Security

Blog

The Non-Zero Elements of Zero Trust

The ongoing SolarWinds incident illustrates that the much-lauded Zero Trust security paradigm is, in fact, based on trust. Zero Trust is about authenticating and authorizing every action within a computing environment. It is putting the principle of least privilege into action. In an ideal…

Blog

Attack Surface Reduction and XDR

Many if not most organizations have moved to a risk management model for cybersecurity and identity management. Priorities have shifted in two major ways over the last decade: decreasing attack surface sizes focusing on detection and response technologies instead of prevention only…

Blog

AWS – A new Vision for Hybrid IT?

Attending AWS re:Invent is always an exceptional experience and, despite it being virtual, this year was no different. As usual, there were the expected announcements of bigger better and faster services and components. AWS always shows a remarkable level of innovation with many more…

Webcast

Making Zero Trust Work With the NIST Framework

There’s lots of hype around Zero Trust Security in the context of our changing mobile and cloud-centric working environments. Moving towards a modern and agile Zero Trust security concept is essential in today's mobile first, work-securely-from-anywhere world.

Webcast

Entering the Virtual World With Identity Verification

The way consumers access products and services across sectors has changed forever as interactions move from physical to digital engagement. What started as a change born from convenience, is now a necessity and solidifying into a long-term behavioural shift. As consumers choose to access…

Blog

Putting Your First-Line Worker at the Center of Attention

Since the beginning of the Covid-19 crisis, the use of language in public life, in the press, and in everyday life has changed. Terms that were formerly confined to the circles directly affected by them are now much more common. For example, every informed and responsible citizen is now…

Blog

Ivanti’s Zero Trust Journey

Ivanti has completed its acquisition of MobileIron and Pulse Secure. Ivanti, headquartered in Salt Lake City, had its roots in desktop management (LANDESK), evolved into endpoint and patch management, and had added full IT asset, service, and workspace management, as well as IAM…

Webcast

Managing Azure AD – Regardless of How You Use It

Microsoft Azure Active Directory (Azure AD) has gained widespread adoption. Coming with Microsoft Azure Cloud as well as Microsoft 365 (i.e. Office 365), it appears in many organizations just because of decisions made outside of the IAM team.

Webcast

Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Executive View

Elastic Security

Elastic Security is a security platform built on top of the Elastic Stack. It combines security information and event management, threat hunting, endpoint security, and cloud monitoring to help analysts prevent, detect, and respond to cyber threats more efficiently.

Webcast

KuppingerCole Analyst Chat: The Project Road Towards Zero Trust - What to Do and Where to Start

This podcast has already looked at the Zero Trust concept as a challenging architectural paradigm for security and an important component of modern and future-oriented security architectures from various angles. This time Christopher and Matthias focus on a phased project approach towards…

Executive View

Cisco Zero Trust Security

Cisco’s approach towards Zero Trust combines several foundational access policy solutions for securing your workforce, workloads and workspace with a broad range of additional security products to ensure complete visibility, protection, and compliance throughout the whole enterprise.

Webcast

KuppingerCole Analyst Chat: What Keeps Organizations From Adopting Zero Trust

The Zero Trust concept comes with the promise to adequately secure our modern, hybrid IT world at any time and any place. Manufacturers, consultants and even analysts agree as rarely as they do that this changed architectural paradigm is an important component of modern and future-oriented…

Webcast

Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy…

Blog

We Are Detective: Data Scientists to the Rescue for Cybersecurity and Governance

If the line "We are detective" only reminds you of "guilty pleasure" radio songs from the 1980s, despite the fact that you are responsible for cybersecurity or compliance in your company, then you should read on. In any case, you probably should read on because this is a trend that is…

Webcast

KuppingerCole Analyst Chat: Privileged Access in an Agile World - PAM for DevOps

The PAM market continues to evolve and many organizations are adopting the DevOps paradigm where critical access and sensitive accounts are required in fast moving and agile environments. Paul Fisher meets Matthias for this episode and shares his research on PAM for DevOps. They talk about…

Executive View

Cherwell ITSM

Cherwell ITSM is a comprehensive IT Service Management application that can be installed on premise or in the cloud and is built on top of the Cherwell CORE platform – a  low-code, configuration file driven service management platform that enables rapid customization, automation,…

Webcast

Choosing the Right Fraud Reduction Intelligence Tool in a Digitally Evolving Economy

Fraud is a major cost to businesses worldwide and it is on the rise. In it’s 2019 annual report, the Internet Crime Complaint Center (IC3) put a specific focus on methods such as elder fraught, credit card fraud and confidence/romance fraud, emphasizing the growing occurrence of…

Webcast

Operationalizing Least Privilege

Striking the balance between enabling users and administrators to be productive whilst protecting your sensitive systems and data is becoming ever more challenging. Attackers are often one step ahead of organizations, and even those with the most comprehensive security systems and controls…

Webcast

Decoding Advanced Privileged Access Management for Digital Environments - A conversation with Paul Fisher and Anil Bhandari

Did you know that privileged accounts are a major source of data leaks? These powerful administrative accounts provide access to business-critical information stored in applications and servers. A single instance of privileged password abuse can bring down the entire IT infrastructure.…

Webcast

KuppingerCole Analyst Chat: SOAR - A North American Product Only?

John Tolbert has just taken a close look at the market for SOAR tools (Security Orchestration, Automation and Response) to prepare a Leadership Compass. This has just been published and this gives John and Matthias the opportunity to take a closer look at this market segment of security…

Executive View

Illusive Platform

Illusive Networks’ distributed deception platform is a highly scalable, intelligence-driven security solution that offers unprecedented visibility into corporate security posture from the attacker’s viewpoint and helps deal with cyberattacks before, during, and after they happen.

Advisory Note

The Role of APIs for Business

An Application Programming Interface (API) is an intermediary that allows two applications to talk to each other. Without APIs, the digital experiences consumers have grown accustomed to, such as booking a hotel room or in car navigation, would not be possible. In recent years, API…

Blog

The Evolution of Endpoint Security: Beyond Anti-Malware

15 to 20 years ago, a virus scanner – or let me call it Endpoint Protection – on your private or corporate computer was standard. Today, you must also have something like a virus scanner on your endpoint device. But in 2020, is it sufficient to detect viruses, worms,…

Webcast

Using Deception for Early and Efficient Threat Detection

Most organizations are benefiting from the scalability, flexibility, and convenience of modern cloud services and new, highly distributed hybrid corporate networks. Unfortunately, many have also learned the hard way that defense of these systems and the assets they contain continue to…

Executive View

IBM QRadar Advisor with Watson

QRadar Advisor with Watson integrates the QRadar Security Analytics Platform with Watson’s cognitive AI to perform fully automated forensic investigations of security incidents, dramatically improving analyst productivity and enabling quick response to cyberthreats.

Webcast

Interview on Privacy & Consent Management (Ian Evans, Managing Director at OneTrust)

KC Analyst Anne Bailey interviews Ian Evans, Managing Director at OneTrust, about privacy and consent management.

Leadership Compass

Security Orchestration Automation and Response (SOAR)

This report provides an overview of the SOAR market and provides you with a compass to help you to find the solution that best meets your needs. We examine the SOAR market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions.

Whitepaper

Privileged Access Management solutions for Agile, multi-cloud and DevOps environments

Privileged Access Management (PAM) is an important area of risk management and security for any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But changing business practices and upgrades to IT including cloud and…

Whitepaper

Protecting Intellectual Properties while enabling business agility with R&S®Trusted Gate by Rohde & Schwarz Cybersecurity

Many industries, specifically the ones that on one hand must collaborate and share information and on the other hand have to deal with highly sensitive information and state-run industrial espionage – such as e.g. Life Sciences, Pharma, or BioTech – must enable information…

Webcast

John Tolbert: Methodology

Webcast

Anne Bailey: Core Functionalities

Webcast

Anne Bailey: Market Overview

Webcast

John Tolbert: Topic Overview - Challenges and Trends

Webcast

KuppingerCole Analyst Chat: The European Cybersecurity Month - Ensuring Security Beyond Awareness

This analyst chat episode is the 50th and therefore a bit different. This time Matthias talks to two experienced analysts, Martin Kuppinger and Alexei Balaganski, about the ECSM, the European Cyber Security Month, which is to provide information and awareness on cyber security in October…

Whitepaper

Safeguarding Your Most Valuable Data: Five Key Criteria to Assess Cloud Provider Security

This whitepaper focuses on defining the key security-focused selection criteria to help your company choose a secure platform for current and future cloud projects.

