Hybrid Identity Protection Podcast

Semperis

The HIP Podcast is the premier podcast for cybersecurity pros charged with defending hybrid identity environments. Hosted by 15-time Microsoft MVP and Active Directory security expert, Sean Deuby. Presented by Semperis: the pioneers of identity-driven cyber resilience for the hybrid enterprise.

  1. The Entra ID Recovery Gap with Tim Wolf and Tim Springston, Semperis

    8h ago

    The Entra ID Recovery Gap with Tim Wolf and Tim Springston, Semperis

    This episode features Tim Wolf, Senior Solutions Architect at Semperis, and Tim Springston, Principal Product Manager for Recovery Solutions at Semperis. Tim Wolf spent years as a Microsoft Premier Field Engineer helping enterprise customers architect identity solutions at scale. Tim Springston brings 25 years in identity and security and served as Microsoft's product manager for Azure AD recoverability, including direct involvement in building the Entra ID shared responsibility model documentation. In this episode, they walk through what the shared responsibility model actually means for Entra tenant data, how token-based attacks sidestep phishing-resistant authentication, and what happens when a threat actor hard-deletes objects and locks you out. They examine where Microsoft's new Entra ID Identity Resilience Recovery feature stops short, and why planning your recovery before anything goes wrong is the only call to action that matters. Guest Bios Tim Wolf Tim Wolf is a Senior Solution Architect at Semperis. Tim's mission is protecting identities. Currently at Semperis, Tim ensures the resilience of Active Directory and Entra ID. Their background includes years as a Microsoft PFE, implementing Zero Trust and modern Authentication like Fido at an enterprise scale. Tim is an active speaker at multiple conferences, advocating for secure and automated identity architectures. Tim Springston Tim Springston is Principal Product Manager for recovery solutions at Semperis. He has over 25 years' identity and security experience with education, government, and Fortune 500 organizations from around the world. In his 25 years at Microsoft, he led services and support for Active Directory and later for Microsoft's cloud identity platform as it evolved from Windows Azure AD to Azure AD. At Microsoft, he was a recurring speaker at internal TechReady conferences and external events. Prior to Semperis, Tim was Microsoft's product manager for Azure AD (now Entra ID) recoverability and Sophos' IAM product manager for the Sophos Central cybersecurity platform. Guest Quotes  “The first step in resiliency is not just having a backup plan or a backup tool or capabilities to put things back. You need to know what's important to your organization. If you know what's important, you know what to put back, you know when it's broken.” - Tim Springston  “If Entra ID is going down... This is business critical today. You're not available to sign in to Teams, to SharePoint, to Salesforce, to your business critical application.  So to really understand Entra ID is business critical.” - Tim Wolf Time stamps 0:40 Meet Tim Wolf and Tim Springston 2:32 The Microsoft Shared Responsibility Model for Entra ID 6:22 How Entra ID Tenants Are Being Attacked 8:45 Token-Based Attacks Explained 12:26 What Happens When a Threat Actor Takes Over Your Tenant 19:05 Microsoft's New Entra ID Recovery Solution 25:24 The Difference Between Accidents and Adversaries 28:54 Semperis’ Disaster Recovery for Entra Tenant 39:27 Hard Delete and Tenant Cloning Limits 45:30 Resiliency Playbooks and Testing 49:58 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Tim Wolf on LinkedIn Connect with Tim Springston on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    54 min
  2. Practice Makes Progress in Cyber Resilience with Jim Bowie, VP and CISO at Tampa General Hospital

    Jun 23

    Practice Makes Progress in Cyber Resilience with Jim Bowie, VP and CISO at Tampa General Hospital

