, or simply looking for ways to enrich your professional and personal life, this episode is packed with wisdom you won't want to miss. Join us as we explore the depths of networking, service, and community, guided by one of the most insightful minds in the industry.
Colin Bitterfield - Head of Security (Acting CISO) People Data Labs
16-01-2023
Colin Bitterfield - Head of Security (Acting CISO) People Data Labs
In this episode of a YSecurity.io production, Colin Bitterfield, a key figure at People Data Labs, offers a compelling narrative on how intertwining growth with security through standardization and meticulous documentation can propel a business forward. Colin unveils his strategic blueprint for constructing and sustaining a business-first security team, where the emphasis on people ensures a win-win scenario for all stakeholders involved. Delving into the essence of his approach, Colin articulates the significance of aligning security measures with the overarching goals of the organization. By championing standardization and proper documentation, he underscores how these practices not only enhance security postures but also streamline operations, making security an enabler rather than a bottleneck for growth. Throughout the conversation, Colin emphasizes the importance of prioritizing people—both within the team and the broader organization. He shares insights into how a security team, when built with a business-first mindset, can foster an environment of trust, collaboration, and mutual respect. This approach not only elevates the security function but also integrates it seamlessly into the fabric of the company, ensuring that security considerations are woven into the decision-making process at every level. Listeners will gain a wealth of knowledge on tactics for building a resilient, agile security team that is deeply attuned to the business's needs. Colin's strategies for engaging team members and stakeholders alike highlight the critical role of communication, empathy, and shared objectives in achieving security that supports and drives business outcomes. Join us on this YSecurity.io production for an insightful discussion with Colin Bitterfield. Whether you're a security professional looking to elevate your team's impact, a business leader seeking to integrate security more effectively, or simply interested in the nexus of security and business growth, this episode offers valuable lessons on creating a security culture where everyone truly wins.
Andrew Spangler, Head of Security and Compliance at Harness, on Building Trust in Security
01-12-2022
Andrew Spangler, Head of Security and Compliance at Harness, on Building Trust in Security
In this enriching episode of a YSecurity.io production, Andrew Spangler, the esteemed Head of Security and Compliance at Harness, invites us into the world of security through his experiences, offering a blend of light-hearted banter and profound insights. Andrew's journey in the security field, marked by both humility and vast expertise, serves as the backdrop for a discussion that delves into the core of building trust, leading effectively, and nurturing career growth within the security community. Andrew shares candidly about the art of building trust—not just within teams but also in the broader context of the organization and its stakeholders. He offers personal anecdotes and strategies for leading teams with integrity, fostering an environment where transparency and accountability are paramount. His approach to interviewing strangers, a task often fraught with challenges, reveals the nuances of establishing rapport and assessing compatibility beyond technical skills. The conversation also covers the critical aspects of overcoming security challenges and celebrating victories. Andrew emphasizes the importance of acknowledging the hard work and successes of security teams, recognizing that these moments of celebration are crucial for morale and team cohesion. This balanced perspective on addressing challenges and valuing achievements provides listeners with a holistic view of what it means to lead in the ever-evolving landscape of security. Career development is another key theme of this episode. Andrew offers guidance and encouragement for professionals navigating their paths in the security field, highlighting the importance of continuous learning, mentorship, and community engagement. His reflections on career development are not just advice but a call to action for individuals at all stages of their security careers to pursue growth with purpose and passion. Tune in to this YSecurity.io production for a conversation with Andrew Spangler that is as engaging as it is enlightening. Whether you're a seasoned security professional, someone just starting out, or simply interested in the human aspects of the security field, this episode offers valuable insights into the dynamics of trust, leadership, and career progression. Join us for a journey into the heart of security, led by one of the most thoughtful voices in the community.
