News Archive

Product Report

Product Report: SECUDE Security Intelligence

SECUDE ist ein Hersteller, der sich auf Sicherheitslösungen spezialisiert hat. Ein wesentlicher Teil des Lösungsportfolios ist im SAP-Umfeld angesiedelt. Dazu zählen neben dem neuen Produkt SECUDE Security Intelligence für SAP insbesondere Funktionen für die sichere Authentifizierung und Kommunikation in SAP-Infrastrukturen. SECUDE Security Intelligence arbeitet als Schicht zwischen den verschiedenen Protokollen und Syste-men im SAP-Umfeld mit SIEM-relevanten (Security Information and Event Management) Informatio-nen auf der einen Seite und konsumierenden Systemen...

Product Report

Product Report: SECUDE Security Intelligence

SECUDE is a vendor specializing in security solutions mainly for SAP customers. In addition to their latest product, SECUDE Security Intelligence, the company’s portfolio includes a number of solutions providing authentication and communication within SAP environments. SECUDE Security Intelligence works by providing a layer between the various protocols and SAP-related systems handling SIEM (Security Information and Event Management) information on the one hand, and the receiving applications on the other. These are typically also SIEM-enabled. Data in the SAP system is extracted by...

Blog

Security questions for authentication - a ticking privacy time bomb?

We all are familiar with external (and sometimes also internal) websites which require us to pick or define security questions and to provide answer to these questions. What is your mother's maiden name? Which is your favourite sports team? Which is the color you like most? And so on... These questions are sometimes used as additional means for authentication, for example by PayPal. More frequently they are used for password resets. These days, when working with my colleagues Sachar Paulus and Sebastian Rohr on a comprehensive piece on strong authentication which will be published soon, we...

Webcast

Machen Sie mehr aus dem Active Directory - Identity-Dienste für die heterogene IT

Kuppinger Cole Webinar recording

Product Report

Product Report: CA Access Control – Privileged User and Password Management

CA Access Control Privileged User and Password Management is a solution which addresses a threat which virtually any organization today is facing: The risk of misuse of privileged accounts. Thus it is part of the PxM PxMmarket segment (with PxM being Privileged User/Account/Access/Identity Management, depending on the product specifics and the vendors marketing) within the IAM (Identity and Access Management) and broader IT Security market. The focus of PxM tools is to better manage and audit these accounts and thus mitigate the risks. CA Access Control Privileged User and Password...

Webcast

Die Microsoft-Plattform optimal nutzen: Mit wenig Aufwand zur umfassenden Identity Management Lösung

Kuppinger Cole Webinar recording

Webinar

Oct 22, 2010: Policy Based Access Control with XACML 3.0

Version 3 of the XACML standard could be a large stride forward towards a flexible and versatile access management. As opposed to traditional role-based access control systems, XACML is policy driven, not role driven. So, should we throw away now role-based access control? In this webinar, Kuppinger Cole´s Senior Analyst Felix Gaehtgens will talk about the improvements achieved with this new standard version and describe, how these improvements can influence current and future access control initiatives. Felix will be followed by former Burton Group Analyst and now Axiomatics Americas...

Webcast

Managing Identities in Hybrid Cloud Environments

Kuppinger Cole Webinar recording

Vendor Report

Vendor Report: Novell – Identity and Security

Novell hat eine sehr lange Historie im Bereich Identity und Security. Das Unternehmen hat mit Netzwerk-Betriebssystemen und den zugehörigen Verzeichnis- und Sicherheitsdiensten begonnen und zählt zu den Pionieren in diesem Markt. Über die Jahre wurde das Portfolio konsequent weiterentwickelt und ausgebaut. Auch heute zählt  der Bereich Identity und Security zu den Kerngeschäftsbereichen von Novell neben den Produkten für Rechenzentren rund um Novell Suse Linux und den von Novell als „End User Computing" bezeichneten Produkten für...