    This episode features Jim Bowie, VP and CISO at Tampa General Hospital, joined by co-host Courtney Guss, Director of Crisis Management at Semperis. Jim began his career in EMS and law enforcement before moving into cybersecurity, giving him a grounded understanding of how operational continuity and human outcomes intersect during a crisis. At Tampa General, he leads teams spanning network security, operations, IAM, and GRC, and has built a training culture centered on adversarial simulation, monthly range of exercises, and regular DR drills. In this episode, Jim argues that rehearsal is the highest-leverage move for resource-constrained security teams and explains why an outage is an outage regardless of cause. He covers why identity is consistently the weak point in every simulation and why the relationships you build before an incident are the ones that matter most. If your organization is still treating recovery as an afterthought, this episode will change how you think about it. Guest Bios Jim Bowie Jim Bowie is the Vice President and Chief Information Security Officer (CISO) at Tampa General Hospital (TGH). Jim is an accomplished leader with decades of cybersecurity experience and leadership in threat hunting, incident response, threat intelligence, and security operations. He is a strategist with demonstrated ability to bridge between security, infrastructure, and business needs and has experience leading multiple areas in information technology, including cloud infrastructure and security, with exceptional results in employee engagement and productivity. Courtney Guss Courtney Guss is the Director of Crisis Management at Semperis, with over 20 years of experience spanning cybersecurity, risk management, and crisis response. She specializes in helping organizations navigate high-impact incidents—from ransomware attacks to regulatory reporting—by orchestrating clear, business-aligned response strategies. Courtney is passionate about transforming crisis chaos into operational clarity. Guest Quote "You absolutely need a technology component to your program. But at the end of the day, that tech is surfaced to a person in the chair. And if that person's not up to speed, there's no amount of tech that's going to help them and help you get through a crisis." Time stamps 01:45 Meet Jim Bowie: Veteran Cybersecurity Leader 02:38 Healthcare Crisis Management Challenges 04:18 Training Beats Budget 06:46 Clinician Buy-In 07:00 Community Ripple Effects 10:23 Mutual Aid Agreements 12:45 Hurricane Drills as Cyber Drills 14:39 Adversarial Practice Culture 17:30 Making Training Time Non-Negotiable 20:14 Recovery Focus and Identity 26:35 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Jim on LinkedIn Connect with Courtney on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    36 min
  3. Agentic AI and the Authorization Gap No One Closed with Geoffrey Mattson, CEO of SecureAuth

    Jun 9

    Agentic AI and the Authorization Gap No One Closed with Geoffrey Mattson, CEO of SecureAuth

    This episode features Geoffrey Mattson, CEO of SecureAuth, joined by co-host Sarah Cicchetti, Director of Product Management at Semperis. Geoffrey has spent decades building and leading companies at the intersection of AI and cybersecurity, including MistNet.ai, an AI-native threat detection platform acquired by LogRhythm, and Xage Security, where he drove zero trust adoption across the U.S. military, global energy firms, and Fortune 500 enterprises. At SecureAuth, he leads a platform built around continuous, real-time identity authority across workforces, APIs, and AI agents. In this episode, Geoffrey argues that agents combine the speed of automation with the unpredictability of humans, making real-time per-action authorization the only viable control model. He discusses why “friendly fire” from well-meaning employees is the biggest threat vector right now, how MCP vendors are ignoring their own OAuth spec, and what a practical agent rollout with real guardrails actually looks like. This episode reframes authorization as the problem the identity industry has been deferring for years and can no longer avoid. Guest Bio Geoffrey Mattson is a serial entrepreneur and globally recognized cybersecurity and AI executive with decades of experience building market-defining companies and technologies that protect the world’s most critical systems. He is currently CEO of SecureAuth, a leader in AI-driven identity and access management with its Continuous Authority, ensuring ongoing verification across workforces, customers, APIs, and AI agents. This is enabled through its Private Authority Platform, which puts authentication and authorization under your control through any deployment model (cloud, on prem, hybrid, air-gapped). Prior to SecureAuth, Mattson served as CEO of Xage Security, where he led the company in Zero Trust for critical environments from energy to agentic AI. Under his leadership, Xage achieved rapid adoption across the U.S. military, global energy firms, and Fortune 500 enterprises. Previously, Geoffrey Mattson was co-founder and CEO of MistNet.ai, an AI-native threat detection platform acquired by LogRhythm. He pioneered decentralized analytics and machine learning approaches for real-time cyber defense, and later served as SVP of Product at LogRhythm, driving global expansion and shaping the next generation of SIEM/SOAR solutions. Earlier, he held senior executive roles at Juniper Networks, overseeing a $2B product portfolio and leading major M&A efforts, and at Huawei Technologies as SVP and CTO for networking and data center platforms. His engineering leadership at Corona Networks, Caspian, and Bay Networks helped build foundational technologies in network and security architecture. Guest Quote “With agents, you have the power and the speed of an automated process with the unpredictability of a human. And in fact, we are seeing their behavior and their psychology makes them even perhaps less predictable than a human.” Time stamps 01:45 Meet Geoffrey Mattson: Serial Entrepreneur and Cybersecurity Executive 02:40 Why Identity Is Having a Moment 08:40 Defining Agent Identity 12:15 Behavioral Guardrails for Agents 14:37 Agent Identity Lifecycle 17:36 Just-in-Time vs. Standing Privilege 18:02 C-Suite Pressure and Friendly Fires 21:00 When Agents Live Off the Land 26:12 MCP, OAuth, and Token Pitfalls 28:04 Threat Models and Rollout Strategy 30:13 LLMs and Policy Authoring 31:23 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Geoffrey on LinkedIn Connect with Sarah on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    35 min
  4. Where Gartner Sees Identity Security Heading with Mark Diodati, Managing VP of IAM at Gartner

    May 26

    Where Gartner Sees Identity Security Heading with Mark Diodati, Managing VP of IAM at Gartner

    This episode features Mark Diodati, Managing Vice President for Identity and Access Management at Gartner. Mark has spent two decades shaping how the industry thinks about authentication, privileged access, and cloud identity, working with renowned companies like Ping Identity, CA, RSA, and now, Gartner. Today, he leads Gartner's global IAM for Leaders analyst team and sets its research agenda across the full identity stack. In this episode, Mark explains how Gartner's research model works and what his team is prioritizing across identity verification, authorization, ITDR, and decentralized identity. He also breaks down what AI means for identity right now and why securing AI agents is harder than most teams realize. This episode is a deep dive into where identity is heading from someone whose job is to listen to everyone. Guest Bio Mark Diodati is the Managing Vice President for Identity & Access Management at Gartner. Mark is a longtime identity pioneer who helped shape the way the industry thinks about authentication, privileged access management, and cloud identity. He leads a large team of analysts, sets the global IAM research agenda, and rigorously reviews every document to keep the bar high. Before that, he guided Gartner’s IAM research for technical professionals, chaired major industry conferences like Catalyst Europe and the Cloud Identity Summit, and drove triple-digit growth in attendance and sponsorships. Earlier in his career, he held key leadership roles at CA, RSA, and Ping Identity, influencing product strategy and partnerships that many identity practitioners rely on today. Guest Quote " One thing we're critically aware of at Gartner is that nobody knows everything. It's impossible.” Time stamps (02:11) Meet Mark Diodati: Identity Analyst and IAM Research Leader (06:00) Inside Gartner: Research, Conferences, and Consulting (09:18) Hiring and Training the Gartner Analyst (15:26) How the Inquiry Process Works (24:07) Gartner Research Products for Identity Professionals (28:02) IAM Research Priorities Right Now (32:31) AI and Identity: Opportunity and Risk (39:35) A Musical Moment with Mark (44:26) Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Mark on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    45 min
  5. Why Identity Security Needs Its Own Program with Angie Klein, IAM Business Technology Manager at Federated Insurance

    May 12

    Why Identity Security Needs Its Own Program with Angie Klein, IAM Business Technology Manager at Federated Insurance

    This episode features Angie Klein, IAM Business Technology Manager at Federated Insurance. Angie brings over a decade of experience spanning systems development and identity security leadership, holding CISSP, CIDPRO, and CISM certifications and working hands-on with CyberArk, SailPoint IDN, and Active Directory in a regulated environment. In this episode, Angie dives into the organizational and cultural work that most identity programs skip. She shares why identity deserves its own program, how to apply OCM to bring resistant stakeholders on board, and why governance must come first. Angie's core argument is that if identity security creates too much friction, people will route around it, and that's where the real risk lives. This episode makes the case that the hardest part of identity security isn't the technology, it's getting people to trust it enough to stop working around it. Guest Bio As the IAM Business Technology Manager at Federated Insurance, Angie is dedicated to advancing our Identity and Access Management program and the industry as a whole. With over 10 years of experience and currently leading a team of Security Engineers and Identity and Access Analysts, Angie is passionate about IAM and love to see "ah ha" moments when colleagues understand that security is everyone's job. Angie bring over a decade of experience as a Systems Developer, providing extensive technical expertise in the Identity Security domain. I hold certifications, including CISSP, CIDPRO, and CISM. Additionally, she has experience working in the insurance industry and am skilled in CyberArk, Active Directory, SailPoint IDN, Analytical Skills, Project Management, and Public Speaking. Guest Quote "Identity security is ultimately about trust. People have to trust that you are doing the things that will help them do their job securely and not stop them from doing their job." Time stamps 01:45 Meet Angie Klein: Expert IAM Practitioner 01:22 Why Identity Needs Its Own Program 04:30 Why Identity Programs Stall 07:27 Organizational Change Management (OCM) Explained 12:51 OCM in Action 17:08 How to Gain Buy-In for an Identity Security Program 25:05 First Steps for Standing Up a Program 30:22 The Core Pillars of Identity Security 35:00 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Angie on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    38 min
  6. Securing Non-Human Identities in the Age of Agentic AI with Sarah Cecchetti, Director of Product Management at Semperis

