Actionable Threat Intelligence
Session
Wednesday, December 04, 2024 12:15—13:15
Location: Satellit
Wednesday, December 04, 2024 12:15—13:15
Location: Satellit
Large organizations invest substantial resources in Cyber Threat Intelligence (CTI) tools and staffing, yet many remain discontented with the outcomes, feeling that significant gaps still exist. Why is this the case? With numerous vendors offering a wide array of CTI solutions, is the problem rooted in the technology and tools themselves, or do misconceptions about CTI adoption lead to inefficiencies?
This talk will explore the key misconceptions that often undermine CTI efforts in organizations, shedding light on why the expected results frequently fall short. By addressing these misunderstandings, we will provide insights into optimizing CTI strategies for more effective and actionable intelligence.
This panel explores the critical role of actionable threat intelligence in modern cybersecurity. Industry experts will discuss strategies for transforming raw data into meaningful insights, leveraging advanced technologies like AI and machine learning to enhance threat detection and response. Panelists will share best practices for integrating actionable intelligence into security operations, addressing challenges in information sharing, and improving organizational resilience against evolving cyber threats.
The increasing popularity of the term “Identity Security”, coupled with the explosive growth in the number of identity security vendors, bears testament to the fact that security starts and often ends with identity. But with so many tools, so many processes moving part making up the modern identity fabric, do you really know what is really happening behind the curtain and inside all that IAM infrastructure? Accounts are created, entitlements are assigned, users authenticate, access is authorized and data is accessed. This process not only happens for the standard users coming in through a nicely federated, passwordless authentication solution, but also for your admins, your agents and the service accounts they leverage. The very process of IAM is happening across all of your infrastructure, from legacy applications to cloud services and beyond into IaaS and the SaaS services you subscribe to. But when something changes in that flow, the configuration for an IdP or a relying system changes, or an update is made to profile configuration, orchestration flow or group assignment - will you identify the change, understand its meaning and forecast its overall risk to your identity security posture? Are you instrumented for the future state of IAM?
In his talk, KuppingerCole Fellow Analyst Darran Rolls, former CISO and CTO at SailPoint, will outline how Identity instrumentation and orchestration technology can help reverse-engineer the authentication and authorization flow of applications and provide key insights into configuration and usage. He will explain how the future state of IGA, ITDR, and overall Identity Security must deliver instrumentation to allow visibility, configuration and usage information for all applications and will highlight how emerging technologies can help fill this gap.
