January 14, 2019 • 16 mins
Would you know if someone authenticated to your account? With the breaches we see in the news, and attacks like credential stuffing, there must be a way to be alerted to account access. James talks about authentication alerts, what they are, and why you may want to use them.
For more info go to https://www.developsec.com or follow us on twitter (@developsec).
Join the conversations.. join our slack channel. Email james@developsec.com for an invitation.
DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help.
For more info go to https://www.developsec.com or follow us on X (@developsec).
The DevelopSec podcast is brought to you by Jardine Software Inc.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:03):
On this episode, James talks about authentication alertsand why they're critical to your authentication mechanism.
Tackling the challenge to integrate security into the development process?
Looking for insights, answers and practical solutions to avoid getting overwhelmed?
(00:40):
Hey everyone, welcome to this episode of the DevelopSec podcast.
I'm your host, James Jardine. And today I want to talk aboutalerts, but more specifically, I want to talk about authentication alerts.
We talk a lot, especially in security, about authentication,and we talk about login and the
breaches that occur around username and password.
(01:04):
And obviously, we want to have as many controls as wecan that don't prohibit the user from being able to actually
use the system. And so we do see things likehaving the username and password. We see things like multi-factor authentication.
We have controls in place like brute force authentication,brute force protections, such as account lockout.
(01:27):
Some places even implement a CAPTCHA. And these are allthings that help us limit somebody's capability
to access our account But at the same timeon the back side of that we have to have some way
or we're starting to see more and more some way to letus know that somebody has accessed our
(01:49):
account. So we've got that kind of before, and hey, we want to stop thisas best we can, and we throw all these controls at it. And then we've
got the, well, once this has happened, I wantto know that it's happened. I want to be aware of that. And
oftentimes this is done typically through an emailto the email address on record. Some applications
(02:11):
may actually send you a text message, but most of them Isee are typically emails. And so the process goes once
you authenticate and you've passed multi-factorauthentication, if that exists, then you may get an email that
says, Hey, we just want to let you know an authentication has justoccurred. You know, and some places will try to throw
(02:33):
geolocation into it and say, hey, this happened in Ohio,or they'll show the IP address it came from. And you know, it says, hey,
if you don't recognize this login attempt, then maybe it wasn'tyou, you need to take action. And I actually had this
happen years ago with a Yahoo accountI had, lo and behold, where I got an email
(02:55):
message saying, hey, you know, you just authenticated to youraccount. I'm thinking, no, no, I didn't authenticate to my account.
And, you know, so I went in, I logged in, I changed the password,all that stuff that you would normally do. And, you know,
but it was that quickness of receiving that alertthat helped me understand, hey, somebody just authenticated here.
(03:19):
And I can verify, hey, is that me or not? And if it's not,then I can take the appropriate steps to hopefully go in
and lock that account down before anything happens.
So it's important that we have alerts set up on oursystems and that we send this out. Now, of course, it's also important that
we're not over alerting so that people justignore the messages because we see them all the time. So this may not
(03:44):
be something that necessarily works well ifsomebody has to constantly log in username and password
and they're doing it a lot. This is better for that kindof edge case where I'm not getting inundated
with messages but instead I'm getting them when I needthem. And sometimes we see a lot of applications
(04:08):
allow us to kind of remember this device. So you gothrough your single factor authentication, you do your multi-factor
authentication, and it says, hey, do you want to not prompt for this nexttime? If it recognizes this device and it's like, Oh sure. I don't
want to do that. So now when I log in from that device, maybe Idon't have to do the multi-factor authentication again, because I already did it,
(04:29):
right? It saves you that step. And it says, hey, we recognize this device.
But if we go log in on another device andwe have to go through that step or because we haven't logged in on
that right now we have to go through that step. So this is accounting for,hey, my credentials got stolen somehow, maybe they were in
another data breach, maybe I just have a really bad password,and somebody has logged into my account, but it's not my
(04:56):
normal computer, so we're gonna prompt them for something more tosay, hey, this isn't your normal computer, can you verify this
second factor? Right, and then throw on top ofthat this critical need for that alerting so there's organizations that
do this is aptitude this gmail does it so if you log infrom another device I know when I do it I'll get an email alert that
(05:18):
says an authentication has been successfuland it gives me a little bit of information about that. Now for a lot
of people that may not be very familiar with IP addresses and allthat, It may not make a whole lot of sense. If you're
pretty technical and you know what your IP address is, sometimes that works prettywell. I have seen it kind of become a little bit more
(05:40):
confusing. I've seen it with Apple's services,where you might log in in the App Store. And it says, hey,
somebody just is attempting to log in fromHoboken, New Jersey. And do you want to allow this? And you're
like, uh, well, I'm not there. I'm here.
