KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Join Matthias Reinwarth, Director of Identity and Access Management, and Nitish Deshpande, Research Analyst, as they delve into one of the most critical challenges faced by organizations today: visibility. Discover why organizations struggle with understanding user access and the potential risks of this lack of visibility.
In this episode, they explore the key capabilities of access governance, such as access review, certification, risk management, request management, and analytics, and how these capabilities enable organizations to gain comprehensive visibility into their assigned accesses. Don't miss this insightful discussion on enhancing control and mitigating risks through effective access governance.
Graham Williamson, Fellow Analyst with KuppingerCole, shares his insights and expertise with our host Matthias Reinwarth as they discuss the lessons learned from Graham's research on secrets management. They also explore the concept of "Machine Identity" and why it's important for businesses to understand. Finally, they discuss how companies can best utilize the information presented in Graham's research to improve their secrets management strategies.
In 2005, Kim Cameron excitedly told me about digital identity and set my life on a course to “Build the Internet’s missing identity layer”. In this talk I’ll tell key stories from my identity journey – stories of the people, ideas, and lessons learned along the way. I’ll speak of technology and collaboration, usability and business models, solving problems people actually have, and building new ecosystems. Come with me on this journey of exploration, trials, triumphs, and humor as I recount touchstones of the human endeavor that is digital identity.
From digital identity to full scale digital trust, this session is perfect for anyone new to identity, as well as identity professionals who are trying to get a handle on what decentralization is all about and why it is so important for Internet-scale digital trust.
In this session, we will cover a brief history of how the identity landscape has gone through an evolution from the dreaded username and password, through centralized, federated and social logins, to now the need for decentralized solutions that support digital trust for both human and objects.
We will explain the various actors involved in a decentralized identity trust triangle, what role technology plays (e.g., digital wallets and digital credentials), and how governance of an ecosystem fits in to create the trust diamond. We will discuss various technical components that may be employed and what is required — and more importantly what is not? We will also present how decentralized trust solutions can support the trust of objects that have nothing to do with human identity, but are necessary to create a digital trust landscape that enables digital transactions to happen seamlessly, efficiently, and automatically.
We’ll also touch on how the traditional identity solutions and emerging decentralization can co-exist in context appropriate settings.
You heard about Verifiable Credentials and decided to learn more. You found some stuff online, but despite knowing your way thru identity, you still can't really tell how they work in practice (wallets? presentations?) or how the boldest claims (no more centralized DBs! Apps cannot save PII!) will play out. This session will dive into VCs and separate the hype from their true, remarkable potential.
You heard about Verifiable Credentials and decided to learn more. You found some stuff online, but despite knowing your way thru identity, you still can't really tell how they work in practice (wallets? presentations?) or how the boldest claims (no more centralized DBs! Apps cannot save PII!) will play out. This session will dive into VCs and separate the hype from their true, remarkable potential.
The act of identifying oneself to a website or service is a ceremony so common that we don’t often pay attention to it. The muscle memory we have built up over years of performing this ceremony over and over, day after day, obscures both potential changes to this not-always-so-simple act and ways we could make these ceremonies easier and more effective.
In this talk, Ian Glazer, will:
In this episode, Martin Kuppinger and Matthias are discussing the business case for decentralized identity, and why it is finally gaining traction in the enterprise world.
They are exploring the benefits of using decentralized identity for employee onboarding, especially in the context of remote work. They look at the importance of trust and the full lifecycle management in the decentralized identity ecosystem, and how it can lead to more secure and efficient business processes.
This topic is particularly relevant for the upcoming EIC, where experts and thought leaders will be gathering to discuss the latest trends and developments in digital identity. Join KuppingerCole as we explore the world of decentralized identity and its impact on the future of business.
In this video, Anders Askåsen of Okta and Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, discuss the lessons that organizations can learn from the financial services industry on compliance and multi-factor authentication (MFA). They focus on DORA and NIS, upcoming regulations that will impact the financial services industry and other organizations. They discuss the need for strong MFA and the importance of context in authentication. They also explore what other industries can learn from the financial services sector's experience.
