KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
We entrust workloads and devices with our most sensitive data, giving them access to far more information than the human on whose behalf it operates, if it is even operating on behalf of a human. Yet, managing these non-human identities and applying Zero Trust Policies to them is a Herculean task complicated by a heterogenous technology landscape, amplified by multi-cloud/multi-hybrid environments, exacerbated by critical skills shortages and magnified by exponential growth in workload and device identities. |
We entrust workloads and devices with our most sensitive data, giving them access to far more information than the human on whose behalf it operates, if it is even operating on behalf of a human. Yet, managing these non-human identities and applying Zero Trust Policies to them is a Herculean task complicated by a heterogenous technology landscape, amplified by multi-cloud/multi-hybrid environments, exacerbated by critical skills shortages and magnified by exponential growth in workload and device identities. |
The Art of CIAM is to converge user Experience (UX) , security and privacy in a way that is seamless and unobtrusive for the user. In this panel session we will discuss the role of decentralized technologies, biometrics, and AI in Digtal ID, allowing for more secure and efficient authentication processes.
This presentation will provide an overview of the terminology and basics of AI and ML in the context of Identity and Access Management (IAM) and Identity Governance and Administration (IGA). It will explore a number of current use cases for leveraging ML in IAM, demonstrating the benefits of automation and enhanced security that ML can bring to identity management. The presentation will conclude with strategic considerations for using ML in IAM, highlighting the importance of considering business value, available data, and existing technologies when implementing ML-based solutions for identity management.
The Identity Governance and Administration (IGA) market is continuing to evolve through more integrated Identity Lifecycle Management and Access Governance solutions that are now increasingly aided by intelligent features. In this session, KuppingerCole´s Nitish Deshpande will share with you insights into the IGA market, providing you a compass to help you find the products that can meet the criteria necessary for successful IGA deployments.
The Trust Over IP Foundation (ToIP) is focused on the centerpiece of the ToIP stack: the trust spanning protocol that will do for identity interchange what the Internet Protocol did for data interchange. This panel will explore how this will enable ubiquitous, trusted, interoperable identity exchange.
The internet was designed without a trusted identity layer to connect physical entities to the digital world. This layer is now emerging in the form of decentralized digital identity systems based on digital wallets and digital credentials. ToIP was founded by a pan-industry group of leading organizations with a mission to provide a robust, common set of standards forming a complete architecture for internet-scale digital trust. The ToIP Technical Architecture Specification V1 was completed earlier this year. Now ToIP is focusing on the keystone to ubiquitous identity, the ToIP Trust Spanning Protocol. This protocol will do for identity interchange what the Internet protocol did for data interchange.
This interactive panel, moderated by ToIP’s Executive Director, will explore the views of its member organizations for a lively and engaging debate on how we finally establish trust in the digital age. Come to this panel to understand the why, how, and when of this new protocol.
Managing access is a critical capability for the IT infrastructure of any enterprise, especially when dealing with over 6,800 integrated applications used by millions of authentication requests. Due to the increasing demand for availability, scalability, and support for market-specific customizations, as well as the migration of more products and applications to the cloud, we had to migrate our infrastructure and application stack to the AWS cloud. This stack had been introduced in an on-premises setup in 2017 and now follows modern paradigms such as GitOps, Everything as Code, and highly automated processes based on Service Layers and ForgeRock. Our main concern was ensuring that the integrated application landscape remained functional during the migration without experiencing any impact or downtime.
During this presentation, we will share our experience and discuss the key takeaways from our successful large-scale production system migration to the cloud, including:
OpenID Foundation leaders and contributors will brief the EIC community on the latest progress and outlook for the OpenID Foundation. As part of this workshop we will cover:
Please join us early to be part of the conversation. Workshop presenters include Nat Sakimura, Gail Hodges, Kristina Yasuda, Torsten Lodderstedt, Tim Cappalli and others.
Decentralized Identity is enabling individuals and organizations to have control over their own personal data, providing self-sovereignty, privacy and security. But, is a relatively new concept with high development and standardization dynamics. In this session we will look into what we should do today to take full advantage of this promising concept.
IDaaS, the SaaS-delivered IAM, helps organizations releasing themselves from a considerable part of the burden that IAM brings. They don’t need to care for software installation and running servers. However, IDaaS is only part of the answer here. Customers still must managed and run their IAM environment.
This is where MSPs (Managed Service Providers) and their services come in . They help the organizations in managing major parts of IAM, from onboarding of systems to customization and configuration, but also for a good share of the business-oriented aspects.
MSPs also can help organizations in providing a real IDaaS in the sense of customers/tenants just ordering services, without even caring about the technology below. They buy the services delivered by an Identity Fabric that is built and run by their service provider (which then again might rely on one or more SaaS services).
In this panel, we will discuss how such a “managed Identity Fabric” can look like and what this means to both the MSPs and their tenants. We’ll specifically focus on what distincts such a managed Identity Fabric from just a standard IDaaS offering, and from a MSP operating the IAM the customer already has in place. We’ll discuss the main criteria and capabilities for selecting the managed Identity Fabric.
Explore the latest developments in deepfake technology and its impact on identity fraud. With deepfakes becoming increasingly realistic and widespread, it is essential for businesses and organisations to understand the risks they pose and take action to mitigate them. Attendees will gain a comprehensive understanding of the risks posed by deepfakes to the identity verification industry and how to protect their organisations from them effectively. The session will feature expert insights and real-world examples of how businesses and organisations can implement deepfake detection technology and other measures to prevent identity fraud.
IGA activities in organizations have largely been around defining access policies manually, configuring access request workflows and scheduling periodic access reviews. Such activities require significant administration as well as continuous involvement by stakeholders. There are also delays that come with this model that could potentially cause security risk and non-compliance in the organization. An approach that is more intuitive is to discover policies, review them and apply access changes based on policies. This results in fewer IGA administrative and end-user activities for the organization while ensuring that both excess access and under access are addressed in a timely manner.
The objective of the talk is to: