KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Passwordless helps in reducing ATO fraud, provides better security, and smoother experience. But the passwordless approach for each organization and region is fundamentally different, in large part because the journeys or flows that your customers will take are unique. In this session Huzefa Olia will talk about the various options that an organization can introduce for Passwordless access for their customers.
Passwordless helps in reducing ATO fraud, provides better security, and smoother experience. But the passwordless approach for each organization and region is fundamentally different, in large part because the journeys or flows that your customers will take are unique. In this session Huzefa Olia will talk about the various options that an organization can introduce for Passwordless access for their customers.
How do we control what we do not see?
Supply chains are like that. The problem is that while you may have sight of your nearest third-party relationships, if you look further out to their relationships, things start to become a bit obscured. And that is where the risk lies.
In recent years Okta, Toyota and Morgan Stanley have all suffered data breaches that originated with an attack on the supply chain.
In this presentation, we explore the complex nature of supply chains/digital ecosystems and all the parties involved. We’ll look at the pattern of some recent third-party attacks, examine their root cause and what lessons we can learn.
Finally, we'll explore the critical capabilities that are needed as the foundation for a solid third-party strategy; one that provides active, continuous monitoring while reducing the overhead for compliance.
A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.
Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?
Engineers across organizations struggle with increased anxiety and stress every time they hit the push button to make complex system changes. One mistake can hinder business as usual, introduce unnecessary risks, and cause non-compliance with policies that can cripple the whole organization.
Simulations could be the answer engineers are looking for. They are used in various fields to study complex systems and help engineers create hypothetical scenarios to see the impact of certain changes before implementing them.
In this presentation, the Evolveum Development Team Leader, Katarina Bolemant, will explain the motivation and common pain points of deploying an IGA solution. She will show you the endless possibilities of using simulations to evaluate the impact of changes and how to identify potential issues and reduce the risks of errors. Using simulations will lift the burden off engineers’ shoulders, increase confidence in their decisions, and build stronger relationships with other stakeholders.
Offer a peek into the future, and both technical personnel and decision makers will appreciate you for providing the possibility to review the simulated results and make necessary adjustments before implementing changes in the production environment.
OpenID Foundation leaders and contributors will brief the EIC community on the latest progress and outlook for the OpenID Foundation. As part of this workshop we will cover:
Please join us early to be part of the conversation. Workshop presenters include Nat Sakimura, Gail Hodges, Kristina Yasuda, Torsten Lodderstedt, Tim Cappalli and others.
Explore the latest developments in deepfake technology and its impact on identity fraud. With deepfakes becoming increasingly realistic and widespread, it is essential for businesses and organisations to understand the risks they pose and take action to mitigate them. Attendees will gain a comprehensive understanding of the risks posed by deepfakes to the identity verification industry and how to protect their organisations from them effectively. The session will feature expert insights and real-world examples of how businesses and organisations can implement deepfake detection technology and other measures to prevent identity fraud.
ChatGPT mainly is what you make out of it. If you are an author it will help you writing. If you are a tech analyst it will help you create a list of critical capabilities for a certain species of software tools. And if you want to hack into a network it will help you writing code that can be used maliciously.
A prompt guides language models like ChatGPT to create meaningful and useful output. This workshop will teach you the best practices for crafting prompts that result in meaningful and accurate responses. You'll learn how to structure your prompts to elicit specific information, as well as techniques for fine-tuning the model to suit your needs. Whether you're a developer, researcher, or just a curious individual, this workshop is designed to give you the skills you need to unlock the full potential of ChatGPT. Join us and take the first step towards creating truly intelligent conversational systems..
When we asked ChatGPT to create a workshop abstract for Identity Security Professionals, this was the output it provided:
"Prompt Engineering is a powerful tool that can enhance the abilities of identity security professionals to perform their job more effectively. The workshop will equip attendees with the skills they need to engineer AI prompts and leverage AI tools to research, communicate, understand new technologies and threats, understand malicious code, detect or scan for vulnerabilities, generate countermeasures, and summarize their findings and communicate status and results effectively.
Attendees will learn how to use natural language processing techniques and machine learning to improve the efficiency and accuracy of their work, and gain a deeper understanding of the most recent trends and developments in the field of identity security. Additionally, by providing an in-depth examination of the latest methodologies and tools used in prompt engineering, attendees will be well-equipped to stay ahead of emerging threats and secure their organizations' sensitive data."
With the ever-increasing number of cyber-attacks, level of fines and unstable geopolitical climate, organizations are looking to better protect themselves against data breach by deploying phishing resistant authentication for their workforce.
FIDO combines the benefits of high security with a standards-based approach, but with its background in the consumer world, including privacy by design, how does it fit into an enterprise deployment with the increased demand for identity management?
This session will discuss:
Phishing, hacking, threats, fraud, and malicious behavior online of all types all share a common root: verification. In this session we’ll go beyond identity and explain how decentralized identity and verifiable credentials can provide a complete, secure system for exchanging different types of information between multiple parties. Learn how Trusted Data Ecosystems can connect people, machines, companies or any two entities to multiple businesses and jurisdictions without sharing private information. In this conversation, long-time community contributor at Hyperledger, working group leader at Decentralized Identity Foundation, and Indicio Senior Engineer Sam Curren will share more about digital trust and describe the critical importance of digital verification to decentralized healthcare, finance, the metaverse, and to the interaction of digital objects and non-digital objects in the spatial web—the “Internet of Everything.”
Digital sovereignty has become an important topic for individuals as well as a strategic issue for countries and businesses, allowing them to operate in an environment that they trust and can control. This necessitates technology that is not overly reliant on third parties, where there is a risk of misuse of trust or non-compliance.
In this session, we will explore 3 dimensions of digital sovereignty related to identity:
By now, organizations are well aware of the need for better protecting data and application with modern access management and authentication.
Thales and Microsoft partner to help organizations going passwordless to fight against phishing attacks. Thales and Microsoft experts Sarah Lefavrais and Thomas Detzner will talk about the role of Fido and other phishing resistant authentication methods like CBA in achieving Zero Trust approach.
Rotating credentials of some privileged accounts is a risky task, which might lead to a business shutdown when things go wrong. But the alternative of not rotating them opens the door for attackers to take hold of your organization - thus leading to a business shutdown as well. This is a lose-lose situation.
So what should we do ? Rotate or not rotate credentials of privileged accounts ?
In this session we will discuss about the challenges and solutions.