When Ian mentioned the Sarbanes-Oxley Act in his LinkedIn post sharing the news of SGNL getting acquired by Crowdstrike, it led to a funny exchange between us. It also reminded me of a task I had assigned myself almost 8 months ago. Last summer, I spent quite a bit of time going deeper into how
You may have missed this recent announcement Microsoft made about adding native support for third-party passkey managers (commonly referred to as credential managers) in Windows 11. From the perspective of anyone committed to building stronger, more usable identity systems, this is an important development, and paired with the introduction of passkey syncing in their own
Getting rid of passwords has never been the end goal, not really. The mission has always been to make digital life simpler and safer for everyone, and to give organizations the ability to operate and deliver services securely, without unnecessary friction. Moving to phishing-resistant, passwordless authentication is a critical part of that, but it doesn’t
I’m back from an exhilarating, albeit tiring, week at the FIDO Alliance’s annual Authenticate conference. As you probably already know, I recently joined the Alliance as Chief Technology Officer, which made this experience a little bit different than years past. There is a lot going on in the digital identity ecosystem right now, which really
[Two of the best people in identity, and the world. And me] I’m on my way to SF to join many, many others in celebrating the life of handsome debonair man about town (self-attested) Andrew Nash. It’s taken me a few days to find the words to write this post. Not because I couldn’t talk
In my last blog post, I argued that we don’t need more innovation invention to fix the broken state of SaaS and cloud security that Patrick Opet’s open letter was calling out. Instead, I said that what we need are different priorities. The conversations it triggered basically boiled down to this: if we already know
In my recap of RSAC 2025, I referenced the open letter that Patrick Opet, CISO of JPMorgan Chase, published in which he spoke about how essential security guardrails are being broken down by the lack of secure-by-design thinking in modern integration patterns within the SaaS world. His open letter challenged Cloud and SaaS providers to
Just wrapped up a packed, somewhat frenetic, but mostly enjoyable RSAC 2025 Conference. And if I had to sum it up in a sentence: AI is everywhere, but trust and control are still catching up. The conference opened with a shot fired across the bow of the security and identity industry. Patrick Opet, CISO of
It’s the end of an era: after eight incredible years, it felt like the right time to close the chapter on my story at Uniken. When I joined as CTO, Uniken was an ambitious startup with a unique core technology and a vision to make a global impact. What made the ensuing journey so rewarding
You would have to be living under a rock to have missed all the talk about Agentic AI, and how it is going to revolutionize the way we live and work. AI-powered agents will be anything and everything – from personal shopper to travel concierge, executive assistant to inventory manager, medical diagnostician to customer service
