SlideShare a Scribd company logo
1 of 21
Confidential.  Copyright  ©  2018  Nanosec1
Zero  Trust  and  Identity  in  the  Enterprise
Co-­organized  by  
5/  14/  2019
Copyright  ©  2018  Nanosec2
Agenda  Details  
6:00PM to 6:25PM: Registration
6:25PM to 7:00PM: A Changing Paradigm: What Happens When You Put
Identity at the Center of Security?
-> Joe Gottlieb, Executive Advisory Board, Identity Defined Security
Alliance and SVP Strategy and BD, SailPoint
7:00PM to 7:10PM: Q&A
7:10PM to 7:45PM: Adobe's Zero Trust Enterprise Network (ZEN) and the
Role of Identity
-> Den Jones, Director Enterprise Security, Adobe
Event  WiFi
SSID:  HD-­Events  
Password:  f83l7b
SSID:  HD-­Guest
Password:  hackerdojo
Confidential.  Copyright  ©  2018  Nanosec4
ENTERPRISE CHALLENGES
Cybersecurity  is  relentlessly,  cumulatively  challenging
Compromised identities are still the leading cause of breaches
– “The exploitation of usernames and passwords by nefarious actors
continues to be a ripe target…” ITRC 2018 End-of-Year Data Breach Report
Single vendor approaches are not working
EVOLUTION OF IDENTITY AND ITS IMPACT
Employees
Perimeter
Employees
and Partners
Consumers
Perimeter-less
Federation
Cloud / SaaS
Things
Perimeter-less
Federation
Cloud / SaaS
Mobility
Relationships
Attributes
Context
Stateless
IT EFFICIENCY
IT COMPLIANCE
SECURITY
API
AI
API
BUSINESS AGILITY
UX
Perimeter
Federation
Source: Optiv
Confidential.  Copyright  ©  2018  Nanosec6
Identity  is a  critical  cybersecurity  technology  
FOUNDATION FOR A NEW APPROACH
Cybersecurity technologies must fundamentally work together if they
are to achieve meaningful effectiveness
Every business transaction, attack surface or target involves a
credential and a service or piece of data
Given the cumulative investment in security, each new investment is
increasingly measured for its ability to make the whole more effective
GOAL:
Become an independent source of education and
information on identity-centric security
strategies.
MISSION:
The Identity Defined Security Alliance is a
non-profit organization that facilitates
community collaboration to develop a
framework and practical guidance that
helps organizations put identity at the center
of their security strategy.
Confidential.  Copyright  ©  2018  Nanosec8
Deliver  on  our  mission  through…
Cross  vendor  collaboration
Thought  leadership  through  blogs,  webinars,  speaking
Identity  Centric  Security  Framework: vendor-­agnostic  best  practices,  security  controls,  use  cases
Customer  implementation  stories
Virtual  community  for  sharing  experiences  and  validation
IDENTITY  DEFINED  SECURITY  ALLIANCE
Confidential.  Copyright  ©  2018  Nanosec9
Steers  the  focus  away  from  single  point  
defense  mechanisms  to  include  a  broader  set  
of  identity  and  security  components  
BENEFITS OF IMPROVING IDENTITY THROUGH SECURITY
Delivers a fresh, balanced set of
detective and preventive controls
Enables organizations to tackle security
with a more precise, identity-aware and
identity-specific approach
Leverages increasingly open and API-
first tech stacks
Customer Advisory Board
Confidential.  Copyright  ©  2018  Nanosec11
IDENTITY DEFINED SECURITY ALLIANCE
RESOURCES
Once  user  roles  and  entitlements  are  
defined,  high  profile  users  should  require  a  
level  of  assurance  of  authentication  to  match  
the  value  of  the  protected  asset.
IAM Best PracticePutting Identity-Centric Security to Work – IAM Best Practice (Sample)
IGA+PAM:
Aggregation of Direct & Effective Privileged Access for each
IdentityIntegrate Components:
• Identity Governance + Privileged Account
Management
What Happens:
• All privileged access provided by the PAM
system is imported and maintained in the
Identity Governance system
Value to Organization:
• Understand who has access to privileged
accounts
Putting Identity-Centric Security to Work – Security Controls
IGA+PAM:
SoD Policy Enforcement across Privileged Accounts
Integrate Components:
• Identity Governance + Privileged Account
Management
Pre-requisite:
• Aggregation of Direct & Effective Privileged Access
for each Identity
What Happens:
• Toxic combinations of privileged access are reduced
via detective and preventive controls
Value to Organization:
• Reduction in fraud and other access abuse scenarios
Putting Identity-Centric Security to Work – Security Controls
IGA+PAM:
Certification of Privileged Accounts
Integrate Components:
• Identity Governance + Privileged Account Management
Pre-requisite:
• Aggregation of Direct & Effective Privileged Access for
each Identity
What Happens:
• Supervisors and/or application owners review and
approve/deny privileged access for specific users and
groups, either periodically or as driven by a life cycle event
Value to Organization:
• Continuous pruning of unnecessary privileged access,
reducing the risk of privileged credential abuse
Putting Identity-Centric Security to Work – Security Controls
IGA+SIEM/UEBA:
Semi-automated Identity Governance for Incident Response
Integrate Components:
• Identity Governance + SIEM or UEBA
What Happens:
• Security incident involving a specific
identity is routed to that identity’s supervisor
for review and response
Value to Organization:
• Business context (e.g., supervisor’s
knowledge of an employee’s situation)
enables efficient incident response
Putting Identity-Centric Security to Work – Security Controls
IGA+SIEM/UEBA:
Automated Identity Governance for Incident Response
Integrate Components:
• Identity Governance + SIEM or UEBA
What Happens:
• Security incident involving a specific
identity automatically triggers entitlement
suspension or dynamic re-certification
Value to Organization:
• Identity- and entitlement-specific control
enables a proportional and targeted response
to security incident
Putting Identity-Centric Security to Work – Security Controls
HOW TO LEVERAGE
THE IDSA
LEARN FROM YOUR PEERS
Adobe Finds ZEN Using Identity-Centric Security
“Working with the IDSA is a great
opportunity to help drive innovation across
the tech industry with vendors and solution
providers alike. Adobe benefits through
exposure to vendors, use cases and
community best practices that help elevate
and strengthen our identity and security
teams.”
Den Jones
Director of Enterprise Security, Adobe
Resources
https://www.idsalliance.org/
https://forum.idsalliance.org/
Confidential.  Copyright  ©  2018  Nanosec21
Thank  You!  
For  more  information  please  contact:
Vishwas Manral
CEO  and  Founder
VISHWAS@NANOSEC.IO