Right. So sometimes geolocation can be wrong and they, you know, theydo it based off IP address, and depending on how you're connecting, maybe you're
(06:07):
going through something else, maybe the IP address has changed and it's not your normalIP address, so it doesn't come back to your location.
But in the most part, the goal is is to helpreduce somebody else being able to log into
your account and do that. So I like the idea of alertsand having them out there. And actually it was funny for any of you
(06:29):
that happened to listen to the Down the Security Rabbit Hole podcast,which will actually be releasing that episode, I'm pretty sure
tomorrow. So I'm recording this on Monday. Theyshould be releasing that tomorrow. But Raf and I were just talking
about some news articles talking about a newvehicle that has fingerprint authentication. So you can actually use
(06:50):
fingerprints to get into the vehicle and start the vehicle.
And while you talk through these different things it's kind of interestingthe stuff you come up with And 1 of the things that I
mentioned was, you know, there's got to be some sort of backup code, right?
Finger authentication is probably your main method,but there's gonna be a backup. Maybe there's a key There's there's something else right?
(07:13):
It has obviously how do you go to the valet booth and let them takeyour car? You just can't valet, you know, You can't program everybody's fingerprint
into this thing. So there's got to be some backupcode. So if you've got a main form of authentication, and then you've got
a backup, in a scenario like that, you might be able to apply and say,you know what, I'd like alerts, but I only want to get an alert if
(07:34):
my car has started or my car has unlocked, notusing that main authentication, which is the fingerprint
reader. So as long as it's my fingerprint, I'm not going to geta notification. I feel pretty confident. Nothing's going on here.
But if in the middle of the night, somebody breaks into my carand they manage to bypass the fingerprint authentication and the car
(07:56):
starts, then the car could send out a notification.
And we know cars are connected these days, so this isn'tthat far out there. It could send a notification, say, hey, the vehicle just
started, not using the fingerprint authentication.
Do you wanna allow or deny this? And if you wanna say deny, you couldtechnically, I don't know, maybe even go as far as to be able to turn
(08:18):
the car off if that would be possible, right? This is kind oftheoretical, but something like that. So not every
time, but on the outlier time,That's where I'm getting my notification. And same thing when we talk about just our
regular applications. I don't have to get anauthentication alert on most of my apps. Like my Google
(08:40):
app, I don't get an authentication alert every time I log in or everytime it requests me for my password, which it will do
more often than not but if I have to do thatsecond factor if I'm on a different device I've gone
that extra step which is a rarity I don't have to do that veryoften but when I do then I'm getting
(09:02):
that alert to let me know that something hasoccurred. And same thing with your applications. Looking at
baselines and understanding how often do people log in, is there somethingcritical or indicative of
their logins that you can identify something to be able to say, hey, Ican provide alerts in these cases so that in the event somebody
(09:25):
does get a chance to log in, hopefully we can catchthis and we can alert the user and something
can happen. And that's what we really want to do. And that shows the importanceof the alerting capability that not just,
hey, that's great, we've got the password or we've got touch ID or we'vegot whatever, we've got multi-factor authentication, but some way to
(09:47):
say, if we get past all of these items,then I'm going to, in these situations, I'm going to send an
alert out and say, hey, we've made it through all these items. I just wantto let you know an authentication has occurred. Do you want to
proceed here? Or if you didn't do this, you need to let us knowASAP so we can address it immediately.