Webcast

How to Hunt Threats Effectively With Network Detection & Response Solutions

The number of cyber-attacks globally continue to rise. Attacks are growing increasingly sophisticated. The tactics, techniques and procedures that were once only used by well-funded state actors are being commoditized by cybercriminals. State actors sometimes employ tools that were formerly…

Architecture Blueprint

Architecting your Security Operations Centre

A security operations centre (SOC) is a dedicated team, usually operating 24x365, to detect and respond to cybersecurity incidents within your organisation that potentially affect your people and systems. Architecting your SOC properly in terms of technology, processes, people and a close…

Blog

Cybersecurity Awareness – Are We Doing Enough?

It’s October and it means that we are having the European Cybersecurity Month again. ECSM is the European Union’s annual campaign dedicated to promoting cybersecurity among EU citizens and organizations. To be completely honest, I do not remember it being much of a thing in…

Webcast

Techniques for Securing Transactions With Identity Verification and Verifiable Claims

Consumer and Workforce identities are under assault. Cybercrime and fraud are pervasive problems that have only escalated during the pandemic. Even as the number of online and mobile transactions increases, businesses, government agencies, and other organizations are actively searching for…

Webcast

How Security and Identity Fabrics Work to Help Improve Security

Many organizations struggle or even fail because they overcomplicate the implementation and extension of their cybersecurity toolset. Most do not have a central approach on security, and often use a set of tools that are not well-integrated with each other.

Webcast

The Evolution of Encryption: Getting Ready for the Quantum Watershed

The relentless move towards the digital transformation seems unstoppable. Organizations must secure their trust and reputation in the face of increasing attacks, advances in technology, increased regulation and compliance, and the continued shift to the cloud and cloud services.…

Webcast

The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Webinar

Dec 15, 2020: Entering the Virtual World With Identity Verification

The way consumers access products and services across sectors has changed forever as interactions move from physical to digital engagement. What started as a change born from convenience, is now a necessity and solidifying into a long-term behavioural shift. As consumers choose to access…

Market Compass

Cloud Access Security Brokers

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers CASB (Cloud Access Security Broker) solutions that help to secure the organizational use of cloud services.

Webcast

Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow…

Webcast

Zugriffsschutz für sensible Daten – mit Data Access Governance und Identity Governance

Damit Sie besagte Vorschriften rechtzeitig erfüllen können, ist es notwendig, sensible Daten zu erkennen und zu klassifizieren, unabhängig davon, wo sie sich befinden. Vor einer Cloud-Migration müssen Sie die Kritikalität von Daten verstehen und definieren, welche…

Webinar

Nov 05, 2020: Choosing the Right Fraud Reduction Intelligence Tool in a Digitally Evolving Economy

Fraud is a major cost to businesses worldwide and it is on the rise. In it’s 2019 annual report, the Internet Crime Complaint Center (IC3) put a specific focus on methods such as elder fraught, credit card fraud and confidence/romance fraud, emphasizing the growing occurrence of intentional…

Executive View

R&S®Trusted Gate - Secure Glocalization by Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity offers reliable management of regulated and sensitive information to promote compliant collaboration and file sharing in unified SharePoint platforms for organizations spanning countries and regions with different laws and regulatory requirements. Rohde…

Webinar

Dec 02, 2020: Managing Azure AD – Regardless of How You Use It

Microsoft Azure Active Directory (Azure AD) has gained widespread adoption. Coming with Microsoft Azure Cloud as well as Microsoft 365 (i.e. Office 365), it appears in many organizations just because of decisions made outside of the IAM team.

Webinar

Nov 03, 2020: Decoding Advanced Privileged Access Management for Digital Environments - A conversation with Paul Fisher and Anil Bhandari

Did you know that privileged accounts are a major source of data leaks? These powerful administrative accounts provide access to business-critical information stored in applications and servers. A single instance of privileged password abuse can bring down the entire IT infrastructure.…

Blog

Data-Driven Decision Making for Identity Security

Symantec Enterprise: With more informed decisions comes more automated security. In today’s Zero Trust world, where the principle of least privilege is ubiquitous, enterprises are struggling to balance security while simultaneously enabling a highly agile business environment. There…

Webcast

KuppingerCole Analyst Chat: Meet the Citizen Developer

Alexei Balaganski and Matthias Reinwarth look at the citizen development movement and discuss the potential risks of letting business users create their applications without proper governance and security.

Webinar

Dec 16, 2020: Making Zero Trust Work With the NIST Framework

There’s lots of hype around Zero Trust Security in the context of our changing mobile and cloud-centric working environments. Moving towards a modern and agile Zero Trust security concept is essential in today's mobile first, work-securely-from-anywhere world.

Webcast

Die Demokratisierung der Cybersicherheit

Im Laufe der vergangenen Jahrzehnte haben Unternehmen vielen Anstrengungen auf sich genommen, um ihre IT-Sicherheit zu verbessern und so ihre Daten und Netzwerke zu schützen. Eine Konsequenz daraus wird immer deutlicher sichtbar: CISOs und ihre Teams müssen sich um eine (zu)…

Executive View

SAP Cloud Identity Access Governance

SAP Cloud Identity Access Governance (IAG) is the SaaS solution provided by SAP for managing access risks and SoD controls from the cloud, for both SaaS business applications and a range of on-premises services. It covers areas such as Access Analytics, Role Management, Access Requests,…

Webinar

Dec 01, 2020: Zero Trust for the Workforce

While the concept of zero-trust networking is nearly a decade old, the last few years have seen its popularity in industry discussions grow exponentially.

Blog

10 Use Cases for Universal Privilege Management

Even before COVID-19 entered our lexicon, privileged access management (PAM) was widely recognized as a foundational cybersecurity technology. In recent years, almost every cyberattack has involved compromised or misused privileges/privileged credentials. Most malware needs privileges to…

Webcast

KuppingerCole Analyst Chat: Privacy and Consent Management

Anne Bailey and Matthias Reinwarth discuss the findings of the recently published Leadership Compass on Privacy and Consent Management.

Executive View

ManageEngine Log360

Log360 from ManageEngine is a tightly integrated suite of log management and network security analytics tools. Complementing SIEM capabilities with EDR, DLP, and even SOAR functionality, it offers a convenient and affordable one-stop solution for security analytics and threat remediation…

Executive View

Radware Kubernetes WAF

Containerized microservices are gaining momentum in IT organizations today, requiring tools such as Kubernetes for automating the orchestration and management of those containers. The Radware Kubernetes WAF meets the unique requirements of the Kubernetes environment to protect its…

Leadership Compass

Privacy and Consent Management

This report provides an overview of the market for Privacy and Consent Management platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative…

Webcast

KuppingerCole Analyst Chat: NIST’s Zero Trust Architecture

John Tolbert and Matthias Reinwarth look at SP 800-207, the NIST special publication on Zero Trust architecture and discuss how it aligns with KuppingerCole's own vision of this topic (spoiler: it does align very well!)