More Related Content

What's hot

CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and predictionVishwas Manral
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero TrustOkta-Inc
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessHow Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessIvan Dwyer
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Bitglass
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensBitglass
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise ReportOkta-Inc
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust ModelYash
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security PlaybookIntel IT Center
 
Enabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICEnabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICAmazon Web Services
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Bitglass
 

What's hot (20)

CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
 
CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and prediction
 
What is Zero Trust
What is Zero TrustWhat is Zero Trust
What is Zero Trust
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
How Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & AccessHow Zero Trust Changes Identity & Access
How Zero Trust Changes Identity & Access
 
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise Report
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
Zero Trust Model
Zero Trust ModelZero Trust Model
Zero Trust Model
 
Intel SaaS Security Playbook
Intel SaaS Security PlaybookIntel SaaS Security Playbook
Intel SaaS Security Playbook
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
 
Enabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TICEnabling Cloud Smart, Zero-Trust, and TIC
Enabling Cloud Smart, Zero-Trust, and TIC
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
 

Similar to IDSA Overview at CSA SV

Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceBigML, Inc
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementAleksey Lukatskiy
 
IAM and cybersecurity - June 15
IAM and cybersecurity - June 15IAM and cybersecurity - June 15
IAM and cybersecurity - June 15Capgemini
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxArchana833240
 
Secure Identity: The Future is Now
Secure Identity: The Future is NowSecure Identity: The Future is Now
Secure Identity: The Future is NowLane Billings
 
Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualVMware Tanzu
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAMWSO2
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThreatConnect
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.Chinatu Uzuegbu
 
WatchGuard Corporate Presentation.pptx
WatchGuard  Corporate Presentation.pptxWatchGuard  Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptxRachatrinTongrungroj1
 
