Event Recording

Orchestrating Zero Trust - "Detect, Decide, Direct"

Show description
Speaker
Mehmet Yaliman
Principal Solutions Architect
Ping Identity
Mehmet Yaliman
After studying Bioinformatics, Mehmet found himself as a developer, and shortly thereafter he changed his focus to the Identity space, where has been working for over a decade now, spending time in various roles on the customer, integrator and vendor sides. In his current role at Ping Identity...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
CIAM-as-a-Service for 50 Million Customers at OLX Group Europe
May 12, 2023

Still developing CIAM in-house? Discover the realities of serving 50 million customers using Hosted Customer Identity and Access Management (CIAM) as a service (SaaS) from a vendor.

Customer Identity and Access Management is one of the most critical platform components. How big of a risk would it be for the large enterprise to delegate it to the vendor solution? And how much risk would it be to not do it?

In 2019 our Eastern Europe business was struggling with Accounts Takeovers where botnets of 1 million IPs total size were involved in massive credential stuffing attacks. And we decided to replace all our legacy auth with a vendor solution.

In this session we will go through the key moments of such transition and the key learnings from the past 4 years. We won’t miss the aspect of value proposition, customer experience, real cost and return on such an investment.

Event Recording
Prompt Engineering for Identity Security Professionals | Workshop
May 09, 2023

ChatGPT mainly is what you make out of it. If you are an author it will help you writing. If you are a tech analyst it will help you create a list of critical capabilities for a certain species of software tools. And if you want to hack into a network it will help you writing code that can be used maliciously. 

A prompt guides language models like ChatGPT to create meaningful and useful output. This workshop will teach you the best practices for crafting prompts that result in meaningful and accurate responses. You'll learn how to structure your prompts to elicit specific information, as well as techniques for fine-tuning the model to suit your needs. Whether you're a developer, researcher, or just a curious individual, this workshop is designed to give you the skills you need to unlock the full potential of ChatGPT. Join us and take the first step towards creating truly intelligent conversational systems..

When we asked ChatGPT to create a workshop abstract for Identity Security Professionals, this was the output it provided:

"Prompt Engineering is a powerful tool that can enhance the abilities of identity security professionals to perform their job more effectively. The workshop will equip attendees with the skills they need to engineer AI prompts and leverage AI tools to research, communicate, understand new technologies and threats, understand malicious code, detect or scan for vulnerabilities, generate countermeasures, and summarize their findings and communicate status and results effectively.

Attendees will learn how to use natural language processing techniques and machine learning to improve the efficiency and accuracy of their work, and gain a deeper understanding of the most recent trends and developments in the field of identity security. Additionally, by providing an in-depth examination of the latest methodologies and tools used in prompt engineering, attendees will be well-equipped to stay ahead of emerging threats and secure their organizations' sensitive data."

Event Recording
Passwordless For the Masses
May 10, 2023
Event Recording
Identity Proofing as a Fundamental Element for Zero Trust
May 11, 2023
Event Recording
The Killer Credential - Spotting Verifiable Credentials That are Absolute Must-Haves for Every Party in an Ecosystem
May 10, 2023
Event Recording
The AML-Compliant ID-Wallet
May 10, 2023

AML-compliant customer identification in the finance and banking sector (KYC) in Germany is subject to the requirements of BaFin (the regulatory authority) and the Money Laundering Act. This involves the use of both on-site and online identification procedures, which are often provided by external service providers as “critical outsourcing" and as data order processing. In the age of ID wallets, this KYC process needs to be redeveloped from a regulatory, data protection and technical perspective - especially because the regulatory framework currently does not (yet) explicitly provide for the case of an ID wallet. The presentation describes the challenges for ID wallets and ID issuers in the AML context and shows an exemplary implementation.

Event Recording
Getting the Travel and Tourism Ecosystem Ready for a Digital Identity and Verifiable Credentials
May 10, 2023

The ICAO DTC Type 1 and de mDL standard are currently being used/prepared to be used in several pilots. What are lessons learned, what impact do the panellists see and or expect. Also the EU Digital Wallet will have an important role in these developments. The travel ecosystem connects public and private parties around a traveller. Using a digital identity in an ecosystem that crosses international borders and legal systems is complex, for passengers ànd stakeholders, and requires international standards for technology, data privacy and trust frameworks. 

Event Recording
Assignment Based Access
May 10, 2023

In the current economical climate many companies are facing the need to restructure the operations to ensure efficieny and profitability.

This does in some cases result in layoffs but is also means that projects are cancelled and the staff that was assigned to these projects are freed up for other efforts. In IAM terms the results is a lot of movers in the organisation which traditionally has been a usecase that has been challenging to efficiently support.

How do we help the business and support the need for assignment based access to ensure efficient usage of staff? This talk will look at the lessons learned from implementing assigned based access at a global retailer. It may also include Swedish meatballs, flatpack furniture and moose hunting towers.

Event Recording
Leveraging Decentralized Identity Approaches in the Enterprise
May 11, 2023

In this session, Martin Kuppinger, Principal Analyst at KuppingerCole Analysts look at the potential of utilizing DID approaches within the enterprise. This session will look at the business benefits, the steps involved, important considerations, challenges, pitfalls, and recommendations for implementing decentralized identity. Martin will explain the potential and look at how this will impact existing technologies such as IGA, PAM, and Access Management, and how this relates to other trends such as WfA, BYOD, Policy-based Access, and more. He also will outline where interoperability and standards must further evolve to enable organizations in re-inventing their IAM, without ripping everything apart. He will discuss the steps involved, important considerations, challenges, pitfalls, and recommendations for implementing decentralized identity in the enterprise.

Event Recording
What’s Next In Enterprise Authorization
May 11, 2023

As organizations undergo digital transformation to zero-trust architectures, identity-driven security becomes a critical aspect. Beyond new authentication technologies, organizations must have strong authorization controls. Today, if and when an identity is compromised, the attacker can make lateral movements with very few restrictions and access a wide range of critical systems and information. Much of this over-permissive environment can be attributed to manual permissions management processes that are hard to maintain over time. Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), which underlie these manual processes, provide a good baseline for access security. However, their complexity grows over time and the management overhead they place oftentimes subvert the very goals of security and compliance they are deployed for. Just-In-Time Access Management (JITAM) represents a new robust and secure authorization strategy that can reduce the need for periodic access certifications and manual role administration, while providing auditability. Learn how the authorization space is rapidly changing from RBAC and ABAC to JITAM, and how it could benefit your organization.

Event Recording
When SSI Meets IoT: Challenges and Opportunities
May 11, 2023

In this session, I will first talk about the design considerations and challenges when applying SSI to IoT, followed by the description of an initiative for creating an embedded SDK for SSI. Finally, I will discuss new opportunities for building decentralized identity and access management solutions for IoT.

Event Recording
Opening Session
May 09, 2023