Webinar

Oct 28, 2020: Using Deception for Early and Efficient Threat Detection

Most organizations are benefiting from the scalability, flexibility, and convenience of modern cloud services and new, highly distributed hybrid corporate networks. Unfortunately, many have also learned the hard way that defense of these systems and the assets they contain continue to remain…

Blog

AI-Powered Data for All – Informatica's Acquisition of GreenBay Technologies

Informatica has just announced that they have made another acquisition this summer: GreenBay Technologies, a startup focused on AI and machine learning. Read about their July 2020 acquisition here. GreenBay Technologies brings CloudMatcher to Informatica’s Intelligent Data Platform…

Executive View

One Identity Active Roles

One Identity Active Roles is a powerful tool for integrated management of both on-premises Microsoft Active Directory and Microsoft Azure Active Directory. It comes with strong support for managing Exchange Servers and Office 365, but also Identity Lifecycle Management that supports a range…

Blog

A Look at NIST’s Zero Trust Architecture

NIST, the US National Institute for Standards and Technology, recently released SP 800-207 Zero Trust Architecture. The NIST special publication examines the principles of and motivations for ZTA, as well as implementation considerations, security concerns, and suggestions for improvements…

Webcast

KuppingerCole Analyst Chat: Is Quantum Computing an Imminent Security Threat?

Alexei Balaganski and Matthias Reinwarth try to make sense of the current state of quantum computing and talk about the risks it poses for information security.

Webcast

KuppingerCole Analyst Chat: The Pros and Cons of Agentless Security

John Tolbert and Matthias Reinwarth discuss benefits and limitations of agentless security solutions.

Executive View

SailPoint Predictive Identity

SailPoint Predictive Identity est une plate-forme SaaS qui ajoute à l’IGA des capacités reposant sur l'IA . Cela concerne notamment l'analyse des risques d'accès, l'examen des droits d'accès avec des recommandations de validation ou de révocation et…

Webinar

Nov 04, 2020: Operationalizing Least Privilege

Striking the balance between enabling users and administrators to be productive whilst protecting your sensitive systems and data is becoming ever more challenging. Attackers are often one step ahead of organizations, and even those with the most comprehensive security systems and controls…

Executive View

SailPoint Predictive Identity

SailPoint Predictive Identity ist eine SaaS-Plattform, die IGA um KI-basierte Funktionen erweitert. Dazu gehören unter anderem die Analyse von Zugriffsrisiken, Empfehlungen für die Genehmigung oder den Widerruf von Berechtigungen während der Berechtigungsprüfung und die…

Webinar

Oct 07, 2020: Techniques for Securing Transactions With Identity Verification and Verifiable Claims

Consumer and Workforce identities are under assault. Cybercrime and fraud are pervasive problems that have only escalated during the pandemic. Even as the number of online and mobile transactions increases, businesses, government agencies, and other organizations are actively searching for…

Blog

GCP Trust, Security and Compliance

In their race towards digital transformation, organizations are using cloud services to accelerate the development of new apps and improve efficiency. They allow new applications to be rapidly developed, existing applications to be modernized and deployed without additional capital spend.…

Executive View

BioCatch

BioCatch is an innovative Fraud Reduction Intelligence Platform (FRIP). Their three-part solution in this space consists of Policy Manager, Case Manager, and Analyst Station, which are used by fraud analysts and operations teams to determine appropriate actions in response to indicators.…

Webcast

Four Key Components Critical to the Future of Privileged Access Management

Privileged Access Management (PAM) has assumed a critical role in protecting the most valuable data and services within organizations from theft, loss, and unauthorized access. But as companies and other organizations have become more complex and embrace digital transformation, PAM is also…

Webinar

Sep 28, 2020: The Role of Data-Centric Security in the Cloud

As modern businesses across all verticals continue their rapid digitalization, the need to store, process and exchange data securely is becoming an essential factor for any company. However, this is particularly challenging for high-tech companies dealing with highly-sensitive R&D data.

Blog

What Some Vendors Missed in MITRE ATT&CK Round Two and How to Fix the Gaps

MITRE recently published the detailed results of their second round of tests. This test pitted APT29 malware and methods against 21 cybersecurity vendors. The MITRE testing is an excellent benchmark for comprehensively exercising Endpoint Protection (EPP) and Endpoint Detection &…

Leadership Brief

Incident Response Management

The probability of becoming a victim of a data breach is now higher than ever. The hyperconnected world and the ever-increasing complexity of modern IT systems and processes pose new challenges for IT staff.  All organizations must invest in an Incident Response Management plan.…

Webcast

KuppingerCole Analyst Chat: Questions to Ask Your Cloud Provider About Security

Alexei Balaganski and Matthias Reinwarth discuss the security challenges for enterprises moving to the cloud and explain why security in the cloud is still your responsibility.

Webcast

KuppingerCole Analyst Chat: An Overview of Enterprise Information Protection

Anne Bailey and Matthias Reinwarth talk about the technologies that enable employees working remotely or from home access sensible corporate information from personal devices without compromises between productivity and security.

Webinar

Jan 14, 2021: Effective Endpoint Security With Automatic Detection and Response Solutions

The realization that cyber-attacks are inevitable has led the cybersecurity industry to shift some of its focus to detection and response rather than prevention in recent years. Therefore, the market for solutions designed to detect attacks on endpoints and respond accordingly has grown…

Leadership Brief

The Information Protection Life Cycle and Framework: Dispose

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and…

Webcast

We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by…

Webcast

Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional…

Webcast

KuppingerCole Analyst Chat: Vendor Consolidation in Cybersecurity

Matthias Reinwarth and Jonh Tolbert discuss the ongoing consolidation of the cybersecurity market and talk about its reasons and potential consequences.

Webcast

Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Blog

IBM Cloud for Financial Services

On July 22nd, 2020 IBM announced their IBM Cloud for Financial Services – what is this, why have IBM taken this step, and what does this announcement mean? Financial Services Compliance Challenges One recurring challenge for all organizations is complying with the ever-increasing…

Webinar

Nov 19, 2020: Privacy Compliance That Empowers Instead of Hinders

Protecting user privacy has become much more complicated as of late. Organizations must optimize consent rates while ensuring compliance with ever-changing global regulations and frameworks. They must look critically at their own processes to identify gaps or failures to meet privacy…

Blog

Oracle Delivers on Earlier Cloud Promises

Back in February (oh, how time flies! Just to think that it was right before the beginning of the COVID-19 pandemic…) I wrote a blog post looking at Oracle’s ambitious plans for developing its cloud strategy and expanding its worldwide…

Webinar

Sep 29, 2020: The Evolution of Encryption: Getting Ready for the Quantum Watershed

The relentless move towards the digital transformation seems unstoppable. Organizations must secure their trust and reputation in the face of increasing attacks, advances in technology, increased regulation and compliance, and the continued shift to the cloud and cloud services.…

Webcast

KuppingerCole Analyst Chat: A Cybersecurity Reference Architecture for Your Security Fabric

Christopher Schuetze and Matthias Reinwarth discuss a security architecture blueprint that implements the concept of Security Fabric.

Blog

The Latest Twitter “Hack” Raises Inconvenient Questions

It looks like the whole world is currently talking (at least, tweeting) about the latest large-scale Twitter hack. High profile accounts of the likes of Barack Obama, Joe Biden, Bill Gates, and Jeff Bezos, as well as companies like Apple or Uber, were suddenly promoting a cryptocurrency…

Webcast

Endpoint Protection Made Easy With Privilege Management

Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to…

Analyst Advice

Business Resilience Management (Crisis Roadmap for Beginners)

Business Resilience Management is key to business survival in the face of rapidly changing IT, cyber threat, and regulatory environments.

Webcast

KuppingerCole Analyst Chat: Consent Management Done Right

Graham Williamson and Matthias Reinwarth talk about consent: what does it mean for identity professionals, service providers or lawyers and how to reconcile all those different views in modern IAM environments.

