KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
UX with Security in Corporate and Customer Access but including a huge monitoring approach to have the effect of Zero Trust for the users. I will Mix CIAM, Access Management, IAG and UEBA
UX with Security in Corporate and Customer Access but including a huge monitoring approach to have the effect of Zero Trust for the users. I will Mix CIAM, Access Management, IAG and UEBA
Decentralized Identity is about to change the way we do IAM in enterprises. It is not just about the C-identities (consumers, customers, citizens). This raises two questions: What do to differently in IAM, to leverage the potential of decentralized identities? And what not to do anymore, because it is becoming legacy? IAM, without any doubt, will change fundamentally. But is it about rip-and-replace of IAM and in particular IGA, or about complementing it? In this panel, we dive into this decentralized lake of innovation, new standards, products, vendors and start-ups in order to find out how to benefit from DIDs in the enterprise.
Are there interoperability models and how could a longer-term migration scenario look like? What about Identity Workflow Orchestration? Join this great panel session to discuss the way forward for workforce identity.
As the number of digital touchpoints in the customer journey increases, IT teams rely on customer identity to optimize security and user experience. However, ensuring one doesn't overshadow the other often requires multiple integrations and custom development, creating internal friction and slowing innovation.
In this talk, Sadrick Widmann, CEO at cidaas, will explain how to remove barriers and improve cross-functional collaboration to bring seamless, secure customer experiences to market faster.
More and more it becomes difficult to Insure yourself against a Cyber attack. Understanding all the different vectors of your risk posture, the flood of different tools and checklists that need to be taken into account and the way to consolidate this risk into an overarching risk dashboard is an immense challenge for CISO's, Risk Managers and their senior leadership. Because of this major challenge and a non-standard way of calculating the risk; more and more Insurance companies are putting a high demand on the information provided in order to get a proposal for a Cyber Insurance and then, if and when a Cyber Insurance is offered, the premiums and coverage become another big challenge and financial burden on companies.
The presentation will highlight these challenges and will provide hints and tips on how to deal with this problem, ensuring to get Cyber Insurance at the lowest possible premium and with the highest coverage.
Companies today are being faced with business-critical yet seemingly conflicting topics; how to build trust, loyalty and personalized experiences that fuel growth in a world of fading cookies and GDPR. There has never been more urgency than now to focus on strategy and technology to meet the demands of the privacy-conscious consumer. The collection of data and its management is core to this challenge, but current identity methods are missing the opportunity to solve it with legacy approaches and risk-based thinking. At IndyKite, we believe that facing this mounting challenge requires us to make leaps in both our thinking and technology implementations. Join us as we challenge the current operating state and discuss what the world might look like when we have the tools to power a truly customer-centric ecosystem - one where consumer data ownership and personalized services that fuel growth are no longer at odds.
Identity has been always an ambiguous term. Identities exist in a sociocultural and organizational context and in technical ones. We have Digital Identities and eIDs and not only do individuals have identities but so do organizations and non-humans, especially in technical contexts.
Identities had been always under threat, starting with theft of individuals’ identities and credentials in the physical world, such as credit cards and passports. However, these threats have not been on a large scale. We all know that this has changed dramatically with the digitization of everyone and everything. Social engineering, phishing emails, buying credentials in the dark web have become a serious threat to businesses and individuals. These threats have reached new heights with the numerous attacks on identity infrastructures, be it corporate directories or government eID infrastructure.
In this panel, we will explore the identity threats to individuals and organizations, how they are managed, and how identity security can be achieved from a prevention, detection, and management perspective.
This session will share how the concept of a Global Assured Identity Network (GAIN) has evolved since 155 identity experts proposed it in 2021. It summarizes a recent paper by the non-profits that guide the GAIN vision.
GAIN remains a call for collaboration toward globally interoperable identity assurance at-scale - a purpose that underpins the goals of governments, intergovernmental agencies, and private industry. It has inspired multiple working groups and continues to unite six non-profits - even (and especially) as the technical and policy landscape evolves to include emerging standards (e.g. MDLs, DIDs, VCs) and regulation (e.g. eIDAS 2.0).
This talk reflects on GAIN's relevance in today’s landscape and shares progress. It includes a deep dive into the technical community group at the OpenID Foundation, which has built a prototype that demonstrates cross-network trust and high-assurance identity data exchange. It now turns its attention to digital wallets, verifiable credentials, legal entity identifiers, and government-issued IDs.
It also reviews forward-thinking policy work by the Open Identity Exchange, which paves the way for Smart Digital IDs. Their Global Policy Metadata Framework proposes the standard publication of policy characteristics. In this world, policy metadata is shared between each trust framework through trusted wallets.
How do we control what we do not see?
Supply chains are like that. The problem is that while you may have sight of your nearest third-party relationships, if you look further out to their relationships, things start to become a bit obscured. And that is where the risk lies.
In recent years Okta, Toyota and Morgan Stanley have all suffered data breaches that originated with an attack on the supply chain.
In this presentation, we explore the complex nature of supply chains/digital ecosystems and all the parties involved. We’ll look at the pattern of some recent third-party attacks, examine their root cause and what lessons we can learn.
Finally, we'll explore the critical capabilities that are needed as the foundation for a solid third-party strategy; one that provides active, continuous monitoring while reducing the overhead for compliance.
Enterprise IDM/IAG and gardening do have much in common. Usually, if the general architecture and setup of the garden is done and completed, only minor changes and adjustments will be done over the years. But still: The yard will look different after a few years, not only because the trees and plants have grown, but also because of replacements, adjustments and optimizations over the years.
Sometimes, calling a bulldozer for a more complete ‚redesign‘ and restart from scratch is considered, but still limited by the boundaries of the property (and the budget of the landlord).
Whether you plan to bulldoze your legacy IAM/IAG Program, or replace a few elements just as you would replace plants, trees and flowers because of their age or cost: In this panel we will discuss the options, do‘s and dont‘s, stories from failed ‚gardening projects‘ and many more related to modernizing your legacy IDM/IAG set of tools.
OAuth 2.0 is a widely adopted standard for authorization, but it can be complex to implement correctly. It's not uncommon for developers to have difficulty understanding the nuances of the OAuth 2.0 flow and instead rely on simpler approaches such as using API keys in "god mode." |
The revision of the eIDAS regulation introduces new requirements, challenges as well as opportunities for organisations. In this talk Adrian Doerk provides a structured guidance of aspects organisations need to be aware of to be well positioned in the market. After a general introduction to the eIdAS ecosystem, the focus will be on organisations who want to issue and verify qualified electronic attestation of attributes to/from the European Digital Identity Wallet.