KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Mergers and acquisitions amongst large, globally-distributed organizations are notoriously complex, error-prone, and resource consuming. But did you know that merging smaller organizations comes with its own set of unique issues and risks? One year ago, Okta announced its acquisition of Auth0. Since then, the combined forces of their internal business systems teams have been working hard to bring the identity and compliance capabilities of the organizations together. The union of these two companies introduced some novel challenges- even for veteran practitioners with experience in IAM mergers at much larger organizations. In this talk Jon Lehtinen will take you on a guided tour of the Okta/Auth0 identity merger from a practitioner’s perspective, and share the learnings, the challenges, and the recommendations for other practitioners tasked with merging the IAM programs within smaller, high-growth companies.
Mergers and acquisitions amongst large, globally-distributed organizations are notoriously complex, error-prone, and resource consuming. But did you know that merging smaller organizations comes with its own set of unique issues and risks? One year ago, Okta announced its acquisition of Auth0. Since then, the combined forces of their internal business systems teams have been working hard to bring the identity and compliance capabilities of the organizations together. The union of these two companies introduced some novel challenges- even for veteran practitioners with experience in IAM mergers at much larger organizations. In this talk Jon Lehtinen will take you on a guided tour of the Okta/Auth0 identity merger from a practitioner’s perspective, and share the learnings, the challenges, and the recommendations for other practitioners tasked with merging the IAM programs within smaller, high-growth companies.
It is well known that women face various challenges when working in the IT industry. These challenges lead to the fact that only about 20% of employees in IT are women. The situation in security and identity is even worse, as some studies have shown. "Women in Identity" is a global organization whose mission is to develop solutions with diverse teams. This presentation will look at the various WID initiatives on a global and local level that support women in the industry and create solutions “for everyone built by everyone”.
Decentralized identity is an incredibly flexible technology that solves fundamental problems in the way we manage digital communication. But this capacity to do more than one thing at once can be a source of confusion: How do I actually build a decentralized or self-sovereign identity solution today? How do I put all the components together? In this session we use the framework of a Trusted Data Ecosystem to show how you can use decentralized identifiers, software agents, verifiable credentials, and the supporting infrastructure to verify data without having to check in with the source of data. We show how we used Trusted Data Ecosystems to deliver solutions to financial services, healthcare, and travel to global enterprises—and we give you a preview of what the next steps are for these technologies.
The FIDO Alliance has made tremendous strides in its mission to change the nature of authentication with stronger, simpler and passwordless authentication. Join this session to get find out the state of passwordless authentication from the FIDO lens, including a sneak peak at major news that will – finally - make passwordless FIDO authentication available to the masses.
As the pace of digitalization gathers momentum, organizations are witnessing a dramatic increase in the number of digital identities. These identities interact with systems and applications relentlessly to perform day-to-day IT tasks. Nevertheless, maintaining the privacy of this data is a daunting task. Enterprise data is hosted in multi-tenant cloud, managed service providers and distributed data center environments. How an organization can maintain data privacy in this evolving IT access control use-cases depends on the level of preparedness to protect and monitor those digital identities. An identity and access management solution provides adequate safeguards to enforce IT practices necessary to maintain data privacy.
The Holcim EMEA digital center has received the EMEA innovation award in 2021 from their IGA program.
Most OAuth deployments today use bearer tokens – tokens that can be used by anyone in possession of a copy of them, with no way to distinguish between legitimate uses of them and those that stole them and used them for nefarious purposes. The solution to this is proof-of-possession tokens, where the legitimate client supplies cryptographic material to the issuer that is bound to the token, enabling it to cryptographically prove that the token belongs to it – something attackers cannot do because they don’t possess the proof-of-possession cryptographic material.
The OAuth DPoP (Demonstration of Proof of Possession) specification defines a simple-to-implement means of applying proof of possession to OAuth access tokens and refresh tokens. We will describe real attacks occurring every day against bearer tokens and how they are mitigated by DPoP, providing defense in depth and making real deployed systems substantially more secure with minimal implementation and complexity costs.
These attacks and mitigations are particularly relevant to high-value enterprise deployments, such as in the financial, manufacturing, critical infrastructure, and government sectors.
Securing access to data and applications has become a cornerstone of any modern cybersecurity strategy.
In the IAM market, user access governance projects have a history of incurring multi-year roll-outs and requiring specialized personnel, making many companies shy away and bear excessive cyber risk.
In this space, Elimity tries to break the status quo. As an innovator, Elimity provides a data-driven platform that specifically offers the essentials for user access governance: automated data collection, holistic risk analytics and user-friendly access reviews integrated with ITSM. As a result, the platform lets companies achieve mature access governance in a matter of days, not months.
In this session, Maarten will give an overview of the essentials of user access governance, showcase the Elimity platform and how it is successfully applied in practice.
Zero-trust security relies heavily on the ability for independently owned and operated services to dynamically adjust users’ account and access parameters. These adjustments are based on related changes at other network services, such as identity providers, device management services or others. A set of standards from the OpenID Foundation enable independent services to provide and obtain such dynamic information in order to better protect organizations that rely on zero-trust network access. These standards are being used today in some of the largest cloud-based services from Microsoft and Google to dynamically adjust users’ account and access properties.
This talk gets into the details of the Shared Signals and Events (SSE) Framework, which is the foundational standard for secure webhooks. We also explain two standards based on the SSE Framework: The Continuous Access Evaluation Profile (CAEP), which provides dynamic session information, and the Risk Information and Account Compromise (RISC) Profile, which provides account compromise information
This session is a continuation of the opening keynote by Martin Kuppinger on the future Composable Enterprise. Together we take a look at what powers the composable enterprise and which concepts and technologies can contribute to building a composable enterprise.
KuppingerCole proposes an engine that powers composable enterprises, made up of composable services, identities, and data. Since this journey towards becoming composable is intensely individual based on business goals and requirements, there countless ways of cultivating this modular trifecta. Therefore, this session identifies some of the building blocks that organizations use to cultivate interchangeability and agility to achieve their continually shifting business goals. These building blocks are modular themselves, allowing organizations to exercise different aspects to power composability.