(10:10):
And if you don't have that ability to notify and for theuser to receive those alerts, then they don't have that ability to say,
wait, I didn't do that. And the longer it takes, the moreinformation that could be stolen or
manipulated within the application under that user's account. Soit's important for us to think about those. And so I'm curious out there for
(10:33):
anybody that's listening, and share this out atDevelopSec on Twitter, or just shoot me an email out
at james.developsec.com, or join the Slack channel. But whattype of alerts do you use within your applications? Do you
have alerts set up for authentication? Now again, you might not havealerts set up to the user for like failed authentication
(10:55):
attempts, right? Because that might, you know, that's really not necessarily something thatthe user needs to see, that there's failed authentication attempts, because there's no
access to the account. Obviously, internally,maybe you're tracking those and you're monitoring those. I hope you're tracking those and monitoring
those. So you can then get those baselines and identify,hey, we've got some abnormal activity going on here, we need
(11:18):
to put some focus onto it. But what type of alerts are yousending out in your apps? And what conversation do you have
internally to discuss and determinewhen should you do alerts, If you're not doing alerts, what type of
reasons did you come up with for not sending out alerts? Is it too much?
Is it going beyond what the user needs?
(11:40):
Do you feel the app isn't important enough that it needs those type ofalerts? What type of decision making
ideas come out of these to then lead you down thedirection of we're gonna implement this we're not gonna implement this because I'm always interested
to know what different people are doing so we can share that with others ifthere's a reason why people aren't doing it and it's a good reason
(12:02):
well then others should have that reason as well. But if there's also really goodreasons for certain situations that we are doing it, well
let's share those and let other people know, hey, this is thereason why we're doing this because of this threat. All right, We talk about our
threat models and building up what our threats are for our organization,for our application, for our users. Same thing goes here.
(12:24):
Okay, we've got these threats, we've got our controls in place.
Now our next step is making sure that we have properalerting mechanisms so that in the event that our
controls fail, we have a wayto alert the user and reduce the
time to fix or time to resolve that issue.
(12:46):
And I think that's important. So kind of short butI thought it was important to talk about. I like the idea of alerts. I
like it when I get the alerts from different applications letting me know thatI've logged in. You know it's kind of like that idea you know you
got the the camera doorbell sitting out there and youknow, it's nice I mean, I don't get much alert from it, but when I
(13:07):
do get an alert Oh, I could see the mailman's at the front door. Icould see something else is at the front door Oh, there's somebody that doesn't belong
there at the front door What are they doing? You know,I've still got locks on the door. I've got all these other things. I've got
the alarm system that if they come in, it's gonna set off the alarm system.
But I've also got that extra kind of alert that hey, somebody's there.
(13:27):
And it just gives a little bit more peace of mind to knowthat, you know, very slim chance somebody's gonna come up to the front door and
come through without having any idea, for me havingany idea that's happening because I get an alert as soon as the camera picks
up motion. So those things kind of help easepeople's minds, make you feel a little bit better. You know, there's lots of talk
(13:48):
about passwords not being good and, you know,authentication failures all over the place. While we have multi-factor
authentication, we have ways to help protect our accounts. This is just thatnext way to be able to make people feel a little bit more confident. You
know what, if somebody does log into my account, I'll get an alert and I'llknow it. You know, and that is important.
(14:09):
So share your thoughts. I look forward to hearing anything thatyou have. Later this week on Wednesday, I'll be doing the YouTube
version of this, if you will, talking sametopic. And what I'll do is basically my
idea is I'm going to record basically my YouTubeversion. And then as I'm playing it, I'm gonna stream it
(14:31):
live, the recording, and then I'm gonna be available tochat during that. So that way, if I'm streaming it live, as
I, if I actually just do it live, it makes it a littlebit more difficult trying to type in the comments and respond and
all that stuff. So I kind of want to make it interactive, but also makeit nice and smooth so the video's nice for people that come back later
(14:53):
on. So definitely check that out on Wednesday. I'll send outa tweet and let everybody know what time, but typically it'll be at 11.30.
I'll also have the link to the YouTube page for the livepage. So you can see, because I'll have it programmed in there for when it's
going down. But join in. Feel free to chat about it. If you've gotthoughts or ideas, it's a perfect place to ask them if you don't want to
(15:15):
do it through Slack or anything like that, join in and check us out forthat. So other than that, I appreciate everybody listening. This will be
episode 111, so really moving down the chainhere. Again, reach out at developsec or jamesatdevelopsec.com
And we'll talk to you on the next episode.
(15:45):
About how we can help you with application security,follow us on Twitter at DevelopSec, or check out our website
at www.developsec.com.
On this episode, James talks about authentication alertsand why they're critical to your authentication mechanism.
Tackling the challenge to integrate security into the development process?
Looking for insights, answers and practical solutions to avoid getting overwhelmed?
