Event Recording

Real-time Fraud Detection - Challenges and Solutions

Show description
Speaker
Fawaz Ghali
Principal Developer Advocate
Hazelcast
Fawaz Ghali
Fawaz Ghali is a Principal Developer Advocate at Hazelcast with 20+ years of experience in software development, machine learning and real-time intelligent applications. He holds a PhD in Computer Science and has worked in the private sector as well as Academia as a Researcher and Senior...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Tilting at White Towers: Making Your Identity Architecture Actionable
May 10, 2023

As an identity professional, you're constantly studying and reviewing new technologies, new protocols, and new products within the space but you struggle for the best way to extract the value of these new shiny, items to benefit your organization. You've been told that a well-developed identity architecture plan is the best way solve business challenges and produce concrete results but your research and fully-notated diagrams have failed to engage your peers.

Many times this is because the architecture was designed by architects for architects without inout from those who are most impacted by the existing legacy technololgies. Architects tend to be more isolated from the actual business so focus more on things like ArchiMate notation and TOGAF frameworks.

Steve "Hutch" Hutchinson will share his own decades of architecture experience and provide attendees with proven methods to make your architecture artifacts relatable to your front-line business workers, understandable by your technical peers from across cyber/IT, and provide demonstratable value to your organization's senior leadership. These same methods will allow you to shepherd your organization to a modern identity econsystem on a budget and timetable purpose fit for your organization's needs and culture.

Event Recording
The Path to Passwordless is Paved with Orchestration
May 10, 2023

End-users have become accustomed to shopping, dining, traveling, learning, and caring for their health in an ever-more-digital fashion. Unfortunately, bad actors have put personal data at greater risk by perfecting a loop of using previously breached data to drive new data-rich breaches. We’ll examine:

  • The newest standards that help render stolen passwords worthless for launching new attacks
  • How to apply an identity-layer signal of signals, unifying systems of intelligence
  • Ways to match enhanced security with superior user experience
Event Recording
Market Overview CIAM: Customer Identity & Access Management
May 12, 2023

This session provides an overview of the CIAM solution market and provides you with a compass to help finding the solution that best meets your needs. In a recent Leadership Compass, KuppingerCole´s Senior Analyst John Tolbert examined the CIAM market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions.

Event Recording
Centralized eID May be the Target of the Next Nordstream Pipeline Attack
May 11, 2023

With the vast centralization of government digitization in general, and issuance and operation of Digital Identity services in particular, the Nordic countries have made themselves unnecessarily vulnerable to attacks by actors such as those with the resources to blow up the Nordstream pipelines in the Baltic Sea.

With the new Danish digital identity, MitID, as an example, I will discuss

  1. How governments and/or banks centrally attempt to strike a balance between vulnerability and user adoption,
  2. Why compliance and certification may only take you so far, and finally,
  3. How concepts such as wallets and Verifiable Credentials may decentralize the digital identity ecosystem not only for increased privacy but also for more robust and secure infrastructures less prone to attacks by bad actors.
Event Recording
The Decentralized Identity Journey has Begun in Financial Services
May 11, 2023

Learn how Raiffeisen Bank International heads toward decentralized identity to empower their customers across Europe and set the gold standard for privacy protection.

The increased mobility of users and their demand for personalized, unified omnichannel access experiences has stretched federated IAM beyond its limits. Meanwhile, the need for organizations to collaborate more to compete, and build communities of trust and value for those same users affordably and securely, cannot be met by existing federated IAM solutions. Learn how Raiffeisen Bank International (RBI) will embrace the new paradigm of decentralized identity to improve existing experiences and create the opportunity for new, valuable user experiences and increased levels of engagement and collaboration withbusiness partners across multiple jurisdictions, without the need to replace their infrastructure. Simultaneously, understand why starting their journey now, enables RBI to future-proof their ecosystem to rapidly support the EU Digital Wallet and official digital credentials that will become available. Get a glimpse into the solution architecture being deployed at RBI and an understanding of the benefits and how they can be communicated to executive leadership and business partners. Yes, decentralized identity may be great for web3 someday; however, learn from RBI how it can also solve today’sproblems in a practical way and work in harmony with existing IAM systems enhancing existing federationplatforms.

Event Recording
Hack a Cloud and Kubernetes
May 10, 2023

People are under the impression that when you spin up the latest and greatest AKS, EKS, OpenShift or GKE instance, that you're secure. However with K8S, now more than ever the workload underneath matters. One privileged, neglected, container can compromise an entire setup. Rather than just talking about the risks or best practices, this talk is all about showing how easy it is to do.

