Reports

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers CASB (Cloud Access Security Broker) solutions that help to secure the organizational use of cloud services.

Fudo Security’s PAM solution is the company’s primary product in the expanding PAM market. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are creating new demands and innovative PAM…

Forward-thinking companies no longer see cybersecurity, governance, compliance and privacy as something they are just forced to do. Instead, a comprehensive alignment with applicable policies, regulations and laws is the basis for consistently and competitively enabling and sustainably operating digital business.

Atos DirX Directory is one of the few enterprise-grade directory services in the market, delivering a high-performance, high-scalability, high-availability, and high-secure implementation that is required by many of today’s large-scale use cases in the Digital Transformation. Atos DirX Directory builds on a purpose-built and optimized data layer and delivers comprehensive support…

Rohde & Schwarz Cybersecurity offers reliable management of regulated and sensitive information to promote compliant collaboration and file sharing in unified SharePoint platforms for organizations spanning countries and regions with different laws and regulatory requirements. Rohde & Schwarz Cybersecurity utilizes globally distributed, efficient and secure infrastructure with…

SAP Cloud Identity Access Governance (IAG) is the SaaS solution provided by SAP for managing access risks and SoD controls from the cloud, for both SaaS business applications and a range of on-premises services. It covers areas such as Access Analytics, Role Management, Access Requests, Access Reviews, and Privileged Access Management for these environments. SAP Cloud IAG can run…

Access Management capabilities are well-established in the broader scope of IAM and are continuing to gain attraction due to emerging requirements for integrating business partners and customers. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor and requirements for successful deployments. This document will help…

Consider the relationship between Machine Learning (ML) and data consumption – is more always better? This Leadership Brief discusses the possible benefits of Small Data for ML, some technological approaches to get there, why you should still be cautious of Small Data, and recommendations on applying this practically.

IdentityIQ continues to provide organizations with a comprehensive solution to their identity management requirements. With the recent advances in predictive identity management, the tool reduces manual intervention and improves accuracy of user entitlements. The latest release adds cloud access management capability allowing entitlements in DevOps environments to be monitored and managed.

Managing third party identities has become an important issue for companies when they open their infrastructures to non-employees from partners and vendors. The influx of third-party identities puts an extra strain on existing IAM tools but management solutions that provide added functionality for non-employee identities are now available. SecZetta has streamlined existing solutions to…

Privileged Access Management (PAM) has evolved into a set of technologies that address some of today's most critical areas of cybersecurity in the context of digital transformation and industrial change. The CyberArk Core Privileged Access Security solution is designed to secure and protect privileged accounts and credentials within cloud and hybrid infrastructures. It is part of a suite…

Identity Governance is a mature Identity Governance and Administration (IGA) solution that is undergoing extensive development to meet the identity services requirements of the modern enterprise. As business systems become increasingly demanding of identity management environments, Micro Focus continues to extend its Identity Governance product, improving the user interface, automating…

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, agile software development and digital transformation has meant that users of privileged accounts have become more numerous…

Log360 from ManageEngine is a tightly integrated suite of log management and network security analytics tools. Complementing SIEM capabilities with EDR, DLP, and even SOAR functionality, it offers a convenient and affordable one-stop solution for security analytics and threat remediation across on-prem and cloud.

Containerized microservices are gaining momentum in IT organizations today, requiring tools such as Kubernetes for automating the orchestration and management of those containers. The Radware Kubernetes WAF meets the unique requirements of the Kubernetes environment to protect its containerized applications and data.

Business intelligence (BI) platforms have become essential for enterprises with an exponential increase in data generation and usage. The next generation of BI platforms will expand on the volume of data analysis and the degree of control a business user has over the process. This Leadership Brief presents the several roles that artificial intelligence plays in BI, and what your…

This report provides an overview of the market for Privacy and Consent Management platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing solutions that enable you to collect and manage consent in a compliant and…

The Access Governance (AG) market is continuing to evolve through more intelligent features. This Leadership Compass will give an overview and insights into the AG market, providing you a compass to help you find the products that can meet the criteria necessary for successful AG deployments.

The versatility of modern IT Service Management systems (ITSM) is leading many organizations to configure these systems to deal with all employee service requests, including those related to IAM/IGA. But this is a risky strategy from a maintenance and compliance point of view. This Leadership Brief outlines the key reasons for aligning ITSM with IAM/IGA systems, and how this is best achieved.

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the seventh in the series introducing the…

One Identity Active Roles is a powerful tool for integrated management of both on-premises Microsoft Active Directory and Microsoft Azure Active Directory. It comes with strong support for managing Exchange Servers and Office 365, but also Identity Lifecycle Management that supports a range of non-Windows and SaaS applications.

Password Safe von MATESO ist eine Lösung für das zentrale, unternehmensweite Management von Kennwörtern und anderen „Secrets“ und die Überwachung und Kontrolle von deren Nutzung. Das Produkt unterstützt alle wesentlichen Funktionen in diesem Bereich wie die automatische Rotation von Kennwörtern und die Übergabe von Kennwörtern im…

Building a trust-filled and transparent relationship with end-users depends now more than ever on Privacy and Consent Management solutions. These services accomplish many tasks such as helping organizations collect and manage consent signals provided by end-users, managing cookies and trackers, and providing measurement of an organization’s journey towards privacy compliance. To…

SailPoint Predictive Identity est une plate-forme SaaS qui ajoute à l’IGA des capacités reposant sur l'IA . Cela concerne notamment l'analyse des risques d'accès, l'examen des droits d'accès avec des recommandations de validation ou de révocation et l'optimisation automatisée des modèles d'accès. Cette solution améliore…

SailPoint Predictive Identity ist eine SaaS-Plattform, die IGA um KI-basierte Funktionen erweitert. Dazu gehören unter anderem die Analyse von Zugriffsrisiken, Empfehlungen für die Genehmigung oder den Widerruf von Berechtigungen während der Berechtigungsprüfung und die automatische Optimierung von Zugriffsberechtigungsmodellen. Die Lösung bietet im Vergleich zu…

The Cygna Auditor Platform is a unified environment for collecting events from Active Directory, Azure AD, Windows Servers, Microsoft 365, and some other platforms, and providing analytics and alerting on these events. It incorporates the former BeyondTrust Auditor Suite. The Cygna Auditor Platform is a solution targeted on administrators of Microsoft Windows-centric environments, but…

BioCatch is an innovative Fraud Reduction Intelligence Platform (FRIP). Their three-part solution in this space consists of Policy Manager, Case Manager, and Analyst Station, which are used by fraud analysts and operations teams to determine appropriate actions in response to indicators. BioCatch utilizes industry-leading passive biometrics for not only user behavioral analysis but also…

The probability of becoming a victim of a data breach is now higher than ever. The hyperconnected world and the ever-increasing complexity of modern IT systems and processes pose new challenges for IT staff.  All organizations must invest in an Incident Response Management plan. Preparation is essential and ensuring that everyone knows what to do can significantly reduce the impact…

When optimizing customer centricity and customer journeys across all touchpoints, automation is key. Various aspects have to be considered in order to create an individual and fit-for-purpose customer experience. Adobe’s Experience Cloud consists of various applications and services that cover many marketing-related areas, such as advertising, touchpoint management, personalization,…

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the final in the series introducing the…

The KuppingerCole Market Compass provides an overview of the products offerings in Endpoint Protection, Detection and Response.  The Endpoint Security space continues to see much innovation and some consolidation. The formerly separate products Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) are increasingly coming together in the marketplace.

Clear Skye IGA differs from common IGA implementations by running on the ServiceNow NOW platform and providing full integration into ServiceNow capabilities. It thus bridges the gap between ITSM and IGA allowing for fast and efficient implementation of IGA capabilities for organizations already using ServiceNow.

Auth0 provides a flexible platform that can be used for Consumer Identity and Access Management (CIAM), Business-to-Employee (B2E), and Business-to-Business (B2B) use cases. Auth0’s platform solutions are highly customizable to meet a variety of business requirements with a developer-centric focus.

Die IT-Sicherheits-Community ist sich schon lange einig, dass Passwörter ein Problem sind, weil sie einfach zu entwenden und im Endeffekt anfällig für menschliche Fehler sind. Dieser Leadership Brief befasst sich damit, wie Organisationen ihre allgemeine Sicherheit verbessern können, indem sie sich über die Abhängigkeit von Passwörtern im Klaren werden…

The KuppingerCole Market Compass provides an overview of the product or service offerings in a selected market segment. This Market Compass covers the Dynamic Authorization Management market and provides a comparison of the main product offerings. Dynamic Authorization externalizes access control decisions to a centrally-managed authorization service that evaluates access policies in…

Work from home, bring your own device, a professional cyber-crime industry, IoT & OT. We all have to face these challenges while fullfilling a zoo of endless requirements. It is complex to keep the overview and the flexibility in our IT security services and the used toolset. Setting up the architecture with the concept of a Security Fabric helps to structure, to optimize and to…

Consumer Identity and Access Management (CIAM) is a rapidly growing market that offers a better user experience for the consumer and new challenges for the organization. NRI Secure’s Uni-ID Libra continues to innovate and provide the necessary components of a CIAM solution with a focus on the Japanese market.

In the absence of a secure external perimeter Identity and Access Management has become fundamental to protecting corporate digital assets.  Identity Governance and Administration includes two core elements of IAM - Identity Provisioning and Access Governance - that are essential to enabling and securing digital transformation.  This report describes how Symantec Identity…

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the fourth in the series introducing the…

The perimeter of the corporation has transformed into a much more fluid and permeable boundary than it once was. Sensitive information is now routinely accessed with personal and business devices by employees, and mass remote work further exacerbates this trend. Advanced methods for the protection of sensitive data are necessary. This Leadership Brief is an overview of the role that…

CSI tools provide a suite of solutions for managing access entitlements and risk in SAP environments. The solution come with a modern, web-based user interface and dashboarding. They deliver in-depth insight and support for managing entitlements at all levels and across all applications within common SAP environments.

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the sixth in the series introducing the…

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers Enterprise Information Protection solutions. Because the perimeter of the corporation has changed to include personal and business devices, mass remote work, and increased collaboration, advanced methods for the protection of sensitive…

This report provides an overview of the market for Network Detection and Response tools (NDR) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing NDR solutions.

This report provides an overview of the market for Unified Endpoint Management (UEM) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing UEM solutions.

In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are putting new demands on PAM and vendors are responding to this challenge by adding new functionalities and capabilities to their solutions. This…

Hitachi ID is a global IAM software provider. It offers Hitachi ID Privileged Access Manager (HiPAM) as its primary offering for the PAM market, along with the complementary Identity Manager and Password Manager products. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid…

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the fifth in the series introducing the…

IBM Watson OpenScale a solution to enable the responsible monitoring and management of AI projects. The comprehensive attention to data management, analytics, model training, deployment, and model lifecycle management make Watson OpenScale a strong choice for enterprises.

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment. This Market Compass covers conversational AI building platforms with a focus on chatbot solutions. Such solutions are a common trend in marketing, sales, service management, human resources, and many other use cases.

Modern Identity Governance and Administration (IGA) solutions need to take traditional IGA further to meet today's customer requirements such as entitlement and onboarding automation or providing insight into access risks. Omada Identity Suite not only supports this with Access Governance and Identity Provisioning but also takes it a step further by giving an IGA best practices framework…

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers solutions that provide backup, restore and disaster recovery of IT service data into the cloud in the context of the hybrid IT service delivery environment that is now commonly found in medium to large organizations.

