KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
The term secure access service edge (SASE) has become popular in recent months and has been adopted by numerous vendors. SASE stands for a concept that integrates a range of cloud-native security services including cloud access security brokers (CASB), firewall as a service (FWaaS), secure web gateways (SWG), and zero-trust network access (ZTNA), with wide-area network (WAN) capabilities for delivering both directly to any edge computing location. In this session, KuppingerCole´s John Tolbert will give an overview of the market for SASE solutions and provide a compass to help buyers find the product that best meets their needs. KuppingerCole examines the market segment, vendor capabilities, relative market share, and innovative approaches to providing SASE solutions.
The term secure access service edge (SASE) has become popular in recent months and has been adopted by numerous vendors. SASE stands for a concept that integrates a range of cloud-native security services including cloud access security brokers (CASB), firewall as a service (FWaaS), secure web gateways (SWG), and zero-trust network access (ZTNA), with wide-area network (WAN) capabilities for delivering both directly to any edge computing location. In this session, KuppingerCole´s John Tolbert will give an overview of the market for SASE solutions and provide a compass to help buyers find the product that best meets their needs. KuppingerCole examines the market segment, vendor capabilities, relative market share, and innovative approaches to providing SASE solutions.
The term “Identity Fabrics” stands for a paradigm and concept of a comprehensive and integrated set of Identity Services, delivering the capabilities required for providing seamless and controlled access for everyone to every service. Identity Fabrics support various types of identities such as employees, partners, consumers, or things. They deliver the full range of identity services required by an organization.
Identity Fabrics are not necessarily based on a technology, tool, or cloud service, but a paradigm for architecting IAM within enterprises. Commonly, the services are provided by a combination of several tools and services, with up to three solutions forming the core of the Identity Fabric. Most organizations that are using this paradigm as a foundation for the evolution of their overall IAM tend to build on a strong core platform for delivering major features and complementing this by other solutions.
We will look at what must be in every Identity Fabric, and how to evolve from a foundational Identity Fabrics approach towards a higher level of maturity. The session will look at concrete capabilities per maturity level and service group within Identity Fabrics.
Rotating credentials of some privileged accounts is a risky task, which might lead to a business shutdown when things go wrong. But the alternative of not rotating them opens the door for attackers to take hold of your organization - thus leading to a business shutdown as well. This is a lose-lose situation.
So what should we do ? Rotate or not rotate credentials of privileged accounts ?
In this session we will discuss about the challenges and solutions.
Cybercriminals no longer “hack” in – they simply log in. Once inside, they hunt for privileged accounts. A vast majority of breaches today are due to the abuse of stolen privileged accounts. Privileged accounts are very powerful but at times, anonymous and shared. Learn how to take control of Privileged Access to ensure that your most valuable asset - your data - is protected.
We must secure our organization’s processes regardless of what tech they run on. Originally, security leaders had leverage. We controlled the horizontal. We controlled the vertical. And if people wanted to work, they needed to follow our rules to access corporate apps and services. But then came Cloud apps, and BYOD, and consumerization, pushing security beyond our outer limits. Security happens where psychology and technology intersect. The everyday decisions of employees increase or decrease an organization’s risk.
Employees don’t need us. And by employee, I mean more than end-users. This is a broader conversation; including software developers, IT engineers, DevOps practitioners, and more. To get people to opt in and follow secure practices, we turn to behavior science. IT security leaders must offer them a compelling experience. In this panel we will discuss how to carefully balance the need for security, compliance, and efficient resource management to ensure that your cloud environment is both secure and effective.
What started as a simple blog post from Google has rapidly ballooned into an industry movement. Major vendors have implemented the Continuous Access Evaluation Protocol / Profile (CAEP) and analysts, practitioners and decision makers agree that it is critical to the future of zero-trust. This keynote, by the inventor of CAEP, goes into the pain points that led to the development of CAEP, the process to recast it as a part of the Shared Signals working group in the OpenID Foundation and the trends that make it an indispensable component of any zero-trust architecture. CAEP’s non-prescriptive nature makes it easy for anyone to implement their own policies and the Shared Signals Framework makes communicating changes efficient and nearly instantaneous. A future powered by Shared Signals and CAEP enables enterprises and vendors to break information silos to create a highly secure outcome.
In the last 10 years machine learning has become ubiquitous and touches all lives in ways that was unimaginable before. The machines can make decisions that required considerable human effort at a much faster speed and reduced cost with a little human oversight. As a result, machines don’t just have a higher than before influence in shaping our lives but are also under increased scrutiny by both regulators as well as user rights advocates.