Graham Williamson and Matthias explore the world of authentication strategies and the impact of FIDO2. They are discussing why shifting left in our authentication strategy is essential and how FIDO2 can help achieve this. They also delve into the impact that FIDO2 holds for enterprise authentication environments and give their predictions for FIDO2 authenticator devices.
Matthias is joined by Marina Iantorno in this episode to discuss the trends and predictions for IGA beyond 2023. Marina sheds light on the diverse market segment through KuppingerCole's analysis of the market and provides valuable insights into its evolution.
In a world where data breaches are becoming more and more frequent, keeping data secure has become an increasingly challenging task. Join Matthias and Alexei Balaganski in this episode as they delve into the current market trends and existing vendors in the data security industry. The discussion delves into a crucial aspect of enterprise data security architecture, including the best alternatives for safeguarding data, covering everything from security control over stored data to the fundamental network infrastructure. Tune in to learn more about keeping your data secure in 2023.
In this episode, Matthias is joined by Paul Fisher to delve deeper into the sub-series on Trends and Predictions for 2023 and beyond. The world is constantly evolving and a lot has changed and is still changing in the PAM market, which is expanding and undergoing significant transformation. Paul offers insights on the current trends for Privileged Access Management, the significance of CIEM, and the impact of mergers and new players in this crucial market segment.
All things PAM:
Protecting data is a responsibility for any company, regardless of whether it is considered their most valuable asset or not. Data loss can occur due to human error or malicious intent, emphasizing the need for comprehensive protection measures. In this episode of the Analyst Chat, Warwick shares insights into effective Data Leakage Prevention systems and highlights key methods for safeguarding data.
The topic of passwordless authentication holds immense significance in today's digital landscape. Security experts believe that passwords comprise a significant weakness in security and advocate for their elimination. However, does the elimination of passwords guarantee the ultimate solution?
André Durand states that passwordless authentication is not the Holy Grail but the next evolution in the user experience of authentication. Join André and Martin in their thought-provoking discourse about the next steps after passwordless authentication.
In the ongoing Analyst Chat sub-series, Matthias and Martin delve deeper into the topic of Trends and Predictions for 2023 and beyond, focusing on the critical concept of Policy Based Access Control (PBAC). Martin highlights the significance of well-defined policies for ensuring robust cybersecurity and access control, laying the groundwork for a robust zero trust approach.
Get ready to hear a new take on generative pre-trained transformers! This week, Matthias sat down with Jörg Resch, Co-founder of KuppingerCole Analysts, to discuss the exciting possibilities of ChatGPT. Unlike Alexei, Jörg is an avid user and firm believer in the positive impact that these technologies can have on our daily lives and work. While acknowledging the risks involved, Jörg advocates for a balanced and creative approach to the potential of generative AIs. Brace yourself for a thought-provoking conversation that may just change the way you view the future.
Matthias and Martin continue their sub-series of the Analyst Chat about Trends and Predictions in 2023 and beyond. This time, it’s about Passwordless Authentication. Martin elaborates on the importance of Passwordless Authentication for the whole Access Management process. Companies should implement a passwordless authentication solution soon to get rid of poor user experience and security risks.
Everything we do in the digital world, is done by our digital representation of the physical world. Asanka Abeysinghe of WSO2 invented the idea of the "digital double" - a replication of people and things in a digital ecosystem.
He is a guest on our videocast and discusses with Martin Kuppinger how the digital double can become a reality, its benefits and how it relates to consumer identity management.
In this podcast episode, Alexei Balaganski and Matthias discuss the increasing use of ChatGPT and other machine learning-based technologies in research and the potential risks associated with their use. Alexei offers a strong opinion on the topic, describing the risks of plagiarism and lack of originality that can result from over-reliance on automated tools. He argues that human analysts provide invaluable opinions and genuine research that cannot be replicated by machines. He strongly discourages their use and reliance, and encourages the creativity and innovation of human researchers.
