KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Decentralized Identifiers (DIDs) offer a unique solution for digital identity verification, allowing individuals to have complete control over their own identity and eliminating the need for a centralized registry or authority. In this session, we will explore the insights that can be gained through the analysis of global DID data. At Danube Tech GmbH, we have developed version trackers that monitor various DID methods, such as did:indy, did:ebsi, did:ion and others, collecting and storing data on DID transactions in our database for analysis. During this session, we will present the results of our latest analyses, including trends in DID transactions over time, distributions across different verification methods, and errors found in DIDs and DID documents. This information can be valuable for businesses looking to understand and utilize DIDs in their operations, as well as for individuals seeking to use DIDs for their own digital identity management.
Decentralized Identifiers (DIDs) offer a unique solution for digital identity verification, allowing individuals to have complete control over their own identity and eliminating the need for a centralized registry or authority. In this session, we will explore the insights that can be gained through the analysis of global DID data. At Danube Tech GmbH, we have developed version trackers that monitor various DID methods, such as did:indy, did:ebsi, did:ion and others, collecting and storing data on DID transactions in our database for analysis. During this session, we will present the results of our latest analyses, including trends in DID transactions over time, distributions across different verification methods, and errors found in DIDs and DID documents. This information can be valuable for businesses looking to understand and utilize DIDs in their operations, as well as for individuals seeking to use DIDs for their own digital identity management.
Still developing CIAM in-house? Discover the realities of serving 50 million customers using Hosted Customer Identity and Access Management (CIAM) as a service (SaaS) from a vendor.
Customer Identity and Access Management is one of the most critical platform components. How big of a risk would it be for the large enterprise to delegate it to the vendor solution? And how much risk would it be to not do it?
In 2019 our Eastern Europe business was struggling with Accounts Takeovers where botnets of 1 million IPs total size were involved in massive credential stuffing attacks. And we decided to replace all our legacy auth with a vendor solution.
In this session we will go through the key moments of such transition and the key learnings from the past 4 years. We won’t miss the aspect of value proposition, customer experience, real cost and return on such an investment.
Cash grab-robberies are out, online fraud is in. When multinational hacker groups target senior and vulnerable citizens as a business model.
Learn how BankID is fighting fraud and helps you stay on top by identifying, preventing and notifying you of fraudulent usage in real time, while preserving top user experience.
The dream of tomorrows digitalized society is already a reality. Sweden is one of the world’s most digital and innovative societies. The fast and secure digital identification provided by BankID is a corner stone in this, to many, futuristic ecosystems. Many shops and stores do not accept cash and the amount of cash is low, something that inflicts digital threat. Studies shows a steep growth curve of digital fraud in several markets. In some places, fraud has surpassed drugs in turnover and profitability and fraud factories are popping up globally. Talented social engineering fraudsters and patterns with efficient crime-as-a service software, modus and tools. Fraud schemes including native and international fraud clusters targeting Swedish bank customers.
Learn more around the Risk and Anti-fraud toolset in the BankID Identity Platform. Digital identity is an area where the need for innovation is extensive. Whatever future eID scenario you discuss, security is always at the core.
Legacy IAM cannot be just "improved". It needs a "Transformation". But how an IAM transformation could be successful in the financial sector, especially banking? In this presentation I would like to share the top lessons learned from such a transformation.
During the last 3 years we have seen a significant uptake on decoupled authorizations solutions, the main drivers behind this is a move to the cloud, micros services and ZT implementations. In this speech Gustaf Kaijser will walk you through the feedback he has been getting from the organisations that have implemented OPA based solutions the last years, and the significant gains that they have seen in:
With heightened reliance on remotely delivered services and transactions, the need for safer and sounder digital identification and verification is required and will become the norm in the future. This especially is true looking forward to mandates for the adoption of zero trust frameworks in which digital credentials will be issued and then used for identification and operational purposes. GLEIF is committed to making concrete and lasting improvements to the process of identity verification by leveraging the Legal Entity Identifier (LEI) in digital tools. GLEIF has made the LEI verifiable by creating the vLEI (verifiable LEI) with digital credentials that deliver decentralized identification and verification for organizations as well as the persons who represent their organizations either in official or functional roles. GLEIF has made much progress on developing the governance, credentials and infrastructure since introducing the vLEI in 2020 and will share an updated at this progress in this session. |
More and more it becomes difficult to Insure yourself against a Cyber attack. Understanding all the different vectors of your risk posture, the flood of different tools and checklists that need to be taken into account and the way to consolidate this risk into an overarching risk dashboard is an immense challenge for CISO's, Risk Managers and their senior leadership. Because of this major challenge and a non-standard way of calculating the risk; more and more Insurance companies are putting a high demand on the information provided in order to get a proposal for a Cyber Insurance and then, if and when a Cyber Insurance is offered, the premiums and coverage become another big challenge and financial burden on companies.
