Building an Identity-Centric Security Strategy

Zero Trust and Software Supply Chain Security: Must-do’s for Every Organization

The risks of an insufficiently secured software supply chain have been known to industry experts for decades, but it took a series of high-profile attacks like Solarwinds or Log4Shell to bring them to the attention of much wider audiences. Now everyone finally seems to realize how catastrophic the consequences of such an attack could be, but still, many organizations are struggling to understand the scope of the security measures that are needed to prevent them from happening.

A lot of discussions recently focus on preventive measures like making software bills of materials mandatory at least in some industries. These strategic investments are, of course, crucial, but wouldn’t it be nice if they could be combined with quick wins? Especially if they could be achieved by applying tools companies already have or plan to deploy soon anyway?

This is exactly where Zero Trust-based solutions can come into play. Even if they were not designed with preventing supply chain attacks in mind, they are certainly able to reduce the impact of such attacks dramatically, simply by eliminating many potential threat vectors and reducing the possibility of lateral movement needed by hackers to spread their malicious activities.

In this session, we well discuss the potential applications of various Zero Trust-enabled solutions to help prevent Solarwinds-like attacks or at least minimize their impact, all without long-term investments or complex changes in existing infrastructure.

Event Recording

Zero Trust and Software Supply Chain Security: Must-do’s for Every Organization

Click here to watch the recording of this session. Please note that this video is only available to event participants and subscribers. You'll need to log in to watch it.

Presentation deck

Zero Trust and Software Supply Chain Security: Must-do’s for Every Organization

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.

Experience is What Counts, Orchestration is How you Get There

The IAM space has grown immensely, with countless vendors emerging over recent years. Some of these offer a full suite of functions, which can cover many, if not most requirements organisations may have, whereas others offer niche or point solutions focusing on a single function, each with their own way of doing things.

Organisations often find themselves in a situation where they have to adapt their vision to what the products are capable of, sometimes needing to stitch together multiple products from different vendors and bridge the gaps through custom development. This may lead to a solution which is more home-grown than off-the-shelf, something fragile, inflexible, and hard to maintain, quite the opposite of current needs. Making changes to improve the user experience becomes a challenge, switching products or introducing new ones a major undertaking.

An alternative approach is to prioritise experience by focusing on a centralised orchestration conducting product functions so that consumers of identity services are served the right experience. This abstraction enables the flexibility and agility today's world requires, implementing the vision as it was white-boarded, custom tailoring the extraordinary experience(s) everyone is longing for. Changes can be made centrally, new functions and products can be introduced as necessary, all without having to make changes in each web application, mobile application or API.

Experience is what counts, orchestration is how you get there.

Event Recording

Experience is What Counts, Orchestration is How you Get There

Click here to watch the recording of this session. Please note that this video is only available to event participants and subscribers. You'll need to log in to watch it.

Presentation deck

Experience is What Counts, Orchestration is How you Get There

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.

Reinventing the Network with Zero Trust to Stop External Network Attacks

In this talk we will cover:

• All networks are insecure. Period. The zero trust security model was created to help but it is historically hard to implement.
• The rise of distributed systems, including cloud and IoT, under the premise of the shared security model makes this harder with increased insecurity
• The best way to protect our applications is to make security so easy and free that it becomes a standard that everyone implements.
• By implementing zero trust of all networks we are able to make external network attacks impossible while reducing the pain and complexity of inbound ports, VPNs, complex firewall rules, public DNS, and more

Event Recording

Reinventing the Network with Zero Trust to Stop External Network Attacks

Click here to watch the recording of this session. Please note that this video is only available to event participants and subscribers. You'll need to log in to watch it.

Presentation deck

Reinventing the Network with Zero Trust to Stop External Network Attacks

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.