The adage “with great power comes great responsibility” has long been used – from French revolution to superhero comics. It has never been truer as the great power that machine learning wields is now in the hands of almost anyone making a software product. It ranges from giving people access to the funds that can alter their lifepath, medical diagnosis that can increase their life expectancy or reduce it dramatically to their social media feed that cannot just provide them the content that keeps them engaged, but also polarise their beliefs by feeding them information that reinforces their existing notions.
With the growing influence of AI technologies and the corresponding scrutiny, the way AI development happens is beginning to change. The full data science lifecycle needs to incorporate the elements of responsible AI and the professionals who know how to design and implement these will be the ones that employers will look for.
NFTicket is a protocol, which combines the identification power of cryptographic wallets with those of Decentralized Identifiers (DID). We will present that there is functional equivalence of Verifiable Credentials (anchored by a DID) and Non-fungible Tokens (NFTs, anchored by a wallet).
More that showing, we will be introducing a protocol which implements this, so that verified DIDs can issue “business facts”, such as: vouchers, tickets, membership passes, cerificates of ownership – in short anything which can be expressed by Verifiable Credentials.
NFTicket does a bidirectional translation of this VC to an enhanced ERC721 NFT, such that the DID of the holder and the owner wallet of the NFT correspond 1:1 are linked through did:ethr.
We will demonstrate the application of this protocol based on a pilot we have implemented for NRverse.io. The Verifiable Credential in this case being Renewable Energy Certificates which are used to decarbonize events with a measurable carbon footprint.
As the number of digital touchpoints in the customer journey increases, IT teams rely on customer identity to optimize security and user experience. However, ensuring one doesn't overshadow the other often requires multiple integrations and custom development, creating internal friction and slowing innovation.
In this talk, Sadrick Widmann, CEO at cidaas, will explain how to remove barriers and improve cross-functional collaboration to bring seamless, secure customer experiences to market faster.
Good security gets out of the way of users while getting in the way of adversaries. Passwords fail on both accounts. Users feel the pain of adhering to complex password policies. Adversaries simply copy, break, or brute-force their way in. Why, then, have we spent decades with passwords as the primary factor for authentication?
The industry needs to trust passwordless authentication (FIDO2). Adversaries and then criminals have circumvented our authentication controls for decades. From the very first theft of cleartext passwords to the very latest bypass of a second-factor, time and again improvements in defenses are met with improved attacks.
What holds us back from getting rid of passwords? Trust. In this session, we will propose a framework of technical controls to ensure only trusted sessions authenticate, regardless of faults or failures in any one factor, and to reassess based on shared signals (CAEP). We will share a path forward for increasing trust in passwordless authentication.
As an identity professional, you're constantly studying and reviewing new technologies, new protocols, and new products within the space but you struggle for the best way to extract the value of these new shiny, items to benefit your organization. You've been told that a well-developed identity architecture plan is the best way solve business challenges and produce concrete results but your research and fully-notated diagrams have failed to engage your peers. |
When I travel aboard or do business with someone from outside my country, my payment cards and phone work across international boundaries. When will my Digital ID do the same?
This presentation will share how OIX’s work on Global Interoperability, part of the GAIN initiative, is defining how this will be possible through smart digital IDs or wallets that dynamically adapt to the policy rules of each new trust framework they encounter in a way that works seamlessly for the end user.
So, when I fly to the EU from the US my Digital ID from my US based wallet provider reads the rules of the EU trust framework and simply adapts. I don’t need to get a new local Digital ID for my visit to the EU. The EU trust framework policy rules will be described using a new globally applicable Open Policy Rules Exchange Framework that allows all frameworks to publish their policy characteristics in a standard machine-readable way.
My digital ID wallet contains key ‘golden credentials’ that should be accepted all over globe: passport, driving licence, bank account, telco account and my digital national ID card. Each trust framework will value these differently in its own Assurance Policy, which can also be published via the policy rule exchange framework. To make this work, new proofing and data content standards for some of the golden credentials will be required.
Technically, exchange of policy rules will be a decentralized approach, where policy rules are shared directly from each trust framework only to wallets they trust. The presentation will also outline the technical architecture to underpin this, and how the Open Policy Rules Exchange Framework will fit as a policy component as part of the Open Wallet Foundation architecture.
OIX is working with and analysing various trust frameworks around the global to create the Open Policy Rules framework, including the UK, Canada, EU, Australia, Singapore, MOSIP and Bank ID Sweden.
Come and find out more about how OIX’s vision of allowing us all to have a trusted Digital ID that can be accepted anywhere in the world can be achieved.