KuppingerCole Blog


3 Reasons Why Now is the Best Time to Book Your EIC Ticket

Given the current state of the world, any decision about whether to attend a conference needs careful consideration. Here are three reasons why you should book your hybrid ticket for the European Identity and Cloud Conference sooner rather than later. Reason #1: Prime Discount Expires on January 31st  We all like winter sales, Black Friday deals, special offers, and early bird discounts because seizing an opportunity and long-term planning always pays off! Sign up for EIC 2022 by January 31st to take advantage of the Prime Discount and save your company a lot of money. The Prime...


IAM Maturity Check

The start of a new calendar year is typically the time for reviewing the status of things, and high on the list should be Identity and Access Management (IAM) and the related areas of Identity Governance and Administration (IGA), Consumer Identity and Access Management (CIAM), Cloud Infrastructure Entitlement Management (CIEM), and Dynamic Resource Entitlement and Access Management (DREAM), which is a paradigm for managing all access of everyone and everything to all resources consistently in a multi-cloud multi-hybrid environment. The continual cyber-attacks on businesses and data...


Adding Bread to the Sandwich: Beyond MITRE D3FEND

Commissioned by HCL Software Over the past years, various frameworks and models for defending against cyber-attacks have been published. A popular one is the NIST CSF (Cybersecurity Framework), another one is MITRE D3FEND TM . Both have overlaps and differ in other areas. But, when looking at these approaches, there also are missing elements that are required for a comprehensive approach. Comparing NIST CSF and MITRE D3FEND TM While NIST consists of the five stages Identify – Protect – Detect – Respond – Recover, the MITRE approach has Harden...


Google Cloud Advances Security Capabilities by Acquiring SOAR Vendor Siemplify

Yesterday, Google has announced that it has acquired Siemplify , a well-known provider of security orchestration, automation and response (SOAR) solutions, for an undisclosed amount. The stated strategic goal of this acquisition is to “change the rules on how organizations hunt, detect, and respond to threats”. The SOAR capabilities of the Siemplify platform will be integrated into Google’s own Chronicle security analytics platform to provide even better visibility and productivity for security analysts. Now, at the first glance, one could simply ask:...


The Future of Authentication - Passwordless

Single factor authentication like passwords is considered bad practice. Passwordless authentication, done right, is not only more secure but also more convenient. Learn more about the increasing demand, regulations as well as use cases. Martin Kuppinger enjoyed a delightful conversation with Felix Magedanz from Hanko at EIC 2021 about the future of authentication. Tune in to learn more about the future of multifactor authentication.


Log4j – How Well Did You Perform?

Over the past few weeks since this vulnerability was made public much has been written by many on what your organization should do about it.  This is not the end of the story; Apache has already released 3 patches for related vulnerabilities, and you need to be ready for the next one when it arrives. With the beginning of 2022 now is the time to step back and review how well your organization met the challenges that this posed.  What will your new year’s resolutions be? In this blog, I will outline some of the questions that you should ask yourself.  How well did...


Predictions for 2022: Decentralized Technologies

KuppingerCole Analysts pay close attention to all topics at the intersection of identity and security. Decentralized technologies often cross paths with these domains and, since it is a dynamic and potentially disruptive influence on “business as usual”, we have compiled a few predictions about developments in 2022: The decentralized identity market segment will continue to grow: Decentralized identity solutions are one of the strongest use cases with solutions already on the market. There have been some interesting acquisitions , partnerships , and investments...


How to Grant Access Right

Find out about the importance of context for Identity Risk Management.  Watch the insightful interview Martin Kuppinger had with David Pignolet from SecZetta on the EIC 2021.


Avast to Acquire Evernym: Consumer Cybersecurity Meets Decentralized Identity

Avast, a cybersecurity and privacy company, announced on December 9 th 2021 their intent to acquire Evernym. Founded in 1988 in Prague, Czech Republic, Avast focuses both on meeting both consumer and enterprise use cases. On the enterprise side it offers endpoint protection such as patch management, internet/email/web gateway, and content filtering. For consumers, Avast provides a range of security protections and privacy measures for individual devices. Evernym was founded in 2013 in Salt Lake City, UT, USA. It provides blockchain-based decentralized identity solutions that...


OT and IoT Security

Cybersecurity has traditionally focused on Information Technology (IT) not Operational Technology (OT) for several reasons. First, unlike IT that is used for administrative operations, OT or the hardware and software that is used to manage industrial operations was not connected to any network. Second, many of the tools were mechanical. Third, those tools with digital controls used closed, proprietary protocols. Fourth, OT commonly and historically is organizationally segregated from IT. However, things have changed, and as a result OT needs to be given the same security consideration as...

Stay Connected

KuppingerCole on social media

Subscribe to our Podcasts

KuppingerCole Podcasts - listen anywhere

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00