Presenter’s Logo Here

2013 Open Stack Identity Summit - France

Closed-Loop Remediation
without breaking a sweat
About Brainwave
2011
Product RTM
Innovation award

2010
Brainwave creation
1st patent

2012
20+ customers
Gartner IAG Magic
Quadrant

2013...
What we do
• 

Our software helps our customers better control
compliance and assess the risks related to
permissions and ...
Access Entropy
Access rights control:
Compliance is at stake!
•  As stated by Deloitte in their GFSI Security Survey,
top external audit ...
Brainwave Identity
GRC
Software solution for access compliance and risk
assessment
Approach
Company Policies,
Regulations…

Information
System

Identity GRC

Cloud

Devices

Reports + Insight:
•  What are ...
The Identity Ledger

9
Benefits
•  Improve Data Quality
•  Automate controls over fine-grained entitlements
•  Even on very large scale (100M+ ac...
Brainwave Customers
(extract)

11
Connectorless
Top Secret

12
Integration with
OpenIDM
Identity GRC + OpenIDM
Automated
remediation actions

Manual operations

Automated provisioning

IT Resources

Accounts an...
Integration with
OpenIDM
•  Simple interface (REST services)
•  easy to implement and maintain, easy to package

•  Abilit...
Demo time
Other ways to leverage
Brainwave
« Pull » approach
•  Build Views to query
Brainwave Ledger and
instantly publish REST
services

18
« Push » approach
•  Trigger email messages / reports based on control
results, review results…

19
Presenter’s Logo Here

2013 Open Stack Identity Summit - France

Thank you!
Questions?
Sebastien FAIVRE, Cyril GOLLAIN, Br...
Upcoming SlideShare
Loading in …5
×

How to Deliver Closed-Loop Compliance

1,219 views

Published on

Brainwave General Manager Cyril Gollain delivers this Solution Showcase session.

Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/

Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,219
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

How to Deliver Closed-Loop Compliance

  1. 1. Presenter’s Logo Here 2013 Open Stack Identity Summit - France Closed-Loop Remediation without breaking a sweat
  2. 2. About Brainwave
  3. 3. 2011 Product RTM Innovation award 2010 Brainwave creation 1st patent 2012 20+ customers Gartner IAG Magic Quadrant 2013 KuppingerCole Leadership Compass Gartner Cool Vendor 2013 International Biz Dvp 25+ customers
  4. 4. What we do •  Our software helps our customers better control compliance and assess the risks related to permissions and access on any kind of resource •  Who can access NASsecretverysecretdocument.xls? •  Are there users who can access remotely to the ERP and issue bank transfers? •  Who left the Accounting Department and kept access to our data over the last six months?
  5. 5. Access Entropy
  6. 6. Access rights control: Compliance is at stake! •  As stated by Deloitte in their GFSI Security Survey, top external audit findings are about excessive access rights, Segregation of duties breaches and developper access to production systems http://www.deloitte.com/gfsi/securitysurvey 6
  7. 7. Brainwave Identity GRC Software solution for access compliance and risk assessment
  8. 8. Approach Company Policies, Regulations… Information System Identity GRC Cloud Devices Reports + Insight: •  What are my risks? •  What needs to be fixed? •  Am I compliant?
  9. 9. The Identity Ledger 9
  10. 10. Benefits •  Improve Data Quality •  Automate controls over fine-grained entitlements •  Even on very large scale (100M+ access rights, 1000s of SoD rules…) •  Provide operational reporting on top of IAM infrastructure •  Build business-oriented review / recertification processes…
  11. 11. Brainwave Customers (extract) 11
  12. 12. Connectorless Top Secret 12
  13. 13. Integration with OpenIDM
  14. 14. Identity GRC + OpenIDM Automated remediation actions Manual operations Automated provisioning IT Resources Accounts and fine-grained access rights information Identities and access rights assignments HR and organization-related information Access logs •  •  •  •  •  14 Access rights reconciliation Theoretical rights control Account Recertification process Remediation process Controls & Insight
  15. 15. Integration with OpenIDM •  Simple interface (REST services) •  easy to implement and maintain, easy to package •  Ability to automate remediation •  or to mix manual/automated scenarios •  Ability to demonstrate improvement over time •  Enforce remediation, track status, verify desired state •  Nice, customizable GUI and workflow processes
  16. 16. Demo time
  17. 17. Other ways to leverage Brainwave
  18. 18. « Pull » approach •  Build Views to query Brainwave Ledger and instantly publish REST services 18
  19. 19. « Push » approach •  Trigger email messages / reports based on control results, review results… 19
  20. 20. Presenter’s Logo Here 2013 Open Stack Identity Summit - France Thank you! Questions? Sebastien FAIVRE, Cyril GOLLAIN, Brainwave cyril.gollain@brainwave.fr +33.6 13 78 52 04

×