Product Report

Product Report: Quest Defender

Quest Defender is an authentication platform solution that, unlike others in the market, offers true two-factor authentication supporting a wide range of tokens, thus providing strong authentication for a wide range of devices along with simplified token distribution. A special feature, though hardly surprising coming from Quest, is the deep integration it provides with Active Directory, Microsoft’s near-ubiquitous directory service. Identities, roles and policies are administered within Active Directory itself, thus enabling users to hitch on to existing AD infrastructures and...

Blog

Cloud Computing: Thinking inside the box

The problem with Cloud Computing is that no two experts can agree what it really is, right? Wrong! As of Sunday evening, we at least have two major players singing from the same psalm book. At Oracle Open World in San Francisco, Larry Ellison went public with the announcement that not only does he agree with Amazon on their definition of Cloud Computing; he is actually stealing their thunder, or at least the thunder of the name Amazon invented to describe their cloud services, namely “Elastic Cloud”.He also gave a firm answer to the age-old question, is Cloud Computing an...

Product Report

Product Report: Oracle Database Security

Oracle Database Security is in fact not a single product but a set of products. It supports different features around securing content in databases. This report focuses mainly on Oracle Advanced Security and Oracle Database Vault but covers the other products as well. This is based on the fact that these two products are, from the KuppingerCole understanding, at the core of Oracle Database Security. Both products are part of the relatively new product category Database Security, which consists of products which are specifically trying to enhance the security of information in databases....

Seminar

Oct 19, 2010: Enterprise Cloud Security Summit

Innerhalb weniger Jahre hat sich das Cloud Computing zu einem dominierenden Trend entwickelt, der sich zudem wie kaum ein Trend zuvor verändernd auf die IT-Infrastruktur auswirkt. Im Gegensatz zu typischen, Technologie-getriebenen Trends, geht die Nachfrage nach Cloud Computing Services von den Fachabteilungen aus, bisweilen unter Umgehung der "klassischen" internen IT-Infrastruktur. Für die IT-Abteilungen bedeutet dies, einer ganzen Reihe von neuen Sicherheitsrisiken begegnen zu müssen. Im KuppingerCole Enterprise Cloud Security Summit diskutieren erfahrene Analysten mit Ihnen darüber, wie...

Product Report

Product Report: IBM Tivoli Identity Manager

The IBM Tivoli Identity Manager (TIM) belongs to the category of enterprise provisioning systems. Its core function is to reconcile identity information among different systems based on defined processes and connectors to the target systems in a structured, automated, and traceable manner. IBM Tivoli Identity Manager supports some integrated Access Governance capabilities beyond classical Identity Provisioning. The focus has shifted from pure provisioning towards the more advanced capabilities around role management, access certification, and SoD policies as well as advanced workflow...

Vendor Report

Vendor Report: Courion

Courion provides identity management solutions since 1996 and is well established in North America. The company has traditionally not had a focus on Europe, even though several large accounts in Switzerland and the UK are using Courion’s products. This is about to change: the company has prioritized Europe for 2010 and is aggressively expanding there through new hires and partnerships. Courion’s flagship products are its identity access management suite that also includes many GRC (governance, risk-management and compliance) features. In fact, Courion’s product strategy...

Blog

IBM acquires OpenPages - and proves our GRC vision

It is always nice when trends an analyst has predicted become reality. I've been talking and blogging a pretty long time about the need for an integrated GRC approach, especially beyond the isolated "Enterprise GRC" with little automation. Yesterday, IBM announced that they agreed to acquire OpenPages, one of the most prominent vendors in the Enterprise GRC space. That isn't really a surprise, given that IBM is investing in the GRC market for quite a while. The really interesting parts in the presentation given by IBM on this acquisition yesterday are the parts where the Enterprise GRC...

Webcast

Virtualization Security Trends & Insights

Kuppinger Cole Webinar recording

Webinar

Oct 14, 2010: Zurück zur Kernkompetenz: Cloud Computing als Strategie für weniger Komplexität in der IT

In diesem Webinar führt Martin Kuppinger in die Thematik des Cloud Computing ein und stellt eine Checkliste für den optimalen und vor allem sicheren Einstieg in die Public Cloud vor. Mit Mani Pirouz wird dann ein Vertreter des erfolgreichen Cloud Computing Pioniers salesforce.com eine Reihe von Praxisbeispielen beschreiben und sich einer Diskussion über die Chancen und Risiken des Cloud Computing stellen.

