Event Recording

Panel | The Pieces of Modern Authorization - Whats Happening in the Market

Speakers
Warwick Ashford
Senior Analyst
KuppingerCole
Warwick Ashford
Warwick Ashford is a Senior Analyst who researches cybersecurity and identity-related topics, including emerging technologies and trends. He has been writing IT news and analysis as a journalist and editor since 2003, specialising in cybersecurity and privacy since 2012. Warwick has also...
View profile
Paul Fisher
Lead Analyst
KuppingerCole
Paul Fisher
Paul Fisher is a Lead Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry sectors including automotive. Paul is responsible for managing relevant quantitative research at...
View profile
Magnus Jungsbluth
Principal Engineer Identity & Access Management
Zalando SE
Magnus Jungsbluth
Magnus has been working for two decades in software engineering with a strong focus on security and cryptography. At Bundesdruckerei he led a platform team for trustcenter applications and worked on Public Key Infrastructures for eID applications. Since joining Zalando in 2019 he leads multiple...
View profile
Gustaf Kaijser
Head of Sales
SlashID
Gustaf Kaijser
Gustaf Kaijser has experience from over 50 implementations of PBAC solutions from his time as Sales Director EMEA at Axiomatics (XACLM) and Styra (OPA). He currently works at Head of Sales Europe at Slash.id, and has also an IAM  background from SunMicro and Novell.
View profile
Henk Willems
CIAM Advisor
OneWelcome
Henk Willems
As a CIAM Advisor at OneWelcome I consult with organizations to map out the phases and steps involved in introducing a Customer Identity and Access Management solution to their Enterprise Architecture. With the current speed of change, organizations that want to remain their competitive edge...
View profile
Jan Willies
Platform Architect
Accenture
Jan Willies
Jan Willies is a Platform Architect at Accenture and contributor to the crossplane project. He is maintainer of provider-gitlab and provider-argocd, founded the Berlin CI/CD Meetup and organizes the CI/CD DevRoom at FOSDEM 
View profile
Playlist
European Identity and Cloud Conference 2022
Event Recording
Cardea: verifiable credentials for health information go open source
May 11, 2022

As an incubator for innovation in air travel, Aruba has chosen to use verifiable digital credentials to manage entry requirements and health testing for travel to the island. This decentralized, open-source technology, which provides secure authentication while preserving traveler privacy, was developed by SITA and Indicio.tech and donated to Linux Foundation Public Health as  Cardea. In this session, representatives from Aruba’s government, Indicio, and SITA will discuss why they chose a decentralized approach, how they created a trusted data ecosystem, and why the ability to verify personal data without having to check in with the source of that data will transform air travel, healthcare, and tourism

Event Recording
Zero Trust and the Business – why you have to align with the application owners!
May 12, 2022
Event Recording
All Other Identities - The Risk That Is Hiding in Plain Sight
May 12, 2022

For the last 30 years  virtually every  company, agency and organization has been forced to accept the risks associated with identity management and control for third parties and  all  the other identities that  are not  directly addressed by today's workforce or customer access management solutions. The universe of  "all other identities"  is enormous, numbering in the billions and  maybe even the trillions of distinct and unique identities. In the absence of solutions and processes to actively manage and control the identities of contractors, service providers, agencies, franchisees and  all  the possible variations of people,  devices  and entities that your organization interacts with, accepting risk but not being able to  mitigate  it has been the normal course of business. It is past time that these risks are acknowledged,  addressed,  and mitigated. Richard Bird explains the current state of third and n-th party identity risk, how to recognize it and what to do about it in this presentation on a new frontier in security and risk.

Event Recording
The impact of decentralized identity solutions in the marketplace, insights and lessons
May 13, 2022

Long theorized as the solution to the verification problem on the internet, decentralized identity has now achieved lift-off in the marketplace. In this workshop, we’ll explain who’s interested, why, and what we learned building a series of solutions for global enterprises in the finance, health, and travel sectors. We’ll explain how we implement decentralized identity through the concept of a Trusted Data Ecosystem, and what the near future looks like for businesses who adopt this technology now, including the critical importance of verifiable digital identity to decentralized finance, the metaverse, and to the interaction of digital objects and non-digital objects in the spatial web—the “Internet of Everything.”

