Event Recording

Panel | APIs - Where Security Meets Identity Management

Posted on Sep 14, 2021

Traditional IAM models have focused on users, policies, and roles, which met the needs of web applications in years past but as application development has evolved to APIs, an innovative approach to identity management is required. It is no longer just users, roles, and permissions. APIs must be integrated into the identity and access management framework to ensure adequate governance and security.

Within an API there is a requestor (often on behalf of a user), a service (API), and the data that is being passed. All these entities in the transaction require unique identity and authorization; without identity, compliance and enforcement mandates cannot be met effectively and without authorization, there is a free-for-all on your APIs reminiscent of Cambridge Analytica and Facebook.

In this session, we will look at how rapid digitalization (first and third-party APIs + multi-or hybrid-cloud environments) has complicated security efforts, the role of API integration in data governance, and how companies can best navigate the heightened cyber-threat environment we find ourselves in today.

- Why API security requires more than traffic policy management and course-grained enforcement.
- Why APIs need to be integrated into the identity and access management framework to ensure adequate governance and security.
- How companies can reduce the burden on developers to allow for a proactive approach to API security instead of reactive.

Nathanael Coffing, Co-Founder, CSO and Board Member, Cloudentity

Gal Helemski, Co-Founder & CIPO, PlainID

David Martinache, Manager, Wavestone

Fabian Süß, Project Manager, KuppingerCole

Show description

Nathanael Coffing, Co-Founder, CSO and Board Member, Cloudentity

Gal Helemski, Co-Founder & CIPO, PlainID

David Martinache, Manager, Wavestone

Fabian Süß, Project Manager, KuppingerCole

Speakers

Co-Founder, CSO and Board Member
Cloudentity

Nathanael Coffing

Nathanael is a CyberSecurity visionary who’s spent the last decade focused on improving the security posture of the identity by integrating Cyber signals into the authentication and authorization processes. Over the last two decades he’s honed his product and scalability...

View profile

Co-Founder & CTO
PlainID

Gal Helemski

Gal is a recognized specialist in cyber security with specific focus on identity and access management. In the past 16 years she has defined solutions to customers, wrote the project specs, technical documentation, presentations and training. Gal holds a B.Sc in Physics & Computer Science...

View profile

Manager
Wavestone

David Martinache

David is a consultant specialized in identity and access management for the last 8 years. He supports major companies in their digital transformation by helping them rethink their authentication and identity management services, from the framing phase to the operational...

View profile

Project Manager
KuppingerCole

Fabian Süß

Fabian joined KuppingerCole‘s Events Team in July 2021 as a Project Manager, with a focus in Content and Agenda for the Cybersecurity Leadership Summit. He holds both a M. Eng. in Construction and Real Estate from the University of Applied Sciences Augsburg and an EMBA in Digital...

View profile

Playlist

European Identity and Cloud Conference 2021