KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
A standardized approach to control privileged accounts can be valued as a profitable internal service.
While implementing Privileged Access Management (PAM) DKB concentrates on what kind of service delivery a PAM implementation can provide to its customers (our employees) to connect benefits for end-users and address identity security at the same time.
We call that Privileged Access Security Service.
From a technical and IAM point of view identity security can only be achieved by securing the respective digital identities and the assigned user accounts in the corresponding target systems.
In the area of IAM/PAM a comprehensive compliance level automatically results in a higher maturity of our information security management. Therefore, we reduce the non-financial risks not only by complying with regulatory requirements but also by adding effective security concepts – such as zero trust or least privilege – to our IAM/PAM ecosystem.
In this session the DKB approach to handle identities and accounts in the context of a Privileged Access Security Service will be presented.
The short abstract of this topic would be "How we can make a proper business case and ROI(Return on Investment) for PAM". Below are some of the preparations we need for a smoother PAM flight:
Web3 is a revolutionary changing aspect of technology in the current era but protecting Web3 will be a challenge considering how smart contracts are challenging. New businesses utilizing blockchain technology are more focused on business while their different assets need eyes, such as the most vulnerable DApps and Web3 services.
Decentralized applications, commonly referred to as dApps, are not controlled by a single point of authority. Instead, they run on a blockchain or a P2P network, making them more complex and riskier than traditional applications.
In this talk, we'll discuss how hackers are utilizing their techniques to attack web3 and smart contracts and what are best practices for enterprises to prepare for the challenge.
Learn how Raiffeisen Bank International heads toward decentralized identity to empower their customers across Europe and set the gold standard for privacy protection.
The increased mobility of users and their demand for personalized, unified omnichannel access experiences has stretched federated IAM beyond its limits. Meanwhile, the need for organizations to collaborate more to compete, and build communities of trust and value for those same users affordably and securely, cannot be met by existing federated IAM solutions. Learn how Raiffeisen Bank International (RBI) will embrace the new paradigm of decentralized identity to improve existing experiences and create the opportunity for new, valuable user experiences and increased levels of engagement and collaboration withbusiness partners across multiple jurisdictions, without the need to replace their infrastructure. Simultaneously, understand why starting their journey now, enables RBI to future-proof their ecosystem to rapidly support the EU Digital Wallet and official digital credentials that will become available. Get a glimpse into the solution architecture being deployed at RBI and an understanding of the benefits and how they can be communicated to executive leadership and business partners. Yes, decentralized identity may be great for web3 someday; however, learn from RBI how it can also solve today’sproblems in a practical way and work in harmony with existing IAM systems enhancing existing federationplatforms.
The Common Ground movement of the Dutch municipalities is developing innovative solutions for greater interoperability. An important part of this is the data landscape, where functionality is accessed through microservice API’s. In the analysis of this architecture, one aspect is barely touched upon: The Access Control aspect in API’s is not appropriately co-developed.
The Municipality of The Hague has performed a Proof Of Architecture (the POA) to demonstrate that it is possible to unlock an existing API in which access is not explicitly modeled, or that still uses traditional Role Based Access Control methods internally, restricting interoperability across contexts.
The POA is done in an effective and efficient way through innovative 'zero trust architecture' concepts, such as Policy Based Access Control. Security and privacy are thus demonstrably realized in accordance with legal requirements. The POA proves that it is technically feasible to add input-filtering of access requests to ignore the restricting RBAC method and thereby open doors for municipalities for interoperability in an autonomous and secure way.
During the presentation the working principles of API access from a perspective of Identity & Access Management are explained, but also how these principles can be applied in practice in an existing application landscape.
The presentation will be a joint presentation between the lead architect of the City of The Hague, Jan Verbeek, and access strategist André Koot.
The term secure access service edge (SASE) has become popular in recent months and has been adopted by numerous vendors. SASE stands for a concept that integrates a range of cloud-native security services including cloud access security brokers (CASB), firewall as a service (FWaaS), secure web gateways (SWG), and zero-trust network access (ZTNA), with wide-area network (WAN) capabilities for delivering both directly to any edge computing location. In this session, KuppingerCole´s John Tolbert will give an overview of the market for SASE solutions and provide a compass to help buyers find the product that best meets their needs. KuppingerCole examines the market segment, vendor capabilities, relative market share, and innovative approaches to providing SASE solutions.
ITDR: Is this really something new, given that around 80% of the cyberattacks are identity-related, from password phishing to bypassing MFA? Is it a separate discipline or just a part of XDR (Extended Detection and Response)? Or a new name for what Access Management and FRIP already do?
As always, there is something new and relevant in this. The fundamental question for many organizations will be on how to address the identity threat challenge best. Does it require new or different tools, or just a different use of what is already there? What to look for specifically? And how to reduce the risk of identity-based attacks? Is ITDR the core, or better identity protection? These questions will be answered in this session to help you navigating through the buzzword jungle.
As long as passwords exist, enterprises are vulnerable to account takeover attacks –yet organizations looking to eliminate passwords may not know where to begin their passwordless journey. While passwordless authentication methods—especially those based on FIDO2—are widely available, they are not yet universally supported nor adopted. This lack of a universal approach can cause confusion and complacency—or both. Attend this session to learn why (and how) organizations should move away from passwords and legacy MFA to advance to and adopt a secure passwordless strategy centered on phishing-resistant MFA in 2023
In this session, KuppingerCole´s Paul Fisher will give an overview of the market for Privilege Access Management (PAM) platforms and provide a compass to help buyers find the product that best meets their needs. KuppingerCole examines the market segment, vendor capabilities, relative market share, and innovative approaches to providing PAM solutions. He will also explain how the new Pamocracy is affecting the market.
Graph is having its moment and rightfully so. Regulatory challenges, overly complex authorization scenarios and retrofitting legacy programs to meet new business needs are squeezing businesses. Implementing a graph-based approach can remove these obstacles and reduce risk.
But for many businesses, this is where graph-based implementations start and stop.
In this session, we will discuss how to turnidentity data into identity knowledge and what that can deliver. We will dive into data models that drive contextual and real-time decisions - data models which are foundational for enabling complex authorization use cases and beyond.
Finally, we will explore the benefits of graph-based deployments in your existing environments, including the value of a holistic and visually simplified data model and avoiding the accidental architecture challenge
Regulatory bodies, government agencies, and CIOs are mandating Zero Trust as a cyber security framework. What does Zero Trust mean for your security strategy? With a Zero Trust security model, nobody is trusted automatically, even when they’ve cleared the perimeter. Instead, all identities are verified, minimum access is granted based on context, and activities are monitored to make sure controls are working as expected. The Zero Trust model requires multiple security controls throughout an IT environment to protect and manage identities, devices, networks, applications, and data. This session will take you through the reality check of where Zero Trust started, how it has evolved over the years and what does it really mean for your organization today.
The enterprise perimeter is now its data objects, APIs, applications, and its users are now the workforce, customers, partners and in many cases, machines. In this new, decentralized, and highly segmented world, CISOs and IAM leaders find themselves struggling with multiple systems and interfaces that control the most basic question: Who has access to what and when?
In this session, we will present a new architecture for Identity First Security based on Centralized Access and Authorization Policy Management Platform, and discuss pro and cons, specific real-world implementations.