News Archive

Executive View

Executive View: One Identity Safeguard Suite - 80074

Privileged Access Management (PAM) has evolved into a set of crucial technologies that addresses some of the most urgent areas of cybersecurity today against a backdrop of digital transformation. One Identity Safeguard Suite is a PAM solution that uses a modular approach across password management, session management and privilege account analytics.

Webcast

Complying With PSD2: Everything You Need to Know

With the Revised Payment Service Directive (PSD2) coming into full effect this fall, banks and online retailers need to adapt to changes that carry with them many regulatory and technical challenges. Acknowledging these extensive changes, Germany’s Federal Financial Supervisory Authority (BaFin) recently granted a period of grace for online retailers to implement the element of strong customer authentication (SCA), thus following the lead of other European financial regulatory authorities.

Blog

Nok Nok Labs Extends FIDO-Based Authentication

Nok Nok Labs has made FIDO certified multi-factor authentication – which seeks to eliminate dependence on password-based security - available across all digital channels by adding a software development kit (SDK) for smart watches to the latest version of its digital authentication platform, the Nok Nok S3 Authentication Suite. In truth, the SDK is only for the Apple watchOS, but it is the first - and currently only - SDK available to do all the heavy lifting for developers seeking to enable FIDO-certified authentication via smart watches that do not natively support FIDO, and is a...

Executive View

Executive View: Microsoft Azure Active Directory - 79077

From small businesses to large enterprises, organizations today require a solid foundation for their Identity and Access Management (IAM) services. These services are increasingly delivered as cloud services or IDaaS (Identity as a Service). Microsoft Azure Active Directory (Azure AD) provides Directory Services, Identity Federation, and Access Management from the cloud in a single integrated solution with extensive integration opportunities.

Blog

AI for Governance and Governance of AI

Artificial Intelligence is a hot topic and many organizations are now starting to exploit these technologies, at the same time there are many concerns around the impact this will have on society. Governance sets the framework within which organizations conduct their business in a way that manages risk and compliance as well as to ensure an ethical approach. AI has the potential to improve governance and reduce costs, but it also creates challenges that need to be governed. The concept of AI is not new, but cloud computing has provided the access to data and the computing power needed to...

Leadership Brief

Leadership Brief: Hype vs. Reality in AI & ML: Where are the Concrete Business Benefits? - 80271

The conversation on artificial intelligence and machine learning is still largely driven by hype. But concrete business benefits exist for narrow AI solutions, and it is time to separate hype from reality. This leadership brief identifies the characteristics of successful AI use cases, provides examples across multiple industries and business departments, and provides recommendations on distinguishing AI solutions that can deliver value.

Blog

Akamai to Block Magecart-Style Attacks

Credit card data thieves, commonly known as Magecart groups, typically use JavaScript code injected into compromised third-party components of e-commerce websites to harvest data from shoppers to commit fraud. A classic example was a Magecart group’s compromise of Inbenta Technologies’ natural language processing software used to answer user questions by UK-based ticketing website, Ticketmaster. The Magecart group inserted malicious JavaScript into the Inbenta JavaScript code, enabling the cyber criminals to harvest all the customer credit card data submitted to the...

Leadership Brief

Leadership Brief: Defending Against Ransomware - 80235

Ransomware is an epidemic and continues to evolve. More than half of all companies and other organizations have been attacked with one form or ransomware or another. A multi-layered defense is the best strategy. Take steps now to reduce the likelihood of falling victim to it. Make sure you have good offline backups if you get hit. Don’t give up and pay the ransom.

Leadership Brief

Leadership Brief: Penetration Testing Done Right - 70359

Penetration Testing should be a key part of any business's assurance process, providing a level on independent testing that they are not wide open to hackers or other malicious actors; however, a penetration test is not a simple “off-the-shelf” test and needs careful design and planning.

Webcast

KuppingerCole’s Evaluation of Leading Vendors in the Identity API Platforms Market

Many different factors are driving Digital Transformation in the market today. One factor is the change in how businesses interact with their customers. Another factor is more on the technical side that addresses the implementation of new Digital Services that have become more complex due to the different environments and the many integration points to consider. This is driving the rapidly growing demand for exposing and consuming APIs. APIs are enabling organizations to create new business models, connect with partners and customers while providing a seamless experience by linking...

Leadership Brief

Leadership Brief: Do I need Network Threat Detection & Response (NDTR)? - 80296

NTDR products/services are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? We’ll look at what NTDR products do, reasons to consider NTDR, and some high-level evaluation criteria regarding NTDR products.

Blog

Microsoft Partnership Enables Security at Firmware Level

Microsoft has partnered with Windows PC makers to add another level of cyber attack protection for users of Windows 10 to defend against threats targeting firmware and the operating system. The move is in response to attackers developing threats that specifically target firmware as the IT industry has built more protections into operating systems and connected devices. A trend that appears to have been gaining popularity since Russian espionage group APT28 – also known as Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and Strontium – was found to be exploiting firmware...

Blog

Can Your Antivirus Be Too Intelligent Sometimes?

Current and future applications of artificial intelligence (or should we rather stick to a more appropriate term “Machine Learning”?) in cybersecurity have been one of the hottest discussion topics in recent years. Some experts, especially those employed by anti-malware vendors, see ML-powered malware detection as the ultimate solution to replace all previous-generation security tools. Others are more cautious, seeing great potential in such products, but warning about the inherent challenges of current ML algorithms. One particularly egregious example of “AI security...

Blog

Privileged Access Management Can Take on AI-Powered Malware to Protect Identity-Based Computing

Much is written about the growth of AI in the enterprise and how, as part of digital transformation, it will enable companies to create value and innovate faster. At the same time, cybersecurity researchers are increasingly looking to AI to enhance security solutions to better protect organizations against attackers and malware. What is overlooked is the same determination by criminals to use AI to assist them in their efforts to undermine organizations through persistent malware attacks. The success of most malware directed at organizations depends on an opportunistic model; sent out by...

Webcast

Facilitating Business with State-of-the-Art Identity Proofing Solutions

For traditional or Business-to-Employee (B2E) IAM, HR departments are responsible for gathering documentation from employees to determine their suitability for employment. For Business-to-Consumer (B2C) or CIAM, identity proofing can be more difficult. Depending on the nature of the business, the attributes that need to be collected and verified can differ widely. For example, Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations govern the kinds of attributes and authoritative attributes that must be collected in the finance industry.

Press Release

Technology Is Key to Customer Satisfaction

A top challenge to online business is retaining customers throughout the registration and authentication process. “While regulations such as GDPR and PSD2 increase the pressure on the industry, they also create new opportunities,” says Martin Kuppinger, Principal Analyst at KuppingerCole.

Whitepaper

Whitepaper: Privileged Access Management requirements for Small to Medium Size Businesses (SMB) - 80123

Privileged Access Management (PAM) is fast becoming one of the most important areas of Identity and Access Management (IAM). Privileged accounts are given to admins and other users within an organization to access critical data and applications. However, if these are not managed securely, SMBs can find themselves having accounts still open for people who have left or for people who no longer need access or simply giving too many people privileged accounts. Criminals and hackers are becoming more adept at stealing and using credentials for privileged accounts. To reduce this risk, and...

Blog

Leading IDaaS Supplier OneLogin Aiming for the Top

OneLogin is among the leading vendors in the overall, product, innovation and market leadership ratings in KuppingerCole’s latest Leadership Compass Report on IDaaS Access Management, but is aiming to move even further up the ranks. In a media and analyst briefing, OneLogin representatives talked through key and recent product features and capabilities in an ongoing effort improve the completeness of products. Innovation is a key capability in IT market segments, and unsurprisingly this is an important area for OneLogin. The most recent innovations include Vigilance AI, the new...

Executive View

Executive View: Optimal IdM - Optimal Cloud - 80162

For many organizations, the adoption of cloud services has become a strategic imperative which includes moving security services to the cloud as well. Optimal IdM provides a comprehensive identity management solution that provides federation, single sign-on, and strong two-factor authentication all within a private cloud.

Blog

As You Make Your KRITIS so You Must Audit It

Organizations of major importance to the German state whose failure or disruption would result in sustained supply shortages, significant public safety disruptions, or other dramatic consequences are categorized as critical infrastructure (KRITIS). Nine sectors and 29 industries currently fall under this umbrella, including healthcare, energy, transport and financial services. Hospitals as part of the health care system are also included if they meet defined criteria. For hospitals, the implementation instructions of the German Hospital Association (DKG) have proven to be important. The...

Webinar

Dec 02, 2019: On the Way to Becoming a Cognitive Enterprise

The digitalization has resulted in the "digital enterprise". It aims at leveraging previously unused data and the information hidden in it for the benefit of the enterprise. The “cognitive enterprise” comes with the promise to use this information to do something productive, profitable and highly innovative for the enterprise.  The cognitive enterprise is the application of cognitive technologies in critical areas of a company.

Blog

Stell Dir vor, es ist KRITIS und keiner geht hin

„Kritische Infrastrukturen (KRITIS) sind Organisationen oder Einrichtungen mit wichtiger Bedeutung für das staatliche Gemeinwesen, bei deren Ausfall oder Beeinträchtigung nachhaltig wirkende Versorgungsengpässe, erhebliche Störungen der öffentlichen Sicherheit oder andere dramatische Folgen eintreten würden“. Neun Sektoren und 29 Branchen gelten derzeit als kritische Infrastrukturen, darunter die Gesundheitsversorgung, Energieversorgung, der Verkehr und Finanzdienstleistungen. Krankenhäuser als Teil des Gesundheitswesens fallen bei...