Event Recording
The Value Paradox: The 3 Inflections of IGA
May 11, 2022
Event Recording
Panel | Cloud Infrastructure Entitlement Management (CIEM): Managing Your Cloud Scale Risk with an Identity Defined Security Approach
May 11, 2022

CIEM adopts a zero trust approach to Identity and Access Management (IAM) for cloud infrastructures, making access risks visible and avoidable. In this panel session 

Event Recording
Drone Pilot Credentialing for Air Safety
May 11, 2022

Drone operations are estimated to bring €10bn/yr to the EU economy by 2035. A critical e-Government issue is the ability to fly drones in regulated airspace around airports. Unauthorised drone operations in the flightpath of passenger aircraft can endanger lives and cause huge financial loss for airport operators. Heathrow Airport has invested >£10M in security systems to track and destroy unauthorised drones. Digitising the entire drone flight approvals process will involve many steps, but the major one we are addressing is verifying pilot training credentials. SSI could radically improve this currently cumbersome and low-trust process. In an Innovate-UK grant funded project (Fly2Plan), we developed an SSI PoC for a drone pilot training company to issue training certificates as verifiable credentials to drone pilots, which can be verified by Heathrow Airport. In this talk we present our learnings and future work.

Event Recording
Knowing differences between Cyber Resistance and Cyber Resilience
May 13, 2022

You've probably heard about Cyber Resilience, but what should be the differences between the two terms in the context of Cybersecurity? Cyber Resistance is the same or not?. During this presentation, we will be understanding the differences between Cyber Resistance and Cyber resilience, and how we can apply both concepts to our current technology landscape, besides understanding how we can identify the High-Value Target (HVT) in our organization

Event Recording
"The Great Resignation" Combined with an Explosion in IT Complexity - How Can IT Weather this Perfect Storm?
May 13, 2022
Event Recording
Panel | Decentralized, Global, Human-Owned. The Role of IDM in an Ideal (If there is One) Web3 World
May 13, 2022

The Internet had been created without an identity layer, leaving it to websites and applications to take care for authentication, authorization, privacy and access. We all know the consequences - username and password still being the dominant paradigm and, even more important, users not having control over information that personally identifies them. The risk of data misuse, of being hacked or manipulated has become a significant challenge and and requires a new approach in times of an emerging web3 and its core capability of transferring value. Is decentralized, DLT based Identity the solution that finally will enable DeFi, NFTs and DAOs? Join this awesome keanote panel to controversially discuss this topic. 

Event Recording
Dealing with Multi-Cloud, Multi-Hybrid, Multi-Identity: Recommendations from the Field
May 11, 2022
Event Recording
Inside the Mind of a Hacker – From Initial Access to Full Domain Admin
May 13, 2022

Ethical Hacker Joseph Carson will demonstrate a real-world use case of how a cyber adversary gains an initial foothold in your network through compromised credentials and then elevates control and moves laterally to identify and exfiltrate your critical data. He will share insights into how the mind of a criminal hacker operates based on his experiences and steps you can take to stop them in their tracks.

Staying up to date and learning hacking techniques is one of the best ways to know how to defend your organization from cyber threats. Hacking gamification is on the rise to help keep security professionals up to date on the latest exploits and vulnerabilities. This session is about helping you get started with hacking gamification to strengthen your security team.

In this session Joseph Carson Chief Security Scientist and Advisory CISO at Delinea will select two systems from Hack the Box and walk through each of them in detail explaining each step along with recommendations on how to reduce the risks. Going from initial enumeration, exploitation, abusing weak credentials to a full privileged compromise.

What will I learn?

  • How attackers gain access to IT environments and systems and escalate privileges
  • What a real-world hack looks like in a use-case demonstration
  • Best practices for combating attackers by establishing multiple layers of security to minimize risk

Get answers to these important questions:

  • How has moving to the cloud affected cyber security from a PAM perspective?
  • What are the most common types of attacks that criminal hackers use to compromise cloud environments?
  • What are common misconceptions that lead to cyber security “blind spots” of vulnerability?