    Apr 28

    Securing Non-Human Identities in the Age of Agentic AI with Sarah Cecchetti, Director of Product Management at Semperis

    This episode features Sarah Cecchetti, Director of Product Management at Semperis. A veteran identity executive, Sarah co-founded IDPro and co-authored NIST SP 800-63-3C Digital Identity Guidelines. She previously led Amazon Cognito as Head of Product at AWS, where she also open-sourced Cedar, the policy language at the center of this conversation. In this episode, Sarah presents her Bsides Seattle talk "Identity Crisis: IAM's Wild Ride in the AI Jungle" on why the assumptions that shaped modern identity have been overturned by the pace of agentic AI. She covers where authentication and authorization standards currently fall short for non-human identities and walks through the emerging frameworks the industry is building to fill that gap. This episode makes the case that natural language safety instructions are not a substitute for provable, external guardrails. Guest Bio Sarah Cecchetti is a seasoned technology executive driving product management at Semperis. At AWS, she led Amazon Cognito to triple-digit growth as Head of Product and led the open-sourcing of Cedar, a new access management language. She co-founded IDPro and co-authored NIST SP 800-63-3C Digital Identity Guidelines. Sarah has designed secure identity systems for corporate clients as well as US and Canadian governments and is recognized as a top identity professional by Okta Ventures and OWI. She’s a keynote speaker at global identity conferences like Identiverse and Authenticate. Guest Quote  “[The] average enterprise has 250,000 non-human identities, and 97% of those have excessive privilege. And 68% of organizations lack AI identity controls...The concept of excessive privilege has almost been accepted by the industry at this point. That's just the way it's done.” Time stamps 01:45 Meet Sarah Cecchetti: Seasoned Identity Executive 02:36 Sarah’s Bsides Seattle Talk: Identity Crisis: IAM's Wild Ride in the AI Jungle 04:19 How Deepfakes Broke Biometrics 06:37 The Scale of Non-Human Identities 09:34 How NHIs Differ from Human Identities 10:38 Why FIDO Doesn't Work for AI Agents 12:19 Introducing SPIFFE and Workload Identity 15:45 How SPIFFE Works in Practice 17:34 Where AI Protocols Are Falling Short 21:12 The Problem with OAuth Client Credentials 23:18 Dynamic Registration and Database Sprawl 24:38 Client ID Metadata Documents Explained 28:43 Authentication Standards: Who Wins the Client ID Field? 30:21 Cedar: Deterministic Authorization for AI Agents 33:58 Clawdrey Hepburn: Sarah's AI Agent in Practice 40:09 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links OAuth Client ID Metadata Document Connect with Sarah on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    43 min
  7. 1 Thing to Do to Avoid a Breach: 5 Identity Experts Answer

