Event Recording

Identity is the New Blue

Show description
Speaker
Mike Kiser
Director, Strategy and Standards
SailPoint
Mike Kiser
Mike Kiser has held a panoply of industry positions over the past 20 years—from the Office of the CTO to Security Strategist to Security Analyst to Security Architect—that might imply otherwise. In spite of this, he has designed, directed, and advised on large-scale security...
View profile
Playlist
European Identity and Cloud Conference 2021
Event Recording
Goodbye Dogmatism / Hellō Pragmatism
Sep 14, 2021

Disciples of decentralized identity have preached for years that DIDs are the only true path to giving users control over their identity, AKA self sovereign identity. The lack of widespread adoption is evidence that a more pragmatic approach is needed.

Event Recording
The Rise of the Developer in IAM
Sep 13, 2021

Everything is famously code today—cars are computers with wheels, appliances have Internet access, smart doors and houses are controlled from mobile phone apps. With all this code around, security is more of a challenge than ever. A central pillar of security is identity management: the technology that protects logins and controls access. This, too, is becoming code to work with all the other code. Libraries for developers are essential, including ID controls in mobile and Web applications for initial sign on, single sign-on, federated sign-on, biometric authentication systems, and controlling access to sensitive data. And code itself is becoming code: automation systems for producing code, deploying code, updating code, configuring resources and access controls. IAM code has to be wherever it’s needed, when it’s needed, and automated, just like any other code. The better we do this, the more secure we all are with our ubiquitous computers. 

Event Recording
Case Study: How an Entire Industry adopts Digital Enterprise Identity
Sep 15, 2021

Back in November 2013 the U.S. congress enacted the Drug Supply Chain Security Act (DSCSA). Part of the regulation is that actors within the U.S. pharmaceutical industry must verify the U.S. state license, which is issued by the U.S. Drug Enforcement Administration (DEA), status (and thus the authenticity) of every trading partner within their supply chain. And this does not stop just by direct trading partners a pharmaceutical supply chain actor might have, the regulation states, that also indirect trading partner’s U.S. state license status must be proofed.

Dr. Carsten Stöcker, Co-founder and CEO, Spherity
Event Recording
Panel | CIAM During Covid - How to Better Secure the Identities of Your Customers
Sep 14, 2021
Max Faun, Head of Consulting, Europe, Okta
Paul Fisher, Senior Analyst, KuppingerCole
Jason Goode, Regional Director – EMEA, Ping Identity
Dali Kilani, CTO, Lifen
Event Recording
Security and Anti fraudsters CIAM strategy for next years
Sep 14, 2021

In this lecture I present a reference architecture covering CIAM, API and PAM thinking about closing the main attack possibilities in modern contexts

  • Reference architecture validated covering CIAM, PAM and API
  • How to decrease frauds
  • How to increase the user experience with security
Alfredo Luiz dos Santos Junior, Senior IAM Architect, Farfetch
Event Recording
Security Automation in the Financial Sector: Research Findings, Best Practices, and Lessons Learned
Sep 15, 2021

This presentation combines the findings of a doctoral study into security automation in the financial sector with real-world experiences in implementing security automation. The research focused on strategies financial institutions need to reduce the gap between the attacker's time to compromise and the defender's time to detect and respond. Learn from the experiences of companies that have implemented or are implementing security automation. This session will look at what to expect from security automation (and what not to expect), how to decide what to automate, strategies to help ensure a successful security automation program, and lessons learned from success and failure.

Dr. Donnie Wendt, Principal Security Researcher, MasterCard
Event Recording
Integrating IoT With SSI-Enabled Technologies For Healthcare
Sep 14, 2021
Dr. Christos Patsonakis, Postdoctoral Research Associate, The Centre for Research & Technology Hellas
Event Recording
Closing Keynote & Announcement of EIC 2021 Gamification Winners
Sep 15, 2021
Event Recording
Panel | Identity vs Authorization - Where to Draw the Line
Sep 15, 2021

We will look at OAuth protocol and its misusage for authorization purposes. What is the difference between client and user authorization and at which stage should each happen? We will revise what Identity is at its core and what should or should not be part of it. And what about Group Membership – a ‘domain-driven’ advise how to triage roles between Identity and Authorization. All these best practices are backed by real-life experience.

- OAuth and its misusage as an authorization protocol
- Essence of Identity
- Difference between client authorization and user authorization in the context of OAuth
- Group Membership – where do roles belong?
- Theory backed by practice

Hristomir Hristov, Solutions Architect, KPMG
Martin Manov, Software Architect, Cobuilder International
Fabian Süß, Project Manager, KuppingerCole
Event Recording
The Next Frontier: Why Decentralised Identity is only Base Camp
Sep 14, 2021

Over the past decade significant advancements have been made towards decentralised, self-sovereign and tokenised identity. Now that we can tokenise a unique value what is the new value we can enable?

Katryna Dow, CEO & Founder, Meeco
Event Recording
One PAM - A Holistic Approach to PAM for the Shift to a Zero Trust Model
Sep 14, 2021

Join Peter Dulay, Symantec Identity Management Adoption Advisor, Broadcom, as he introduces One PAM, which brings together traditional proxy-based (credential vaulting) with agent-based (granular access controls) capabilities into one consolidated solution and approach, and how One PAM is better positioned to help customers shift to a Zero Trust model.  

Peter Dulay, Security & Integration Adoption Advisor, Broadcom
Event Recording
Malware Manipulated in Cloud Environments - Is it Dangerous?
Sep 14, 2021

During this presentation, I'll show how the effects can bring in inside the Cloud environment if was exploitable by Malware using PDF file, explaining how each session works within a binary, what are the techniques used such as packers, obfuscation with JavaScript (PDF) and more, explaining too about some anti-desassembly techniques, demonstrating as a is the action of these malwares and where it would be possible to "include" a malicious code.

Filipi Pires, Security Researcher, THOR - Threat Hunting Offensive Researcher