(00:40):
Hey everyone, welcome to this episode of the DevelopSec podcast.
I'm your host, James Jardine. And today I want to talk aboutalerts, but more specifically, I want to talk about authentication alerts.
We talk a lot, especially in security, about authentication,and we talk about login and the
breaches that occur around username and password.
(01:04):
And obviously, we want to have as many controls as wecan that don't prohibit the user from being able to actually
use the system. And so we do see things likehaving the username and password. We see things like multi-factor authentication.
We have controls in place like brute force authentication,brute force protections, such as account lockout.
(01:27):
Some places even implement a CAPTCHA. And these are allthings that help us limit somebody's capability
to access our account But at the same timeon the back side of that we have to have some way
or we're starting to see more and more some way to letus know that somebody has accessed our
(01:49):
account. So we've got that kind of before, and hey, we want to stop thisas best we can, and we throw all these controls at it. And then we've
got the, well, once this has happened, I wantto know that it's happened. I want to be aware of that. And
oftentimes this is done typically through an emailto the email address on record. Some applications
(02:11):
may actually send you a text message, but most of them Isee are typically emails. And so the process goes once
you authenticate and you've passed multi-factorauthentication, if that exists, then you may get an email that
says, Hey, we just want to let you know an authentication has justoccurred. You know, and some places will try to throw
(02:33):
geolocation into it and say, hey, this happened in Ohio,or they'll show the IP address it came from. And you know, it says, hey,
if you don't recognize this login attempt, then maybe it wasn'tyou, you need to take action. And I actually had this
happen years ago with a Yahoo accountI had, lo and behold, where I got an email
(02:55):
message saying, hey, you know, you just authenticated to youraccount. I'm thinking, no, no, I didn't authenticate to my account.
And, you know, so I went in, I logged in, I changed the password,all that stuff that you would normally do. And, you know,
but it was that quickness of receiving that alertthat helped me understand, hey, somebody just authenticated here.
(03:19):
And I can verify, hey, is that me or not? And if it's not,then I can take the appropriate steps to hopefully go in
and lock that account down before anything happens.
So it's important that we have alerts set up on oursystems and that we send this out. Now, of course, it's also important that
we're not over alerting so that people justignore the messages because we see them all the time. So this may not
(03:44):
be something that necessarily works well ifsomebody has to constantly log in username and password
and they're doing it a lot. This is better for that kindof edge case where I'm not getting inundated
with messages but instead I'm getting them when I needthem. And sometimes we see a lot of applications
(04:08):
allow us to kind of remember this device. So you gothrough your single factor authentication, you do your multi-factor
authentication, and it says, hey, do you want to not prompt for this nexttime? If it recognizes this device and it's like, Oh sure. I don't
want to do that. So now when I log in from that device, maybe Idon't have to do the multi-factor authentication again, because I already did it,
(04:29):
right? It saves you that step. And it says, hey, we recognize this device.
But if we go log in on another device andwe have to go through that step or because we haven't logged in on
that right now we have to go through that step. So this is accounting for,hey, my credentials got stolen somehow, maybe they were in
another data breach, maybe I just have a really bad password,and somebody has logged into my account, but it's not my
(04:56):
normal computer, so we're gonna prompt them for something more tosay, hey, this isn't your normal computer, can you verify this
second factor? Right, and then throw on top ofthat this critical need for that alerting so there's organizations that
do this is aptitude this gmail does it so if you log infrom another device I know when I do it I'll get an email alert that
(05:18):
says an authentication has been successfuland it gives me a little bit of information about that. Now for a lot
of people that may not be very familiar with IP addresses and allthat, It may not make a whole lot of sense. If you're
pretty technical and you know what your IP address is, sometimes that works prettywell. I have seen it kind of become a little bit more
(05:40):
confusing. I've seen it with Apple's services,where you might log in in the App Store. And it says, hey,
somebody just is attempting to log in fromHoboken, New Jersey. And do you want to allow this? And you're
like, uh, well, I'm not there. I'm here.
Right. So sometimes geolocation can be wrong and they, you know, theydo it based off IP address, and depending on how you're connecting, maybe you're
(06:07):
going through something else, maybe the IP address has changed and it's not your normalIP address, so it doesn't come back to your location.
