Event Recording

Key Requirements for Next Generation MFA

Show description
Speaker
Patrick McBride
Chief Marketing Officer
Beyond Identity
Patrick McBride
Patrick has served as CMO of ZeroFOX and Claroty, as VP of Marketing at iSIGHT Partners and Xceedium, VP of Compliance at Scalable Software, Co-founder and CEO of META Security Group, and Senior Vice President at META Group. Patrick received a bachelor’s degree in management from...
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Bridging Traditional IGA with Cloud Native Authorization
May 12, 2022

IGA vendors often point to ABAC vendors when asked how authorization should actually be enforced and ABAC vendors point in the direction of IGA vendors when asked where all that context information is coming from. The talk will shed some light on how the grey area between IGA and cloud native authorization systems like Styra DAS / Open Policy Agent can be bridged. The focus will be on inhouse applications not on commercial off the shelf software as bolting a foreign authorization system onto existing software brings little benefit. We will share where different concerns like auditability, scalability and user experience for engineers and end users can be solved. 
Zalando has 4000+ inhouse applications and 280+ engineering teams so we will also talk about organizational scalability by using 100% automation and self service. 

Event Recording
Panel | The Pieces of Modern Authorization - Whats Happening in the Market
May 12, 2022
Event Recording
IGA in the Financial Industry - Implementing IAM
May 12, 2022

Field report from a compliance-driven implementing of a full-blown IGA system at a German finance corporation.

Event Recording
OpenID SSE, CAEP and RISC - Critical standards that enable Zero-Trust security
May 11, 2022

Zero-trust security relies heavily on the ability for independently owned and operated services to dynamically adjust users’ account and access parameters. These adjustments are based on related changes at other network services, such as identity providers, device management services or others. A set of standards from the OpenID Foundation enable independent services to provide and obtain such dynamic information in order to better protect organizations that rely on zero-trust network access. These standards are being used today in some of the largest cloud-based services from Microsoft and Google to dynamically adjust users’ account and access properties.

This talk gets into the details of the Shared Signals and Events (SSE) Framework, which is the foundational standard for secure webhooks. We also explain two standards based on the SSE Framework: The Continuous Access Evaluation Profile (CAEP), which provides dynamic session information, and the Risk Information and Account Compromise (RISC) Profile, which provides account compromise information

Event Recording
Access Control - The new Frontier
May 12, 2022
Event Recording
Making SSI accessible: IOTA technology, solutions and projects
May 12, 2022

Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners, and verifiers selecting and using them. This requires not only to design and implement new technologies but also to identify new business opportunities and business models. Collaboration, experimentation, and evaluation are the road to adoption, and the EU collaborative H2020 research and innovation framework offers the opportunity to de-risk such collaborations, in favor of innovation.

Event Recording
It's the Relationship, Stupid
May 10, 2022
Event Recording
A Learning Agenda for Federal Identity
May 11, 2022
Event Recording
Connecting 10.000+ mobility companies and multi million customers
May 12, 2022
Event Recording
Panel | Assessing the Cybersecurity Impact of Russia’s Invasion of Ukraine
May 11, 2022

Russia’s invasion of Ukraine has tectonic consequences for citizens and businesses across the world. An expectation of normalcy post the pandemic has been replaced with fears of increased gas prices and supply chain disruptions. Attackers are expected to leverage the context to carry out advanced cybercrime intrusions, leaving businesses susceptible to attacks that could have potential second and third-order effects on their operations. A cyber problem immediately becomes a business problem that requires effective business continuity contingency plans built around defensible, risk-informed choices.  

In this panel session, you’ll hear from security leaders who will provide a pragmatic assessment of organizational dependencies to improve your odds of identifying and mitigating cyber attacks, while addressing the increasingly challenging risk environment organizations find themselves in 

Event Recording
Identity Management in a Web 3.0 World
May 12, 2022

The third iteration of the Web, Web 3, aims to put more control over web content in users’ hands. It promises to be built on blockchain, eliminating all big intermediaries, including centralized governing bodies. The vision for a Web3 world is for people to control their own data and be able to bounce around from social media to email to shopping using a single personalized account, creating a public record on the blockchain of all of that activity. What does this mean from an identity management point of view? We will explore some important questions that should be addressed as the future of the internet unfolds, including the impact that limited oversight in crypto currency will have, including poor authentication; the role of decentralized identities and private key management; and finally, the privacy aspects of having transaction data on the blockchain and what that means for attackers that can potentially compile new identities or further identity theft as we know it today. Whether it is Web3 or beyond, these issues will be critical to build trust on the internet of the future.

Event Recording
Protocol Independent Data Standards for Interoperability
May 12, 2022