KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
IAM is hard enough without the additional complexities that logistics companies face. Warehouses need to be secure, but it’s difficult to find an identity solution that’s suitable for short-term staff who don’t have or can’t use computers, mobile devices, or biometrics in their work environment. Until recently Decentralized Identity has been stuff of dreams, but that is rapidly changing and the lines between identity and authentication blurring even more. In this session, we’ll explore how a future powered by Decentralized Identity is offering logistics giant DB Schenker a path to stronger security while maintaining productivity in its warehouses—providing a fast, flexible and interoperable way for workers to verify their identity.
IAM is hard enough without the additional complexities that logistics companies face. Warehouses need to be secure, but it’s difficult to find an identity solution that’s suitable for short-term staff who don’t have or can’t use computers, mobile devices, or biometrics in their work environment. Until recently Decentralized Identity has been stuff of dreams, but that is rapidly changing and the lines between identity and authentication blurring even more. In this session, we’ll explore how a future powered by Decentralized Identity is offering logistics giant DB Schenker a path to stronger security while maintaining productivity in its warehouses—providing a fast, flexible and interoperable way for workers to verify their identity.
Still developing CIAM in-house? Discover the realities of serving 50 million customers using Hosted Customer Identity and Access Management (CIAM) as a service (SaaS) from a vendor.
Customer Identity and Access Management is one of the most critical platform components. How big of a risk would it be for the large enterprise to delegate it to the vendor solution? And how much risk would it be to not do it?
In 2019 our Eastern Europe business was struggling with Accounts Takeovers where botnets of 1 million IPs total size were involved in massive credential stuffing attacks. And we decided to replace all our legacy auth with a vendor solution.
In this session we will go through the key moments of such transition and the key learnings from the past 4 years. We won’t miss the aspect of value proposition, customer experience, real cost and return on such an investment.
The FIDO Alliance is working to change the nature of authentication with open standards that are more secure than passwords, simpler for consumers to use, and easier for service providers to deploy and manage. While initially focused on the consumer space FIDO2 holds advantages for the enterprise willing to break the mould on legacy authentication models.
This session will look at the components of a FIDO2 environment and investigate the options for FIDO deployments. A view of the possible future of FIDO will be discussed.
In the last 10 years machine learning has become ubiquitous and touches all lives in ways that was unimaginable before. The machines can make decisions that required considerable human effort at a much faster speed and reduced cost with a little human oversight. As a result, machines don’t just have a higher than before influence in shaping our lives but are also under increased scrutiny by both regulators as well as user rights advocates.
The adage “with great power comes great responsibility” has long been used – from French revolution to superhero comics. It has never been truer as the great power that machine learning wields is now in the hands of almost anyone making a software product. It ranges from giving people access to the funds that can alter their lifepath, medical diagnosis that can increase their life expectancy or reduce it dramatically to their social media feed that cannot just provide them the content that keeps them engaged, but also polarise their beliefs by feeding them information that reinforces their existing notions.
With the growing influence of AI technologies and the corresponding scrutiny, the way AI development happens is beginning to change. The full data science lifecycle needs to incorporate the elements of responsible AI and the professionals who know how to design and implement these will be the ones that employers will look for.
Companies are facing increasingly complex security threats. Many are struggling to assess their own security risks due to an inability to address potential issues as they arise, due to the breakneck pace at which issues are disclosed, and teams' ability to address said issues as they accumulate and because the huge number of security tools in use create diagnostic fatigue.
Vulnerability management programs rarely ever match the overall scale of the organization, boosting the number of potential points of exposure. What's more, besides vulnerabilities, attackers are increasingly leveraging exposures such as misconfigurations and stolen credentials to gain access to companies' core business. Because of this, attack paths to critical assets are often overlooked or identified too late.
Instead of looking at vast numbers of isolated issues, XM Cyber aggregates them into an attack graph to proactively identify hidden attack paths and weaknesses in both the cloud and on-premises. XM Cyber helps organizations efficiently address the issues that can have the greatest impact on organizational risk. Then teams can eliminate attack paths at critical junctures, i.e., choke points, in order to achieve ultra-efficient risk remediation.
Do you know during the peak holiday season, 75% of the traffic on your site can be malicious or bot?
In 2022, there has been an 85% increase in Account takeover and it results in not only monetary losses but also losing consumer trust.