From small businesses to large enterprises, organizations today require a solid foundation for their Identity and Access Management (IAM) services. These services are increasingly delivered as cloud services or IDaaS (Identity as a Service). Microsoft Azure Active Directory (Azure AD) provides Directory Services, Identity Federation, and Access Management from the cloud in a single…

IAM is a complex challenge for businesses, comprising of various capabilities such as IGA (Identity Governance & Administration), Access Management, and Privileged Access Management. Deployment is shifting towards flexible models supporting a range of deployment options, including IDaaS (Identity as a Service). Ilantus Compact Identity is an IAM offering targeting businesses that are…

Die integrierte Sicherheitsplattform von SentinelOne kombiniert Präventions-, Erkennungs-, Analyse- und Mitigierungsfunktionen mit dem autonomen KI-Agenten und ermöglicht so tiefe Einblicke und konsistenten Schutz für On-Premises-Endgeräte, virtualisierte Umgebungen und Cloud-Workloads.

SentinelOne’s integrated security platform combines prevention, detection, analysis, and mitigation capabilities with the autonomous AI agent to enable deep visibility and consistent endpoint security across on-premises devices, virtualized environments and cloud workloads.

Thycotic is one of the world’s leading providers of Privileged Access Management (PAM) solutions. In the last few years PAM has evolved into a set of targeted technologies that addresses some of the most urgent areas of business security in a period of rapid technological change. Digital transformation, Cloud, and Hybrid IT environments are putting new demands on PAM. Against this…

Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged access in organizations and companies. This report describes how Symantec Privileged Access Management meets these challenges.

Nexis Controle 3.4 implements intelligent role and identity analytics while laying the foundation for strategic role lifecycle management as either a stand-alone solution or as a companion component to existing Identity and Access Management infrastructures.

One Identity Manager is one of the leading Identity and Access Governance (IAG) solutions. It builds on a sophisticated, consistent concept which allows for intuitive user experience, rapid customization and easy deployment. One Identity Manager is offering a rich toolset and framework to connect various target systems to its identity and access management solution.

The IT security community has long recognized that passwords are a problem because they are easily cracked or compromised and are ultimately susceptible to human failings. This leadership brief looks how organizations can improve overall security by addressing their reliance on passwords and prepare to move to alternative authentication methods.

This report provides an overview of the market for Access Control Tools for SAP Environments and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing solutions that increase security in SAP Environments by restricting access,…

Identity and Access Management (IAM) has never been more important or challenging in the face of a rapidly changing business, regulatory and IT environment. This is especially true for multinational companies that must comply with an ever-increasing number of security and privacy regulations. Service Layers delivers a managed IAM service using a scalable, customizable, component-based…

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, hybrid IT, cloud and other aspects of digital transformation has meant that users of privileged accounts have become more…

The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Provisioning and Access Governance solutions that are now increasingly aided by intelligent features. This Leadership Compass will give an overview and insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for…

SailPoint Predictive Identity is a SaaS platform that adds AI-based capabilities to IGA. These include analysis of access risks, recommendations for approving or revoking entitlements during access review, and automated optimization of access models, amongst others. The solution provides significant improvements in user experience of IGA, compared to traditional IGA approaches, while also…

IBM Watson is a computing platform that aims to meet the AI needs of any organization – those that wish to develop projects themselves, or those who wish to gain standard capabilities quickly. The comprehensive attention to data management, analytics, model training, deployment, and lifecycle management make the portfolio of IBM Watson products a strong choice for enterprises.

Centralizing delivery of digital workplaces can bring cost, efficiency and productivity rewards but security and risk management must be baked in if availability is not compromised by cyber attacks or unexpected disruption.

Soterion for SAP is a GRC (Governance, Risk & Compliance) solution targeted at SAP environments and delivering major capabilities in that space. The solution is available as both on premises solution and in an as-a-service model. Soterion has put specific emphasis on delivering a solution for GRC and access control in SAP environments that is easy-to-use, coming with a…

Moving to the cloud sets new challenges for managing access to critical IT environments for small and medium-size businesses (SMBs). These include managing access to multi-cloud services that are used on-demand but discarded when no longer needed, finding a scalable solution without big IT projects and costs, and managing administrative access with limited resources. At the same time,…

Enterprise IAM suites today need to meet an ever-growing list of IT requirements, which includes process automation, self-service, and identity-related administration and governance capabilities. Hitachi ID offers a well-integrated all-in-one IAM package that can meet these enterprise business requirements.

Sophos Intercept X is an endpoint security solution that is powered by a deep learning neural network, anti-exploit techniques, and anti-ransomware technology to provide advanced detection for all types of threats, especially ransomware, fileless/in-memory malware and malware that exploits unknown vulnerabilities in operating systems and application software. Sophos Intercept X also…

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Changing business practices, agile software development and digital transformation has meant that PAM solutions need an enhanced set of features to reduce the risk of privileged accounts being hijacked in this more challenging operating environment.

Indeed Certificate Manager is a platform for centralized management of enterprise public key infrastructures. Its modular, hardware-agnostic architecture and innovative remote management capabilities help reduce management costs, improve productivity, and strengthen your company’s overall security and compliance posture.

As digital transformation gains momentum, new types of digital identity are emerging and growing rapidly. Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. This Leadership Brief looks the importance of managing non-human and human identities in the same way, and how to approach achieving that.

The energy and utilities sector will need to adapt to new industry trends of digitalization, decentralization, and the advent of a new type of consumer: the prosumer. Smart grids are a more efficient offering for energy management, and new business models beyond the prosumer will require the partnership of different actors in the industry. Emerging technologies like artificial…

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the third in the series introducing the…

Vectra Cognito is a Network Detection and Response (NDR) platform supported by threat research and Artificial Intelligence (AI) in the form machine learning (ML) and Deep Learning for analyzing enterprise network traffic on premise and in the cloud to detect and respond to malicious activity by adversaries, with threat investigation and threat hunting capability.

Transparente, datenzentrische Sicherheit in nicht vertrauenswürdigen Infrastrukturen. Zuverlässige Kontrolle und Überwachung von sensiblen Informationen, die in öffentlichen Clouds und Kollaborationswerkzeugen (z.B. Microsoft Office 365, SharePoint, Teams) gespeichert sind. Virtualisierung, Verschlüsselung und Aufteilung von Daten, um eine sichere und bequeme…

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and disposition of information objects. This article is the second in the series introducing the…

Sharing enterprise information is both a security risk and a necessity of the modern enterprise. IRM-Prot-On of Groupo CMC is a strong provider of enterprise information protection services. The solution enables document and file protection, permissions management, and information classification.

The Micro Focus Access Manager counts amongst the established and mature solutions for Web Access Management and Identity Federation. Micro Focus is continuously improving the product, leveraging new technology and remaining responsive to client requirements for an agile and comprehensive solution to their access control requirements. Micro Focus Access Manager is a solution well-suited…

Transparent, data-centric security for untrusted infrastructures. Reliable control and monitoring of sensitive information stored in public clouds and collaboration tools (e.g. Microsoft Office 365, SharePoint, Teams). Virtualization, encryption and fragmentation of data enabling secure and convenient collaboration for multi cloud, on-premises and hybrid storage environments and true data…

Privileged Access Management (PAM) has evolved into a set of technologies that addresses some of the most urgent areas of cybersecurity today against a backdrop of digital transformation and industrial change. CyberArk Privilege Cloud is an as-a-service solution designed to protect and control privileged access across on-premises, cloud and hybrid infrastructures. It is part of a suite of…

As the number and types of digital identities proliferate in the digital era and the number of data protection regulations around the world continues to grow, the need for an effective Identity Governance & Administration (IGA) capability has never been greater. This leadership brief outlines common risks and pitfalls of enterprise IGA projects and how they can be avoided.

Choosing a PAM solution has become a complex, and potentially time consuming, decision for modern organizations but one they must get right. If trends such as customer identities or privileged accounts used by DevOps are to be managed securely, then the final purchasing decision rests on carefully selecting solutions with the right feature sets. New technologies such as machine learning…

iWelcome provides a mature Identity-as-a-Service platform with extensive support for B2C (Customer Identity & Access Management – CIAM) and B2B use cases with interfaces for end-users as well as app developers. As an EU-based company, iWelcome strives to fulfill regional requirements such as interoperability with various national IDs and GDPR compliance, and as such provides…

This report provides an overview of the market for Fraud Reduction Intelligence Platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing Fraud Reduction Intelligence Platform solutions.

Customer interaction is much more than marketing—it comprises all touchpoints during the customer journey. And the borders are becoming more and more blurry as many areas, such as marketing, sales, service, support, and consultancy are part of customer experience (CX). Furthermore, technological aspects shape the future of customer interaction: artificial intelligence and the…

The complexity and breadth of the challenges to discover, monitor and secure all APIs within your enterprise can be daunting. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for implementing consistent governance and security along the whole API lifecycle.

Exabeam is a highly modular platform for collecting, storing, managing and correlating security events across multiple IT systems, both on-premises and in the cloud, with integrated orchestration and automation capabilities to improve analysts’ productivity. It can augment an existing SIEM or completely replace it.

Atos DirX Identity is a mature offering for IGA (Identity Governance and Administration), delivering both leading-edge Identity Provisioning capabilities and a strong risk-based Access Governance feature set. Atos has made significant improvements when it comes to the ease and flexibility of customization and added a modern, responsive user interface together with RESTful interfaces.

Decentralized identity solutions that meet a range of enterprise use cases are on the market. Being a discerning consumer means knowing the right questions to ask. This Leadership Brief guides you through the critical aspects of decentralized identity solutions that are relevant to enterprise adoption.

Intelligent data management allows enterprises to identify, understand, and act upon trends in enterprise data and metadata, and is an essential addition to the digitized organization’s toolkit. Informatica’s CLAIRE is a AI and machine learning engine which powers its intelligent data platform that is built into Informatica’s data management products, and is a strong…

Security Information and Event Management (SIEM) platforms have been a key part of many enterprises’ cybersecurity infrastructures for over a decade. However, facing the growing number and sophistication of cyber threats, even the largest security operations centers built around them fail to respond to attacks in time. Are SIEMs a thing of the past already? This Leadership Brief…

Business continuity and cyber security remain largely in separate siloes. But changes in the IT and cyber threat landscapes mean there is an urgent need for organizations to alter their approach. This leadership brief identifies why there needs to be closer alignment and integration between business continuity and cyber security teams, and provides recommendations on how to achieve this…

Digital identities are at the core of Digital Transformation, Information Security and Privacy. It has never been more important for enterprises to ensure they have the capability to manage identities effectively in a rapidly changing business, regulatory and IT environment. This Leadership Brief looks at the main trends to help businesses evolve their Identity and Access Management (IAM)…

The KuppingerCole Market Compass provides an overview of product or service offerings in a certain market segment.  This Market Compass covers decentralized identity, specifically Blockchain Identity and Self-Sovereign Identity (SSI) solutions. This is a very dynamic space filled with visionary and innovative vendors that are applying decentralized identity to real enterprise use…

One of the largest barriers to widespread machine learning (ML) adoption is its lack of explainability. Most ML models are not inherently explainable on a local level, meaning that the model cannot provide any reasoning to support individual decisions. The academic and private sectors are very active in developing solutions to the explainability issue, and this Leadership Brief introduces…

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, agile software development and digital transformation has meant that privileged accounts have become more numerous and…

Identity as a Service (IDaaS) is fast becoming the new face of Identity and Access Management (IAM) with several vendors now delivering cloud based IAM services to support the growth in cloud-based applications in the enterprise. Google’s Cloud Identity provides access to many popular cloud applications and offers some endpoint management features.

2019 already has been a challenging year in cybersecurity. There have (again) been many severe cyberattacks and breaches, and there is no hope that this might change in 2020. Cyberattacks will continue to increase in frequency and perhaps severity, and the cyber risks to hyperconnected businesses will continue to grow. With everything and everyone being connected, the attack surface is…

As organizations undergo Digital Transformation the business impact of cyber risks increases.  It is essential that organizations manage these risks.  There are several frameworks that organizations could adopt to help them to manage these risks, but they need guidance to choose which is right for them.  This report describes the main cyber risk management frameworks and…

5G is the next generation of cellular mobile communications. It will provide the capacity and connectivity required to industrialize IoT, Smart Cities and Smart Manufacturing. This report explains what it is and its likely impact on organizations and their security.

Success in Digital Finance is not a miracle, but a combination of having the right offerings and services, and delivering a seamless and modern digital experience to the customers. Digital Identities take a central role in such digital experience, from the identity verification and digital onboarding process to recurring authentication and efficient processes based on “electronic…

Enterprise Inspector is ESET’s Endpoint Detection & Response (EDR) solution. It currently runs on Windows with future plans to cover Linux, and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution also allows for pre-configured remediation actions to be executed when certain conditions are met.

The KuppingerCole Market Compass provides an overview of the product or service offerings in a specific market segment. This Market Compass covers Web Application Firewall (WAF) solutions that span the spectrum of on-premises, cloud, and hybrid IT delivery models.

PlainID Policy Manager aims to be the single source of truth for all entitlements, coarse- or fine-grained in your enterprise, controlling secure access  across  all identities, systems, and applications with the help of centrally managed business-focused policies.

With the rising complexity of IT environments and the many integration points to consider, PingAccess provides a flexible architecture that includes Web and API Access Management, whether on-premises or in the cloud. Combining PingFederate with PingAccess offers a complete Web Access Management solution.

There are several disciplines that contribute to the Artificial Intelligence field: Natural Language Processing, Machine Learning, Machine Reasoning, and others. This Leadership Brief addresses their varying maturity levels for enterprise use.

A growing number of organizations are adapting their products, processes and strategies to capitalize on the benefits of digital technology, but some high-profile Digital Transformation (DX) initiatives have failed despite heavy investments. This Advisory Note looks at some of the main reasons DX initiatives fail and provides recommendations for avoiding these common pitfalls to ensure DX…

This report provides selected Key Risk Indicators (KRI) for the area of Cyber security. These indicators are easy to measure and provide organizations with a quick overview of the relevant risks and how these are changing. The indicators can be combined into a risk scorecard which then can be used in IT management and corporate management. 

Cleafy is a real-time clientless application risk assessment, threat detection and prevention platform for online services in highly regulated industries. Providing protection against advanced targeted attacks for unmanaged endpoints, it can prevent payment fraud, transaction tampering, credential theft, and other risks.

Callsign is a provider of an identity platform that integrates consumer onboarding, authentication, and fraud management in a well-thought-out manner. In contrast to other solutions, all capabilities are tightly integrated. The platform uses AI/ML for risk analysis and supports passive and continuous authentication. It is feature-rich and easy to use, with flexible support for creating,…

Onegini provides a compelling no-code cloud-delivered solution for Consumer Identity and Access Management (CIAM) and B2B IAM. Onegini is headquartered in the Netherlands, is expanding across Europe, and has global ambitions. They have expertise in EU regulations such as GDPR, PSD2 and other industry-specific regulations. They are positioning their product as a CIAM solution for…

From January 1st, 2020, when the California Consumer Privacy Act (CCPA) came into force, the requirements for managing personal data have changed.  This report identifies six key actions that IT needs to take to prepare for compliance.

This report outlines 10 important trends and technologies in cybersecurity that KuppingerCole believes will shape security policies and solutions choice for organisations in the years ahead. 

The Healthcare sector faces the common challenges of all businesses today: digital transformation, cyber-security, and increasingly stringent regulations. But Healthcare also has unique challenges because clinical operations depend on continual access to customers’ most sensitive personal information and require life-or-death decisions on a daily basis. This environment demands…

When optimizing customer centricity and customer engagement, data is an important resource. To ensure an ideal customer experience, various challenges across the customer lifecycle must be solved. Informatica’s Customer 360 solution is designed to manage data across the entire customer lifecycle in a highly flexible way to meet various customer scenarios.

Apigee offers a comprehensive platform to support end-to-end API management at every stage of API lifecycle. From API design to publication, productization, and monetization to monitoring and securing live endpoints – everything is managed centrally across on-premises, cloud-based and hybrid environments.

Robotic Process Automation (RPA) is a type of automation technology with the potential to transform the way businesses operate by automating manual tasks within business processes by implementing (software) “robots” to perform these tasks instead of humans. This leadership brief looks at the most appropriate applications of RPA and the biggest potential business benefits.

As the market, technology, and regulation forces change, Oracle offers a comprehensive Identity Governance solution that can meet the ever evolving enterprise needs. Oracle Identity Governance (OIG) addresses compliance at scale within the more modern cloud environments.

The Microsoft Azure AI platform provides a comprehensive enterprise solution for designing and implementing customized AI solutions. The cloud and hybrid deployment options, modular AI services, and management tools make the platform a strong choice for an AI-on-demand solution.

Saviynt offers a comprehensive compliance-as-a-service platform providing Identity Governance and Management, Application Risk and Governance, Cloud Security, and Cloud PAM functionality. Designed to be deployed as a cloud, hybrid, or on-premise solution, the Saviynt Security Manager for Enterprise IGA helps customers demonstrate assured compliance using their access governance and risk…

AWS provides a comprehensive suite of services to monitor for threats, misconfigurations and compliance violations across its portfolio, with all security alerts aggregated, organized and prioritized within AWS Security Hub – an extensible cloud security and compliance management platform.

Robotic Process Automation (RPA) is one of the trending topics in today’s IT environments. RPA promises to automate manual tasks within business processes by implementing (software) “robots” that perform these tasks instead of humans. Such software robots must have a digital identity, and the access rights of these robots must be kept under control for enforcing the…

Rapid Detection & Response is F-Secure’s Endpoint Detection & Response (EDR) solution. It runs on Windows and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution also allows for pre-configured remediation actions to be executed when certain conditions are met and offers F-Secure expert…

Computing is continually getting leaner and becoming more like a utility as it moves increasingly further away from on-premise physical hardware by abstracting IT environments away from the underlying infrastructure. This trend towards NoOps computing that eliminates the need for operational teams to manage software and infrastructure has seen the introduction of Virtual Machines,…

Informatica Data Privacy Management is an AI-enhanced unified data security platform for identifying, analyzing, quantifying and mitigating risk related to sensitive data to enable businesses to get the most out of company data and digital transformation processes without exposing the enterprise to increased risk. Data Privacy Management includes tools to identify and monitor sensitive…

Expectations are changing for Identity and Access Management. Users demand control over their personal information, and enterprises need to fundamentally rethink their relationship to personal customer data in the wake of GDPR and CCPA. Self-Sovereign Identity (SSI) from the Sovrin Network allows enterprises to streamline their collection of identity information, sign-on options for…

Prioritizing cybersecurity portfolio expenditures can be a very complex process. At best, the investments should be as low as needed but high enough to be prepared for future attacks and data breaches. In order to invest sensibly, companies must be aware of the challenges and trends. This Leadership Brief describes a few top-level challenges and recommendations when planning your 2020…

Using artificial intelligence services in combination can offer heightened results, whether it be in accuracy, robustness, customization, or geographical spread. Distributed, decentralized AI is a dynamic research space that is rapidly producing enterprise solutions. However, there are a variety of methods, environmental drivers, and use cases associated with decentralized AI. This…

The relative success of FinTechFinTechs drives the conversation surrounding finance and emerging technologies, and their products are capturing the hearts and minds of consumers. But despite the disruptive reputation of AI, blockchain, and IoT, FinTechs are not competing in a dramatically different way than legacy financial institutions. FinTechs provide the same services, but choose to…

Artificial Intelligence (AI) applications in the legal industry already range from naissent to mature. However, the legal implications of such applications and trends in global regulation should be considered when assessing the suitability of any AI application. This leadership brief offers an overview of the current state of AI in the legal industry.

Digital identities are at the core of Digital Transformation, Information Security and Privacy, and therefore it has never been more important for enterprises to ensure they have the capability to manage identities effectively and efficiently in a rapidly changing business, regulatory and IT environment. This Advisory Note looks at the main trends and challenges to help businesses…

CCPA is the latest in a series of global privacy regulations. It comes with new requirements for dealing with personal data and is accompanied by severe penalties. Thus, businesses must take appropriate action to comply with CCPA. While handling consent and opt-outs are at the forefront, successful mitigation of risks starts with data-centric security – it is about understanding…

Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization's breadth of access control needs. The Axiomatics Policy Server (APS) makes available a suite of tools and services to manage an Attribute Based Access Control (ABAC) policy life-cycle efficiently both on-premises and in the cloud.

This Leadership Compass provides an overview of the market for API management and security solutions along with recommendations and guidance for finding the products which address your requirements in the most efficient way. We examine the complexity and breadth of the challenges to discover, monitor and secure all APIs within your enterprise and identify the vendors, their products,…

Digital Identities are at the heart of the Digital Transformation. Without the ability to unify identities and manage the access of everyone to everything  to every digital service effectively, transformation initiatives will fail. Business can’t afford to implement these capabilities on a per service basis – this will increase cost, slow down time-to-market and lead to…

Digital Transformation is ubiquitous. Creating new digital business services changes the way IAM needs to be done. Instead of managing existing applications, IAM has to provide identity services that can be consumed by digital services. Focus is shifting from modern UIs for managing existing applications to APIs that provide the identity services. Modern Identity Fabrics must serve both…

Blockchain identity solutions are developing into a viable segment in IAM. Because the market segment is still very heterogeneous and gaining maturity, selecting a vendor to provide blockchain ID solutions should be done with care. This KuppingerCole Buyer’s Compass will equip you with key criteria and questions to help select an appropriate vendor.

IBM Cloud Pak for Security is an innovative solution that can run in a variety of deployment models that supports security analytics and incident response for today’s complex, hybrid and multi-cloud environments. It provides a consolidated view on security and threat information across a range of sources from IBM and other vendors. It supports federated search across that data, plus…

Identity Automation’s RapidIdentity is an Identity and Access Management (IAM) solution that targets the specific requirements of healthcare organizations. Beyond delivering standard IAM capabilities, RapidIdentity helps healthcare organizations access a unified solution instead of relying on disparate point solutions. RapidIdentity’s cohesive suite of tools reduces…

When it comes to digital marketing, companies of all business sectors try to constantly improve customer experience (CX) and customer journeys. In many cases, there is a single focus on technological topics, such as machine learning or conversational interfaces. But, is technology the key to success? This leadership brief gives an overview of relevant topics regarding optimization of CX…

The IBM Decentralized Identityplatform is both an enterprise solution for individual companies and the foundation of a global decentralized identity ecosystem. IBM’s decentralized identity solution has prioritized interoperable protocols rooted in Hyperledger Indy and Aries to provide secure exchange of information. IBM’s decentralized identitysolution can help enterprises…

Privileged Access Management (PAM) ist einer der wichtigsten Bereiche des Risikomanagements und der Datensicherheit für jedes Unternehmen. Privilegierte Konten werden traditionell an Administratoren, aber auch weitere Benutzer innerhalb eines Unternehmens vergeben, um auf kritische Daten und Anwendungen zuzugreifen. Doch die sich ändernden Unternehmensabläufe und die…

An emerging market, IDaaS IGA is largely characterized by cloud-based delivery of Identity Provisioning and Access Governance capabilities for business irrespective of the application and service delivery models. Improved time-to-value proposition prioritizes adoption of IDaaS for traditional IGA use cases, helping IDaaS IGA to increasingly become the preferred choice of customers for IAM…

ForgeRock Access Management is a full-featured Identity and Access Management (IAM) system, and a primary component in their Identity Platform.  It provides numerous authentication options, an intelligent adaptive risk engine, identity federation, and advanced policy-based authorization capabilities.   ForgeRock supports open standards development, and that is reflected by…

With Business-to-Business (B2B) transformation comes digital initiatives to better connect B2B customer systems and supply chain services, and in doing so, Identity and Access Management (IAM) becomes a crucial consideration. IAM shares standard features that can be used in B2E or B2C use cases as well, but IAM in the B2B context has specific requirements that need to be addressed. B2B…

IAM has been one of the central security infrastructures for many years. The changing role and importance of digital identities leads to fundamental changes in IAM architectures. The challenges for a future proof IAM are complex, diverse and sometimes even conflicting. Organization demand for a blueprint to design and implement efficient and durable IAM architectures that meet current and…

IBM MaaS360 with Watson is an AI-enabled, cloud-based Unified Endpoint Management (UEM) platform designed to enable enterprises to manage and secure smartphones, tablets, laptops, desktops, wearables, and the Internet of Things (IoT). With an open platform for integration with existing apps and infrastructure, IBM MaaS360 is backed by around-the-clock customer support and services, and…

The KuppingerCole Leadership Compass provides an overview of vendors and their product or service offerings in a certain market segment.  This Leadership Compass focusses on Infrastructure as a Service (IaaS) from Cloud Service providers (CSP) with a global presence and with a specific focus on security and compliance.

Privileged Access Management (PAM) is one of the most important areas of risk management and data security in any organization. Privileged accounts have traditionally been given to administrators and other users within an organization to access critical data and applications. But, changing business practices and digital transformation has meant that privileges accounts have become more…

Data loss via Advanced Persistent Threats (APT), Insider Threat, and other vectors remains a top concern of businesses worldwide. EDR tools are becoming more widely used to help detect and remediate these kinds of threats. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments.…

Atos DirX Access is a mature solution for Access Management, covering the full range of targets from legacy web applications to modern SaaS services. It comes with comprehensive support for modern standards, including FIDO 2.0. A specific strength is the support for specific capabilities such as session state sharing across servers, Dynamic Authorization Management, or integrated User…

In the increasingly data-driven world today, it is essential to protect against unauthorized data access to prevent exposure and breaches, meet consumer expectations, and comply with the growing number of privacy regulations. PingDataGovernance provides the capabilities to control how data is accessed from data stores as well as giving data protection at the API layer.

Privileged Access Management (PAM) has evolved into a set of crucial technologies that addresses some of the most urgent areas of cybersecurity today against a backdrop of digital transformation. One Identity Safeguard Suite is a PAM solution that uses a modular approach across password management, session management and privilege account analytics.

From small businesses to large enterprises, organizations today require a solid foundation for their Identity and Access Management (IAM) services. These services are increasingly delivered as cloud services or IDaaS (Identity as a Service). Microsoft Azure Active Directory (Azure AD) provides Directory Services, Identity Federation, and Access Management from the cloud in a single…

The conversation on artificial intelligence and machine learning is still largely driven by hype. But concrete business benefits exist for narrow AI solutions, and it is time to separate hype from reality. This leadership brief identifies the characteristics of successful AI use cases, provides examples across multiple industries and business departments, and provides recommendations on…

Ransomware is an epidemic and continues to evolve. More than half of all companies and other organizations have been attacked with one form or ransomware or another. A multi-layered defense is the best strategy. Take steps now to reduce the likelihood of falling victim to it. Make sure you have good offline backups if you get hit. Don’t give up and pay the ransom.

Penetration Testing should be a key part of any business's assurance process, providing a level on independent testing that they are not wide open to hackers or other malicious actors; however, a penetration test is not a simple “off-the-shelf” test and needs careful design and planning.

NTDR products/services are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? We’ll look at what NTDR products do, reasons to consider NTDR, and some high-level evaluation criteria regarding NTDR products.

Privileged Access Management (PAM) is fast becoming one of the most important areas of Identity and Access Management (IAM). Privileged accounts are given to admins and other users within an organization to access critical data and applications. However, if these are not managed securely, SMBs can find themselves having accounts still open for people who have left or for people who no…

For many organizations, the adoption of cloud services has become a strategic imperative which includes moving security services to the cloud as well. Optimal IdM provides a comprehensive identity management solution that provides federation, single sign-on, and strong two-factor authentication all within a private cloud.

Curity AB delivers a software-based API-driven identity server for businesses that need help connecting identity infrastructure, digital services, and cloud applications. Their solution adheres to many identity standards, to promote interoperability and to make it easier for clients to deploy necessary new features while shielding users from complexity.

Devolutions provides a PAM solution targeted at SMB customers that provides a good baseline set of PAM capabilities and easy to deploy and operate. The solution comes with a password vault, account discovery capabilities, and strong remote access features. While some of the more advanced capabilities of the leading-edge PAM solutions are lacking, the product fits well to the target group…

Managing access to applications, systems and resources is a key task for any organization and the hybrid IT deployment model has made this even more complex.  One area of concern is managing administrative access – administration is an essential process, but the administrator accounts provide the keys to the kingdom. This report describes how AWS Control Tower helps to…

This report provides an overview of the market for Consumer Authentication products and services and provides you with a compass to help you to find the Consumer Authentication product or service that best meets your needs. We examine the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing Consumer Authentication solutions.

It’s time to consider a different way to manage and use identity information. We tend to deploy identity management suites and change our processes to suit. But this can constrain us and restrict our agility in deploying identity management services. Tremolo Security breaks the mold and asks us to focus on the task to be performed, and then to deploy an optimal solution.

The overwhelming majority of organizations now depend upon online services to support their business and this exposes them to cyber security risks. While most have security protection technologies in place few have a plan for how they would respond to a cyber incident. Today, the question is not if your organization will suffer a cyber incident but when - and this makes it essential to…

Blockchain technology – as the hype advertises – can be a value-adding solution for businesses and individuals. However, it is necessary to separate blockchain’s functionality from its fame before a firm can find an appropriate use case. This report deconstructs the main features that make blockchains unique from traditional database software and identify the ways that…

Oracle Data Safe is a cloud-based service that improves Oracle database security by identifying risky configuration, users and sensitive data, which allows customers to closely monitor user activities and ensure data protection and compliance for their cloud databases.

Identity & Access Governance ist ein Muss für jedes Unternehmen. Leider ist die Art und Weise, wie es heute gehandhabt wird, ineffizient und schwerfällig. Es ist an der Zeit, die Ansätze zu Identity & Access Governance zu überprüfen und schlanke Konzepte umzusetzen, die Unternehmen helfen, sich effizient an die Vorschriften zu halten und gleichzeitig…

Identity & Access Governance is a must for every business. Unfortunately, the way it is commonly done today is inefficient and cumbersome. It is latest time to review the approaches on Identity & Access Governance and implement lean concepts that help businesses to comply in an efficient manner, while also effectively mitigating business risks that derive from excessive…

Cryptocurrencies remain a speculative asset, but the launch of Facebook’s Libra could upset the status quo. There are many business opportunities which would stem from widespread adoption of cryptocurrencies, but also many challenges including data protection and tracking criminal activities. The relationship between government regulators, financial institutions, and…

The Revised Payment Service Directive (PSD2) Regulatory Technical Specifications (RTS) take effect this autumn across the EU. The directive will provide new benefits and rights for consumers, and create new business opportunities in the financial sector. However, new opportunities also imply new risks.

The way software is used today has clearly shifted towards "as-a-service". Classic on-premises applications are migrating more and more into the (managed) cloud and users are using hybrid scenarios from local and cloud applications on their devices. This Leadership Brief discusses top cyber threats—and shows how to overcome or manage them.

A technology-oriented approach to identity and access management (IAM) is becoming less important as identities become more diverse and access requirements grow. As a result, CISOs and IAM Security Officers are struggling to promote and develop the maturity of skills in the silos of technical identity management services. Adapting the structure of IAM organizations so that they are based…

With the increasing demand for more connectivity, Operational Technology (OT) organizations will need to become more interconnected with IT over time. The convergence of IT and OT is inevitable, so get started now on getting a grip on your OT Cybersecurity.

IT paradigms are under change. Containerized solutions, building on Microservice Architectures and exposing well-defined sets of APIs, are rapidly becoming the new normal. Such architectures provide clear benefits when used for IAM, allowing customers to shift from lengthy deployments of complex IAM tools to an agile deployment and operations approach, based on continuous innovation.…

Akamai’s Intelligent Edge Platform offers a broad range of access management, threat protection, and application security services that will support you in your journey to Zero Trust, making it safe, scalable and easy to manage – delivered entirely from the cloud.

When it comes to omni-channel and multi-device marketing and commerce, authentication is an important topic. The challenge is to achieve both security and the user experience as part of an integrated customer journey. UNIKEN REL-ID is a security platform that addresses that challenge across various channels, including mobile, web, voice, and chat.

A solution for managing secure access to online services, protected assets and sensitive data. Strong authentication, a broad spectrum of access management methods, sustainable maintenance processes of identities and authorization data form the basis for secure and auditable user access to applications.

Most organizations now have a hybrid IT environment with a cloud first approach to choosing new applications.  While this provides many benefits it also creates challenges around security and administration.  Managing identity and access in a consistent manner across all IT services, irrespective of how they are delivered, is key to meeting these challenges.  This report…

Today, most businesses are using hybrid IT, with a mix on-premises and cloud applications and services. And hybrid IT is here to stay, given that many of the legacy applications are hard and costly to migrate. Thus, Identity Services must work well for all these applications and the entire hybrid IT  infrastructure. While they increasingly run from the cloud, as IDaaS (Identity as a…

IDaaS IAM is a fast growing market, characterized by cloud-based delivery of access management capabilities for business irrespective of the application and service delivery models. The promise of improved time-to-value proposition is prioritizing adoption of IDaaS for B2B, B2E and B2C access management use-cases, helping IDaaS to dominate new IAM purchases globally. This report is an…

Digital technologies are now influencing and changing all areas within organizations. This is fundamentally reshaping the way communication takes place, how people work together and how value is delivered to customers. Ever-changing application and infrastructure architectures reflect the requirements of the evolving challenges that face companies, government agencies and educational…

Identity API Platforms expose APIs to capabilities ranging from IAM to Federation and more while supporting both the agile and DevOps paradigms that address the more complex IT environments seen today. This Leadership Compass will give you an overview and insights into the Identity API Platform market; providing you a compass to help you find the product that you need.

Organisationen oder Institutionen, die für die Öffentlichkeit wichtig sind, werden als Kritische Infrastrukturen (KRITIS = "Kritische Infrastrukturen") bezeichnet. Als solche unterliegen sie umfassenden und strengen Richtlinien, bestehend aus Gesetzen und Vorschriften. Ihr Ausfall oder ihre erhebliche Beeinträchtigung kann zu anhaltenden Versorgungsengpässen,…

Organizations or institutions that are essential for the public are called Critical Infrastructure (KRITIS = “Kritische Infrastrukturen”). As such, they are subject to comprehensive and strict legal regimes consisting of laws and regulations. Their failure or significant impairments result in sustained supply shortages, significant disruptions to public safety or other drastic…

Ensuring the continuity of IT services is an essential component of business continuity planning. Organizations typically use data protection solutions that take copies of the IT service data which can be used to restore the service when needed. Most organizations now have a hybrid IT environment with a cloud first approach to choosing new applications and data protection solutions need…

Service Layers delivers a comprehensive managed IAM solution, based on best-of-breed IAM products. The solution is well-architected, following modern concepts including DevOps, container-based deployments, and microservices architectures. It thus can be run and operated on various infrastructures. Service Layers provides full operations support across global regions. With this solutions,…

Registrierung und Authentifizierung sind die ersten Schritte, die erfolgen, wenn ein Nutzer Kunde digitaler Dienstleistungen werden möchte. Funktionieren diese Schritte nicht wie vom Nutzer erwartet, leidet die Akzeptanz solcher Dienste und damit ist der Erfolg digitaler Geschäftsstrategien in Gefahr. Identitäts-API-Plattformen helfen beim Aufbau von standardisierten…

A fast-growing market, IDaaS AM is largely characterized by cloud-based delivery of access management capabilities for business irrespective of the application and service delivery models. Improved time-to-value proposition prioritizes adoption of IDaaS for B2B, B2E and B2C access management use-cases, helping IDaaS AM to dominate new IAM purchases globally. This Leadership Compass…

Privileged Access Governance or PAG is fast becoming a crucial discipline of Privileged Access Management (PAM) to help organizations gain required visibility into the state of privileged access necessary to support the decision-making process and comply with regulations. Besides providing support for managing lifecycle events of privileged accounts, PAG includes privileged access…

Access reviews are considered important risk management controls in many organizations. They are intended to ensure that each user, process and system has always  only the minimum amount of access rights, which are necessary to perform associated tasks. In light of compliance, governance and the organizations's internal commitment to protecting itself from unwanted access, concepts…

TrustBuilder Identity Hub is the Identity and Acess Management (IAM) platform from TrustBuilder that enables a context-aware and policy-driven approach to deliver a secure and seamless application integration. Targetted mostly at B2B and B2E use-case requirements, TrustBuilder is building on additional features to address the consumer IAM requirements.

ESET Endpoint Security cover the widest variety of endpoint operating systems. This endpoint protection product consistently rates very highly in terms of detection in independent malware detection tests. The product also is one of the top-performing, lowest impact endpoint security agents available in the market today.

Registration and authentication are the first things that happen when someone becomes a user of digital business services. If these steps don’t work as the user wants, the acceptance of such services will suffer and the success of digital business strategies is at risk. Identity API Platforms help build a standardized approach for delivering unified identity services to businesses.…

Die heutigen SAP-Sicherheitsanforderungen gehen weit über die traditionellen Access Governance-Anforderungen an Benutzer, deren Zugriff und Rollen hinaus. akquinet bietet eine vollwertige Produktsuite für GRC (Governance, Risk & Compliance) und Sicherheit für SAP-Umgebungen. Die bereitgestellten Module decken ein breites Spektrum an Funktionen in dem sensiblen Bereich…

Today’s SAP security requirements go far beyond traditional Access Governance needs regarding users and their access and roles. AKQUINET offers a full-featured product suite for GRC (Governance, Risk & Compliance) and security for SAP environments. The provided modules cover a wide range of aspects in this sensitive area of SAP security and GRC.

Healthcare organizations deal with highly sensitive information. They face challenges in complying with ever-tightening regulations, combating ever-increasing cyber risks, and adapting to Digital Transformation. Comprehensive healthcare IAM, beyond pure SSO, helps Healthcare organizations to better cope with these challenges.

Xton Technologies provides an integrated PAM (Privileged Access Management) solution covering the key capabilities in this area such as managing credentials of sensitive and shared account, session management and remote control access. Xton focuses on efficient implementation of these capabilities and is an interesting alternative to established players in the PAM market.

There are several trends that continue to make the use of identity information for access control more complex. The prevalence of smartphones as the end-user client of choice, the increasing use of API channels needing access to corporate data and the increasingly complex hybrid cloud environment all serve to increase the complexity of managing authorized access to protected resources.…

Endpoint Detection & Response products are capturing a lot of mindshare in cybersecurity. But how do they differ from the more standard Endpoint Protection products? We’ll look at key features of each type of solution below.

Hacks against on-premises and cloud infrastructure happen every day. Corporate espionage is not just the stuff of spy novels. Unethical corporate competitors and even government intelligence agencies use hacking techniques to steal data. Reduce the risk of falling victim to hackers and industrial espionage by implementing the proper security tools in your cloud-based environments.

Radiflow SCADA Security Suite is a comprehensive set of hardware products, software solutions, and managed services offering risk-based insights into ICS/SCADA networks, intelligent detection of IT and OT-related cyberthreats, as well as proactive protection against any deviations from established security policies.

EDR products are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? If so, do you have the expertise in-house to properly deploy, operate, and get value out of it? We’ll look at reasons to consider EDR or EDR as a managed service below.

Kaspersky offers a full-featured Endpoint Security suite which includes one of the most advanced multi-mode anti-malware detection engines in the market, which is powered by their Global Research and Analysis Team (GreAT). Kaspersky’s endpoint security product covers a wide variety of endpoint operating systems, and usually rate very highly in independent malware detection tests.

The Revised Payment Service Directive (PSD2) promises to make the European Union (EU) cross-border transactions further transparent, faster and more secure while increasing competition and choice for consumers. To do so, Banks and other financial service providers must quickly make the necessary technical infrastructure changes to prepare for PSD2. The ForgeRock Identity Platform provides…

This Leadership Compass provides an overview of the market for database and big data security solutions along with guidance and recommendations for finding the sensitive data protection and governance products that best meet your requirements. We examine the broad range of technologies involved, vendor product and service functionality, relative market shares, and innovative approaches to…

Digital transformation and the need for business agility are creating an explosion in the volume, variety and velocity of identity data that enterprises have to manage efficiently. And now regulators have sharply increased the liability of enterprises for assuring that identity data is safeguarded, only accessed appropriately, and accurate. An integrated identity capability can be the key…

Osirium Opus is a specialized solution that focus on IT Process Automation for privileged tasks. It works standalone or in combination with other ITSM solutions such as Service Now. Opus allows for defining and managing granular tasks, that can be executed securely on the target systems. By doing so, the efficiency of service desks can increase significantly, while security risks are mitigated.

Application Programming Interfaces (API) have become a crucial factor in delivering operational efficiency, scalability, and profitability for most businesses. Nowadays, everything is API-enabled: corporate data is the product and APIs are the logistics of delivering it to customers and partners. Unfortunately, many organizations still lack competence in the field of API security and…

Identity Governance and Administration (IGA) is an important security and risk management discipline that builds the necessary foundation of any organization’s IT security portfolio. ideiio, a spun out from IAM systems integrator ProofID, is a new vendor in the IGA space offering IGA functions targeted at mid-market customers to meet their basic IGA requirements with minimal effort…

As the hype around Blockchain is slowing down, the market is moving into a phase of maturity, focusing on business cases where Blockchain technology delivers concrete value, in combination with other types of technologies. Blockchain ID and the related concept of Self Sovereign Identity (SSI) are gaining momentum, in areas such as KYC (Know Your Customer), Consumer Authentication, and…

Malware remains a global cybersecurity threat. This KuppingerCole Buyer’s Guide will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments. This document will prepare your organization to conduct RFIs and RFPs for endpoint protection.

The WALLIX Bastion is a single gateway-based solution for PAM offering advanced session management, password management and access management capabilities, with built-in controls for access request management. Offering Single Sign-On (SSO) to target systems, the WALLIX Bastion provides detailed session recording, auditing and monitoring capabilities in easy-to-configure and scale…

The FIDO® Alliance has released new authentication specifications that enhance security and privacy, standardize the authentication experience and underlying APIs, improve the usability, and extend the FIDO paradigm to more types of devices, platforms, and environments. With the publication of FIDO2 (comprised of FIDO’s CTAP and W3C’s WebAuthn specification), FIDO has more…

Darktrace Enterprise Immune System is a cyber-defense platform that utilizes a self-learning AI-based technology to detect, investigate and neutralize various cyber-threats in real time, across the whole corporate IT infrastructure, including physical and virtualized environments, industrial control networks, cloud infrastructures, and SaaS applications.

Consumer Identity is a fast-growing specialty solution. This KuppingerCole Buyer’s Guide will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments. This document will prepare your organization to conduct RFIs and RFPs for selecting the right CIAM solution for your organization.

BeyondTrust’s Produktportfolio bietet eine gut integrierte Privileged Access Management (PAM) Suite mit einer Reihe von Funktionen für die Erkennung und Minderung von Sicherheitsbedrohungen, die durch den Missbrauch von privilegierten Accounts und Zugriffsberechtigungen verursacht werden. BeyondTrust’s Password Safe stellt die branchenführenden Funktionen für…

With IT functions gradually shifting to the cloud, it is time to rethink the way  supporting infrastructure and platform services such as IGA (Identity Governance and Administration) are implemented. While solutions running on premises, but also supporting cloud services were the norm until now, running IGA as a service, with support for the hybrid reality of IT infrastructures…

Exostar Supplier Risk Management delivers advanced capabilities for identifying and managing risk and compliance with cybersecurity and other best practices and standards, along the entire supply chain. By building on the capabilities of the Exostar Platform as an industry collaboration network, it enables re-use of supplier representations and certifications with multiple buyers, thus…

Artificial Intelligence remains the hottest buzzword in almost every segment of the IT industry nowadays, and not without reason. The very idea of teaching a machine to mimic the way humans think (but much, much quicker) without the need to develop millions of complex rules sounds amazing: instead, machine learning models are simply trained by feeding them with large amounts of carefully…

One Identity Manager in combination with the cloud-based Starling Connect service delivers a broad range of integrations into both traditional and cloud-based SAP services. The integration capabilities count amongst the leading-edge solutions in IGA (Identity Governance and Administration) products.

Kleverware ist ein französisches Softwareunternehmen, das sich auf die Entwicklung einer schlanken Lösung für Identity & Access Governance (IAG) fokussiert hat. Kleverware IAG ermöglicht die schnelle Implementierung von Berechtigungsprüfungen und -berichten und kann auf einfache Weise Berechtigungsdaten in heterogenen, komplexen IT-Landschaften,…

BeyondTrust’s portfolio of products provides a well-integrated Privileged Access Management (PAM) suite with a range of capabilities for  detection and mitigation of security threats caused by  abuse of privileged accounts and access entitlements. BeyondTrust’s Password Safe delivers market-leading shared account password management and session management…

Ubisecure Identity Platform is an integrated consumer identity and access management suite for on-premise or cloud deployment. Ubisecure features strong federation capabilities, innovative standards support, and the ability to leverage some bank and national IDs. RapidLEI provides a way to manage organizational identity.  

Increased relevance of BigData and BI environments in supporting business decisions requires a broad set of data points to be collected throughout the lifetime of an application and users’ interaction with it. Security and risk management leaders must ensure that the risks emerging from the abundance and extensive use of this data are identified and that the right security and…

Artificial intelligence and machine learning are megatrends in marketing analytics and automation—it's often seen as the holy grail of digital marketing, as its possibilities seem to be endless. But are they? This leadership brief discusses typical limits and risks of ML-based marketing automation—and shows how to overcome or manage them.

Artificial intelligence and machine learning techniques are becoming more and more important for marketing. ML offers new possibilities to analyze customer data, enabling individual marketing measures to be delivered. Nevertheless, privacy is often a concern when it comes to ML. Furthermore, legislation based on GDPR has to be considered. This leadership brief gives an overview of the…

Artificial intelligence is becoming more and more important for various applications in almost all industrial sectors. This leadership brief gives a basic overview of the main principles of artificial intelligence (AI), with a strong focus on machine learning (ML). Typical use cases are illustrated based on some examples—with a marketing and identity management-oriented focus.

ManageEngine AD360 is a tool targeted at the in-depth management of Microsoft Active Directory and connected systems such as Microsoft Office 365. It comes with capabilities that go beyond pure entitlement, by adding authentication features, UBA (User Behavior Analytics), and even Single Sign-On to several cloud services. However, the core of the product is supporting an efficient,…

Consumer Identity and Access Management (CIAM) is a rapidly growing market that offers a better user experience for the consumer and new challenges for the organization. NRI Secure’s Uni-ID Libra provides the necessary components of a CIAM solution with a focus on the Japanese market.

With today's mounting regulations to protect sensitive customer data, organizations are faced with new requirements, challenges and compliance risks. BigID assist organizations with their data compliance requirements by helping them find, categorize and map their data at scale.

The Internet of Things (IoT) is an IT megatrend. Apart from offering new possibilities and experiences to its users, IoT is highly interesting for marketers as it offers new ways to communicate with consumers and customers, leading to new possibilities in terms of analytics and consumer engagement as well. But what about privacy when IoT comes into play? This Leadership Brief gives an…

Simeio offers a turnkey Identity and Access Management IDaaS solution for small-to-medium size businesses. IAM for SMB prioritizes ease-of-use for business owners and administrators as well as security. The solution provides comprehensive user management via workflows, which are accessible via mobile devices.

Identity Management solutions need to address the growing number of identities associated with applications and endpoints, as well as the ability to integrate with the diversity of application and service APIs. WSO2 Identity Server provides a comprehensive and flexible solution for the modern enterprise.

Verlässliche Kontrolle und Monitoring sensibler Informationen, die in öffentlichen Clouds und Kollaborationstools (Microsoft® SharePoint™, Office 365™) gespeichert sind durch Virtualisierung, Verschlüsselung und Datenfragmentierung. Sichere und benutzerfreundliche Zusammenarbeit an geschützten Dokumenten und transparente, datenzentrische Sicherheit…

A suite of fully managed encryption key and TLS certificate management services natively integrated with over 50 other AWS services to ensure data protection and regulatory compliance across the whole cloud footprints.

Securing and monitoring privileged access to cloud environments is a crucial security requirement, more so because privileged accounts are powerful, shared in nature and generally accessible from outside the organization. IAM leaders responsible for privileged access management (PAM) must evaluate their security requirements associated with administrative access to cloud platforms and…

Privileged Access Management (PAM), over the last few years, has evolved into a set of crucial technologies that addresses some of the most urgent areas of Cybersecurity today. Continuing the growth trajectory, the PAM market has entered a phase of consolidation characterized by increased price competition and an intensified battle for market share. This Leadership Compass provides a…

Digital Risk Protection as a Service. A combination of data loss protection, the securing of brands and reputation online and the reduction of the overall attack surface by identifying weaknesses in an organization’s infrastructure.

Amazon GuardDuty is a fully managed, simple, and affordable security monitoring and threat detection service that combines machine learning and anomaly detection to enable quick and uncomplicated identification of suspicious activities and malicious behavior across AWS cloud accounts and workloads.

Krontech offers an integrated Privileged Access Management (PAM) platform comprising of several technology modules targeted at specific PAM functions. With a simplified approach to PAM, Krontech offers a promising alternative to other new market entrants, owing to its faster deployment cycle and its technological advantage in securing database privileges.

Besides the fastest growing segment of Privileged Access Management (PAM) market, Endpoint Privilege Management (EPM) has become the most critical technology of PAM that has a direct impact on an organization’s security posture. Thycotic Privilege Manager is a market leading EPM product that provides endpoint threat protection for controlled desktop and server environments through a…

Kleverware is a French software company that is focused on delivering a lean, targeted solution for Identity & Access Governance (IAG). Their solution Kleverware IAG allows for rapidly implementing access reviews and entitlement reporting, and can easily collect and homogenize entitlement data across heterogeneous, complex IT landscapes, including SaaS services, business applications,…

Privilege Management is the set of critical cybersecurity controls that deal with the management of security risks associated with privileged access in an organization. Maintaining control over privileged users, extended privileges and shared accounts demands for a well-integrated solution, consisting of risk mitigation, well-defined processes und well-executed implementation.

Encryption, tokenization, and data masking are essential capabilities needed in today’s highly regulated environments. Protecting sensitive information requires these capabilities, beyond just network and file-level encryption. Vormetric Application Crypto Suite from Thales eSecurity provides an integrated, easy-to-use set of services covering the needs for such environments.

IDaaS is fast becoming the new face of Identity and Access Management (IAM) with several vendors now delivering cloud-based IAM services to support the whopping cloud uptake by the business. Ilantus Compact Identity is an entry level enterprise IDaaS offering targeted at SMB customers to jump start their IAM with minimal effort and investment.

Veracode Application Security Platform is a cloud-based application security testing platform providing unified insights into software security risks at every stage of the development lifecycle.

Windows endpoint protection from risky tasks and malicious files, through browser and application isolation within one-time disposable micro-virtual machines combined with user behavior monitoring and enhanced enterprise management capabilities.

KuppingerCole Maturity Level Matrixes for the major market segments within cyber security. These provide the foundation for rating the current state of your cyber security projects and programs.  

Organizations now commonly use multiple cloud services as well as on-premises IT. This KuppingerCole Architecture Blueprint provides a set of building blocks needed to design, implement and integrate security for the Hybrid Cloud.

Reliable control and monitoring of sensitive information stored in public clouds and collaboration tools (SharePoint, Office 365) through virtualization, encryption and fragmentation of data while enabling the safe and convenient cooperation with protected documents. Transparent, data-centric security for cloud, onpremises and hybrid storage environments.

This Leadership Compass provides insights to the leaders in innovation, product features, and market reach for Web Access Management and Identity Federation on-premises platforms. Your compass for finding the right path in the market.

Hitachi ID Privileged Access Manager (HIPAM) is a mature and feature-rich solution for Privileged Access Management (PAM). It covers all major areas of PAM and comes with sophisticated operational capabilities in the areas of service account management and real-time password synchronization. Organizations looking for enterprise-scale PAM solutions should consider HIPAM in their shortlists.

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe.  Banks and other financial service providers must quickly prepare for PSD2. ForgeRock Identity Platform provides strong customer authentication capabilities that can help businesses meet the technical challenges posed by PSD2.

Checkmarx Software Exposure Platform combines application security testing tools, managed services, and training in a single solution that enables developers to detect, prioritize and mitigate software-related risks at every stage of the development life cycle.    

As businesses embrace the Digital Transformation and become increasingly cloud-native, mobile and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide adequate visibility, threat protection, and scalability, nor can they offer convenience and…

comforte AG SecurDPS Enterprise is a highly scalable data protection platform that combines stateless tokenization technology and hardened fault-tolerant architecture to ensure security and compliance of sensitive data in mission-critical business applications.

SAP Customer Data Cloud provides a complete solution for Consumer Identity and Access Management.   Entirely cloud-based, SAP Customer Data Cloud delivers advanced customer identity, consent, profile management and marketing service functionality for enterprise customers.

SSH.COM PrivX is an innovative solution for privileged access to sessions running on hosts in the cloud and on premises. Based on short-lived certificates and a policy- and role-based, automated access control, it is targeted at agile IT environments such as DevOps environments.

Safe-T Software Defined Access delivers a software-based solution that provides data protection by controlling both access and usage of corporate data, services, and applications, protection is done by authenticating users prior to providing access. The solution supports a variety of use cases, including hybrid cloud deployments and access to cloud services such as Microsoft Office 365.…

Fraud reduction is a paramount concern in many industries today.  Finance, as well as healthcare and retail companies, are increasingly targeted by cybercriminals. New regulations in the financial industry are coming into force in many areas around the world. These regulations aim to improve security and reduce fraud. OneSpan Intelligent Adaptive Authentication provides strong and…

This report provides an overview of the market for Consumer Identity and Access Management and provides you with a compass to help you to find the Consumer Identity and Access Management product that best meets your needs.  We examine the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing CIAM solutions.

Securely authenticating users remains a difficult problem. VeriClouds offers an Identity Threat Protection Platform that can provide a useful additional level of assurance against the reuse of compromised credentials.  There are many approaches, products, and services around user authentication, however, the VeriClouds Identity Threat Protection Platform is unique in what it offers. 

AI is a generic term that covers a range of technologies. Today some of those technologies are sufficiently mature for commercial exploitation and some are not. This leadership brief describes the current state of AI technologies and recommends the areas where they can be applied today.

Identity Verification is the first step in the journey of the digital customer. From there, Authentication is the first thing to do when returning. Balancing security & convenience and creating a seamless experience for customers is essential to keeping customers happy and minimizing churn rates: Identity Assurance done correctly is an essential step towards success in digital business.

How do you ensure secure and compliant access to cloud services without losing the agility and cost benefits that these services provide? This report gives you an overview of the market for Cloud Access Security Brokers and a compass to help you to find the product that you need.

Marketing automation systems are key when it comes to digital or omni-channel marketing. This KuppingerCole Buyer’s Guide will provide you with questions to ask vendors, criteria to select your vendor and requirements for successful deployments. It will also prepare your organization to conduct RFIs and RFPs to select the right marketing automation solution – in line with GDPR…

Saviynt provides a comprehensive platform for Identity Lifecycle Governance and Administration combined with Application GRC, IaaS Governance, Data Governance, and Privileged User Governance. The solution is designed to be deployed as a cloud, hybrid or on-premise solution. The Saviynt Security Manager helps customers demonstrate compliance using their access governance and risk…

Any Self-Sovereign Identity platform must strike a balance between the individual and the organization that uses it. The Sphere Identity platform provides not only primary support for B2B, but also economic incentives for both individuals and organizations through ease of use, privacy, and rewards for the individual, and reduced compliance risk, easy customer onboarding and integration…

Organizations need a detailed yet carefully guided and defensible approach to evaluate Identity and Access Management Services (IDaaS). This document provides the required guidance and criteria necessary for evaluating IDaaS providers and supporting the request for proposal (RFP) processes. Security leaders are encouraged to use the criteria laid out in this research for IDaaS evaluation…

As IAM is continuing to evolve based on the growing list of IT security requirements, so is IBM Security Access Manager (ISAM). Not only does ISAM provide the essentials of access management and federation use cases, but it also provides Risk-Based Access Control and Mobile capabilities, as well as providing flexible deployment models.

ThreatMetrix, a LexisNexis Risk Solutions Company, is a global fraud, identity and authentication company, helping customers deliver a unified experience  across their digital customer journey.  Built on a platform  providing a unified, global customer digitial identity, ThreatMetrix enables businesses to prevent fraud, reduce friction, and streamline the customer…

AWS is the largest global provider of Cloud infrastructure with extensive capabilities to suit a wide range of customer requirements for cloud-based services. The AWS platform now provides easy-to-use facilities to allow customer to better leverage their identity management environment.

Securonix Cloud is a next-generation security intelligence platform that provides comprehensive security information and event management, as well as user and entity behavior analytics offered as a fully managed Security Operations Platform in the cloud.

Zscaler is the world’s largest multi-tenant distributed cloud security platform that delivers a broad range of services without any on-premises hardware or software agents, including cybersecurity, network transformation, public cloud connectivity, and secure access to on-premises and cloud services.

Die FSP Identity Governance & Administration Suite ORG ist eine Lösung zur Verwaltung des Identitäts- und Zugriffslebenszyklus und bedient somit den Markt für Identity Provisioning und Access Governance, gerade in stark regulierten Branchen. Ein besonderer Vorteil des Produkts ist die Kombination von rollenbasierter und richtlinienbasierter Zugriffssteuerung in einer…

While many businesses have solutions for managing and reviewing access at a coarse-grain, cross-system level in place as part of their Identity & Access Governance solutions, they lack an integrated approach for governing access to unstructured data. However, for mitigating access risks to that data, expanding the aperture of identity governance programs is mandatory. This whitepaper…

Backed by closer integration of Identity Provisioning and Access Governance capabilities, the IGA market continues to evolve and enters mainstream market adoption with most vendors providing mature capabilities around the core IGA functions. This Leadership Compass provides insights into the IGA market and presents an evaluation of vendors based on criteria important for successful IGA…

This report provides an overview of the market for Cloud-based Multi-Factor Authentication (MFA) solutions and provides you with a compass to help you to find the service that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing Cloud-based MFA solutions.

