KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Companies are facing increasingly complex security threats. Many are struggling to assess their own security risks due to an inability to address potential issues as they arise, due to the breakneck pace at which issues are disclosed, and teams' ability to address said issues as they accumulate and because the huge number of security tools in use create diagnostic fatigue.
Vulnerability management programs rarely ever match the overall scale of the organization, boosting the number of potential points of exposure. What's more, besides vulnerabilities, attackers are increasingly leveraging exposures such as misconfigurations and stolen credentials to gain access to companies' core business. Because of this, attack paths to critical assets are often overlooked or identified too late.
Instead of looking at vast numbers of isolated issues, XM Cyber aggregates them into an attack graph to proactively identify hidden attack paths and weaknesses in both the cloud and on-premises. XM Cyber helps organizations efficiently address the issues that can have the greatest impact on organizational risk. Then teams can eliminate attack paths at critical junctures, i.e., choke points, in order to achieve ultra-efficient risk remediation.
Companies are facing increasingly complex security threats. Many are struggling to assess their own security risks due to an inability to address potential issues as they arise, due to the breakneck pace at which issues are disclosed, and teams' ability to address said issues as they accumulate and because the huge number of security tools in use create diagnostic fatigue.
Vulnerability management programs rarely ever match the overall scale of the organization, boosting the number of potential points of exposure. What's more, besides vulnerabilities, attackers are increasingly leveraging exposures such as misconfigurations and stolen credentials to gain access to companies' core business. Because of this, attack paths to critical assets are often overlooked or identified too late.
Instead of looking at vast numbers of isolated issues, XM Cyber aggregates them into an attack graph to proactively identify hidden attack paths and weaknesses in both the cloud and on-premises. XM Cyber helps organizations efficiently address the issues that can have the greatest impact on organizational risk. Then teams can eliminate attack paths at critical junctures, i.e., choke points, in order to achieve ultra-efficient risk remediation.
Zero Trust starts with Identity. It ends with authorization. And it is centered around policy-based controls for authentication, access, and more. IAM is ubiquitous in Zero Trust. Thus, every Zero Trust implementation must follow an identity-first approach.
In this session, we look at the intersection of IAM and Zero Trust, and provide a mapping of IAM capabilities to Zero Trust requirements. We also look at the need for modern IAM, from adaptive, passwordless authentication to continuous authentication, ITPR (Identity Threat Detection and Response), PBAM (Policy Based Access Management), but also Data Governance and the intersection of IAM and Code Security. This will help you in aligning your IAM and ZT strategies and give you a concrete understanding of technologies you will need (or not).
IDaaS, the SaaS-delivered IAM, helps organizations releasing themselves from a considerable part of the burden that IAM brings. They don’t need to care for software installation and running servers. However, IDaaS is only part of the answer here. Customers still must managed and run their IAM environment.
This is where MSPs (Managed Service Providers) and their services come in . They help the organizations in managing major parts of IAM, from onboarding of systems to customization and configuration, but also for a good share of the business-oriented aspects.
MSPs also can help organizations in providing a real IDaaS in the sense of customers/tenants just ordering services, without even caring about the technology below. They buy the services delivered by an Identity Fabric that is built and run by their service provider (which then again might rely on one or more SaaS services).
In this panel, we will discuss how such a “managed Identity Fabric” can look like and what this means to both the MSPs and their tenants. We’ll specifically focus on what distincts such a managed Identity Fabric from just a standard IDaaS offering, and from a MSP operating the IAM the customer already has in place. We’ll discuss the main criteria and capabilities for selecting the managed Identity Fabric.
This session will share how the concept of a Global Assured Identity Network (GAIN) has evolved since 155 identity experts proposed it in 2021. It summarizes a recent paper by the non-profits that guide the GAIN vision.
GAIN remains a call for collaboration toward globally interoperable identity assurance at-scale - a purpose that underpins the goals of governments, intergovernmental agencies, and private industry. It has inspired multiple working groups and continues to unite six non-profits - even (and especially) as the technical and policy landscape evolves to include emerging standards (e.g. MDLs, DIDs, VCs) and regulation (e.g. eIDAS 2.0).
This talk reflects on GAIN's relevance in today’s landscape and shares progress. It includes a deep dive into the technical community group at the OpenID Foundation, which has built a prototype that demonstrates cross-network trust and high-assurance identity data exchange. It now turns its attention to digital wallets, verifiable credentials, legal entity identifiers, and government-issued IDs.