Leadership Brief

Security Fabric: A Methodology for Architecting a Secure Future

Work from home, bring your own device, a professional cyber-crime industry, IoT & OT. We all have to face these challenges while fullfilling a zoo of endless requirements. It is complex to keep the overview and the flexibility in our IT security services and the used toolset. Setting up…

Webinar

Sep 10, 2020: Die Demokratisierung der Cybersicherheit

Im Laufe der vergangenen Jahrzehnte haben Unternehmen vielen Anstrengungen auf sich genommen, um ihre IT-Sicherheit zu verbessern und so ihre Daten und Netzwerke zu schützen. Eine Konsequenz daraus wird immer deutlicher sichtbar: CISOs und ihre Teams müssen sich um eine (zu) große Zahl an…

Webinar

Sep 16, 2020: Zugriffsschutz für sensible Daten – mit Data Access Governance und Identity Governance

Ein Großteil der geschäftlichen Dokumente in Unternehmen ist in Dateiordnern auf Microsoft SharePoint, Box, Dropbox und Google Drive gespeichert. Da ist es keine Überraschung, dass diese Daten zu den neuen Zielen von Hackern geworden sind. Mit zunehmenden Compliance-Anforderungen wie DSGVO,…

Webcast

KuppingerCole Analyst Chat: A Holistic View of Cybersecurity - Introducing the Security Fabric

Christopher Schuetze and Matthias Reinwarth introduce Security Fabric - a new architectural approach towards cybersecurity with the goal to achieve consistent and fully managed security across the whole corporate IT.

Webcast

KuppingerCole Analyst Chat: NDR - Network (Threat) Detection and Response

John Tolbert and Matthias Reinwarth talk about network detection and response solutions: what are the threats they are looking for and how they complement endpoint protection tools to ensure consistent protection against advanced attacks.

Webcast

Identity Für Alle – Nicht Nur Für Wenige: Identity Management Für Den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den…

Blog

Elements of a Disaster Operations Plan

If anyone in any organization was in any doubt about the importance of having a Disaster Operations Plan, that has surely changed since the outbreak of the Covid-19 pandemic. Some organizations have coped better than others, but every organization should either be working on developing a…

Blog

Cloud Security Posture Management Tools – What They Are and Why You Need One

Many security product vendors are now offering CSPM (Cloud Security Posture Management) as part of their portfolio - so what is CSPM and why might you need it?  In their race towards digital transformation, organizations are using cloud services to accelerate the development of new…

Webcast

KuppingerCole Analyst Chat: The Cargo Cult of Cybersecurity

Matthias Reinwarth and Alexei Balaganski talk about the reasons many companies are still failing to protect themselves from cyberattacks and data breaches even after spending so much on security tools.

Webcast

Minimizing Security Impacts of a Growing Remote Workforce

Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees. However, an expanding remote workforce can significantly increase the attack surface and have changed the threat model of the…

Blog

Security Fabric: Investing in the Right Architecture for a Secure Future

Modern and hybrid operating models, Software-as-a-Service, regulatory requirements, working from home, various types of internal and external users, and the phenomenon of BYOD (bring your own device) are challenges we have to face today. Such challenges are constantly emerging, which demands…

Webinar

Jul 23, 2020: Remote Work and IAM – A Unique Opportunity for Security Leaders

Nowadays, Identity and Access Management (IAM) is undeniably the first line of defense for organizations worldwide. It enables employees to securely access applications while enhancing control and transparency. But IAM is also on the change. It is already more than just the traditional…

Webinar

Sep 30, 2020: How Security and Identity Fabrics Work to Help Improve Security

Many organizations struggle or even fail because they overcomplicate the implementation and extension of their cybersecurity toolset. Most do not have a central approach on security, and often use a set of tools that are not well-integrated with each other.

Webinar

Sep 22, 2020: Information Protection in Cloud Services

Today’s economy is clearly driven by data. The most successful companies are those that can use this data to create useful information that enables them to get closer to their customers, to create new products and be more efficient. Cloud services are a key enabler in this, they allow the…

Webcast

KuppingerCole Analyst Chat: When is a Security Product not a Security Product?

Matthias Reinwarth and John Tolbert talk about profound implications of security products not having their administrative interfaces sufficiently secured with technologies like multi-factor authentication.

Webcast

Gain a Unified Business View With Enterprise Identity Management

Identity Governance and Administration (IGA) is continuing to evolve through more integrated Identity and Access Governance solutions. IGA products are often required to give deep integrations with other enterprise products and applications to deliver the expected business value, as well as…

Webinar

Jul 22, 2020: Security Fabric: Building a Secure Future With a Flexible IT Architecture

IT security is of central importance to companies. There are many requirements that must be met so that users with different roles and rights can use the various computers and networks securely and efficiently.

Leadership Compass

Leadership Compass: Network Detection and Response - 80126

This report provides an overview of the market for Network Detection and Response tools (NDR) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative…

Webinar

Jul 28, 2020: We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by…

Webcast

KuppingerCole Analyst Chat: Identity Vetting - Dealing With the Wave of Fraud During the Pandemic

Matthias Reinwarth and John Tolbert discuss the latest "innovations" fraudsters are using during the pandemic crisis and the methods to mitigate them.

Leadership Compass

Leadership Compass: Unified Endpoint Management (UEM) - 70314

This report provides an overview of the market for Unified Endpoint Management (UEM) and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to…

Webcast

Cybersecurity Investment Priorities - Set Your Focus Right

Leadership Brief

Leadership Brief: The Information Protection Life Cycle and Framework: Monitor and Detect - 80374

The modern economy is driven by information. Digital Transformation is made possible by information. But most forms of information must be protected to create and maintain value. The Information Protection Life Cycle and Framework provides concepts to organize the discovery, protection, and…

Webcast

KuppingerCole Analyst Chat: Zero Trust from the Cloud

Matthias Reinwarth and Alexei Balaganski look at the potential alternatives to VPNs and security gateways.

Webcast

KuppingerCole Analyst Chat: How to Avoid Becoming a Phishing Victim During the Pandemic

Matthias Reinwarth and Martin Kuppinger explain how to protect your users from phishing attacks when they're all working from home... Learn more about how to continue successful business with Senior Analyst Warwick Ashford's Analyst Advice on Business Resilience Management .

Blog

Cybersecurity Investment Priorities - Portfolio Optimization

Webcast

Protect, Detect, Respond, Mitigate: A Modern Security Paradigm for Modern Enterprises

The traditional approach forces enterprises to deploy multiple additional security solutions – EPP, EDR or NDR among them – to try and close remaining gaps, leading to even higher strain on security analysts. Facing response times of hours if not days, companies turn to managed…

Webcast

Cybersecurity Investment Priorities - Portfolio Optimization

Blog

KuppingerCole Analyst Chat: Enterprise Databases in the Cloud

Matthias Reinwarth and Alexei Balaganski talk about making the right choice of a database engine to power your next cloud project.

Webinar

Jul 15, 2020: Endpoint Protection Made Easy With Privilege Management

Endpoint detection and response (EDR) solutions monitor endpoint and network events and record the information in a central database. There, the information is subjected to further analysis, detection, investigation, reporting, and alerting. While EDR solutions may be a good start to protect…

Blog

The New Normal Post Covid-19

As soon as national lockdowns began to limit the spread of Covid-19 it was clear that the world would never be the same again, and last week’s Microsoft Build conference has highlighted what some of those changes will be, starting with the event itself being fully virtual for the first…

Webcast

KuppingerCole Analyst Chat: Enterprise Databases in the Cloud

Matthias Reinwarth and Alexei Balaganski talk about making the right choice of a database engine to power your next cloud project.

Market Compass

Market Compass: Cloud Backup and Disaster Recovery - 71176

The KuppingerCole Market Compass provides an overview of the product or service offerings in a certain market segment.  This Market Compass covers solutions that provide backup, restore and disaster recovery of IT service data into the cloud in the context of the hybrid IT service…

Blog

KuppingerCole Analyst Chat: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Webcast

KuppingerCole Analyst Chat: Zero Trust as a Concept for … Trust and Security

Matthias Reinwarth and Martin Kuppinger dispel a few myths about Zero Trust.