Webinar

Dec 02, 2010: Cloud Computing Risk Areas

Before jumping into the cloud, you should know about the risks, so that you can ask the right questions to your provider. In this webinar session, we will discuss the main risk areas of cloud computing, such as data location, transparency, privileged user access, Recovery and data segregation, and how to keep them under control.

Webinar

Dec 02, 2010: How does Cloud Governance Relate to IT and SOA Governance and what should be done Differently?

When applications and information move beyond the perimeter, they become more vulnerable and cause privacy related issues. How can we make sure that cloud services live in a controlled environment? Do we need to reinvent the governance whell or is Cloud governance just an extension of your existing SOA governance? Join us in this webinar session to discuss this exciting topic.

Webinar

Dec 02, 2010: Designing a Cloud-ready Holistic IT Security Concept - the Business View

IT security is in a challenging transition period. On the one hand, threats are real and they are growing more and more sophisticated. On the other hand, the promise of cloud computing is trying to transform computing into an ubiquitous utility. The IT services world is going through a revolutionary change, making traditional, perimeter based security models obsolete. And it will not stop, it will be going even worse. If there ever has been a time to totally rethink your overall security strategy, it´s good that it is now. Join us in this session, to discuss the new holistic enterprise...

Webinar

Dec 02, 2010: 5 Key Challenges for Cloud Computing Governance

Cloud Computing is adding a number of challenges to IT governance. In this opening session to the 2010 Kuppinger Cole Cloud Computing Virtual Conference, Martin Kuppinger will talk about the 5 key challenges to be aware of, if you want to extend your IT governance to cloud computing.

Blog

Cloud Computing: Thinking inside the box

The problem with Cloud Computing is that no two experts can agree what it really is, right? Wrong! As of Sunday evening, we at least have two major players singing from the same psalm book. At Oracle Open World in San Francisco, Larry Ellison went public with the announcement that not only does he agree with Amazon on their definition of Cloud Computing; he is actually stealing their thunder, or at least the thunder of the name Amazon invented to describe their cloud services, namely “Elastic Cloud”. He also gave a firm answer to the age-old question, is Cloud Computing an application or...

Webinar

Sep 22, 2010: Die Microsoft-Plattform optimal nutzen: Mit wenig Aufwand zur umfassenden Identity Management Lösung

In diesem Webinar umreißt Martin Kuppinger ein Szenario, wie sich unter Verwendung der Microsoft Security Lösungen eine ganzheitliche Identity Management Infrastruktur erstellen lässt. Anschliessend geht Dr. Martin Kuhlmann (Omada) darauf ein, wie eine solche Lösung in der Praxis umgesetzt wird.

Webinar

Oct 08, 2010: Privileged User Management: Wer kontrolliert die Admins?

Zeitgemäße Lösungsansätze für das Management privilegierter Identitäten stehen deshalb im Fokus dieses Webinars. Zunächst wird Martin Kuppinger einen Einblick in die unterschiedlichen Methoden des Privileged User Management und einen Überblick über den Lösungsmarkt geben. Danach wird Klaus Hild von Novell aus seinen reichhaltigen Projekterfahrungen an Hand einiger prägnanter Beispiele aus unterschiedlichen Branchen den aktuellen Stand in der Praxis beschreiben und Handlungsempfehlungen geben.

Webinar

Sep 14, 2010: Virtualization Security Trends & Insights

In this webinar, Martin Kuppinger will talk about security in virtualized environments and the developments happening in this space. How does state-of-the-art security in virtual environments look like? And what should be a future roadmap that works?

Webinar

Oct 12, 2010: Identity Federation: Essential Building Block for a Winning Cloud Strategy in your SAP Environment

In this webinar, Martin Kuppinger will give an overview on the current and future role of identity federation in hybrid cloud infrastructures with a focus on SAP environments. He will be followed by Keith Grayson from SAP, who will be talking on SAP user management optimization through SAML 2.0.

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]