To address these, the right authentication strategy is a combination of active authentication (SMS, Push Notification, WebAuthn, passkeys) and passive authentication that includes IP reputation, device fingerprinting, and user behavior analysis. This enables a frictionless experience for “good users” without lowering the defenses for “bad users.”
In this session, we’ll explore Dark Web techniques, open-source tools, and services that fraudsters use for credential stuffing, fake account creation, and account takeovers. In addition, we’ll share a practitioner's viewpoint on rolling out various active and passive authentication solutions and how the convergence of identity and fraud can help you build the right passwordless strategy.
You will learn about the Sovereign Cloud for the German Government, this solution is based on Azure and operated by Delos Cloud Gmbh
Digital Identity and Security solutions impact our environment, typically in a positive and securing manner. However research shows that increasingly digitization of identity services, for digital identity, also exclude and harm individuals.
In this presentation Henk will detail his research into the impact of digital identity solutions on nation state level and how to start involving ethics in the design and implementation of these solutions.
The findings also apply to designing and implementing security solutions for other purposes than digital identity.
The approach to engage with ethical conversations during design will be explained theoretically, linking to the background of Value Sensistive Design (https://en.wikipedia.org/wiki/Value_sensitive_design) and made practical by case studies of Ethics in Security Design.
Henk has been researching the ethics of digital identity at Leiden University, NL, in 2022.
Decentralized identity has made its waves in the EU with European Blockchain Services Infrastructure (EBSI) and in the US with various funded projects. A vast market in south-east Asia stays untapped. We have enabled our partner organization ZADA to build a decentralized identity ecosystem that connects various southeast Asian countries with numerous cases like 'Decentralized Vaccination TravelPass', 'Employment IDs', and 'Government issued Educational Credentials'. The journey of a decentralized identity platform from ideation to MVP and to a scalable production system can bring tremendous insights. We were able to successfully enable the public sector in Myanmar to engage with self-sovereign identity and bring value to its citizens by issuing over more than a quarter million digital credentials. Monetization of these credentials was an essential factor for us. These self-sovereign identity credentials varied in use cases and were verified by Singapore immigration, Public sector hospitals, the Education Ministry of Myanmar, the Health Ministry of Myanmar, and various other private sector vendors. Our journey covers various use cases in EdTech, HealthTech, IAM, and KYC. Explored right, these cases can help us dive into how enterprises can engage with the southeast Asian identity market.
Passwordless helps in reducing ATO fraud, provides better security, and smoother experience. But the passwordless approach for each organization and region is fundamentally different, in large part because the journeys or flows that your customers will take are unique. In this session Huzefa Olia will talk about the various options that an organization can introduce for Passwordless access for their customers.
Like many businesses, you started the MFA journey and might even consider it at a level of maturity. Yet, when questioned to rate compliance coverage or cyber insurance requirements for strong authentication business-wide, do you have a moment?
Workforce identity workflows are complicated, with an extensive portfolio of assets and legacy applications that create gaps in strong authentication coverage. However, organizations need to trust nothing and no one - and have to prove strong authentication is in place to regulators and cyber insurance underwriters.
In this session we will explore ways to strengthen your authentication system and fill coverage gaps:
There’s a lot of foundational work happening in the space of Selective Disclosure (SD) right now. Selective Disclosure enables you to have a token with many claims (say, an ISO Mobile Drivers’ License (mDL)), and only release the claims necessary to the interaction – for instance, your birthdate but not your home address. Selective Disclosure enables Minimal Disclosure. This is sometimes realized using Zero Knowledge Proofs (ZKPs) but that’s not always necessary.
In decentralized identity ecosystems, users hold their own credentials to share them with others when needed. One key requirement for these credentials is selective disclosure: instead of sharing the entire credential, users should be able to share only the minimal amount of information necessary for a given use case. This is where SD-JWT comes in.
SD-JWT (Selective Disclosure JWT) is a new format for enabling selective disclosure in JWTs. It is based on the JOSE family of standards for signing and encryption, making it easy to understand and implement.
Developed by the IETF OAuth Working Group, SD-JWT is not limited to verifiable credentials, but can be used universally to provide selective disclosure for any JWT.
Due to its simplicity, SD-JWT has quickly gained traction, with several implementations already available and ongoing adoption as an important building block in both commercial and public projects. In this talk, we will introduce the concepts behind SD-JWT and provide a detailed overview of its capabilities and benefits. We will also discuss the current state of SD-JWT adoption and future directions for its development.
Some of the current work pertinent to Selective Disclosure is: