Event Recording

Identity Data, Observability & Analytics - The Road to Identity First Security

Show description
Speakers
Sebastien Faivre
Co-Founder and CTO
Brainwave GRC
Sebastien Faivre
Sebastien is Chief Technical Officer and co-founder at Brainwave GRC, responsible for product vision, features and design. Sebastien is a seasoned Product Management expert with more than 20 years of expertise. In the course of his professional experience he has designed and launched several...
View profile
John Pritchard
CPO
Radiant Logic
John Pritchard
John is Chief Product Officer at Radiant Logic, responsible for the company’s global product vision and leading engineering, product and design. John joined Radiant Logic from Okta, where he served as Vice President of Product Management for Okta’s Developer and Partner Ecosystem....
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
From Identity Theft to Identity Threat to Identity Security
May 10, 2023

Identity has been always an ambiguous term. Identities exist in a sociocultural and organizational context and in technical ones. We have Digital Identities and eIDs and not only do individuals have identities but so do organizations and non-humans, especially in technical contexts.

Identities had been always under threat, starting with theft of individuals’ identities and credentials in the physical world, such as credit cards and passports. However, these threats have not been on a large scale. We all know that this has changed dramatically with the digitization of everyone and everything. Social engineering, phishing emails, buying credentials in the dark web have become a serious threat to businesses and individuals. These threats have reached new heights with the numerous attacks on identity infrastructures, be it corporate directories or government eID infrastructure.

In this panel, we will explore the identity threats to individuals and organizations, how they are managed, and how identity security can be achieved from a prevention, detection, and management perspective.

Event Recording
Entitlements - Claim vs. Reality
May 10, 2023

The claim or desire for authorizations, permissions and the rights set in practice often have a wide divergence. Typically, more rights are assigned unconsciously than were actually required.

The resulting vulnerabilities can have significant consequences therefore, it is essential to be able to monitor the true permissions at any time, regardless of how the permissions have been set. It is almost impossible to manage monitoring manually, even in small environments. Therefore, independent automatisms that can automatically explore, analyze and report the real settings are becoming a requirement.

In this session we will show you how Cygna Labs can support you in these challenging tasks and thereby ensure and improve security in your company.

Event Recording
CAEP and Shared Signals - Past, Present and Future
May 10, 2023

What started as a simple blog post from Google has rapidly ballooned into an industry movement. Major vendors have implemented the Continuous Access Evaluation Protocol / Profile (CAEP) and analysts, practitioners and decision makers agree that it is critical to the future of zero-trust. This keynote, by the inventor of CAEP, goes into the pain points that led to the development of CAEP, the process to recast it as a part of the Shared Signals working group in the OpenID Foundation and the trends that make it an indispensable component of any zero-trust architecture. CAEP’s non-prescriptive nature makes it easy for anyone to implement their own policies and the Shared Signals Framework makes communicating changes efficient and nearly instantaneous. A future powered by Shared Signals and CAEP enables enterprises and vendors to break information silos to create a highly secure outcome.

Event Recording
Street Cred: Increasing Trust in Passwordless Authentication
May 10, 2023

Good security gets out of the way of users while getting in the way of adversaries. Passwords fail on both accounts. Users feel the pain of adhering to complex password policies. Adversaries simply copy, break, or brute-force their way in. Why, then, have we spent decades with passwords as the primary factor for authentication? 

The industry needs to trust passwordless authentication (FIDO2). Adversaries and then criminals have circumvented our authentication controls for decades. From the very first theft of cleartext passwords to the very latest bypass of a second-factor, time and again improvements in defenses are met with improved attacks.

What holds us back from getting rid of passwords? Trust. In this session, we will propose a framework of technical controls to ensure only trusted sessions authenticate, regardless of faults or failures in any one factor, and to reassess based on shared signals (CAEP). We will share a path forward for increasing trust in passwordless authentication.