Deploying FIDO Authentication - Business Considerations
Deploying FIDO Authentication  - Business ConsiderationsDeploying FIDO Authentication  - Business Considerations
Deploying FIDO Authentication - Business ConsiderationsFIDO Alliance
 

Similar to IDSA Overview at CSA SV (20)

Cybersecurity Leadership Forum - Cincinnati
Cybersecurity Leadership Forum - CincinnatiCybersecurity Leadership Forum - Cincinnati
Cybersecurity Leadership Forum - Cincinnati
 
March Boston Cloud Security Alliance Meetup
March Boston Cloud Security Alliance MeetupMarch Boston Cloud Security Alliance Meetup
March Boston Cloud Security Alliance Meetup
 
Denver ISSA Chapter Meetings - Changing the Security Paradigm
Denver  ISSA Chapter Meetings - Changing the Security ParadigmDenver  ISSA Chapter Meetings - Changing the Security Paradigm
Denver ISSA Chapter Meetings - Changing the Security Paradigm
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
 
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and ComplianceML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
ML in GRC: Cybersecurity versus Governance, Risk Management, and Compliance
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness Measurement
 
IAM and cybersecurity - June 15
IAM and cybersecurity - June 15IAM and cybersecurity - June 15
IAM and cybersecurity - June 15
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
 
Secure Identity: The Future is Now
Secure Identity: The Future is NowSecure Identity: The Future is Now
Secure Identity: The Future is Now
 
Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty Mutual
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence Webinar
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.
 
IAM Solution
IAM  SolutionIAM  Solution
IAM Solution
 
Security and Data Breach
Security and Data BreachSecurity and Data Breach
Security and Data Breach
 
WatchGuard Corporate Presentation.pptx
WatchGuard  Corporate Presentation.pptxWatchGuard  Corporate Presentation.pptx
WatchGuard Corporate Presentation.pptx
 
Deploying FIDO Authentication - Business Considerations
Deploying FIDO Authentication  - Business ConsiderationsDeploying FIDO Authentication  - Business Considerations
Deploying FIDO Authentication - Business Considerations
 

Recently uploaded

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 

Recently uploaded (20)