Mit dem im Juli 2018 final vorgelegten Dokument „Versicherungsaufsichtliche Anforderungen an die IT“ (VAIT) gibt die BaFin (Bundesanstalt für Finanzdienstleistungsaufsicht) Versicherungsunternehmen konkretere Vorgaben für die Umsetzung ihrer Geschäftsprozesse mittels IT an die Hand. Diese stellen Herausforderungen dar, denen in betroffenen Unternehmen…

GRC covers the areas of Governance, Risk and Compliance and this report refers to GRC in the context of delivering IT services to meet organizational goals.  GRC is concerned with setting objectives, policies and controls and monitoring performance against these.  This report provides an architecture for the successful implementation of GRC within an organization.

This report provides an overview of the market for on-premise Adaptive Authentication solutions and provides you with a compass to help you to find the product that best meets your needs.  We examine the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing on-premise Adaptive Authentication solutions.

Many changes are coming to Europe's financial landscape due to the Revised Payment Service Directive (PSD2). PSD2 will present new challenges to overcome, as well as potential benefits for Third Party Providers (TPPs) and consumers.  Account Information Service Providers (AISP) and Payment Initiation Service Providers (PISP) functions have historically been performed by banks;…

United Security Providers (USP) provides a web access management platform designed to provide a unified and efficient approach towards Web Application Firewall (WAF), Authentication, CIAM and Identity Federation capabilities for complex use cases and hybrid on-premises and cloud solutions.

With the continually evolving security requirements and challenges IT faces today, the capabilities of IAM must also advance to keep up. Evidian meets these modern IAM requirements by integrating Identity Governance and Administration, and Analytics & Intelligence into their IAM suite.

ObserveIT Insider Threat Management is a platform that combines the functionality of traditional User Behavior Analytics (UBA) and Data Loss Prevention (DLP) products in a lightweight and streamlined solution for detecting and mitigating various insider threats.

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe.  Banks and other financial service providers must quickly prepare for PSD2. RSA provides foundational technical capabilities in their SecurID, Adaptive Authentication, Web Threat Detection, and Archer products that can help businesses meet the…

Die Delphix Dynamic Data Platform ist eine integrierte Plattform für die Verwaltung, Absicherung und Replizierung von Daten in lokalen, cloudbasierten und Hybrid-Umgebungen. Sie kombiniert eine hochleistungsfähige Virtualisierung mit integriertem Data Masking und automatisierten Self-Service-Workflows. Auf diese Weise erhöht sie signifikant die Effizienz in Bezug auf Agile…

CA Technologies offers comprehensive Privileged Access Management (PAM) under CA Privileged Access Management Suite comprising of several modules bundled in a single product. The CA PAM solution blends well with CA’s popular IAM Suite to offer market leading PAM capabilities for large scale deployments requiring complex integrations and fine-grained command control.

A software platform designed to achieve a holistic assessment of an organization’s cybersecurity, compliance, risk and governance status by establishing risk governance, resilience and protection from cyber threats through the deployment of a standards-based risk governance framework.

ViewDS Cobalt is a cloud-architected identity platform flexible enough to support on-premises, cloud, and hybrid environments. With all aspects of the platform management fully accessible via APIs, Cobalt is uniquely positioned to support the automation and integration requirements of today’s modern IT environment.

Senrio Insight is an Industrial IoT cybersecurity platform utilizing passive nonintrusive network device discovery to provide visibility and analytics of industrial device behavior and rapid detection of abnormal activities.  

WidasConcepts offers a complete consumer identity and access management solution:  cidaas.  cidaas is developed and hosted in Germany. cidaas contains most standard and many innovative features, such IoT integration and consent management.  It is based on a micro-services architecture which enables continuous deployment of service enhancements.

Many organizations are using cloud services, but the use of these services is often poorly governed. Cloud Access Security Brokers (CASBs) provide functionality to discover the use of the cloud, to control which cloud services can be accessed and to protect the data held in these services. This report provides an up to date review of CipherCloud CASB+ which strongly matches…

Active Directory provides critical identify infrastructure for the enterprise. Semperis offers Active Directory change monitoring and forest recovery products. The Semperis DS-Protector product support change monitoring and rollback for a broad set of AD infrastructure objects.

1Kosmos BlockID is one of the first commercial implementations of a blockchain-based identity solution that works for both consumers and employees. It is well thought-out and implements the fundamental concepts of Self Sovereign Identity. It integrates well with existing identity and service providers. While there are still some challenges to solve, BlockID delivers on the promise of…

An ever-increasing number of devices, sensors and people are connected to the global internet and generate data.  The analysis of this data can help organizations to improve their effectiveness and make better decisions.  However, there are concerns over the trustworthiness of the data as well as the ethics of its use.  This report describes how good Information Stewardship…

MinerEye DataTracker is an AI-based application that identifies, classifies, and tracks unstructured information. It creates cluster of similar content across data sources and analyzes information about classified data in those clusters, to triggers applications such as DLP, IRM and Access control tools. It also provides deep insight into unstructured data based on sophisticated…

Cyber criminals regularly exploit vulnerabilities and poor practices around Microsoft Active Directory to obtain credentials that allow them to infiltrate organizational systems, cause damage and exfiltrate data.  This report describes StealthINTERCEPT, the real-time policy enforcement, change and access monitoring and Active Directory security component of the STEALTHbits’…

NRI Secure’s Uni-ID Libra is a relatively new entrant in the rapidly growing market for consumer identity management (CIAM). Focused for now completely on the Japanese market, the product emphasizes security, leveraging the company’s expertise in managed SOC services and security software. The near-term product roadmap includes enhanced consent management and support for FIDO…

Often, enterprise security is delivered as separate services such as Identity-as-aService (IDaaS), Enterprise Mobility Management (EMM) and Privileged Access Management (PAM). Centrify converges these market segments into a single platform to deliver the next generation of access management.

The Content Threat Removal Platform by Deep Secure operates at the network boundary, intercepts and analyzes incoming data, extracts only the useful business information while eliminating malicious content and then creates new, clean data for onward delivery. In this way, it defeats zero-day attacks and prevents covert data loss, all transparent to end users.

One Identity is one of the leading vendors in the field of IAM. With their recent acquisition of Balabit and the integration of their Privilege Management offerings into the Safeguard product portfolio, the company positions itself among the leaders in the Privilege Management market, delivering a comprehensive portfolio of Privilege Management capabilities.

RSA Identity Governance and Lifecycle is a complete solution for managing digital identities and their access, both inside and outside the enterprise. The RSA solution covers all aspects of governance from attestations to policy exceptions and identity lifecycle, from provisioning to entitlement assignment to access reconciliation to removal.

Delphix Dynamic Data Platform is an integrated platform for managing, securing and replicating data across on-premises, cloud and hybrid environments. Combining high-performance virtualization, integrated masking and automated self-service workflows, it significantly increases efficiency of agile development, data analytics, cloud migration, disaster recovery and other DataOps use cases.

Organizations now commonly use multiple cloud services as well as on premises IT. This KuppingerCole Buyer’s Guide focusses on IaaS services. It will provide you with questions to ask vendors, criteria to select your vendor, and the requirements for successful deployments. This report will prepare your organization to conduct RFIs and RFPs for IaaS as part of a Hybrid IT service…

Leaders in innovation, product features, and market reach for access governance & Intelligence. Delivering the capabilities for managing access entitlements, always knowing the state of these, and enforcing access and SoD policies across heterogeneous IT environments on premises and in the cloud. Your compass for finding the right path in the market.

Getting a grip on your data is a bigger challenge than ever before. While solutions for central IT environments such as SAP are quite established, a significant portion of critical data resides in unstructured data stores such as file servers or collaboration services. This includes PII (think “GDPR”), but also blueprints, financial data, and more. It is essential having tools…

Cayosoft Administrator is an integrated platform for management and automation of Active Directory and Office 365 environments, including hybrid deployments. The latest release adds new capabilities not available in native Microsoft tools, focusing on customers who have already completely moved to the cloud.

Onegini provides a compelling solution for Consumer Identity and Access Management (CIAM). Onegini is headquartered in Europe and has global ambitions. They have expertise in EU regulations such as GDPR and PSD2. They are positioning their product as a CIAM solution for financial, health care, and insurance industries with a strong mobile differentiator to enhance customer engagement.

The Internet of Things (IoT) has enormous potential to transform and benefit both consumers and industries, but along with it comes significant privacy and security implications. Addressing these challenges early on in an IoT project can go a long way to lowering potential security risks in the field.

Neue Regulierungen wie die Datenschutz-Grundverordnung (DSGVO) und die stetig wachsende Gefahr durch Cyber-Attacken führen zu einem hohen Druck auf Unternehmen. Es gibt aber auch Chancen, wenn man versteht, wo die wirklich wertvollen Daten liegen und sich darauf fokussiert, diese Daten im Unternehmen optimal zu nutzen und sie gezielt zu schützen, statt mit breitflächigen…

Well-designed IAM/IAG-architectures establish real-time visibility of all accounts of a person, thereby closing a formerly intrinsic security gap. Bridging between established governance silos within organizations enables full enforcement of Segregation of Duties rules for both business and privileged access. Thus, it substantially improves an organization's security posture.

Cyber-attacks often involve a complex process, including an insider threat element, which exploits compromised or illicit user credentials to gain access to data. StealthDEFEND is the real time file and data threat analytics component of the STEALTHbits’ Data Access Governance Suite. 

This report provides an executive summary of Oracle’s Database Security capabilities based on recently published KuppingerCole research. It covers both the company’s traditional database security solutions and the innovative Autonomous Database cloud platform.

In today’s modern digital environments, organizations need an IAM solution that can span the breadth of employees, consumers, and citizens. Pirean's Access: One provides a single point of access and control that can meet these need with support for secure mobility and flexible workflows.

Cleafy is an integrated real-time clientless threat detection and prevention platform for online services in highly regulated industries, providing protection against advanced targeted attacks for web applications and mobile apps.  

Radiant Logic’s federation suite evolves the directory to be a “single source of truth” about identity data in even the most complex hybrid enterprise. It provides an important building block at the center of an integrated identity management capability.

Most organizations today run in a hybrid IT environment. However, their IAM solutions have repeatedly been built for the traditional on-premises IT. IAM needs to become a service that supports the hybrid IT infrastructure organizations run today. This whitepaper describes the paradigm shift, the customer needs, and a solution to help businesses move forward in this hybrid IT environment.

ARCON offers a platform suite with multiple Privilege Management capabilities bundled in a single product offering. In addition to generic capabilities necessary for managing privileged access across a typical IT infrastructure, ARCON’s PAM suite offers distinct advantages to support the scalability and complexity requirements of large data centre deployments.

inWebo offers a cloud-based Two-Factor Authentication (2FA) solution, with some unique and proprietary authentication methods that can be less obtrusive and more user-friendly. The inWebo solution provides easy-to-deploy application plug-ins and SDKs for mobile authenticators.

With massive data breaches in the headlines and increased regulatory scrutiny of failures to implement effective cybersecurity controls, enterprise management of privileged user accounts has become a business imperative. This report provides an overview of Micro Focus’ NetIQ Privileged Account Manager.