Blog

Microsoft Adding New Capabilities to Azure Active Directory

Over the past years, Microsoft has spent significant effort to make Azure Active Directory (Azure AD) the central platform for identities in Microsoft environments and beyond. Microsoft now announced several new capabilities that help to support further use cases. New features in Azure AD…

Executive View

Executive View: SentinelOne Singularity Platform - 80139

Die integrierte Sicherheitsplattform von SentinelOne kombiniert Präventions-, Erkennungs-, Analyse- und Mitigierungsfunktionen mit dem autonomen KI-Agenten und ermöglicht so tiefe Einblicke und konsistenten Schutz für On-Premises-Endgeräte, virtualisierte Umgebungen und…

Executive View

Executive View: SentinelOne Singularity Platform - 80139

SentinelOne’s integrated security platform combines prevention, detection, analysis, and mitigation capabilities with the autonomous AI agent to enable deep visibility and consistent endpoint security across on-premises devices, virtualized environments and cloud workloads.

Blog

KuppingerCole Analyst Chat: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Webcast

KuppingerCole Analyst Chat: The Alphabet Soup of Security Analytics

Matthias Reinwarth and Alexei Balaganski discuss the plethora of acronyms for security analytics solutions: from SOC and SIEM to UEBA and SOAR.

Webcast

KuppingerCole Analyst Chat: Cybersecurity Portfolio Optimization

Matthias Reinwarth and Christopher Schütze talk about how to efficiently identify and rate your investments into Cybersecurity. Free Analyst Advice: Business Resilience Management (Crisis Roadmap for Beginners)

Executive View

Executive View: Symantec Privileged Access Manager - 80331

Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged access in organizations and companies. This report describes how Symantec Privileged Access Management meets these challenges.

Blog

3 Steps to Improve Your Cybersecurity with Enterprise Risk Management

If you start considering the topic of cybersecurity in your company, you’ll quickly realize that there are many facets. In traditional companies, IT has grown in parallel to meet the requirements in digitization and production in a timely manner. These traditional companies and their…

Webinar

Jul 02, 2020: Identity für Alle – nicht nur für Wenige: Identity Management für den Mittelstand

Die digitale Transformation ist eine globale Herausforderung für Unternehmen jeder Größe. Im Gegensatz zu großen Konzernen fehlt es kleinen und mittelständischen Unternehmen aber oft an Fachpersonal und finanziellen Ressourcen, um Transformationsprozessen und den notwendigen technischen…

Webcast

Beating Fraudsters at Their Own Game With Fraud Reduction Intelligence Platforms

Fraud continues to be a major challenge for many organizations today. Industries such as finance, banks, payments, insurance, gaming, telecommunications, health care, etc. are dealing with increasing amounts of fraud and escalating sophistication of attacks. Account Takeovers (ATOs),…

Blog

Why BCM/BCRM and Cybersecurity Must Converge

Webcast

Why BCM/BCRM and Cybersecurity Must Converge

Webinar

Jun 25, 2020: Minimizing Security Impacts of a Growing Remote Workforce

Many organisations are implementing remote working policies and need to quickly support an unprecedented increase in the number of remote employees.

Webinar

Jun 17, 2020: Gain a Unified Business View With Enterprise Identity Management

Identity Governance and Administration (IGA) is continuing to evolve through more integrated Identity and Access Governance solutions. IGA products are often required to give deep integrations with other enterprise products and applications to deliver the expected business value, as well as…

Blog

KuppingerCole Analyst Chat: Incident Response Management

Christopher Schütze and Matthias Reinwarth explain the importance of having an incident response plan.

Blog

KuppingerCole Analyst Chat: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Webcast

KuppingerCole Analyst Chat: How to Ensure Your Video Conference’s Security

Matthias Reinwarth and Martin Kuppinger discuss the measures necessary for securing your favorite online communication platform.

Blog

IBM Cloud Satellite Announcements

The idea behind cloud computing used to be simple – let the cloud service provider provide and manage the IT services and infrastructure while you get on with your business. However, reality got in the way and cloud computing has become yet another dimension in the complex web of IT…

Webinar

Aug 04, 2020: Four Key Components Critical to the Future of Privileged Access Management

Privileged Access Management (PAM) has assumed a critical role in protecting the most valuable data and services within organizations from theft, loss, and unauthorized access. But as companies and other organizations have become more complex and embrace digital transformation, PAM is also…

Blog

Microservices in Identity and Access Management

Webcast

Microservices in Identity and Access Management

Executive View

Executive View: SailPoint Predictive Identity - 80124

SailPoint Predictive Identity is a SaaS platform that adds AI-based capabilities to IGA. These include analysis of access risks, recommendations for approving or revoking entitlements during access review, and automated optimization of access models, amongst others. The solution provides…

Blog

KuppingerCole Analyst Chat: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Webcast

Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their…

Webcast

KuppingerCole Analyst Chat: The Dark Side of the API Economy

Matthias Reinwarth and Alexei Balaganski discuss the challenges of explosive API growth without proper security controls in place.

Webcast

The Security & Identity Challenges of Modern IT: Agile IT & DevOps Done Right & Secure

Security and identity must evolve in order to support today’s IT. While traditional IT appears being rather simple to secure, current security risks necessitate a greater degree of agility: shifting to DevOps paradigms, implementing a CI/CD chain, running services in hybrid cloud…

Blog

Security Should Not Become a "Business Disabler"

Webcast

Security Should Not Become a "Business Disabler"

Blog

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here... You can watch his speech in English or in German below.

Blog

KuppingerCole Analyst Chat: Fraud Reduction Intelligence Platforms

Matthias Reinwarth and John Tolbert explain the meaning behind the term and talk about various factors that help identify fraudulent transactions in different industries.

Webcast

CoronaApp: Time to Act Now, Not to Talk

Kuppingercole's Principal Analyst Martin Kuppinger gives his opinion on problems and arguments surrounding various apps for tracking the spread of the virus. And privacy is not the biggest challenge here...

Webcast

KuppingerCole Analyst Chat: Fraud Reduction Intelligence Platforms

Matthias Reinwarth and John Tolbert explain the meaning behind the term and talk about various factors that help identify fraudulent transactions in different industries.

Blog

Cybersecurity of Tomorrow: Delivered Entirely From the Cloud

As businesses embrace the Digital Transformation and become increasingly cloud-native, mobile and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide…

Blog

Sind die BSI Richtlinien für Gesundheitsanwendungen richtig und ausreichend?

Nie war Digital Healthcare so wichtig wie heute, in Zeiten von COVID-19. Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat eine Richtlinie für sichere Anwendungen im Gesundheitswesen vorgestellt. Richtig und wichtig, auch Security by Design und Privacy by Design…

Blog

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Webcast

Zero Trust Paradigm for the Future of Security

Martin Kuppinger explains the meaning behind the popular buzzword.

Blog

KuppingerCole Analyst Chat: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Webcast

KuppingerCole Analyst Chat: Five Key Topics for Cybersecurity

Matthias Reinwarth and Martin Kuppinger identify the key topics for cybersecurity in the times of crisis. Get a complete overview on Business Resilience Management for free and read the Analyst Advice from Senior Analyst Warwick Ashford!

Blog

KuppingerCole Analyst Chat: Beyond Prevention - the Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Webinar

May 13, 2020: Beating Fraudsters at Their Own Game With Fraud Reduction Intelligence Platforms

Fraud continues to be a major challenge for many organizations today. Industries such as finance, banks, payments, insurance, gaming, telecommunications, health care, etc. are dealing with increasing amounts of fraud and escalating sophistication of attacks. Account Takeovers (ATOs),…

Webcast

A Compass for Choosing the Right Fraud Reduction Intelligence Platform

Companies are turning to Fraud Reduction Intelligence Platforms to reduce account takeover (ATO), synthetic fraud, bots, and other forms of fraud, which continue to be a pervasive and revenue-draining problem across many industries.

Webcast

KuppingerCole Analyst Chat: Beyond prevention - The Bigger Picture of Cyber Security

Matthias Reinwarth and Christopher Schütze are taking a look at five different phases of cyber security.