But in the most part, the goal is is to helpreduce somebody else being able to log into
your account and do that. So I like the idea of alertsand having them out there. And actually it was funny for any of you
(06:29):
that happened to listen to the Down the Security Rabbit Hole podcast,which will actually be releasing that episode, I'm pretty sure
tomorrow. So I'm recording this on Monday. Theyshould be releasing that tomorrow. But Raf and I were just talking
about some news articles talking about a newvehicle that has fingerprint authentication. So you can actually use
(06:50):
fingerprints to get into the vehicle and start the vehicle.
And while you talk through these different things it's kind of interestingthe stuff you come up with And 1 of the things that I
mentioned was, you know, there's got to be some sort of backup code, right?
Finger authentication is probably your main method,but there's gonna be a backup. Maybe there's a key There's there's something else right?
(07:13):
It has obviously how do you go to the valet booth and let them takeyour car? You just can't valet, you know, You can't program everybody's fingerprint
into this thing. So there's got to be some backupcode. So if you've got a main form of authentication, and then you've got
a backup, in a scenario like that, you might be able to apply and say,you know what, I'd like alerts, but I only want to get an alert if
(07:34):
my car has started or my car has unlocked, notusing that main authentication, which is the fingerprint
reader. So as long as it's my fingerprint, I'm not going to geta notification. I feel pretty confident. Nothing's going on here.
But if in the middle of the night, somebody breaks into my carand they manage to bypass the fingerprint authentication and the car
(07:56):
starts, then the car could send out a notification.
And we know cars are connected these days, so this isn'tthat far out there. It could send a notification, say, hey, the vehicle just
started, not using the fingerprint authentication.
Do you wanna allow or deny this? And if you wanna say deny, you couldtechnically, I don't know, maybe even go as far as to be able to turn
(08:18):
the car off if that would be possible, right? This is kind oftheoretical, but something like that. So not every
time, but on the outlier time,That's where I'm getting my notification. And same thing when we talk about just our
regular applications. I don't have to get anauthentication alert on most of my apps. Like my Google
(08:40):
app, I don't get an authentication alert every time I log in or everytime it requests me for my password, which it will do
more often than not but if I have to do thatsecond factor if I'm on a different device I've gone
that extra step which is a rarity I don't have to do that veryoften but when I do then I'm getting
(09:02):
that alert to let me know that something hasoccurred. And same thing with your applications. Looking at
baselines and understanding how often do people log in, is there somethingcritical or indicative of
their logins that you can identify something to be able to say, hey, Ican provide alerts in these cases so that in the event somebody
(09:25):
does get a chance to log in, hopefully we can catchthis and we can alert the user and something
can happen. And that's what we really want to do. And that shows the importanceof the alerting capability that not just,
hey, that's great, we've got the password or we've got touch ID or we'vegot whatever, we've got multi-factor authentication, but some way to
(09:47):
say, if we get past all of these items,then I'm going to, in these situations, I'm going to send an
alert out and say, hey, we've made it through all these items. I just wantto let you know an authentication has occurred. Do you want to
proceed here? Or if you didn't do this, you need to let us knowASAP so we can address it immediately.
(10:10):
And if you don't have that ability to notify and for theuser to receive those alerts, then they don't have that ability to say,
wait, I didn't do that. And the longer it takes, the moreinformation that could be stolen or
manipulated within the application under that user's account. Soit's important for us to think about those. And so I'm curious out there for
(10:33):
anybody that's listening, and share this out atDevelopSec on Twitter, or just shoot me an email out
at james.developsec.com, or join the Slack channel. But whattype of alerts do you use within your applications? Do you
have alerts set up for authentication? Now again, you might not havealerts set up to the user for like failed authentication
(10:55):
attempts, right? Because that might, you know, that's really not necessarily something thatthe user needs to see, that there's failed authentication attempts, because there's no
access to the account. Obviously, internally,maybe you're tracking those and you're monitoring those. I hope you're tracking those and monitoring
those. So you can then get those baselines and identify,hey, we've got some abnormal activity going on here, we need
(11:18):
to put some focus onto it. But what type of alerts are yousending out in your apps? And what conversation do you have
internally to discuss and determinewhen should you do alerts, If you're not doing alerts, what type of
reasons did you come up with for not sending out alerts? Is it too much?
Is it going beyond what the user needs?