Event Recording
Passwordless For the Masses
May 10, 2023
Event Recording
The Path to Passwordless is Paved with Orchestration
May 10, 2023

End-users have become accustomed to shopping, dining, traveling, learning, and caring for their health in an ever-more-digital fashion. Unfortunately, bad actors have put personal data at greater risk by perfecting a loop of using previously breached data to drive new data-rich breaches. We’ll examine:

  • The newest standards that help render stolen passwords worthless for launching new attacks
  • How to apply an identity-layer signal of signals, unifying systems of intelligence
  • Ways to match enhanced security with superior user experience
Event Recording
eIDAS 2.0 & EU Digital Identity Wallet - Potential, Challenges, Use Cases
May 12, 2023
Event Recording
Managing your Code-to-Cloud Security Risks in a Multi-Cloud Environment
May 10, 2023

The shift to multi-cloud introduces a wide range of cloud security risks that remain unaddressed due to the siloed approach and limited focus of existing cloud security tools. Most cloud security tools offer highly focused solutions that are limited in scope and capabilities to address the growing spectrum of multi-cloud security risks. The convergence of IAM and multi-cloud security tools (CSPM, CWP and CIEM) offer a cloud security platform that takes an integrated approach to securely manage identities and their access entitlements to cloud resources for cloud-native application development, deployment and operations in the cloud. In this session, we will discuss:

  1. What are the emerging archetypes of IAM and multi-cloud security tools convergence?
  2. What are the essential building blocks to effectively address your code-to-cloud security risks in a multi-cloud environment?
  3. What are the industry best practices and recommendations to deploy and operationalize multi-cloud security tools for best results?
Event Recording
Best and Worst Practices of Digital Wallets User Experience
May 10, 2023

Digital identity wallets are central components for Decentralized and Self-Sovereign Identity (SSI) approaches. They are the interface for users to manage their identities and gain access to services. Hence, the usability and user experience of these wallets is pivotal for the adoption of those popular and privacy friendly identity management concepts.  This talk will summarize research findings into naming some of the Best and Worst Practices to be considered in the further development of the user experience of Digital Wallets.

This talk would highlight multiple studies, publications, and projects that I have done on this topic.  However, if you would prefer another topic, I could propose another talk idea that would be related to other identity topics in either the Digital Wallets, mGov/eGov Services, or Trust Management.

Event Recording
Market Overview: Identity Governance & Administration (IGA)
May 10, 2023

The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Lifecycle Management and Access Governance solutions that are now increasingly aided by intelligent features. In this session, KuppingerCole´s Nitish Deshpande will share with you insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.

Event Recording
Machine Learning in IAM & IGA
May 11, 2023

This presentation will provide an overview of the terminology and basics of AI and ML in the context of Identity and Access Management (IAM) and Identity Governance and Administration (IGA). It will explore a number of current use cases for leveraging ML in IAM, demonstrating the benefits of automation and enhanced security that ML can bring to identity management. The presentation will conclude with strategic considerations for using ML in IAM, highlighting the importance of considering business value, available data, and existing technologies when implementing ML-based solutions for identity management.

Event Recording
The Future role of PAM: Securing any Privileged Workload & Access
May 11, 2023

PAM (Privileged Access Management) is one of the established core disciplines within IAM. PAM also is the IAM discipline that is changing most from what it has been in the past.

On one hand, there is the impact of CIEM & DREAM, Cloud Infrastructure Entitlement Management or Dynamic Resource Entitlement & Access Management. This is about the expansion of PAM beyond humans accessing servers and selected applications towards any type of human and non-human (silicon) identity accessing any type of workload, from servers to dynamic cloud resources. This also implies an expansion from serving static data center infrastructures to dynamic workloads in today’s agile IT. PAM is changing, with more parties involved – a “PAMocracy”, as KuppingerCole Analyst Paul Fisher recently named it.

These changes also require expansions in integration to other IT services. There needs to be a dynamic governance approach, where IGA comes into play. It requires rethinking whether PAM tools really should care for authentication. There is no need for authentication point solutions in an age where most organizations have a strong Access Management solution with MFA, passwordless authentication and adaptive, risk- and context-based access in place. Finally, this new PAM must integrate with the DevOps tools chain for permanent updates about new code and the resources used as well as with IT Asset Management for an always up-to-date insight into the ever-changing, dynamic IT landscape that needs to be protected.

Also worth to think about is integration with further security solutions, beyond the standard SIEM/SOAR integration. AI-powered security solutions are one aspect. Integration to Cloud Security Posture Management is another example.

In this panel, the state and requirements on the future PAM will be discussed.