In this podcast episode, Martin Kuppinger and Matthias explore the upcoming trend of IGA (Identity Governance and Administration) solutions to have an increasing level of integration with Data Governance and Software Security products.
The integration of these solutions will provide a comprehensive coverage of ownership not only of systems and authorization objects, but also of data and code, ensuring a complete chain of custody. They delve into the importance of this integration, the benefits it offers, and how it will help organizations manage their identities and data more efficiently and securely. They also discuss the potential challenges and considerations that organizations need to be aware of while integration these solutions.
With the rapid expansion of IT environments, adoption of the cloud, and the ongoing Digital Transformation, the need to provide secure access to organizational resources has become paramount. Secure Access Service Edge (SASE) solutions are designed to consolidate network and security components, simplify management and licensing, and improve usability.
SASE is the union of a number of different networking and security technologies designed to improve security posture as well as connectivity for remote offices, cloud services, contractors, and remote employees, while driving down the cost of connectivity. John Tolbert is a guest in the Analyst Chat again and will give us some insight into this topic.
Cyberattacks have been intensifying over the past few years as cybercriminals continue to devise new strategies to launch sophisticated attacks and gain unauthorized access. The tactics, techniques, and procedures (TTPs) that were once only used by well-funded state actors are being commoditized by cybercriminals. As a result, some vendors realized that the traditional approaches and tools of cybersecurity have failed to keep up.
Parallel to SIEM solutions, a class of incident investigation and response platforms has emerged focusing on creating more streamlined and automated workflows for dealing with security incidents. Security Orchestration, Automation, and Response (SOAR) products are the latest iteration of this evolution. SOAR vendors provide solutions that offer centralized coordination, collaboration, and management for forensic analysis and incident response.
Sometimes a company comes to a point where new software or a new tool is required. This is never an easy decision to make quickly.
Dr. Phillip Messerschmidt has worked with many different clients who have found themselves in this situation. He will explain five of the most common misconceptions and problems he has encountered in his experience - and offer some recommendations on how to avoid them.
Is digital data really every organization's most precious possession, its "crown jewels"? Alexei Balaganski takes a different perspective towards a widely accepted opinion. He instead claims that data is not your most valuable asset. In fact, it can be a toxic liability without intrinsic value, since business value is only created when data is moving or transforming, producing insights, analytics, etc.
Who has not heard of the statement that "Data is the new Oil". But oil needs to be refined and so does data. The challenge of gathering, integrating, cleansing, improving, and enriching data across the complete range of data sources in an organization, for enabling use of that data as well as enabling data governance and supporting data security initiatives, that is the topic of this episode. Martin Kuppinger joins Matthias and explains this market segment and its relevance on the occasion of the publishing of a new Leadership compass covering "Data Quality and Integration Solutions".
Discover and Compare Cybersecurity Solutions for Free
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Configure your individual requirements to find the right vendor for your business or follow the best practice recommendation of an unbiased research analyst.
Passwordless Authentication coming in Q1 2023!
Learn more: https://go.kuppingercole.com/open-select
The PAM market is changing and expanding. Paul Fisher talks about the latest trends for Privileged Access Management, the role of CIEM, mergers and newcomers in this important market segment.
A new year brings along a new service from KuppingerCole Analysts. Our host Matthias sits down with Christie Pugh, Digital Products Manager to discuss KC Open Select, our new interactive shortlisting service, the concept behind it, how it helps you prepare for the future, how it compares to our Leadership Compasses, and more.
The landscape of solutions in a market segment can be overwhelming. KC Open Select helps you to get a clearer overview of the market for free. Check it out now!
Trust no one, always verify. We know that Zero Trust phrase already. But this principle is rather abstract - how and where exactly should we do that? Martin sits down with Jackson Shaw, Chief Strategy Officer at Clear Skye to discuss one very important part of Zero Trust: Identity and Access Management. Because you can only verify what or who you know - they need an identity to get access.
