Analyst details

John Tolbert Lead Analyst & Managing Director of KuppingerCole, Inc (US)

Seattle / USA

Email    Blog    @john_tolbert_kc    Profile   

Background:

As Lead Analyst, John covers a number of different research areas, outlined below. John also advises cybersecurity and IAM vendors, from startups to Fortune 500 companies, regarding their product and service roadmaps.

Areas of expertise

  • Cybersecurity
    • Endpoint anti-malware protection
    • Endpoint detection and response
    • Managed security services
    • Application of AI/ML technologies for security
  • IAM
    • Strong, multi-factor, risk-adaptive authentication
    • Authorization and Federation
    • Identity analytics/intelligence
    • CIAM

John Tolbert is a Lead Analyst and Managing Director of KuppingerCole, Inc (US).

Recent blog posts

Blog

EU EBA Clarifies SCA and Implementation Exceptions

The EU European Banking Authority issued clarifications about what constitutes Strong Customer Authentication (SCA) back in late June. The definition states that two or more of the following categories are required: inherence, knowledge, and possession. These are often interpreted as…

Blog

Account Takeovers on the Rise

Account Takeover (ATO) attacks are on the rise. The  2019  Forter  Fraud Attack Index  shows a 45% increase in this type of attack on consumer identities in 2018. ATOs are just what they sound like: cybercriminals gain access to accounts through various…

Blog

How to Train Your AI to Mis-Identify Dragons

This week Skylight Cyber disclosed that they were able to fool a popular “AI”-based Endpoint Protection (EPP) solution into incorrectly marking malware as safe. While trying to reverse-engineer the details of the solution's Machine Learning (ML) engine, the researchers found…

Blog

Will the Stars Align for Libra?

This week, Facebook announced details about its cryptocurrency project, Libra. They expect it to go live for Facebook and other social media platform users sometime in 2020. The list of initial backers, the Founding Members of the Libra Association, is quite long and filled with industry…

Blog

M&A Activity in Cybersecurity and IAM

It seems almost every week in cybersecurity and IAM we read of a large company buying a smaller one. Many times, it is a big stack vendor adding something that may be missing to their catalog, or buying a regional competitor. Sometimes it’s a medium-sized technology vendor picking up…

Blog

CIAM as a Key Factor in the Digital Transformation

Digital Transformation is one of those buzzwords (technically a buzzphrase, but buzzphrase isn’t a buzzword yet) that gets used a lot in all sorts of contexts. You hear it from IT vendors, at conferences, and in the general media. But Digital Transformation, or DT as we like to…


Recent research documents

Executive View

Executive View: ESET Endpoint Security - 80181

ESET Endpoint Security cover the widest variety of endpoint operating systems. This endpoint protection product consistently rates very highly in terms of detection in independent malware detection tests. The product also is one of the top-performing, lowest impact endpoint security agents…

Leadership Brief

Leadership Brief: The Differences Between Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) - 80186

Endpoint Detection & Response products are capturing a lot of mindshare in cybersecurity. But how do they differ from the more standard Endpoint Protection products? We’ll look at key features of each type of solution below.

Advisory Note

Advisory Note: Protect Your Cloud Against Hacks and Industrial Espionage - 72570

Hacks against on-premises and cloud infrastructure happen every day. Corporate espionage is not just the stuff of spy novels. Unethical corporate competitors and even government intelligence agencies use hacking techniques to steal data. Reduce the risk of falling victim to hackers and…

Leadership Brief

Leadership Brief: Do I Need Endpoint Detection & Response (EDR)? - 80187

EDR products are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? If so, do you have the expertise in-house to properly deploy, operate, and get value out of it? We’ll look at reasons to consider EDR or EDR as a managed…

Executive View

Executive View: Kaspersky Endpoint Security for Business - 80180

Kaspersky offers a full-featured Endpoint Security suite which includes one of the most advanced multi-mode anti-malware detection engines in the market, which is powered by their Global Research and Analysis Team (GreAT). Kaspersky’s endpoint security product covers a wide variety of…


Recent webcasts

Webcast

Getting Rid of the Password – How to Increase Safety Affordably

Despite compromised passwords being the leading cause of data breaches, most online businesses still rely on solely using passwords for logins. While getting rid of password authentication is desirable from a security standpoint, organizations fear that it is a costly endeavor that can also…

Webcast

Mitigate Identity-Related Breaches in the Era of Digital Transformation

Cyber attackers continue to be successful in gaining access to many different organizations, often by exploiting identities and weak authentication. To ensure they are protected, organizations should consider modern Adaptive Authentication techniques to increase identity security and thwart…

Webcast

CCPA vs. GDPR: An Overview on Similarities and Differences

Over the last few years, the world has witnessed an increasing number of data breaches involving the credentials and PII of employees, citizens, and consumers. We've all experienced breach fatigue and/or been impacted by these losses.

Webcast

John Tolbert - Defense-in-Depth: New Kinds of Tools for All the Layers

The principle of defense-in-depth remains a key design element for enterprise organizations. Although many have said that perimeters are going away, or identity is the new perimeter, the fact is that almost all enterprises still have perimeters. The names may have changed, and components…

Webcast

An Overview of the Leadership Compass: Adaptive Authentication and Cloud-Based Multi-Factor Authentication

KuppingerCole has published two related Leadership Compasses on Adaptive Authentication and Cloud-based Multi-Factor Authentication solutions. We define adaptive authentication (AA) as the on-premises deployments, whereas Cloud-based MFA is SaaS-delivered. For both AA and Cloud MFA, many…


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Stay Connected

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

News