KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
The shift to multi-cloud introduces a wide range of cloud security risks that remain unaddressed due to the siloed approach and limited focus of existing cloud security tools. Most cloud security tools offer highly focused solutions that are limited in scope and capabilities to address the growing spectrum of multi-cloud security risks. The convergence of IAM and multi-cloud security tools (CSPM, CWP and CIEM) offer a cloud security platform that takes an integrated approach to securely manage identities and their access entitlements to cloud resources for cloud-native application development, deployment and operations in the cloud. In this session, we will discuss:
Cash.App is the #1 financial app in the US. It started out with a password-less authentication paradigm back in 2013, built around OTP verifications. We are now transitioning to the next generation password-less experience built around passkey. While the transition offers many promises, the path comes with several challenges, around security guarantees, backward compatibility and seamless user experience. We share insights we learned along the journey.
In the last 10 years machine learning has become ubiquitous and touches all lives in ways that was unimaginable before. The machines can make decisions that required considerable human effort at a much faster speed and reduced cost with a little human oversight. As a result, machines don’t just have a higher than before influence in shaping our lives but are also under increased scrutiny by both regulators as well as user rights advocates.
The adage “with great power comes great responsibility” has long been used – from French revolution to superhero comics. It has never been truer as the great power that machine learning wields is now in the hands of almost anyone making a software product. It ranges from giving people access to the funds that can alter their lifepath, medical diagnosis that can increase their life expectancy or reduce it dramatically to their social media feed that cannot just provide them the content that keeps them engaged, but also polarise their beliefs by feeding them information that reinforces their existing notions.
With the growing influence of AI technologies and the corresponding scrutiny, the way AI development happens is beginning to change. The full data science lifecycle needs to incorporate the elements of responsible AI and the professionals who know how to design and implement these will be the ones that employers will look for.
The Trust Over IP Foundation (ToIP) is focused on the centerpiece of the ToIP stack: the trust spanning protocol that will do for identity interchange what the Internet Protocol did for data interchange. This panel will explore how this will enable ubiquitous, trusted, interoperable identity exchange.
The internet was designed without a trusted identity layer to connect physical entities to the digital world. This layer is now emerging in the form of decentralized digital identity systems based on digital wallets and digital credentials. ToIP was founded by a pan-industry group of leading organizations with a mission to provide a robust, common set of standards forming a complete architecture for internet-scale digital trust. The ToIP Technical Architecture Specification V1 was completed earlier this year. Now ToIP is focusing on the keystone to ubiquitous identity, the ToIP Trust Spanning Protocol. This protocol will do for identity interchange what the Internet protocol did for data interchange.
This interactive panel, moderated by ToIP’s Executive Director, will explore the views of its member organizations for a lively and engaging debate on how we finally establish trust in the digital age. Come to this panel to understand the why, how, and when of this new protocol.
Sure, MFA goes a long way in preventing account takeover but it is only one layer. Using AI to look at identity data to evaluate risk can add an additional layers – not only to prevent takeover but mitigate the impact once a takeover happened.
Zero Trust starts with Identity. It ends with authorization. And it is centered around policy-based controls for authentication, access, and more. IAM is ubiquitous in Zero Trust. Thus, every Zero Trust implementation must follow an identity-first approach.
In this session, we look at the intersection of IAM and Zero Trust, and provide a mapping of IAM capabilities to Zero Trust requirements. We also look at the need for modern IAM, from adaptive, passwordless authentication to continuous authentication, ITPR (Identity Threat Detection and Response), PBAM (Policy Based Access Management), but also Data Governance and the intersection of IAM and Code Security. This will help you in aligning your IAM and ZT strategies and give you a concrete understanding of technologies you will need (or not).
There has been a heated discussion between how (not) to use verifiable credentials, decentralized identifier and soulbound tokens for building better digital identities. We believe there is room for both or even a merge of on- and off-chain technology.
The Zero Trust paradigm, the approach of eliminating inherent trust in an IT architecture and always verifying, has been discussed for over a decade. It is well known that Zero Trust is a team sport, with Identity in the center. The many components, from IGA to Device Management, Network-segmentation to contextual awareness and beyond can be fulfilled by as many vendors, bearing the question about how to integrate these for a secure and convenient user experience. While there may be integrations available for some components, they will most likely be disjointed and/or require custom development, making it a challenge to be agile and innovative.
An alternative to the described problem would be Orchestrating Zero Trust, applying the approach of "Detect, Decide, Direct". Through Orchestration the task of gathering all signals and relevant information (Detect) for an appropriate authorization decision (Decide), and continuing with the proper next step(s) (Direct) can be fulfilled in a flexible manner, facilitating customization in a future proof manner.
In this session we will describe the "Detect, Decide, Direct" approach and see how Orchestration can be a key enabler of Zero Trust.
In 1994, Italian physicist Cesare Marchetti discovered something: cities expand as a function of transportation speed. In short, “transportation is the lifeblood of a city.” Innovation in transportation has driven the expansion of cities—from small, walkable areas to the sprawling, car-based metropolises, presenting a challenge for urban planners.
Identity in the modern organization faces a similar challenge: if transportation is the lifeblood of cities, then identity is the lifeblood of organizations. And our organizations are not ancient, walkable Rome, but modern, sprawling Atlanta—with identities and resources widely strewn around the globe.
Like urban planners, we face a nearly-intractable challenge: how can we provide access to resources and data easily while still meeting the stringent demands of security and compliance?
Thankfully, there appears to be a solution for both urban planning *and* identity, albeit from an unexpected source: Ordinary slime mold. Aka, “The Blob.”
We’ll learn from this simple organism, describe how its simple actions create complex systems that solve these sorts of “unsolvable” problems, and see how the Blob might “think” about identity.
The European Union’s regulation on Digital Identity, eIDAS, is currently being overhauled to adopt decentralized identity principles. The goal is to provide all citizens and residents across the EU with highly secure and privacy preserving digital wallets that can be used to manage various digital credentials, from eIDs to diplomas to payment instruments. Decentralized identity principles aim at giving freedom of choice and control to the end-user. Ensuring security and interoperability, however, will be challenging — especially in the enormous scale in terms of users and use cases the EU is aiming at. The choices made in eIDAS will have a huge impact on digital identity in the EU and beyond.
The so-called “Architecture and Reference Framework” (ARF) defines the technical underpinnings of eIDAS v2. Many experts from the member states and the Commission have been working on this framework over the last year, trying to select the best combination of technologies and standards out of the enormous number available in the market today. This talk will introduce the ARF and explain what architectural patterns and technical standards are adopted and how the challenges mentioned above are addressed in order to leverage on the vision of the eIDAS v2 regulation.