News Archive

Webcast

Understanding the GDPR Impact on Corporate IT

Addressing GDPR requirements is a complex undertaking that requires coordination between different departments including but not limited to IT, security, legal, human resources, marketing and communications. Translating the legal requirements into concrete organizational, technical and security measures and aligning them with existing corporate and industry policies and regulations not just helps find the easiest route to address GDPR compliance, but can promise cost savings by mapping them to existing security tools.

Executive View

Executive View: ERPScan Smart Cybersecurity Platform for SAP - 72510

ERPScan Smart Cybersecurity Platform for SAP is an Al-driven enterprise level solution for SAP that leverages machine learning. By addressing predictive, preventive, detective and responsive capabilities, and by leveraging vulnerability management, source code security and the analysis of Segregation of Duties (SoD) violations, it provides comprehensive security analytics covering all relevant aspects of enterprise SAP deployments.    

Blog

Please! No More GDPR Related Blog Posts!

You have heard it all before: May 25th, 2018, enormous fines, "you have to act now", the "right to be forgotten", DPO and breach notification. Every manufacturer whose marketing database contains your data will send you information, whitepapers, webinars, product information and reminders about GDPR. And they of course can “help” you in getting towards compliance. So you have set up a filter in your mail client that sorts GDPR messages directly into spam and #gdpr is muted in your Twitter client.   Because you have started your journey towards...

Whitepaper

Whitepaper: Airlock: Meeting PSD2 Challenges with Ergon Airlock Suite - 70328

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe.  Banks and other financial service providers must quickly prepare for PSD2. Ergon’s Airlock Suite provides foundational technical capabilities that can help businesses meet the challenges posed by PSD2. 

Executive View

Executive View: Janrain Janrain Identity Cloud® - 70845

Janrain provides a complete solution for Consumer Identity and Access Management (CIAM). Janrain is a pioneer in the field, creating the category of CIAM and developing the popular “ social login” authentication method .

Webcast

Revised Payment Service Directive: Understanding Its Technical Requirements for a Smooth and Secure Customer Experience

When PSD2 takes effect, banks across the European Union will be required to expose their core banking functions to these TPPs via APIs. It is imperative that banks begin now to build and lock down APIs in preparation for PSD2. We will take a look at the Open Banking APIs as well as some other competing API offerings, and discuss API security methods. Strong Customer Authentication (SCA) is a 2nd primary technical requirement of PSD2. Banks and TPPs both must provide mechanisms to do at least 2-Factor Authentication for their customers. Risk adaptive authentication is preferred....

Executive View

Executive View: AlgoSec Security Management Suite - 70262

AlgoSec Security Management Suite is a highly automated and business-focused integrated solution for managing network security policies and business application connectivity across a wide range of devices in heterogeneous environments.  
 

Blog

Not Just Another Buzzword: Cyber Risk Governance

Today, companies are increasingly operating on the basis of IT systems and are thus dependant on them. Cyber risks must therefore be understood as business risks. The detection and prevention of cyber security threats and appropriate responses to them are among the most important activities to protect the core business from risks.  But in practice, however, many challenges arise here. The requirement to arrive at a uniform and thus informed view of all types of business risks often fails due to a multitude of organisational, technical and communication challenges:  ...

Webcast

Connected Car: Putting Digital Identity Behind the Wheel

A modern connected vehicle is no longer just a car with a built-in wireless access point – it is a complex network of multiple interconnected systems from different vendors that are constantly communicating with each other as well as with various external parties, both consumer-facing and industrial. Each connected car is a rolling IoT ecosystem where industrial applications and protocols coexist with consumer-grade apps and services. As the industry heads full speed towards self-driving cars, connected cars will be a global norm in the near future, making security and privacy...

Advisory Note

Advisory Note: Maturity Level Matrix for GDPR Readiness - 72557

KuppingerCole Maturity Level Matrix for the degree of readiness for implementing EU GDPR (General Data Protection Regulation) requirements. Foundation for assessing the current status and identifying specific measures in your GDPR compliance projects and programs.