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 

IDSA Overview at CSA SV

  • 1. Confidential.  Copyright  ©  2018  Nanosec1 Zero  Trust  and  Identity  in  the  Enterprise Co-­organized  by   5/  14/  2019
  • 2. Copyright  ©  2018  Nanosec2 Agenda  Details   6:00PM to 6:25PM: Registration 6:25PM to 7:00PM: A Changing Paradigm: What Happens When You Put Identity at the Center of Security? -> Joe Gottlieb, Executive Advisory Board, Identity Defined Security Alliance and SVP Strategy and BD, SailPoint 7:00PM to 7:10PM: Q&A 7:10PM to 7:45PM: Adobe's Zero Trust Enterprise Network (ZEN) and the Role of Identity -> Den Jones, Director Enterprise Security, Adobe Event  WiFi SSID:  HD-­Events   Password:  f83l7b SSID:  HD-­Guest Password:  hackerdojo
  • 3.
  • 4. Confidential.  Copyright  ©  2018  Nanosec4 ENTERPRISE CHALLENGES Cybersecurity  is  relentlessly,  cumulatively  challenging Compromised identities are still the leading cause of breaches – “The exploitation of usernames and passwords by nefarious actors continues to be a ripe target…” ITRC 2018 End-of-Year Data Breach Report Single vendor approaches are not working
  • 5. EVOLUTION OF IDENTITY AND ITS IMPACT Employees Perimeter Employees and Partners Consumers Perimeter-less Federation Cloud / SaaS Things Perimeter-less Federation Cloud / SaaS Mobility Relationships Attributes Context Stateless IT EFFICIENCY IT COMPLIANCE SECURITY API AI API BUSINESS AGILITY UX Perimeter Federation Source: Optiv
  • 6. Confidential.  Copyright  ©  2018  Nanosec6 Identity  is a  critical  cybersecurity  technology   FOUNDATION FOR A NEW APPROACH Cybersecurity technologies must fundamentally work together if they are to achieve meaningful effectiveness Every business transaction, attack surface or target involves a credential and a service or piece of data Given the cumulative investment in security, each new investment is increasingly measured for its ability to make the whole more effective
  • 7. GOAL: Become an independent source of education and information on identity-centric security strategies. MISSION: The Identity Defined Security Alliance is a non-profit organization that facilitates community collaboration to develop a framework and practical guidance that helps organizations put identity at the center of their security strategy.
  • 8. Confidential.  Copyright  ©  2018  Nanosec8 Deliver  on  our  mission  through… Cross  vendor  collaboration Thought  leadership  through  blogs,  webinars,  speaking Identity  Centric  Security  Framework: vendor-­agnostic  best  practices,  security  controls,  use  cases Customer  implementation  stories Virtual  community  for  sharing  experiences  and  validation IDENTITY  DEFINED  SECURITY  ALLIANCE
  • 9. Confidential.  Copyright  ©  2018  Nanosec9 Steers  the  focus  away  from  single  point   defense  mechanisms  to  include  a  broader  set   of  identity  and  security  components   BENEFITS OF IMPROVING IDENTITY THROUGH SECURITY Delivers a fresh, balanced set of detective and preventive controls Enables organizations to tackle security with a more precise, identity-aware and identity-specific approach Leverages increasingly open and API- first tech stacks
  • 11. Confidential.  Copyright  ©  2018  Nanosec11 IDENTITY DEFINED SECURITY ALLIANCE RESOURCES
  • 12. Once  user  roles  and  entitlements  are   defined,  high  profile  users  should  require  a   level  of  assurance  of  authentication  to  match   the  value  of  the  protected  asset. IAM Best PracticePutting Identity-Centric Security to Work – IAM Best Practice (Sample)
  • 13. IGA+PAM: Aggregation of Direct & Effective Privileged Access for each IdentityIntegrate Components: • Identity Governance + Privileged Account Management What Happens: • All privileged access provided by the PAM system is imported and maintained in the Identity Governance system Value to Organization: • Understand who has access to privileged accounts Putting Identity-Centric Security to Work – Security Controls
  • 14. IGA+PAM: SoD Policy Enforcement across Privileged Accounts Integrate Components: • Identity Governance + Privileged Account Management Pre-requisite: • Aggregation of Direct & Effective Privileged Access for each Identity What Happens: • Toxic combinations of privileged access are reduced via detective and preventive controls Value to Organization: • Reduction in fraud and other access abuse scenarios Putting Identity-Centric Security to Work – Security Controls
  • 15. IGA+PAM: Certification of Privileged Accounts Integrate Components: • Identity Governance + Privileged Account Management Pre-requisite: • Aggregation of Direct & Effective Privileged Access for each Identity What Happens: • Supervisors and/or application owners review and approve/deny privileged access for specific users and groups, either periodically or as driven by a life cycle event Value to Organization: • Continuous pruning of unnecessary privileged access, reducing the risk of privileged credential abuse Putting Identity-Centric Security to Work – Security Controls
  • 16. IGA+SIEM/UEBA: Semi-automated Identity Governance for Incident Response Integrate Components: • Identity Governance + SIEM or UEBA What Happens: • Security incident involving a specific identity is routed to that identity’s supervisor for review and response Value to Organization: • Business context (e.g., supervisor’s knowledge of an employee’s situation) enables efficient incident response Putting Identity-Centric Security to Work – Security Controls
  • 17. IGA+SIEM/UEBA: Automated Identity Governance for Incident Response Integrate Components: • Identity Governance + SIEM or UEBA What Happens: • Security incident involving a specific identity automatically triggers entitlement suspension or dynamic re-certification Value to Organization: • Identity- and entitlement-specific control enables a proportional and targeted response to security incident Putting Identity-Centric Security to Work – Security Controls
  • 19. LEARN FROM YOUR PEERS Adobe Finds ZEN Using Identity-Centric Security “Working with the IDSA is a great opportunity to help drive innovation across the tech industry with vendors and solution providers alike. Adobe benefits through exposure to vendors, use cases and community best practices that help elevate and strengthen our identity and security teams.” Den Jones Director of Enterprise Security, Adobe
  • 21. Confidential.  Copyright  ©  2018  Nanosec21 Thank  You!   For  more  information  please  contact: Vishwas Manral CEO  and  Founder VISHWAS@NANOSEC.IO