KuppingerCole Analysts

Join KuppingerCole’s Lead Analyst Alexei Balaganski talking about the need for robust security strategies, the increasing complexity of API ecosystems, and the importance of holistic protection throughout an API's lifecycle. He will present the results of his recently published Leadership Compass on API Security and Management, covering over 40 vendors and their solutions. Alexei will also introduce KC Open Select, a new interactive tool from KuppingerCole that can help buyers compare security solutions and select the ones that fit their organizations’ security and compliance requirements.

In this episode, Matthias and Martin explore the evolving role of AIs in business processes. AIs are becoming significant actors, representing human identities in tools like chatbots and even functioning autonomously. Martin underscores the importance of traceability, access management, and the unique need for distinct AI identities - AIdentities.

Matthias is joined by cybersecurity expert Warwick Ashford to unravel the complexities surrounding Remote Desktop Protocol (RDP) security in the face of rising ransomware attacks. The discussion initiates with an overview of RDP's functionality and its indispensable role in modern businesses. They delve into the reasons behind RDP's susceptibility to cyber-attacks, accentuated by the remote work surge during the pandemic. The conversation takes a critical turn as it explores the precarious balance of remote accessibility and security, highlighting frequent oversights in RDP implementation. Warwick sheds light on the alarming trend of RDP credential sales on the dark web, outlining the severe repercussions for lax security measures. The dialogue then shifts to pragmatic strategies, emphasizing the non-negotiables in RDP security protocols that companies must adopt. Reinforcing the concept of Zero Trust, Warwick advocates for its integration to enhance RDP security frameworks. The episode concludes with a forward-looking perspective, contemplating the evolution of remote access technologies and preemptive measures businesses must consider to thwart emerging cyber threats.

Matthias Canisius von SentinelOne und Martin Kuppinger erkunden die Verschmelzung von XDR (Extended Detection and Response) und Identity Security. Erfahren Sie, warum diese Verbindung die Zukunft der Cybersecurity gestaltet und wie sie Angriffe in ihren frühesten Stadien vereiteln kann.

In part two of "Cybersecurity Fact or Fiction," our esteemed analysts, Matthias Reinwarth, Alexei Balaganski, Marina Iantorno, and Paul Fisher, continue their thrilling quest to distinguish between cybersecurity myths and realities. As they delve into more questions and statements, the suspense escalates, demonstrating that cybersecurity education can be both informative and exciting. Join us for another captivating conversation that will challenge your cybersecurity beliefs and provide valuable insights during Cybersecurity Awareness Month 2023.

In this episode, Marina discusses the intricacies of synthetic data, AI-generated datasets that mimic real data without revealing personal information. Marina and Matthias explore its significant role in cybersecurity, emphasizing its benefits in model training and realistic threat simulations. Marina points out how industries, especially healthcare, utilize synthetic data to meet privacy regulations. The conversation also covers the potential risks of generative AI, such as deep fakes. Companies like Zalando and OpenAI's application of synthetic data are highlighted.

To commemorate Cybersecurity Awareness Month 2023, Matthias Reinwarth, Alexei Balaganski, Marina Iantorno, and Paul Fisher came together to play "Cybersecurity Fact or Fiction". This captivating two-part endeavor serves as a valuable opportunity for individuals to refresh their understanding of security concepts. Throughout the session, the analysts take turns presenting cybersecurity related questions or statements, while their colleagues make informed guesses on whether these statements are accurate or false. This lighthearted, riveting conversation promises to both educate and captivate, as our skilled analysts skillfully discern between truth and fallacy.

Matthias is joined by experts John Tolbert and Osman Celik to unpack the concept of Attack Surface Management (ASM) and its growing relevance in cybersecurity. They discuss the challenges posed by the ever-evolving nature of attack surfaces and the role of ASM solutions in managing these changes. The three discuss cutting-edge trends such as Cloud, IoT, and Dark Web monitoring, underscoring their influence on ASM's future. The role of automation in enhancing ASM efficiency is discussed, alongside the significance of ASM in navigating regulatory compliance and making informed choices in the diverse vendor landscape.

Anirudh Sen, VP Products at Saviynt joins Nitish Deshpande, Research Analyst at KuppingerCole Analysts to explore the realm of Third Party Access Governance and its key distinctions from Identity Governance and Administration (IGA). Discover the evolving landscape of corporate Access Governance, the challenges of securing third-party relationships, and the benefits organizations can gain from effective third-party governance. Learn about the crucial role of AI and automation and gain valuable insights to help your organization stay ahead in managing third-party risks and access.

Join Matthias Reinwarth and Senior Analyst Mike Small in a quick chat on the evolution of Cloud Security Posture Management (CSPM). They discuss its proactive approach, the challenges in implementation, and the role of overarching platforms like Cloud Native Application Protection Platforms (CNAPP). Mike shares insights for smaller organizations and highlights the impact of geopolitics and AI on cybersecurity. Don't miss cyberevolution in Frankfurt this November for deeper insights.

