Software Security

Webcast

Authentication & Authorization for the Microservices World

Microservices architectures, where applications comprise multiple loosely coupled components, which can be developed using different languages frameworks, and platforms, have become one of the most popular alternatives to traditional monolithic enterprise applications. Since these modules…

Whitepaper

Whitepaper: Airlock: Meeting PSD2 Challenges with Ergon Airlock Suite - 70328

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe.  Banks and other financial service providers must quickly prepare for PSD2. Ergon’s Airlock Suite provides foundational technical capabilities…

Blog

Administrative Security in Security Products

At KuppingerCole, cybersecurity and identity management product/service analysis are two of our specialties. As one might assume, one of the main functional areas in vendor products we examine in the course of our research is administrative security. There are many components that make up…

Executive View

Executive View: Forum Sentry API Security Gateway - 70930

Forum Sentry API Security Gateway is an integrated platform for API and service security, access management and legacy application modernization with a strong focus on “security by design”, certified encryption, and support for a broad range of Web Services, B2B, Mobile, Cloud…

Webinar

Dec 05, 2017: Authentication & Authorization for the Microservices World

As businesses are expanding their presence in the cloud, they are increasingly looking into innovative approaches towards software development and operations that allow them to bring their applications to the market faster, to make them more adaptable and scalable to the ever-changing…

Webcast

Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and…

Blog

The Cargo Cult of Cybersecurity

I’ve been working in IT my whole life and since I’ve joined KuppingerCole over ten years ago, cybersecurity has been my job. Needless to say, I like my job: even though we industry analysts are not directly involved in forensic investigations or cyberthreat mitigation, being…

Congress

May 15 - 18, 2018: European Identity & Cloud Conference 2018

Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 15-18, 2018, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought…

Conference

Nov 12 - 14, 2018: Cybersecurity Leadership Summit 2018 Europe

Cybersecurity is about humans, skills and knowledge. So is the Cybersecurity Leadership Summit in Berlin (#CSLS18). Discussing face-to-face with your peers about trends, hypes and evolving threats, getting trained in thinking the unthinkable to be better prepared for disaster, or even avoid…

Blog

IBM Moves Security to the Next Level – on the Mainframe

In a recent press release, IBM announced that they are moving security to a new level, with “pervasively encrypted data, all the time at any scale”. That sounded cool and, after talks with IBM, I must admit that it is cool. However, it is “only” on their IBM Z…

Blog

A Great Day for Information Security: Adobe Announces End-of-Life for Flash

Today, Adobe announced that Flash will go end-of-life. Without any doubt, this is great news from an Information Security perspective. Adobe Flash counted for a significant portion of the most severe exploits as, among others, F-Secure has analyzed. I also wrote about this topic back in 2012…

Webinar

Sep 28, 2017: Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices

In the Digital Transformation era, businesses must be more agile than ever to adapt to constantly changing technology and regulatory landscapes and to meet the newest customer-centric initiatives. Constantly bombarded with new business requirements, software development and DevOps teams are…

Webcast

How Advanced Identity and API Management Helps You Meeting the Security Challenges of Digital Transformation

The new business environment is increasingly reliant on web and open source applications, with external partners and customers accessing resources via web browsers and social media channels. Employees are also bringing consumer digital habits into the workplace and merging their home and…

Webcast

Denis Joannides - Empowering the Digital Insurers

In this session Denis explains how insurance companies such as Unive, AEGON, VGZ and many others leverage Consumer IAM (CIAM) and a secure API Architecture for Mobile Apps to actually transform to a digital Insurer. Denis discusses the importance of a secure infrastructure including…

Webcast

Architecting a Digital Strategy for PSD2 and Open Banking

PSD2 and the Open Banking Standard are regulatory mandates being applied to the banking industry by the European Banking Authority (EBA) and Competition & Markets Authority (CMA) across Europe and in the UK respectively. The regulations require that banks operating across the region…

Webinar

Jun 27, 2017: How Advanced Identity and API Management Helps You Meeting the Security Challenges of Digital Transformation

The new business environment is increasingly reliant on web and open source applications, with external partners and customers accessing resources via web browsers and social media channels.

Advisory Note

Advisory Note: Unifying RBAC and ABAC in a Dynamic Authorization Framework - 72611

Mastering authorization is critical for modern organizations  with multiple user constituencies, applications, and data types. Groups are necessary but not sufficient in complex environments. Roles are handy for adding manageability and assurance to coarse - or medium - grained …

Webinar

May 16, 2017: Architecting a Digital Strategy for PSD2 and Open Banking

PSD2 and the Open Banking Standard are regulatory mandates being applied to the banking industry by the European Banking Authority (EBA) and Competition & Markets Authority (CMA) across Europe and in the UK respectively. The regulations require that banks operating across the region expose…

Advisory Note

Advisory Note: Firewalls Are Dead - How to Build a Resilient, Defendable Network - 72163

The firewall is dead  – long live the firewall.... In today’s modern business the traditional firewall model, sitting at the corporate perimeter, has little value, and more often than not hinders business agility. In building a modern, resilient and defendable network the…

Press Release

Results from KuppingerCole Study: The Future of Banking - Innovation & Disruption in light of the revised European Payment Services Directive (PSD2)

Wiesbaden, March 02, 2017 – Today KuppingerCole Ltd., an international and independent analyst company with a strong focus on Information Security, Identity and Access Management as well as all areas concerning the Digital Transformation published the outcomes of their latest…

Leadership Brief

Leadership Brief: Securing PSD2 APIs - 72513

The Revised Payment Service Directive (PSD2) mandates that banks provide APIs for Account Information Service Providers (AISPs), Payment Initiation Service Providers (PISPs) and any Third Party Providers (TPPs) to use.

Executive View

Executive View: AWS Lambda - 72524

AWS Lambda is an event-driven serverless computing platform that completely abstracts the underlying cloud infrastructure to let developers focus on the core business functionality of their applications, providing transparent scalability and redundancy across multiple datacenters in the…

Executive View

Executive View: Microsoft Security Suite - 72541

A comprehensive approach to data protection – one that combines all aspects of computing infrastructure– rather than the point products that comprise many organization’s cybersecurity environment, is a decided plus, provided the overall goal is achieved.

Blog

Grizzly Steppe – What Every Organization Needs to Do

On December 29th, the FBI together with CERT finally released a Joint Analysis Report on the cyber-attacks on the US Democratic Party during the US presidential election.  Every organization, whether they are based in the US or not, would do well to read this report and to ensure that…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Discover KuppingerCole

KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Latest Insights

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Blog

Blog (Deutsch)

Stell Dir vor, es ist KRITIS und keiner geht hin

„Kritische Infrastrukturen (KRITIS) sind Organisationen oder Einrichtungen mit wichtiger Bedeutung für das staatliche Gemeinwesen, bei deren Ausfall oder Beeinträchtigung nachhaltig wirkende Versorgungsengpässe, erhebliche Störungen der öffentlichen Sicherheit oder andere dramatische Folgen eintreten würden“. Neun Sektoren und 29 Branchen gelten derzeit als kritische Infrastrukturen, darunter die Gesundheitsversorgung, Energieversorgung, der Verkehr [...]