David Gurle - Founder and Executive Chairman at Hive, on Empathy, Innovation, and Disruption
16-11-2022
David Gurle - Founder and Executive Chairman at Hive, on Empathy, Innovation, and Disruption
In this heartfelt episode of a YSecurity.io production, we sit down with David Gurle, a visionary serial entrepreneur whose influence spans across some of the most transformative companies in secure communication and collaboration. From his early days at Thomson Reuters, Skype, Microsoft, Perzo, and Symphony Communications, and now as the Founder and Executive Chairman of Hive, David has consistently been at the forefront of driving positive change in how we connect and collaborate securely. David's journey is deeply rooted in his formative years in Beirut, Lebanon, amid the backdrop of a civil war. He shares touching personal stories that highlight how these experiences instilled in him a profound understanding of the value of empathy and diversity. These principles have not only shaped his approach to technology and business but have also fueled his ambition to innovate and disrupt traditional paradigms. At Hive, David is challenging the costly, error-prone, and insecure centralized compute and storage models by introducing a distributed cloud computing and storage platform. His insights into the genesis and mission of Hive offer a fascinating glimpse into the future of technology, where security, efficiency, and accessibility are paramount. Throughout the episode, David reflects on the lessons learned throughout his career and the role of empathy in fostering innovation and driving change. His stories are a testament to the power of diverse experiences and perspectives in creating solutions that address some of today's most pressing challenges in communication and data security. Join us on this YSecurity.io production for an inspiring conversation with David Gurle. Whether you're an entrepreneur, a tech enthusiast, or someone interested in the intersection of technology and human values, this episode offers a unique blend of personal narrative and professional insight that is sure to resonate. Discover the journey of a man who has made it his life's work to redefine the boundaries of secure collaboration and communication, driven by a commitment to empathy, diversity, and innovation.
Aman LaChapelle, Early Engineer at Modular AI, on Redefining AI Infrastructure
01-11-2022
Aman LaChapelle, Early Engineer at Modular AI, on Redefining AI Infrastructure
In this episode of a YSecurity.io production, we delve into the innovative world of Aman LaChapelle, whose fresh engineering perspective is shaping the future of security, privacy, AI, big data, and scalable compute infrastructure. As a key figure at Modular, Aman is at the helm of a transformative project aimed at rebuilding AI infrastructure to make it accessible and privacy-conscious for all. Aman shares his insights into the complexities of balancing the need for robust data privacy with the demands of building scalable AI systems. His approach, deeply rooted in a nuanced understanding of both the technical and ethical dimensions of AI, highlights the critical importance of privacy in the age of big data. The conversation takes an exciting turn as we explore what Aman perceives as the missing elements in the current tech ecosystem. His observations challenge conventional wisdom and spark a lively discussion on the gaps and opportunities for innovation in AI infrastructure. The revelations shared by Aman are not only thought-provoking but also underscore the urgency of addressing these shortcomings to advance the field. Listeners will be captivated by Aman's vision for a future where AI infrastructure is democratized, ensuring that advancements in technology are leveraged responsibly and inclusively. His passion for integrating privacy considerations into the fabric of AI development is a powerful reminder of the need for a holistic approach to technological innovation. Tune into this YSecurity.io production for an enlightening conversation with Aman LaChapelle. Whether you're an engineer, a tech enthusiast, or someone interested in the intersections of AI, privacy, and infrastructure, this episode offers a fresh perspective on the challenges and possibilities that lie ahead. Join us as we uncover the missing pieces in the tech ecosystem and explore Aman's groundbreaking work at Modular.
David M’Raihi: CPSO at Rivian, on Cryptography, Cars, and the Craft of Security
19-10-2022
David M’Raihi: CPSO at Rivian, on Cryptography, Cars, and the Craft of Security
In this episode of a YSecurity.io production, we dive deep into the world of cryptography and software security with David M'Raihi, the Chief Product Security Officer at Rivian. With a wealth of experience in the field, David shares his insights on the multifaceted challenges and opportunities in protecting innovative technologies in the automotive industry. David and host Jon McLachlan engage in a fascinating discussion on the essentials of building a robust security team, the intricacies of cryptographic systems, and the potential vulnerabilities that could lead to breaking RSA encryption. Beyond the technicalities, David offers a glimpse into his philosophy on leading an intentional and deliberate life, both within and outside the realm of cybersecurity. Listeners will gain a rare look into the strategic thinking and technical prowess required to safeguard the future of mobility at Rivian, where cutting-edge vehicles and sustainable technology meet. David's approach to product security encompasses not only the protection of sophisticated software and hardware but also a commitment to fostering a culture of security awareness and resilience within the organization. This episode is a must-listen for anyone interested in the crossroads of cryptography, automotive innovation, and personal growth. David M'Raihi's journey and reflections provide valuable lessons on leadership, the importance of a proactive security posture, and the pursuit of excellence in one's professional and personal life. Tune into this YSecurity.io production for an enlightening conversation with David M'Raihi. Whether you're a cybersecurity professional, a technology enthusiast, or someone curious about the intersection of innovation and security in the automotive industry, this episode offers a unique blend of expertise, wisdom, and inspiration. Join us as we explore the complexities of securing the future of transportation and the deliberate choices that shape a meaningful life.