Blog

AI in the Auto Industry Is About More Than Self-Driving Cars

Car buyers gathering at the Frankfurt Motor Show last month will have witnessed the usual glitz as car makers went into overdrive launching new models, including of course many new electric vehicles reflecting big change in the industry. Behind the glamour of the show, the world’s biggest car makers are heavily investing in new technologies to remain competitive, including Artificial Intelligence (AI) and Machine Learning. While perfecting algorithms for self-driving cars is a longer-term goal and grabs the headlines, much is being done with AI to improve the design, manufacture and...

Blog

Do You Need a Chief Artificial Intelligence Officer?

Well, if you ask me, the short answer is – why not? After all, companies around the world have a long history of employing people with weird titles ranging from “Chief Happiness Officer” to “Galactic Viceroy of Research Excellence”. A more reasonable response, however, would need to take one important thing into consideration – what a CAIO’s job in your organization would be? There is no doubt that “Artificial Intelligence” has already become an integral part of our daily lives, both at home and at work. In just a few years, machine...

Webcast

Onboarding Your Business Partners to Your Services: B2B IAM in Practice

Virtually any business needs to grant business partners access to certain IT services. While employee IAM is a well-established discipline, where HR frequently delivers the information about joiners, movers, and leavers, and while Consumer IAM (CIAM) commonly relies on self-registration, B2B IAM comes with different challenges.

Executive View

Executive View: Curity Identity Server - 80159

Curity AB delivers a software-based API-driven identity server for businesses that need help connecting identity infrastructure, digital services, and cloud applications. Their solution adheres to many identity standards, to promote interoperability and to make it easier for clients to deploy necessary new features while shielding users from complexity.

Blog

Cognitive! - Entering a New Era of Business Models Between Converging Technologies and Data

Digitalization or more precisely the "digital transformation" has led us to the "digital enterprise". It strives to deliver on its promise to leverage previously unused data and the information it contains for the benefit of the enterprise and its business. And although these two terms can certainly be described as buzzwords, they have found their way into our way of thinking and into all kinds of publications, so that they will probably continue to exist in the future.  Thought leaders, analysts, software and service providers and finally practically everyone in between have...

Executive View

Executive View: Devolutions PAM Solution - 80070

Devolutions provides a PAM solution targeted at SMB customers that provides a good baseline set of PAM capabilities and easy to deploy and operate. The solution comes with a password vault, account discovery capabilities, and strong remote access features. While some of the more advanced capabilities of the leading-edge PAM solutions are lacking, the product fits well to the target group of SMBs.

Executive View

Executive View: AWS Control Tower - 80219

Managing access to applications, systems and resources is a key task for any organization and the hybrid IT deployment model has made this even more complex.  One area of concern is managing administrative access – administration is an essential process, but the administrator accounts provide the keys to the kingdom. This report describes how AWS Control Tower helps to customers to meet these requirements for their AWS environments.

Press Release

Convenience and Security Should Not Be a Trade-Off

For the sake of our convenience, everything is becoming interconnected. At home, at work and on the streets. But all interconnected devices are potential targets for cyber-attacks which is why adequate security controls are of paramount importance. At next week’s co-located CyberNext Summit and Borderless Cyber (organized by IACD and OASIS Open Consortium) we will discuss a great variety of aspects of cybersecurity including IoT and industrial IoT security , Critical Infrastructures, Endpoint Anti-malware Managementy , Information Protection Lifecycle and many more.

Blog

When Cyber "Defense" is no Longer Enough

The days in which having just an Identity and Access Management (IAM) system on-premises are long gone. With organizations moving to hybrid on-premises, cloud, and even multi-cloud environments, the number of cyber-attacks is growing. The types and sophistication of these attacks are continually changing to get around any new security controls put in place. In fact, it is much easier for the cyber attacker to change tactics than it is for organizations to bring in new solutions to mitigate current attack vulnerabilities. Organizations must realize that they will never be 100% secure, and...

Webinar

Nov 04, 2019: Getting a Grip on Your AI: Know What It Does. Understand the Risks and Rewards. Be Compliant

The case for integrating AI into business processes is ever stronger. Now it’s time to assess realistically what it can do for you. Existing successes and failures of AI beta-phase testing show how to resist the survivorship bias when implementing your own AI programs. Clarify the characteristics of AI data that may be problematic, and discover where investment should be concentrated on further customizing your AI solutions.

Webcast

How Leading Brands Build Trust With CIAM

In the age of digital transformation, consumers tend to have multiple digital identities across several devices deploying a variety of services. In this environment, digital trust is what sets brands apart from their competitors. Taking and storing customer data is a duty of care, and brands cannot afford data breaches or compromises.

Quicklinks

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]