The KuppingerCole Leadership Compass provides an overview of vendors and their product or service offerings in a certain market segment.  This Leadership Compass focusses on Infrastructure as a Service (IaaS) from Cloud Service providers (CSP) with a global presence and with a specific focus on security and compliance.

Identity and Access Management (IAM) for employees and partners is a foundational element in all digital environments today.  Consumer Identity and Access Management (CIAM) systems and services provide new technical capabilities for organizations to know their customers better.  Pirean’s solutions for IAM and CIAM can help companies deploy a single solution to meet both…

Microsoft Azure Information Protection creates a viable user experience for data classification and labeling of Office documents and emails. It enables sensitive data discovery; integrates data protection capabilities throughout Microsoft’s Azure, Office, and Windows environments; and is gaining third party support from Adobe and data leakage prevention (DLP) vendors among others.…

With today's ever-growing IT requirements for integrations between identity sources, applications and services whether on-premise, the cloud, or hybrid environments, an advanced identity provider service is required to bridge these disparate technologies. UNIFY Solutions overcomes these challenges with their Identity Broker.

The Revised Payment Service Directive (PSD2) mandates that banks provide APIs for Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) to use.

Chatbots are a recent trend in marketing automation, designed to enhance customers’ digital journeys and elicit more information from consumers. This report evaluates the impact of GDPR will have on the use of chatbots and provides an overview of topics to be considered in order to ensure compliance.

The cloud provides an alternative way of obtaining IT services that offers many benefits including increased flexibility as well as reduced cost.   This document provides an overview of the approach that enables an organization to securely and reliably use cloud services to achieve business objectives.

The Revised Payment Service Directive (PSD2) mandates thatservice providersevaluatetransaction requests for signs of malware infection. In order for transactions to be considered low-risk, there must be no signs of malware infection in any sessions of authentication events.

Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization's breadth of access control needs. The Axiomatics Policy Server (APS) makes available a suite of tools and services to manage an Attribute Based Access Control (ABAC) policy life-cycle efficiently.

On October 24, 2017, Imprivata significantly enhanced their healthcare-focused enterprise SSO offering with Identity Provisioning and Access Governance capabilities acquired from Caradigm. With that offering they are broadening their portfolio while remaining focused on the healthcare market segment.

Mit der neuen Datenschutz-Grundverordnung (GDPR) führt die EU strenge Kontrollen bezüglich der Verarbeitung personenbezogener Daten von EU-Bürgern sowie hohe Geldstrafen bei Nicht-Einhaltung eben dieser ein. Die Compliance der Grundverordnung erfordert kostenintensive Kontrollen, die sich mit den direkten geschäftlichen Vorteilen der Verarbeitung personenbezogener…

GDPR introduces stringent controls over the processing of PII relating to people resident in the EU with high penalties for non-compliance.  Compliance requires costly controls that can be justified for processing of PII with direct business benefits.  However, using PII for non-production purposes such as development and test, incur the same risks and need the same costly…

This report provides a review of the major security risks from the use of cloud services, how responsibility for security is divided between Cloud Service Provider and customer and the key controls that an organization should implement to manage these risks. 

This report is one of a series of documents around the use of cloud services.  It identifies how standards as well as, independent certifications and attestations can be used to assure the security and compliance of cloud services.

Fully integrated protection of virtual machines as part of the software defined data center. From capturing expected behavior to efficiently responding to detected threats: Intelligent endpoint security technology leveraging the insight, control and automation available within virtualized environments.

Identity and Access Management (IAM) is many things. For some it’s all about streamlining the user experience through technologies and practices that make it easier for them to securely logon. For others, IAM is all about identity lifecycle management – ensuring that accounts are set up, modified, and retired in a timely, accurate, and secure manner. And for still others…

This report provides an overview of the market for Enterprise Endpoint Security: Anti-Malware Solutions and provides you with a compass to help you to find the Anti-Malware product that best meets your needs.  We examine the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing Anti-Malware solutions for enterprises.

Die FSP Identity Governance & Administration Suite ist eine Lösung zur Verwaltung des Identitäts- und Zugriffslebenszyklus und bedient somit den Markt für Identity Provisioning und Access Governance, gerade in stark regulierten Branchen. Ein besonderer Vorteil des Produkts ist die Kombination von rollenbasierter und richtlinienbasierter Zugriffssteuerung in einer…

Oracle Autonomous Database is the world’s first fully automated cloud database platform powered by machine learning. By eliminating human factor from database management, it provides unprecedented security, reliability and performance for enterprise data management in the cloud.

RSA SecurID Access is an integrated offering for Adaptive Authentication, supporting a broad range of different authentication methods on virtually any type of endpoint and integration to a large range of on-premises applications and cloud services. It supports context-aware authentication and uses machine learning to assess user risk and simplify the user experience.

SAP HANA Platform securely supports the IT applications and services needed by organizations to achieve digital transformation as well as the traditional IT systems of record. It offers a high - performance database through in - memory processing and provides enterprise grade security features that cover  the  confi dentiality, integrity and availability of the data being held…

PowerBroker for Unix & Linux von BeyondTrust bietet Server Privilege Management und Session Management speziell für Unix- und Linux-Server. Solche Server sind häufig Angriffen sowohl von böswilligen Insidern als auch externen Hackern ausgesetzt. PowerBroker for Unix & Linux bietet umfassenden Schutz für privilegierte Accounts auf Unix- und Linux-Plattformen.

Many organizations are using cloud services, but the use of these services is often poorly governed. Cloud Access Security Brokers (CASBs) provide functionality to discover the use of the cloud, to control which cloud services can be accessed and to protect the data held in these services. This report provides an up to date review of Symantec CloudSOC™ which strongly matches…

Osirium’s Privileged Access Management provides a secure, streamlined way to monitor privileged users for all relevant systems. It manages context-driven access over any number of systems across an infrastructure, and supports an innovative, task-based approach. Furthermore, it comes with a well-thought-out gateway approach for supporting downstream applications.

An enterprise security architecture (ESA) is a critical component to an enterprise architecture (EA) that describes how IT services, processes, and technologies should be protected given a customer’s unique business, security, and compliance requirements.

Thycotic Privilege Manager is a tool focused on Least Privilege management and enforcement on endpoint systems, supporting both Windows and Mac systems. It provides application control and privilege management features to restrict the access and use of highly privileged accounts and thus minimize risks caused by cyberattacks and fraudulent users.

BeyondTrust’s PowerBroker for Unix & Linux delivers Server Privilege Management and Session Management specifically for Unix and Linux servers. These servers are common targets for attackers, both malicious insiders and external attackers. PowerBroker for Unix & Linux provides in-depth protection for privileged accounts on these platforms.

Ilantus IDaaS Next is an offering in the emerging market of IDaaS B2E, i.e. IDaaS offerings targeted at enterprise customers that must manage both SaaS services in the cloud and on-premise applications and who need more than just SSO capabilities. The service comes with some interesting features and a well-thought-out roadmap for further evolution.  

AlgoSec Security Management Suite ist eine hochautomatisierte und speziell für Unternehmen konzipierte integrierte Lösung zur Verwaltung von Netzwerksicherheitsrichtlinien und der Konnektivität von Geschäftsanwendungen für verschiedenste Geräte in heterogenen Umgebungen.

Duo Security provides a scalable multi-factor authentication solution that can support a small to enterprise-size user base. Duo Security focuses on reducing the complexity of user identity verification while monitoring the health of their devices before connecting them to the applications they use. Duo Security goes beyond 2FA with adaptive authentication, endpoint visibility, mobile…

ERPScan Smart Cybersecurity Platform for SAP is an Al-driven enterprise level solution for SAP that leverages machine learning. By addressing predictive, preventive, detective and responsive capabilities, and by leveraging vulnerability management, source code security and the analysis of Segregation of Duties (SoD) violations, it provides comprehensive security analytics covering all…

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe.  Banks and other financial service providers must quickly prepare for PSD2. Ergon’s Airlock Suite provides foundational technical capabilities that can help businesses meet the challenges posed by PSD2. 

Janrain provides a complete solution for Consumer Identity and Access Management (CIAM). Janrain is a pioneer in the field, creating the category of CIAM and developing the popular “ social login” authentication method .

AlgoSec Security Management Suite is a highly automated and business-focused integrated solution for managing network security policies and business application connectivity across a wide range of devices in heterogeneous environments.    

KuppingerCole Maturity Level Matrix for the degree of readiness for implementing EU GDPR (General Data Protection Regulation) requirements. Foundation for assessing the current status and identifying specific measures in your GDPR compliance projects and programs.

Securely governing access is increasingly important to ensure compliance as well as to defend against cyber-crime. STEALTHbits’ products provide a comprehensive set of solutions to address IT security risks covering Active Directory, Data Access Governance, Privileged Access Management, and Threat Detection.

Leaders in innovation, product features, and market reach for Identity Provisioning. Delivering the capabilities for managing accounts and entitlements across heterogeneous IT environments on premises and in the cloud. Your compass for finding the right path in the market.

Forum Sentry API Security Gateway is an integrated platform for API and service security, access management and legacy application modernization with a strong focus on “security by design”, certified encryption, and support for a broad range of Web Services, B2B, Mobile, Cloud and IoT APIs and other protocols.

ManageEngine, part of Zoho Corp., delivers a broad portfolio of solutions targeted at IT administrators. Among these, we find Password Manager Pro, a Privilege Management solution providing support for a variety of use cases such as Shared Account Password Management, Application-to-Application Privilege Management, or Session Management. The tool counts among the advanced, feature-rich…

Atos DirX Identity is a mature offering for IGA (Identity Governance and Administration), delivering both leading-edge Identity Provisioning capabilities and a strong Access Governance feature set. Atos has made significant improvements when it comes to the ease and flexibility of customization and added a modern, responsive user interface.

BeyondTrust’s PowerBroker product family provides a well-integrated solution with a broad range of capabilities for the mitigation of threats caused by the abuse or misuse of privileged system accounts and entitlements, on endpoints as well as server systems. With dedicated products for major system architectures, PowerBroker PAM delivers deep support for privilege management on…

Die DSGVO oder EU GDPR (General Data Protection Regulation), die ab dem 28. Mai 2018 voll wirksam ist, wird derzeit vor allem mit den Zustimmungsregeln zur Nutzung personenbezogener Daten (Consent) und den Rechten der Betroffenen wie beispielsweise dem „Recht auf Vergessen“ in Verbindung gebracht. Die DSGVO sieht aber auch den angemessenen Schutz von personenbezogenen Daten…

All organizations today are under constant attack, and high-privilege accounts are a primary target, allowing attackers to cause maximum damage by data theft and other attacks, due to their elevated privileges. While the number of external attacks continues to increase, internal attacks remain at a high level – perimeter security in itself does not protect sufficiently anymore.…

The upcoming EU GDPR will have significant impact on how business can collect PII of their customers and consumers. Business are well-advised to thoroughly review these changes and prepare. Managing consumer identities consistently across all apps, portals, and services is essential. Identity Platforms provide the foundation for moving to a consistent management of consumer identities and…

Securely authenticating users is a major problem given the increasing threats from cyber-crime. Entrust IdentityGuard for Enterprise provides a comprehensive solution for enterprises to select and manage the way in which organizational users are authenticated to access both physical and logical assets.

The ongoing task of maintaining cyber security and risk governance, while providing evidence and communicating efficiently with corporate stakeholders is getting increasingly more important for practically every organization. Understanding the risk posture and providing transparency while aligning cyber security efforts with corporate strategies is a major challenge. The current lack of…

Adaptive Authentication, or the practice of varying authentication methods based on runtime evaluation of risk factors, is a requirement for accessing applications, resources, devices, networks, and even cyber-physical systems.