Michael Crandell, CEO at Bitwarden Inc., on Open Source Security
01-10-2022
Michael Crandell, CEO at Bitwarden Inc., on Open Source Security
In this inspiring episode of a YSecurity.io production, we are joined by Michael Crandell, CEO of Bitwarden Inc., who shares the vision, journey, and the profound wisdom behind Bitwarden's success. Bitwarden stands at the forefront of enhancing collaboration, bolstering security, and amplifying productivity through the synergy of open source and community engagement, offering an intuitive solution for securing passwords and sensitive information. Michael delves into the ethos of Bitwarden, emphasizing how the open-source model not only fosters innovation and transparency but also cultivates a sense of belonging and contribution among its users. He reflects on the journey of Bitwarden, from its inception to becoming a pivotal tool for individuals and organizations worldwide in managing their digital security. Listeners will be captivated by Michael's insights into the challenges and triumphs of building a security platform that prioritizes ease of use without compromising on robustness. The conversation sheds light on the unique advantages of leveraging community feedback and collaboration to refine and evolve security solutions, underscoring the critical role of open-source principles in the dynamic landscape of cybersecurity. This episode is a testament to the power of community-driven development and the potential of open source to revolutionize how we think about and implement security in our digital lives. Michael's vision for Bitwarden and his deep understanding of the interplay between technology, security, and community engagement offer invaluable perspectives for anyone interested in the future of cybersecurity. Tune into this YSecurity.io production for an engaging and enlightening conversation with Michael Crandell. Whether you're deeply involved in the tech industry, passionate about open-source projects, or simply looking for effective ways to secure your digital footprint, this episode provides a compelling look at the impact of community and open source on advancing security and productivity. Join us as we explore the inspirational journey of Bitwarden and the vision that drives its mission to make the digital world a safer place for everyone.
Sergej Dechand, Co-Founder and CEO of Code Intelligence, on Fuzzing the Future
09-09-2022
Sergej Dechand, Co-Founder and CEO of Code Intelligence, on Fuzzing the Future
Sergej Dechand shares his security journey from usable security research to Co-Founding Code Intelligence, where he is CEO. Code Intelligence delivers open-source static analysis-guided fuzz testing that enables developers to simplify software security testing without modifying their code.   In this episode of a YSecurity.io production, we dive into the compelling world of software security with Sergej Dechand, Co-Founder and CEO of Code Intelligence. Sergej takes us through his fascinating journey from conducting usable security research to leading a company that's revolutionizing the way developers approach software security testing through open-source static analysis-guided fuzz testing. Sergej explains how Code Intelligence is making sophisticated security testing accessible and efficient for developers, enabling them to detect vulnerabilities without the need to modify their existing code. By leveraging the power of fuzz testing, Code Intelligence empowers developers to build safer applications, highlighting Sergej's commitment to improving software security from the ground up. Throughout the conversation, Sergej shares insights into the challenges and opportunities in the field of software security, emphasizing the importance of making security tools both powerful and user-friendly. He discusses the inspiration behind Code Intelligence, the impact of open-source contributions, and the future of security testing in an increasingly digital world. Listeners will gain a deeper understanding of the critical role of security testing in software development and the innovative approaches being developed to tackle these challenges. Sergej's journey from a researcher to a tech entrepreneur provides a unique perspective on the intersection of usability and security, showcasing the potential for technology to create safer digital environments. Join us on this YSecurity.io production for an enlightening conversation with Sergej Dechand. Whether you're a developer, a security professional, or someone interested in the evolving landscape of software development and security, this episode offers valuable insights into the cutting-edge of security testing technology. Tune in as we explore how Code Intelligence is simplifying and strengthening software security, one fuzz test at a time.
Benoit Chevallier-Mames, Team Lead of Machine Learning at Zama, On Open Source Homomorphic Encryption
02-09-2022
Benoit Chevallier-Mames, Team Lead of Machine Learning at Zama, On Open Source Homomorphic Encryption
Dive into the world of cryptography with Benoit Chevallier-Mames in this episode of a YSecurity.io production, where he shares his remarkable journey through the realms of encryption, engineering, and leadership. From making significant contributions at Apple to his current role at Zama, Benoit's work has profoundly impacted data security for billions of users worldwide, all while maintaining a humble demeanor. Benoit opens up about the valuable lessons learned during his tenure at Apple, offering insights into the challenges and breakthroughs that come with working on security for one of the most influential tech companies in the world. His transition to Zama marks a new chapter in his mission to enhance data protection, focusing on pioneering work in Fully Homomorphic Encryption (FHE) tailored for Machine Learning applications. Zama's open-source SDK represents a leap forward in making advanced cryptographic techniques accessible and practical for developers, underscoring Benoit's commitment to democratizing data security. Throughout the conversation, Benoit delves into the technical intricacies behind Zama's approach to FHE, shedding light on how this cutting-edge technology can revolutionize privacy and security in the age of AI and big data. His explanations demystify complex concepts, making them understandable for both cryptography experts and enthusiasts alike. The episode culminates in Benoit sharing profound words of wisdom, reflecting on his experiences and the philosophical underpinnings of his work. His perspective not only inspires but also offers guidance to those navigating the ever-evolving landscape of technology and security. Join us in this YSecurity.io production for an enlightening discussion with Benoit Chevallier-Mames. Whether you're deeply embedded in the field of cryptography, fascinated by the intersection of security and technology, or seeking inspiration from those who've made a silent yet indelible impact on our digital lives, this episode promises a wealth of knowledge, insight, and inspiration.
Aaron Painter, Founder and CEO of Nametag, On  Redefining Authentication
05-08-2022
Aaron Painter, Founder and CEO of Nametag, On Redefining Authentication
In this engaging episode of a YSecurity.io production, we sit down with Aaron Painter, CEO of Nametag Inc, to explore the cutting-edge future of authentication. As we delve into the concept of "Sign in with ID," Aaron shares his vision for a world where traditional passwords and device-based authentication methods are replaced with a more secure, trusted, and user-friendly alternative. Aaron provides a deep dive into how Nametag Inc is leading the charge in revolutionizing the way we think about securing our digital identities. Through the innovative "Sign in with ID" approach, Aaron discusses the potential to enhance privacy, reduce fraud, and streamline user experiences across the digital landscape. Listeners will gain insights into the challenges and opportunities presented by current authentication methods and how Nametag's solutions aim to address these issues head-on. Aaron's expertise and passion for improving digital security shine through as he outlines the technical and societal implications of adopting ID-based authentication systems. This conversation is not just about the future of authentication; it's a glimpse into the potential for technology to create more secure and efficient interactions in our increasingly digital world. Aaron's thoughtful analysis and forward-looking ideas offer valuable perspectives for anyone interested in the future of digital security, privacy, and user experience. Tune into this YSecurity.io production for an enlightening conversation with Aaron Painter. Whether you're a tech enthusiast, a security professional, or someone curious about the next generation of authentication technologies, this episode offers a compelling look at how "Sign in with ID" could transform the way we access and protect our online presence.
Anders Eknert, Developer Advocate at Styra, On Evolved Authorization
03-07-2022
Anders Eknert, Developer Advocate at Styra, On Evolved Authorization
In this enlightening episode of a YSecurity.io production, we delve into the transformative world of authorization with Anders Eknert, whose journey to Styra is marked by deep insights and vast experience. Anders guides us through the evolution of authorization, addressing the pivotal question, "What are you allowed to do?" and illustrating how the landscape is shifting away from the chaotic "wild-wild-west" towards more structured, secure, and efficient frameworks. Anders shares his journey, highlighting key experiences that have shaped his understanding and approach to authorization. With a focus on best practices, he explores the complexities of managing permissions and access in today's digital environments. Through his work at Styra, Anders is at the forefront of developing solutions that not only enhance security but also improve operational agility and compliance. Listeners will gain a comprehensive understanding of the challenges and advancements in authorization technology. Anders' expertise illuminates the path toward more sophisticated and user-centric authorization models, emphasizing the importance of clear policies, automation, and the role of open-source projects like Open Policy Agent (OPA) in driving the industry forward. This episode offers a unique opportunity to learn from one of the leading voices in the field of authorization. Whether you're a security professional, a developer navigating access control in your applications, or simply interested in the future of digital security and governance, Anders' insights provide valuable perspectives on the evolution of authorization practices. Join us in this YSecurity.io production for a fascinating conversation with Anders Eknert. For those interested in reaching out or learning more about Styra's approach to authorization, Anders can be contacted at anders@styra.com. This episode is a must-listen for anyone looking to stay ahead in the rapidly evolving world of digital security and authorization.