(11:40):
Do you feel the app isn't important enough that it needs those type ofalerts? What type of decision making
ideas come out of these to then lead you down thedirection of we're gonna implement this we're not gonna implement this because I'm always interested
to know what different people are doing so we can share that with others ifthere's a reason why people aren't doing it and it's a good reason
(12:02):
well then others should have that reason as well. But if there's also really goodreasons for certain situations that we are doing it, well
let's share those and let other people know, hey, this is thereason why we're doing this because of this threat. All right, We talk about our
threat models and building up what our threats are for our organization,for our application, for our users. Same thing goes here.
(12:24):
Okay, we've got these threats, we've got our controls in place.
Now our next step is making sure that we have properalerting mechanisms so that in the event that our
controls fail, we have a wayto alert the user and reduce the
time to fix or time to resolve that issue.
(12:46):
And I think that's important. So kind of short butI thought it was important to talk about. I like the idea of alerts. I
like it when I get the alerts from different applications letting me know thatI've logged in. You know it's kind of like that idea you know you
got the the camera doorbell sitting out there and youknow, it's nice I mean, I don't get much alert from it, but when I
(13:07):
do get an alert Oh, I could see the mailman's at the front door. Icould see something else is at the front door Oh, there's somebody that doesn't belong
there at the front door What are they doing? You know,I've still got locks on the door. I've got all these other things. I've got
the alarm system that if they come in, it's gonna set off the alarm system.
But I've also got that extra kind of alert that hey, somebody's there.
(13:27):
And it just gives a little bit more peace of mind to knowthat, you know, very slim chance somebody's gonna come up to the front door and
come through without having any idea, for me havingany idea that's happening because I get an alert as soon as the camera picks
up motion. So those things kind of help easepeople's minds, make you feel a little bit better. You know, there's lots of talk
(13:48):
about passwords not being good and, you know,authentication failures all over the place. While we have multi-factor
authentication, we have ways to help protect our accounts. This is just thatnext way to be able to make people feel a little bit more confident. You
know what, if somebody does log into my account, I'll get an alert and I'llknow it. You know, and that is important.
(14:09):
So share your thoughts. I look forward to hearing anything thatyou have. Later this week on Wednesday, I'll be doing the YouTube
version of this, if you will, talking sametopic. And what I'll do is basically my
idea is I'm going to record basically my YouTubeversion. And then as I'm playing it, I'm gonna stream it
(14:31):
live, the recording, and then I'm gonna be available tochat during that. So that way, if I'm streaming it live, as
I, if I actually just do it live, it makes it a littlebit more difficult trying to type in the comments and respond and
all that stuff. So I kind of want to make it interactive, but also makeit nice and smooth so the video's nice for people that come back later
(14:53):
on. So definitely check that out on Wednesday. I'll send outa tweet and let everybody know what time, but typically it'll be at 11.30.
I'll also have the link to the YouTube page for the livepage. So you can see, because I'll have it programmed in there for when it's
going down. But join in. Feel free to chat about it. If you've gotthoughts or ideas, it's a perfect place to ask them if you don't want to
(15:15):
do it through Slack or anything like that, join in and check us out forthat. So other than that, I appreciate everybody listening. This will be
episode 111, so really moving down the chainhere. Again, reach out at developsec or jamesatdevelopsec.com
And we'll talk to you on the next episode.
(15:45):
About how we can help you with application security,follow us on Twitter at DevelopSec, or check out our website
at www.developsec.com.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Betrayal Season 5
Saskia Inwood woke up one morning, knowing her life would never be the same. The night before, she learned the unimaginable – that the husband she knew in the light of day was a different person after dark. This season unpacks Saskia’s discovery of her husband’s secret life and her fight to bring him to justice. Along the way, we expose a crime that is just coming to light. This is also a story about the myth of the “perfect victim:” who gets believed, who gets doubted, and why. We follow Saskia as she works to reclaim her body, her voice, and her life. If you would like to reach out to the Betrayal Team, email us at betrayalpod@gmail.com. Follow us on Instagram @betrayalpod and @glasspodcasts. Please join our Substack for additional exclusive content, curated book recommendations, and community discussions. Sign up FREE by clicking this link Beyond Betrayal Substack. Join our community dedicated to truth, resilience, and healing. Your voice matters! Be a part of our Betrayal journey on Substack.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com