Executive View

Executive View: Sophos Intercept X - 80227

Sophos Intercept X is an endpoint security solution that is powered by a deep learning neural network, anti-exploit techniques, and anti-ransomware technology to provide advanced detection for all types of threats, especially ransomware, fileless/in-memory malware and malware that exploits…

Blog

AI Landscape: More Complicated Than You Might Have Thought

I’m by no means an AI expert. Sure, I’ve been following the topic with much curiosity ever since reading an article about thinking machines back in 1990. Also, having a degree in mathematics sometimes helps to understand certain technicalities behind product labels. Still,…

Blog

KuppingerCole Analyst Chat: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Webcast

KuppingerCole Analyst Chat: Setting Your Cybersecurity Priorities Right

Matthias Reinwarth and Martin Kuppinger explain what you could be doing wrong with regards to cybersecurity priorities.

Blog

KuppingerCole Analyst Chat: Protecting Your Organization Against Ransomware

Matthias Reinwarth and Alexei Balaganski discuss the history of ransomware and the measures needed to protect yourself against it.

Webcast

KuppingerCole Analyst Chat: Protecting Your Organization Against Ransomware

Matthias Reinwarth and Alexei Balaganski discuss the history of ransomware and the measures needed to protect yourself against it. Read also: Business Resilience Management (Crisis Roadmap for Beginners)

Executive View

Executive View: Indeed Certificate Manager - 80178

Indeed Certificate Manager is a platform for centralized management of enterprise public key infrastructures. Its modular, hardware-agnostic architecture and innovative remote management capabilities help reduce management costs, improve productivity, and strengthen your company’s…

Advisory Note

Advisory Note: Emerging Technologies Fostering Digital Business Innovation: Utilities & Energy - 80265

The energy and utilities sector will need to adapt to new industry trends of digitalization, decentralization, and the advent of a new type of consumer: the prosumer. Smart grids are a more efficient offering for energy management, and new business models beyond the prosumer will require…

Blog

KuppingerCole Analyst Chat: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Webcast

KuppingerCole Analyst Chat: Cybersecurity in the Enterprises in the Age of WFH

Matthias Reinwarth and Martin Kuppinger are discussing the security challenges enterprises are now facing with the majority of employees working from home.

Blog

Cybersecurity Awareness Training: Die wichtigsten Punkte in fünf Minuten

Martin Kuppinger spricht über die wichtigsten Aspekte von Cybersecurity, die man als Nutzer beachten sollte.

Executive View

Executive View: Vectra Cognito - 80230

Vectra Cognito is a Network Detection and Response (NDR) platform supported by threat research and Artificial Intelligence (AI) in the form machine learning (ML) and Deep Learning for analyzing enterprise network traffic on premise and in the cloud to detect and respond to malicious…

Executive View

Executive View: R&S®Trusted Gate von Rohde & Schwarz Cybersecurity - 80400de

Transparente, datenzentrische Sicherheit in nicht vertrauenswürdigen Infrastrukturen. Zuverlässige Kontrolle und Überwachung von sensiblen Informationen, die in öffentlichen Clouds und Kollaborationswerkzeugen (z.B. Microsoft Office 365, SharePoint, Teams) gespeichert…

Webcast

Cybersecurity Awareness Training: Die wichtigsten Punkte in fünf Minuten

Martin Kuppinger spricht über die wichtigsten Aspekte von Cybersecurity, die man als Nutzer beachten sollte.

Blog

KuppingerCole Analyst Chat: How to Protect Data in a Hostile World

Matthias Reinwarth and John Tolbert are talking about the challenges of data protection in modern times.

Webcast

KuppingerCole Analyst Chat: How to Protect Data in a Hostile World

In the first official episode of the KuppingerCole Analyst Chat podcast,  Matthias Reinwarth and John Tolbert are talking about the challenges of data protection in modern times.

Blog

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT-Teams in der Krise in jedem Fall vermeiden sollten.

Webcast

Was die IT in der Krise NICHT machen sollte

Martin Kuppinger spricht über die Dinge, die IT in jedem Fall in der Corona-Krise vermeiden sollte.

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

Today, Lead Analyst John Tolbert gives his five work from home cybersecurity recommendations for enterprises.

Webcast

Data Sovereignty in Public Clouds

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Webcast

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

John Tolbert is talking about the current situation with regards the pandemic crisis and the cybersecurity-related things to consider for enterprises.

Blog

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht in seinem Video über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.

Executive View

Executive View: IRM-Prot-On - 71313

Sharing enterprise information is both a security risk and a necessity of the modern enterprise. IRM-Prot-On of Groupo CMC is a strong provider of enterprise information protection services. The solution enables document and file protection, permissions management, and information classification.

Executive View

Executive View: R&S®Trusted Gate by Rohde & Schwarz Cybersecurity - 80400

Transparent, data-centric security for untrusted infrastructures. Reliable control and monitoring of sensitive information stored in public clouds and collaboration tools (e.g. Microsoft Office 365, SharePoint, Teams). Virtualization, encryption and fragmentation of data enabling secure and…

Blog

Ransomware During the Pandemic Crisis

It is really astonishing how quickly the word “pandemic” has evolved from a subject of obscure computer games to the center of everyone’s daily conversations… However, when discussing the latest news about the coronavirus outbreak, one should not forget another…

Webcast

Die fünf wichtigsten Cybersecurity Maßnahmen für Unternehmen in Zeiten des Home Office

Martin Kuppinger spricht über die wichtigsten Cybersecurity-Maßnahmen für Unternehmen während der Corona-Pandemie.  

Webinar

Apr 29, 2020: Access all Apps with Azure AD: A Single Identity Solution for Secure Access

Most businesses already rely on Azure Active Directory for secure, seamless access to Microsoft services like Office 365 and Azure. But with more applications being used than ever before, organizations are asking themselves what bigger role Azure Active Directory can play in securing their…

Whitepaper

Whitepaper: AI, Machine learning and Privileged Access Management - 80120

Choosing a PAM solution has become a complex, and potentially time consuming, decision for modern organizations but one they must get right. If trends such as customer identities or privileged accounts used by DevOps are to be managed securely, then the final purchasing decision rests on…

Leadership Brief

Leadership Brief: Introduction to the Information Protection Life Cycle and Framework - 80370

Leadership Compass

Leadership Compass: Fraud Reduction Intelligence Platforms - 80127

This report provides an overview of the market for Fraud Reduction Intelligence Platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative…

Blog

Top 5 Work from Home Cybersecurity Recommendations for Enterprises

As the business world moves to rapidly enable work-from-home (WFH), enterprise IT teams need to shift resources and priorities to ensure that remote workers are protected. Already we see malicious actors adapting and targeting remote workers more. My colleague Alexei Balaganski published a…

Leadership Brief

Leadership Brief: Beyond Marketing: The Future of Customer Interaction - 80292

Customer interaction is much more than marketing—it comprises all touchpoints during the customer journey. And the borders are becoming more and more blurry as many areas, such as marketing, sales, service, support, and consultancy are part of customer experience (CX). Furthermore,…

Webinar

Apr 16, 2020: A Compass for Choosing the Right Fraud Reduction Intelligence Platform

Companies are turning to Fraud Reduction Intelligence Platforms to reduce account takeover (ATO), synthetic fraud, bots, and other forms of fraud, which continue to be a pervasive and revenue-draining problem across many industries.

Blog

5G and Identity

5G Identity and Authentication 5G is the next generation of cellular mobile communications intended to support the massive increase in capacity and connectivity that will be required for the future cloud of things and to provide the enhanced bandwidth needed for new mobile data…

Buyer's Compass

Buyer's Compass: API Management and Security - 80215

The complexity and breadth of the challenges to discover, monitor and secure all APIs within your enterprise can be daunting. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for implementing consistent…

Blog

The DON’Ts of IT in the Times of Crisis

Truly we are living in interesting times (incidentally, this expression, commonly known as “the Chinese curse”, has nothing to do with China). Just a couple of weeks ago the world was watching China fighting the coronavirus outbreak as something that surely can never happen…

Blog

Home Office in the Times of Pandemic – a Blessing or a Curse?

One of the most interesting office work developments of the last 20-30 years, the home office has radically gained new relevance amid the developing coronavirus pandemic. With the goal of limiting the spread of the virus, many companies and employees must suddenly resort to the option…

Blog

Malicious Actors Exploiting Coronavirus Fears

Security researchers are discovering a number of malicious attacks designed to exploit public fears around COVID-19, more commonly just called coronavirus. The attacks to date take two major forms: a map which looks legitimate but downloads #malware, and various document attachments that…

Executive View

Executive View: Exabeam Security Management Platform - 80001

Exabeam is a highly modular platform for collecting, storing, managing and correlating security events across multiple IT systems, both on-premises and in the cloud, with integrated orchestration and automation capabilities to improve analysts’ productivity. It can augment an existing…

Webinar

May 26, 2020: Protect, Detect, Respond, Mitigate: A Modern Security Paradigm for Modern Enterprises

The Antivirus has been proclaimed dead years ago – you’ve probably heard those stories many times. But did you realize that the EDR (Endpoint Detection and Response), which was once supposed to address all its shortcomings, isn’t doing well either? After all, with the sheer number and…

Blog

High Assurance MFA Options for Mobile Devices

In recent years much of the focus in the authentication space has been on MFA, mobile devices, and biometrics. Many technical advances have been made which also serve to increase usability and improve consumer experiences. There are a few reasons for this. MFA Multi-factor authentication…

Webcast

What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the…

Leadership Brief

Leadership Brief: Find Your Route from SIEM to SIP and SOAR - 80008

Security Information and Event Management (SIEM) platforms have been a key part of many enterprises’ cybersecurity infrastructures for over a decade. However, facing the growing number and sophistication of cyber threats, even the largest security operations centers built around them…

Blog

Preparation Is Key: Where Prevention Ends, and Business Continuity and Incident Response Management Begins

Ensuring the availability of processes and services in the event of an incident or a cyber attack is a fundamental part of a company’s cybersecurity approach. Commonly used phrases when it comes to such cybersecurity strategies, are Incident Response Management (IRM) and Business…

Advisory Note

Advisory Note: Business Continuity in the age of Cyber Attacks - 70361

Business continuity and cyber security remain largely in separate siloes. But changes in the IT and cyber threat landscapes mean there is an urgent need for organizations to alter their approach. This leadership brief identifies why there needs to be closer alignment and integration between…

Blog

Compromise of IOTA

Turning a blind eye to security in favor of optimism If you have any take-away from reading KuppingerCole research, hopefully it is that APIs are a critical element to protect. This is true regardless of the industry. Even cryptocurrencies. IOTA, the blockchain-like cryptocurrency and…

Blog

5G - How Will This Affect Your Organization?

What is it that connects Covent Garden in London, The Roman Baths in Bath and Los Angeles? The answer is 5G mobile communications used by media organizations. On January 29th I attended the 5G Unleashed event at the IET in London. (The IET is the body that provides professional accreditation…

Executive View

Executive View: Google's Cloud Identity - 80326

Identity as a Service (IDaaS) is fast becoming the new face of Identity and Access Management (IAM) with several vendors now delivering cloud based IAM services to support the growth in cloud-based applications in the enterprise. Google’s Cloud Identity provides access to many popular…

Leadership Brief

Leadership Brief: Cybersecurity Trends & Challenges 2020 - 80502

2019 already has been a challenging year in cybersecurity. There have (again) been many severe cyberattacks and breaches, and there is no hope that this might change in 2020. Cyberattacks will continue to increase in frequency and perhaps severity, and the cyber risks to hyperconnected…

Leadership Brief

Leadership Brief: 5G Impact on Organizations and Security - 80238

5G is the next generation of cellular mobile communications. It will provide the capacity and connectivity required to industrialize IoT, Smart Cities and Smart Manufacturing. This report explains what it is and its likely impact on organizations and their security.

Blog

Ambient Intelligence Can’t Mature Without an Identity Protocol

Every day we are experiencing the intersection of IoT and AI. The interactions of users, sensors, robots, vehicles, smart buildings, and much more is creating a new status quo for digital experiences. This growing range of smart devices – both in the IoT sense and the intelligent AI…

Webcast

Holen Sie sich das SIEM, das Sie schon immer wollten: intelligent, automatisiert, mit unbegrenzter Kapazität

Vor 15 Jahren wurden Security-Information-and-Event-Management-Produkte (SIEM) als die ultimative Lösung für alle Sicherheitsprobleme in Unternehmen gefeiert, und das nicht ohne Grund: Schließlich ist die zentrale Erfassung und Verwaltung sicherheitsrelevanter Daten…

Webinar

Mar 26, 2020: Data Sovereignty in Public Clouds

Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker  could enter.

Executive View

Executive View: ESET Enterprise Inspector - 80192

Enterprise Inspector is ESET’s Endpoint Detection & Response (EDR) solution. It currently runs on Windows with future plans to cover Linux, and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution…

Blog

Top 5 Recommendations for Reducing Cyber Risks in 2020

The turn of the year has been an occasion for many cybersecurity news outlets to talk about trends and challenges in cybersecurity. Despite the importance of knowing what the trends and challenges are, we want to give you some hands-on recommendations to increase security for your company.…

Blog

Why C-SCRM Is Becoming so Essential for Your Digital Business

The current discussion around Huawei and whether or not it should be endorsed as a supplier for 5G mobile network hard- and software has reminded us on how dependent we are on the integrity and reliability of such manufacturers and how difficult it is to trust their products if they are…

Press Release

Heterogeneity of Web Application Firewalls Market Increases

For companies doing business with commercial partners and customers via web applications, it is business-critical to maintain and protect these web applications. Since companies have become increasingly dependent on web applications for doing business, the need for Web Application Firewalls…

Blog

Will 2020 Be the Year of Oracle Cloud?

Recently I had an opportunity to attend the Next Generation Cloud Summit, an event organized by Oracle in Seattle, WA for industry analysts to learn about the latest developments in Oracle Cloud strategy. This was the first Oracle’s analyst summit in Seattle and coincidentally my first…

Market Compass

Market Compass: Web Application Firewalls - 70324

The KuppingerCole Market Compass provides an overview of the product or service offerings in a specific market segment. This Market Compass covers Web Application Firewall (WAF) solutions that span the spectrum of on-premises, cloud, and hybrid IT delivery models.

Blog

Moving Towards AI and IoT Solutions Beyond Machine Learning

Microsoft is currently running ads extoling the virtue of AI and IoT sensors in helping farmers produce more and better crops, with less waste and higher yields. Elsewhere in manufacturing, supply chain management is being transformed with digital maps of goods and services that reduce waste…

Webcast

Cybersecurity Trends and Challenges 2020

Digitalization evolves with the increased use of microcomputers in everyday objects like cars and smart fridges, but also in industrial applications. Therefore, communication between devices is growing accordingly. While connecting devices is supposed to make our lives easier, it poses a…

Blog

Three Critical Elements Required to Close the Cybersecurity Skills Gap

The status on cybersecurity is fairly clear: 82% of employers report that their cybersecurity skills are not enough to handle the rising number of cyber incidents (Center for Strategic & International Studies, 2019. The Cybersecurity Workforce Gap). There is a gap – a gap between…

Executive View

Executive View: PingAccess - 80323

With the rising complexity of IT environments and the many integration points to consider, PingAccess provides a flexible architecture that includes Web and API Access Management, whether on-premises or in the cloud. Combining PingFederate with PingAccess offers a complete Web Access…

Advisory Note

Advisory Note: KRIs and KPI for Cyber Security - 80239

This report provides selected Key Risk Indicators (KRI) for the area of Cyber security. These indicators are easy to measure and provide organizations with a quick overview of the relevant risks and how these are changing. The indicators can be combined into a risk scorecard which then can…