The talk will first discuss possible attack paths in the Kubernetes cluster, and what differences exist in the attack techniques compared to classic infrastructures. For this purpose, a web application in a container will be compromised, then the Kubernetes cluster and the cloud account. Subsequently, 2 open-source tools will be discussed how such vulnerabilities and misconfigurations can be detected in the different infrastructure layers.

Event Recording
Getting the Travel and Tourism Ecosystem Ready for a Digital Identity and Verifiable Credentials
May 10, 2023

The ICAO DTC Type 1 and de mDL standard are currently being used/prepared to be used in several pilots. What are lessons learned, what impact do the panellists see and or expect. Also the EU Digital Wallet will have an important role in these developments. The travel ecosystem connects public and private parties around a traveller. Using a digital identity in an ecosystem that crosses international borders and legal systems is complex, for passengers ànd stakeholders, and requires international standards for technology, data privacy and trust frameworks. 

Event Recording
Architecting Identity-First Zero Trust Implementations
May 10, 2023

Zero Trust starts with Identity. It ends with authorization. And it is centered around policy-based controls for authentication, access, and more. IAM is ubiquitous in Zero Trust. Thus, every Zero Trust implementation must follow an identity-first approach.

In this session, we look at the intersection of IAM and Zero Trust, and provide a mapping of IAM capabilities to Zero Trust requirements. We also look at the need for modern IAM, from adaptive, passwordless authentication to continuous authentication, ITPR (Identity Threat Detection and Response), PBAM (Policy Based Access Management), but also Data Governance and the intersection of IAM and Code Security. This will help you in aligning your IAM and ZT strategies and give you a concrete understanding of technologies you will need (or not).

Event Recording
Continuous Exposure Management - Keeping one step ahead of attackers through continuous exposure management
May 12, 2023

Companies are facing increasingly complex security threats. Many are struggling to assess their own security risks due to an inability to address potential issues as they arise, due to the breakneck pace at which issues are disclosed, and teams' ability to address said issues as they accumulate and because the huge number of security tools in use create diagnostic fatigue. 

Vulnerability management programs rarely ever match the overall scale of the organization, boosting the number of potential points of exposure. What's more, besides vulnerabilities, attackers are increasingly leveraging exposures such as misconfigurations and stolen credentials to gain access to companies' core business. Because of this, attack paths to critical assets are often overlooked or identified too late.

Instead of looking at vast numbers of isolated issues, XM Cyber aggregates them into an attack graph to proactively identify hidden attack paths and weaknesses in both the cloud and on-premises. XM Cyber helps organizations efficiently address the issues that can have the greatest impact on organizational risk. Then teams can eliminate attack paths at critical junctures, i.e., choke points, in order to achieve ultra-efficient risk remediation.

Event Recording
CIAM, Wallets, Decentralized - Where is "Traditional" CIAM Heading?
May 12, 2023
Event Recording
The MFA Dilemma and Moving Beyond Mobile
May 10, 2023

This panel will explore the current state of multifactor authentication (MFA) and its limitations, as well as potential solutions for improving the security and user experience of MFA. We will discuss topics such as the challenges of implementing MFA, the limitations of mobile-based MFA, and alternative methods for MFA, such as biometrics and behavioral analysis. The panel will also address the future of MFA, discussing the potential for new technologies to improve security and user experience, and the role of industry and government in shaping the future of MFA. Overall, the panel aims to provide valuable insights and perspectives on the multifactor authentication dilemma and the steps needed to move beyond mobile-based solutions.

Event Recording
Defending Cross-Device flows against Illicit Consent Grant Attacks
May 11, 2023

Cross device flows lets a user initiate an action on one device (e.g. a SmartTV) and authenticate or authorize that action on a trusted personal device (e.g. a mobile phone). Examples includes authorizing a smart TV to access streaming content, or authenticating to a service by scanning a QR code with a mobile phone and completing the authentication on the mobile phone. This process of authorizing an action on a separate (but trusted) device from the one on which an action is initiated is an increasingly common flow, whether used for devices with limited input capabilities, multi-factor authentication or credential presentation. A number of standards have adopted this pattern including Device Authorization Grant (formerly Device Code Flow), Client Initiated Backchannel Authentication (CIBA) and Self Issued OpenID Provider (SIOP). These flows solve important business problems, but is vulnerable to attacks where the user is tricked into granting consent to an attacker. The IETF OAuth working group has recognised this challenge and is creating new guidance that leverages zero-trust principles to defend against these "illicit consent grant" attacks. This session will discuss the attacks and how the new guidance can mitigate these threats against cross device flows.