Blog

Administrative Security in Security Products

At KuppingerCole, cybersecurity and identity management product/service analysis are two of our specialties. As one might assume, one of the main functional areas in vendor products we examine in the course of our research is administrative security. There are many components that make up admin security, but here I want to address weak authentication for management utilities. Most on-premises and IaaS/PaaS/SaaS security and identity tools allow username and password for administrative authentication. Forget an admin password? Recover it with KBA (Knowledge-based authentication). Many...

Webcast

Industrial Control Systems: Understanding the Access Risks and Security Challenges

For decades, Industrial Control Systems have evolved completely separately from traditional IT, with their own business drivers, requirements and regulations and proprietary hardware designs and network protocols. Needless to say, security from cyberattacks was never a priority for operational technology units responsible for managing those systems: after all, they weren’t even connected to office networks. Things have changed dramatically in the recent years: since 2000s, many control systems have switched to commodity hardware and standard networking protocols. The convenience of...

Executive View

Executive View: STEALTHbits® Products Overview - 70270

Securely governing access is increasingly important to ensure compliance as well as to defend against cyber-crime. STEALTHbits’ products provide a comprehensive set of solutions to address IT security risks covering Active Directory, Data Access Governance, Privileged Access Management, and Threat Detection.

Leadership Compass

Leadership Compass: Identity Provisioning - 71139

Leaders in innovation, product features, and market reach for Identity Provisioning. Delivering the capabilities for managing accounts and entitlements across heterogeneous IT environments on premises and in the cloud. Your compass for finding the right path in the market.

Executive View

Executive View: Forum Sentry API Security Gateway - 70930

Forum Sentry API Security Gateway is an integrated platform for API and service security, access management and legacy application modernization with a strong focus on “security by design”, certified encryption, and support for a broad range of Web Services, B2B, Mobile, Cloud and IoT APIs and other protocols.

Executive View

Executive View: ManageEngine Password Manager Pro - 70613

ManageEngine, part of Zoho Corp., delivers a broad portfolio of solutions targeted at IT administrators. Among these, we find Password Manager Pro, a Privilege Management solution providing support for a variety of use cases such as Shared Account Password Management, Application-to-Application Privilege Management, or Session Management. The tool counts among the advanced, feature-rich solutions in the Privilege Management market.

Executive View

Executive View: Atos DirX Identity - 71702

Atos DirX Identity is a mature offering for IGA (Identity Governance and Administration), delivering both leading-edge Identity Provisioning capabilities and a strong Access Governance feature set. Atos has made significant improvements when it comes to the ease and flexibility of customization and added a modern, responsive user interface.

Executive View

Executive View: BeyondTrust PowerBroker PAM - 70275

BeyondTrust’s PowerBroker product family provides a well-integrated solution with a broad range of capabilities for the mitigation of threats caused by the abuse or misuse of privileged system accounts and entitlements, on endpoints as well as server systems. With dedicated products for major system architectures, PowerBroker PAM delivers deep support for privilege management on Windows, Unix/Linux, and Mac systems.

Webcast

Improving Agility and Reducing Cyber Risks with Business-Driven Security Policy Management and Automation

Today’s enterprises are under continuous pressure to support new digital transformation initiatives, to adopt modern technologies like the cloud and software-defined data centers (SDDC) and, of course, to stay protected from external and internal cyberthreats. With the increasing pace of business, achieving greater agility and efficiency through automation of business processes is becoming one of the key challenges for IT. Unfortunately, the resulting dramatic increase in complexity of heterogeneous IT infrastructures combined with growing sophistication of modern cyberthreats has...

Whitepaper

Whitepaper: Airlock: Datenschutz-Grundverordnung (DSGVO): Mehr als nur Consent Management! - 70327

Die DSGVO oder EU GDPR (General Data Protection Regulation), die ab dem 28. Mai 2018 voll wirksam ist, wird derzeit vor allem mit den Zustimmungsregeln zur Nutzung personenbezogener Daten (Consent) und den Rechten der Betroffenen wie beispielsweise dem „Recht auf Vergessen“ in Verbindung gebracht. Die DSGVO sieht aber auch den angemessenen Schutz von personenbezogenen Daten nach dem Stand der Technik oder die Umsetzung des Prinzips von „Security by Design“ und „Privacy by Design and Default“ vor. Hier sind angemessene Maßnahmen zu treffen.

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]