Virtual Academy KC Master Class

Feb 18, 2020: Incident Response Management

In this KC Master Class you learn how to react adequately when a cyberattack has occurred in your company. Our analysts will prepare you for this worst case scenario by showing you how to rate risks realistically and integrate these ratings into your general incident response strategy. This…

Executive View

Executive View: Callsign Intelligence Driven Authentication - 80174

Callsign is a provider of an identity platform that integrates consumer onboarding, authentication, and fraud management in a well-thought-out manner. In contrast to other solutions, all capabilities are tightly integrated. The platform uses AI/ML for risk analysis and supports passive and…

Blog

The C5:2020 - A Valuable Resource in Securing the Provider-Customer Relationship for Cloud Services

KuppingerCole has accompanied the unprecedented rise of the cloud as a new infrastructure and alternative platform for a multitude of previously unimaginable services – and done this constructively and with the necessary critical distance right from the early beginnings (blog post from…

Webcast

Improve Security With Critical Infrastructures Requirements

Organizations or institutions that are essential for the public are called Critical Infrastructures (KRITIS = “Kritische Infrastrukturen”). As such, they are subject to comprehensive and strict legal regimes consisting of laws and regulations. Their failure or significant…

Blog

The Next Best Thing After "Secure by Design"

There is an old saying that goes like this: “you can lead a horse to water, but you can’t make it drink”. Nothing personal against anyone in particular, but it seems to me that it perfectly represents the current state of cybersecurity across almost any industry. Although…

Leadership Brief

Leadership Brief: Top Ten Trends in Cybersecurity - 80336

This report outlines 10 important trends and technologies in cybersecurity that KuppingerCole believes will shape security policies and solutions choice for organisations in the years ahead. 

Blog

Quantum Computing and Data Security - Pandora's Box or a Good Opportunity?

Not many people had heard of Schroedinger's cat before the CBS series "The Big Bang Theory" came out. Dr. Sheldon Cooper used this thought experiment to explain to Penny the state of her relationship with Lennard. It could be good and bad at the same time, but you can't be sure until you've…

Blog

Applying the Information Protection Life Cycle and Framework to CCPA

The California Consumer Privacy Act (CCPA) became effective on January 1, 2020. Enforcement is slated to start by July 1, 2020. CCPA is complex regulation which does bear some similarities with EU GDPR. For more information on how CCPA and GDPR compare, see our webinar. Both regulations deal…

Executive View

Executive View: Informatica: Customer 360 - 80290

When optimizing customer centricity and customer engagement, data is an important resource. To ensure an ideal customer experience, various challenges across the customer lifecycle must be solved. Informatica’s Customer 360 solution is designed to manage data across the entire…

Executive View

Executive View: Apigee Edge API Management Platform - 80307

Apigee offers a comprehensive platform to support end-to-end API management at every stage of API lifecycle. From API design to publication, productization, and monetization to monitoring and securing live endpoints – everything is managed centrally across on-premises, cloud-based and…

Leadership Brief

Leadership Brief: Robotic Process Automation - 80333

Robotic Process Automation (RPA) is a type of automation technology with the potential to transform the way businesses operate by automating manual tasks within business processes by implementing (software) “robots” to perform these tasks instead of humans. This leadership brief…

Webcast

API Management and Security: Don’t Trade Protection for Convenience

Once a purely technical concept created to make developers’ lives easier, Application Programming Interfaces (APIs) have evolved into one of the foundations of modern digital business. As companies are struggling to maintain their business agility, to react to the ever-changing market…

Blog

RPA and AI: Don’t Isolate Your Systems, Synchronize Them

We already hear a lot about artificial intelligence (AI) systems being able to automate repetitive tasks. But AI is such a large term that encompasses many types of very different technologies. What type of solutions are really able to do this? Robotic Process Automation (RPA) configures…

Blog

Proper Patch Management Is Risk-Oriented

With regard to cybersecurity, the year 2020 kicks off with considerable upheavals. Few days ago, my colleague Warwick wrote about the security problems that arise with some of Citrix's products and that can potentially affect any company, from start-ups and SMEs to large corporations and…

Executive View

Executive View: Saviynt Security Manager for Enterprise IGA - 80325

Saviynt offers a comprehensive compliance-as-a-service platform providing Identity Governance and Management, Application Risk and Governance, Cloud Security, and Cloud PAM functionality. Designed to be deployed as a cloud, hybrid, or on-premise solution, the Saviynt Security Manager for…

Executive View

Executive View: AWS Security Analytics Solutions - 80220

AWS provides a comprehensive suite of services to monitor for threats, misconfigurations and compliance violations across its portfolio, with all security alerts aggregated, organized and prioritized within AWS Security Hub – an extensible cloud security and compliance management platform.

Webinar

Apr 28, 2020: The Security & Identity Challenges of Modern IT: Agile IT & DevOps Done Right & Secure

Security and identity must evolve in order to support today’s IT. While traditional IT appears being rather simple to secure, current security risks necessitate a greater degree of agility: shifting to DevOps paradigms, implementing a CI/CD chain, running services in hybrid cloud…

Leadership Brief

Leadership Brief: IAM for Robotic Process Automation: How to Avoid Security Challenges - 80383

Robotic Process Automation (RPA) is one of the trending topics in today’s IT environments. RPA promises to automate manual tasks within business processes by implementing (software) “robots” that perform these tasks instead of humans. Such software robots must have a…

Webinar

Mar 05, 2020: What Does the Future Hold for Passwordless Authentication and Zero Trust?

Enterprises of all types face a growing number of cyber threats today. Studies show that most data breaches begin with compromised passwords. Moreover, password management is expensive and not user-friendly. Enterprise workforce users are driving the consumerization of IT. They want the same…

Executive View

Executive View: F-Secure Rapid Detection & Response - 80182

Rapid Detection & Response is F-Secure’s Endpoint Detection & Response (EDR) solution. It runs on Windows and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution also allows for…

Webinar

Feb 18, 2020: Holen Sie sich das SIEM, das Sie schon immer wollten: intelligent, automatisiert, mit unbegrenzter Kapazität

Vor 15 Jahren wurden Security-Information-and-Event-Management-Produkte (SIEM) als die ultimative Lösung für alle Sicherheitsprobleme in Unternehmen gefeiert, und das nicht ohne Grund: Schließlich ist die zentrale Erfassung und Verwaltung sicherheitsrelevanter Daten über alle IT-Systeme…

Leadership Brief

Leadership Brief: Radically Lean: NoOps and Serverless Computing - 80305

Computing is continually getting leaner and becoming more like a utility as it moves increasingly further away from on-premise physical hardware by abstracting IT environments away from the underlying infrastructure. This trend towards NoOps computing that eliminates the need for…

Blog

More SEs + TEEs in Products = Improved Security

Global Platform announced in 4Q2019 that more than 1 billion TEE (Trusted Execution Environment) compliant devices shipped in 2018, and that is a 50% increase from the previous year. Moreover, 6.2 billion SEs (Secure Elements) were shipped in 2018, bringing the total number of SEs…

Blog

The 20-Year Anniversary of Y2K

The great non-event of Y2K happened twenty years ago. Those of us in IT at that time weren’t partying like it was 1999, we were standing by making sure the systems we were responsible for could handle the date change. Fortunately, the hard work of many paid off and the entry into the…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00


KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Latest Insights

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Blog

Blog

This Is Why We Can’t Have Nice Things

This Is Why We Can’t Have Nice Things

I had no intention to write any blog posts during the holidays or, God forbid, do any predictions for the next year (look how relevant last year’s predictions turned out to be). However, an interesting story involving Ticketmaster, a large American ticket sales company, has caught my eye and made me think once again about my career in cybersecurity. The whole story goes all the way back to 2013, but the details have only recently been unsealed after the company has entered into a plea [...]