Dr. Ethan Heilman, CTO of Bastion Zero, joins us to discuss the latest advancements in secure access technology and the ethical implications of AI systems. Dr. Heilman explains how Bastion Zero provides secure, passwordless access to servers, databases, and Kubernetes clusters without the need for VPNs or SSH keys. Key features include session recording, multi-factor authentication (MFA), and short-lived credentials to ensure robust security.

Highlights include:

Bastion Zero’s Approach to Secure Access:

Eliminates shared credentials by using SSL identities and MFA.

Enables real-time session monitoring and auditing.

Supports secure access for on-premises and cloud environments (AWS, GCP, etc.).

Introduces Split Cert, a multi-party computation (MPC) technique for generating secure, short-lived database credentials without single points of compromise.

Remote Desktop Protocol (RDP) and Kubernetes Access:

Pick of the Week: Steve Stonebraker - ⁠The man who broke into Windsor Castle to assassinate the late Queen with a crossbow had discussed his plans with his AI chatbot girlfriend

Man Dies by Suicide After Talking with AI Chatbot, Widow Says

Ethan Heilman - A Collection of Unmitigated Pedantry – A history blog offering in-depth, approachable explorations of historical topics.

Guest:

Dr. Ethan Heilman - ⁠⁠https://www.linkedin.com/in/ethan-heilman-39896934/⁠⁠

BastionZero's website - ⁠https://www.bastionzero.com/ ⁠

Video on how multiple MFA works with Bastion Zero - ⁠https://brakertech.com/aws-systems-manager-session-manager-on-steroids/

Links:

Podcast Website: ⁠⁠⁠https://ephemeralsecuritypodcast.com⁠⁠⁠

Steve's Other Podcast: ⁠⁠https://aolunderground.com/⁠⁠

Brakertech LLC: ⁠⁠⁠https://brakertech.com⁠⁠⁠

Github: ⁠⁠⁠https://github.com/ssstonebraker⁠⁠⁠

Social:

LinkedIn: ⁠⁠⁠https://www.linkedin.com/in/stevestonebraker⁠⁠⁠

Twitter: ⁠⁠⁠https://twitter.com/brakertech⁠⁠⁠

Credits:

Audio Editing by Sam Fox - ⁠⁠⁠[email protected]⁠⁠⁠

Intro music by Margo Stonebraker