Mike Neuenschwander, Vice President at KuppingerCole in the U.S. and Global Head of Research Strategy, recently had some thoughts about passwordless authentication and wrote a blog about it. Today, he joined Matthias for further discussion about that topic, delving deeper into entropy and how it applies to passwords, and his 2nd Law of AuthN Dynamics. Read the blog here: https://www.kuppingercole.com/blog/neuenschwander/the-second-law-of-authn-dynamics

In this episode, host Matthias and guest Warwick Ashford dive into the EU's Digital Operational Resilience Act (DORA). They discuss its impact on the financial sector's cybersecurity and operational resilience, focusing on key objectives and challenges. The conversation also covers practical aspects like ICT Risk Management, third-party risks, operational resilience testing, and cyber threat intelligence sharing. A must-listen for IT professionals navigating DORA's complexities.

In this episode, host Matthias Reinwarth is joined by guest Alexei Balaganski to discuss the implications of quantum computing for cybersecurity. The conversation covers the fundamentals of quantum computing and its distinction from classical computing. They also address the immediate and potential threats that quantum computing poses to existing cryptographic systems. The episode further explores the state of quantum-resistant encryption methods and the concept of cryptographic agility. The advancements in quantum cryptography are also discussed.

Today, host Matthias and expert Alejandro Leal discuss the dynamic realm of Access Management. They'll touch on its evolution beyond traditional capabilities, the intertwined nature of Access Management and Identity Federation, and the industry-wide shift driven by Covid-19 towards modern solutions. As passwordless authentication and decentralized identities rise, the duo will highlight the potential for innovation and cost-saving in this space.

In this episode, Matthias sits down with Nitish Deshpande to cover the intricacies of 'Securing the Autonomous World by Reinforcing Cybersecurity.' From understanding the challenges posed by automation to the cybersecurity landscape, to the pivotal role of humans amidst rising automation, Nitish offers invaluable insights. They discuss the complexities of training data for ML models, the verification of these models, and the ever-evolving nature of cybersecurity. Nitish also sheds light on the significance of contextual understanding in automation and shares his vision for the future of cybersecurity in an increasingly autonomous world. Finally, Nitish provides his top recommendations for fortifying cybersecurity infrastructure in this dynamic era. Read Nitish's Blog Post: https://www.kuppingercole.com/events/cyberevolution2023/blog/securing-the-autonomous-world-by-reinforcing-cybersecurity

Dive into the world of Privileged Access Management (PAM) and its significance in today's rapidly evolving security landscape with Lead Analyst Paul Fisher and Saviynt's Chris Owen. They explore the challenges organizations face, customer expectations, and the need to reset aspirational goals. Discover the shift towards zero standing privilege, just-in-time access, and the convergence of identity and PAM solutions. Learn about the future of PAM, the role of cloud infrastructure entitlement management, and how user experience is becoming a critical factor in PAM adoption.

In the latest episode of Kuppinger Analyst Chat, host Matthias sits down with KuppingerCole's CEO Berthold Kerl and the Director of the Practice Cybersecurity Christopher Schütze to discuss the upcoming cyberevolution event. Berthold Kerl highlights the event's unique positioning, emphasizing its blend of evolutionary continuity with revolutionary tech disruptions. Set in the heart of Europe, cyberevolution focuses on future predictions, current innovations, and the essence of collaboration. Berthold also mentions a diverse attendee list, from over 30 CISOs to students, spanning continents from Europe to Africa. Christopher Schütze touches on AI as the event's central theme and describes various formats, including keynotes, panels, and interactive workshops. He also introduces the Capture the Flag segment, providing insights into its competitive nature. Berthold spotlights the Pitch Night and its competitive spirit, while Christopher highlights workshop topics like ChatGPT and Ransomware Simulation. In conclusion, Berthold articulates cyberevolution's vision: to complement global conferences like RSA by converging innovation, business resilience, and policy in Europe.

Alexei Balaganski and Matthias discuss the current state and future of AI in cybersecurity. The conversation explores the role of AI, machine learning, and deep learning in bolstering cybersecurity defenses against evolving threats like malware, ransomware, and phishing attacks. Discover the practical applications of AI, its limitations, and the cautious optimism surrounding its potential impact on the cybersecurity landscape. Read Alexei's blog here: https://www.kuppingercole.com/events/cyberevolution2023/blog/ai-and-cybersecurity-a-new-hope-for-cyber-defenders

Join John Tolbert, Director of Cybersecurity Research at KuppingerCole, in this insightful episode featuring George Tarasov, Product Manager at Qrator Labs. Explore the world of multi-vector DDoS attacks and bot detection as they shed light on the increasing complexities and challenges faced by organizations. Learn about the evolution of multi-vector attacks, the rise of bad bots, and the strategies used by attackers to overwhelm target companies. Discover key insights and mitigation techniques to fortify your defenses against these sophisticated threats.

In this episode of the Analyst Chat podcast, host Matthias Reinwarth invites cybersecurity expert Martin Kuppinger to discuss access control tools for business application environments. They focus on two Leadership Compasses authored by Martin, which provide a comprehensive overview of the market for access control solutions centered around SAP and non-SAP systems. Martin shares insights on market segments, vendors, product functionality within the access control landscape. They explore innovative approaches to enhancing security, such as access restriction and controlling break-glass access. Furthermore, Martin and Matthias also explore the organizational aspects of access governance in dynamic LoB application environments. They discuss the challenges that arise when transitioning between new vendors, adopting SaaS solutions, and managing access control in multicloud environments.