The presentation will highlight these challenges and will provide hints and tips on how to deal with this problem, ensuring to get Cyber Insurance at the lowest possible premium and with the highest coverage.
PAM (Privileged Access Management) is one of the established core disciplines within IAM. PAM also is the IAM discipline that is changing most from what it has been in the past.
On one hand, there is the impact of CIEM & DREAM, Cloud Infrastructure Entitlement Management or Dynamic Resource Entitlement & Access Management. This is about the expansion of PAM beyond humans accessing servers and selected applications towards any type of human and non-human (silicon) identity accessing any type of workload, from servers to dynamic cloud resources. This also implies an expansion from serving static data center infrastructures to dynamic workloads in today’s agile IT. PAM is changing, with more parties involved – a “PAMocracy”, as KuppingerCole Analyst Paul Fisher recently named it.
These changes also require expansions in integration to other IT services. There needs to be a dynamic governance approach, where IGA comes into play. It requires rethinking whether PAM tools really should care for authentication. There is no need for authentication point solutions in an age where most organizations have a strong Access Management solution with MFA, passwordless authentication and adaptive, risk- and context-based access in place. Finally, this new PAM must integrate with the DevOps tools chain for permanent updates about new code and the resources used as well as with IT Asset Management for an always up-to-date insight into the ever-changing, dynamic IT landscape that needs to be protected.
Also worth to think about is integration with further security solutions, beyond the standard SIEM/SOAR integration. AI-powered security solutions are one aspect. Integration to Cloud Security Posture Management is another example.
In this panel, the state and requirements on the future PAM will be discussed.
In overcoming the ancient concept of firewalled enterprise perimeters, securing identities has become the core element of a future driven Cybersecurity Mesh Architecture, with a composable approach of interconnected security controls – the Cybersecurity Fabric.
These Cybersecurity Meshes or Fabrics factually are nothing else than the concrete architecture and implementation of the Zero Trust paradigm, making this work in practice. In this session, we will start with a quick overview of these paradigms and their constituents, before showing how to adapt this to your current state of cybersecurity and your concrete cybersecurity requirements. Based on that, we will look at examples of such concrete architectures, the maturity levels, and on how to build your own roadmap towards the cybersecurity mesh/fabric that makes Zero Trust a reality.
The term secure access service edge (SASE) has become popular in recent months and has been adopted by numerous vendors. SASE stands for a concept that integrates a range of cloud-native security services including cloud access security brokers (CASB), firewall as a service (FWaaS), secure web gateways (SWG), and zero-trust network access (ZTNA), with wide-area network (WAN) capabilities for delivering both directly to any edge computing location. In this session, KuppingerCole´s John Tolbert will give an overview of the market for SASE solutions and provide a compass to help buyers find the product that best meets their needs. KuppingerCole examines the market segment, vendor capabilities, relative market share, and innovative approaches to providing SASE solutions.
For more than two decades, Microsoft Active Directory (AD) has been the de facto method organizations use to authenticate and authorize users for access to computers, devices, and applications within a company’s network. Most companies still rely on it and have further extended its reach into the cloud by synchronizing their on-prem AD with the Microsoft Azure AD to allow proper SSO to cloud-applications by their users. AD is celebrated for its extensive compatibility with various applications and Windows editions, but that compatibility comes with security downsides.
Compromises of Active Directory can occur as an entry point leading to a further attack or can arise at various other points along the kill-chain following an initial compromise via some other mechanism. Even in cases where a compromise is gained following an attack on applications or infrastructure directly, it is frequently infeasible for an attacker to progress further without elevating privileges, making Active Directory a primary target in an overall breach strategy.
It is therefore important that Active Directory defense tools are paired with a wider Zero Trust and XDR approach to provide full visibility over organizational infrastructure, enabling security teams to accurately identify the point of origin of an attack, and to perform the containment and remediation actions required to neutralize and prevent reoccurrence of an attack.
Join Principal Technologist, Guido Grillenmeier, to discuss AD access points used in recent cyberattacks, security risks to watch for in managing AD with Azure AD, how to look for warning signs that AD has been compromised and steps to take in the event of an attack.
You will learn about the Sovereign Cloud for the German Government, this solution is based on Azure and operated by Delos Cloud Gmbh
The combined impact of the pandemic driven shift to remote work with a connect-anywhere paradigm and the ongoing digital business transformation has inspired a higher awareness of cybersecurity concerns, requiring a profound change in the way we define Access Management.
New contact-free onboarding experiences from the workforce to the customers; the need for managing human-to-device relationships; passwordless authentication as the new normal; decentralized identities as a new way for dealing with identities; the impact of policy based access; the convergence of IGA and Access Management: All these are just some of the trends we observe. In this session, we will talk about the Access Management trends and provide guidance on how to leverage and extend your existing Access Management towards a future-proof Access Management.