    Apr 14

    1 Thing to Do to Avoid a Breach: 5 Identity Experts Answer

    This episode features a virtual roundtable hosted by Michele Crockett, Associate VP of Product Marketing at Semperis. The panel brings together five practitioners with deep experience in identity security: Alex Weinert, Chief Product Officer at Semperis; Christopher Brumm, Cyber Security Architect at glueckkanja; Eric Woodruff, Chief Identity Architect at Semperis; Jorge de Almeida Pinto, Senior Incident Response Lead at Semperis; and Michael Van Horenbeeck, CEO and Senior Solution Architect at The Collective Consulting. Collectively, they represent experience across incident response, Microsoft product development, enterprise architecture, and security leadership. In this discussion, the panel addresses how to allocate limited security budgets across prevention and recovery, why the same AD misconfigurations keep appearing in assessments year after year, and what AI means for defenders and attackers alike. This episode is a practical, field-tested conversation about what moves the needle when resources are constrained. Guest Quote "80% of permissions that are out there are users that have access to systems they don't need. Going back to that Tier 0 system, a hundred percent of what's got access to Tier 0, you should know what it is, why it has access, why it needs it, [and] what's going on...  Any apps that you can't prove what they're there for, turn them off. See who yells." Time stamps 0:00 Meet the Panelists 00:00 AI in Cybersecurity 02:23 Budgeting for Identity Security 05:08 Field Lessons and AD Misconfigs 08:48 Prioritizing Prevention and Funding 12:59 Current Attacker Trends 14:56 Hybrid and Multi Cloud Risks 17:02 Entra Private Access POC 18:28 Lightning Round Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Alex on LinkedIn Connect with Chris on LinkedIn Connect with Eric on LinkedIn Connect with Michael on LinkedIn Connect with Jorge on LinkedIn Connect with Michele on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    28 min
  8. Governance After the Fact: The Hidden Risk of App Sprawl with Sander Berkouwer and Raymond Comvalius, Microsoft MVPs

    Mar 31

    Governance After the Fact: The Hidden Risk of App Sprawl with Sander Berkouwer and Raymond Comvalius, Microsoft MVPs

    This episode features Sander Berkouwer and Raymond Comvalius, two longtime identity security experts and Microsoft Most Valuable Professionals (MVPs). Sander is an independent identity architect and author of the Active Directory Cookbooks. Raymond is an IT specialist and senior technical consultant specializing in hybrid identity, Microsoft Entra ID, and identity lifecycle automation. In this episode, they explore a growing blind spot in cloud security: application governance. As organizations adopt more cloud apps and integrations, identity platforms like Microsoft Entra ID often accumulate hundreds of application registrations with little oversight. They explain why governance so often falls behind adoption, share practical steps organizations can take to regain control, and discuss the next frontier of identity. Guest Bios Sander Berkouwer DirTeam Sander Berkouwer works as an independent identity architect in the Netherlands, where he helps organizations make the most out of Microsoft products, services, strategies, and technologies. Sander blogs on DirTeam.com. He regularly gets invited as speaker for his enthusiastic approach, his in-depth real-world knowledge and as the author of the much-appraised Active Directory Cookbooks. Sander has been awarded the Microsoft Most Valuable Professional (MVP) award (for the last 17 years), Veeam Vanguard award (for the last 8 years) and VMware vExpert (for 3 years). Raymond Comvalius Raymond Comvalius is an IT specialist and senior technical consultant with more than two decades of experience delivering enterprise infrastructure, identity, and security improvements. His work centers on hybrid identity and Microsoft ecosystems, including Microsoft Entra ID, Conditional Access, and identity lifecycle automation with Microsoft Graph and scripting. Raymond advises teams on pragmatic roadmaps for strengthening authentication (MFA, passkeys/FIDO2, Windows Hello), improving governance, and operationalizing secure access at scale across cloud and on-prem environments. Beyond consulting, he serves as a board member and co-hosts the IT Bro’s Podcast, sharing news and insights for identity and security professionals. Guest Quotes  “In your tenant, you want to know what objects are in there, and it doesn't matter if those are users or groups or applications. You want to know what's in there so that you can keep track of what's going on.” - Raymond Comvalius “There's a difference between an application and an agent. An agent is far more ephemeral. It does a job that requires some sort of permission. It spins up, it does its thing, and it spins down.” - Sander Berkouwer Time stamps 00:45 Meet Sander Berkouwer and Raymond Comvalius: Microsoft Most Valuable Professionals (MVPs) 02:32 Importance of Entra Application Governance 12:29 How to Get Started with Application Governance 20:18 Understanding Entra Agent ID 26:59 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory and Entra ID environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Sander on LinkedIn Connect with Raymond on LinkedIn Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis

    28 min

Ratings & Reviews

5
out of 5
4 Ratings

About

The HIP Podcast is the premier podcast for cybersecurity pros charged with defending hybrid identity environments. Hosted by 15-time Microsoft MVP and Active Directory security expert, Sean Deuby. Presented by Semperis: the pioneers of identity-driven cyber resilience for the hybrid enterprise.

You Might Also Like