It also reviews forward-thinking policy work by the Open Identity Exchange, which paves the way for Smart Digital IDs. Their Global Policy Metadata Framework proposes the standard publication of policy characteristics. In this world, policy metadata is shared between each trust framework through trusted wallets.
Are we really in control of our identities, are they merely assigned to us, or is there something else at play?
The promise of a "self-sovereign identity" seems great: you know who you are, and through the magic of technology you can prove to everyone around you that you are who you say you are. The technology to enable this is being built and deployed, but is it the right solution? Even more fundamentally, is it the right model at all?
In this session, we'll examine the core concept of "self-sovereign" identity in the light of how society has historically viewed identity and how our digital systems have modeled identity in different ways over time.
There has been a heated discussion between how (not) to use verifiable credentials, decentralized identifier and soulbound tokens for building better digital identities. We believe there is room for both or even a merge of on- and off-chain technology.
Every cloud-native application needs some form of access control. Most applications provide role-based access control (RBAC), which has limitations when it comes to enterprise scale and fine-grained access control.
Zero trust architectures require us to go further. Following the principle of least privilege, modern cloud apps can implement just in time authorization with fine-grained controls. With a fine-grained model, access rules can be defined on the application’s resources, often down to individual items. And a just-in-time model helps ensure the user has access to what they need, when they need it.
Two ecosystems are emerging around modern authorization: Policy-as-code and policy-as-data. Open Policy Agent (OPA) brings a policy-as-code approach to fine-grained authorization, and Google’s Zanzibar is the most known representative of the policy-as-data camp.
Join the panelists to discuss new developments in modern authorization, and compare the strengths and weaknesses of policy-as-code and policy-as-data as foundational models for a robust access control system.
How changing requirements for a seamless yet secure customer experience affect your Customer Identity solution
Today's consumers live parallel lives, with one foot in the physical world and the other foot leaving many digital footprints across the internet. In the physical world, trust is easier to build and identity is easier to validate. In the digital world the consumer is The Invisible Man - more difficult to interact and connect with but wanting a simple, effortless digital experience with impeccable security.
In this session, we will explore how identity is the link between both worlds and is the centre of every great customer experience. From providing delightful experiences to ensuring security and privacy, we will show how the right Identity Solution resolves the Invisible Man paradox, building connection and trust in the digital world.
Cash.App is the #1 financial app in the US. It started out with a password-less authentication paradigm back in 2013, built around OTP verifications. We are now transitioning to the next generation password-less experience built around passkey. While the transition offers many promises, the path comes with several challenges, around security guarantees, backward compatibility and seamless user experience. We share insights we learned along the journey.
Imagine a world where security risks are identified and mitigated before they even happen. Imagine if access and auditing recommendations were made with the precision of a computer algorithm. Imagine the power of artificial intelligence to revolutionize your organization's identity governance and administration practices. We have reached an inflection point in the world of AI. The release of technologies like ChatGPT is as monumental as the development of the internet or Google as a search engine. AI is going to change the way we think about IGA. With the capabilities of AI, IGA solutions can provide a higher level of granularity, faster data processing, and more complex analysis to better identify and mitigate risks in real-time. This will lead to more effective risk management, smarter access and auditing recommendations, and increased automation of processes and operations. But this is just the beginning. As this technology continues to evolve, we can expect to see even greater benefits from AI-enabled IGA solutions in the future. Imagine a future where your organization's security is not just protected but anticipates and proactively prevents threats before they happen. So I ask you, are you ready to join us in shaping the future of IGA? Are you ready to harness the power of AI to revolutionize your organization's identity governance and administration practices? The future is here, and it's time to embrace it.
In this talk, attendees will learn about the potential for AI to revolutionize Identity Governance and Administration (IGA) practices.
Today’s identity systems are a centralized collection of user data, and have become the #1 target for attackers. According to the Verizon DBIR, more than 80% of breaches start with compromised credentials.Decentralized identity represents a massive paradigm shift to a safer, more secure future by making the user's device the transport mechanism for that single user's data. In other words, no more “trusted” third parties. Decentralized identity eliminates the need to build connections into federation systems, and reduces the amount of personally identifiable information organizations must collect.In short, we’ll discuss how shifting to a decentralized identity model reduces risk for organizations while simultaneously improving users privacy.
