KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Identity-as-a-Service Access Management (IDaaS AM) has emerged as one of the fastest-growing markets of IAM, characterized by cloud-based delivery of traditional IAM services. KuppingerCole estimates the global IDaaS market will continue to grow at a CAGR of 24% in 2019.
Identity-as-a-Service Access Management (IDaaS AM) has emerged as one of the fastest-growing markets of IAM, characterized by cloud-based delivery of traditional IAM services. KuppingerCole estimates the global IDaaS market will continue to grow at a CAGR of 24% in 2019.
Good afternoon, ladies and gentlemen, welcome to our Ko cold webinar Ko Cole's evaluation of leading vendors in the Ida access management market. My name is Martin Kuppinger I'm principle Analyst at Koa Cole in the next 30 to 40 minutes. I'll talk about some aspects of our recently published leadership compass on one part of the I the identity as a service market, which is the access management portion.
So that part of the market, which is more targeted towards single and on towards providing access to cloud services in contrast and good more into detail in a minute in contrast to the Ida solutions, which focus more on the identity provisioning, access governance, P D actually the identity management part of Ida. So before we start some quick information about Cola Cola, as you probably know, as an Analyst company, we deliver a variety of services across various topics. We started in the identity access, access management space. We do a lot of around cybersecurity.
We do more and more about artificial intelligence and also some other areas such as blockchain. Cetera. We provide research such as the executive view reports and leadership composes. We work with vendors and customers and direct communications, such as briefings and inquiries. We do our webinars and other types of events, such as conferences. We will start with an e-learning service in a short period of time, and we also do advisory. So we support and organizations in making their strategic decisions, their roadmaps and related stuff.
So in the research area, we have a couple of well established forms amongst these, you find our leadership. One of them will be the topic of our, of today's webinars, where we compare vendors in certain defined market segments, the offerings helping the it professionals to take informed decisions. We have our executive view reports, which are focused on specific services and products, which go a little more in the detail on provider condensed and concise perspective on a certain product, which is strengths and choices.
We have advisory notes, which look more trends, data topics, and leadership briefs, which are assured two to three page documents covering a certain specific business challenge, providing advice on that. So have a look at our research. The other part, as I've already said is our advisory business where we support businesses in making in their strategic decisions. So assessments of where you are is benchmarking requirements analysis, helping you defining your portfolio for instance of cybersecurity or identity management tools.
So, which of these tools you have for a plan to have, are of real value to you, which might be not really worse to invest in which one should you retire all that is what we supporting doing down to supporting you in the specific choice of services and tools. And I think we are very well suited to do so because we are strictly neutral and specifically why our leadership documents, we have a always current view on the market and all the relevant vendors and providers in these markets. We understand that well, we can support you very efficiently in these decisions.
And then we also might support you during a project. What we don't do is we don't do any implementation business, stuff like that. So we don't touch systems. We only support you when it comes to strategy portfolio to making the right decisions. We also have a series of upcoming events in September. We have in parallel our digital finance world and the blockchain enterprise states in Frankfurt, we will have cybersecurity event in Germany and in the us, we will have our consumer identity world in Seattle and in Amsterdam.
So whenever we will have in November and AI related event, so theories of events, and also we will have a lot of other upcoming webinars over the next couple of weeks. So don't miss our webinars. Don't miss our onsite events. And obviously next year may, as every year we will run our main event. Our flag should be one, which is European identity conference, which will again, run in Munich with May, 2020. So for the webinar itself, we have muted you centrally. So you don't need to control that. We will do a recording and we will provide the slides and for download afterwards.
And we will have the opportunity for you to ask questions, which I'll will then pick an answer after my part of presentation. So let's start with the topic itself when looking at Ida. So identity as a service, basically we see a growing number of capabilities, and we also could argue that this list is somewhat incomplete because we see more and more PAMs or privileged access management offering delivered as a service in the core area of identity as a service, there is so to speak in the middle, that pillar, where it basically originated, which is really the runtime access part.
So it started, I would say with companies offering signals and on cloud services and having one common authentication, a consistent authentication, common password across various SaaS applications, having sort of a Porwal dashboard, whatever, where you can pick the, the cloud services you have access to, which also Includes other aspects such as Federation, social identity integration, etcetera. And this will be the main part of today's talk, because as I've said, this is on the leadership Ida access management, which is the one who really focuses on that part of the story.
And then we have the identity administration, which was really managing the, the applications provisioning uses managing the access entitlements and, and other capabilities. Some of these are to some extent also required for, for an access management, but many of these go beyond that when it really comes to more detail federated provision and specifically when it comes to all the access governance capabilities.
So basically when we compare it with, with the sort of the established on premise world, then the, the, the left and the right hand pillar would be what commonly in the products, which are named vendor X, Y said, identity manager while the middle pillar is more around what is commonly when X, Y, Z access manager. So this is basically sort of an intro. There are different sort of elements within that, and I'll expect a little more detail in a minute. That was also reason why we decided to split this leadership into two parts.
Today is one which we recently published, the one on access management. There's another one, which is currently work in progress, which will be published the awesome timeframe this year, which then will focus on the IGA part of Ida. So the tools which really replace sort of the standard on premise IGA products, but as I've said, focus today on the access management part, we see a very significant uptake for IDAs. And when I talk with the customers, we advise concretely even over here in, in Europe or in Germany, which is perceived to being, to be being more cloud reluctant.
I don't see any customers anymore, which say we definitely only do on premise. So all of them at least ask for an option to go Ida. And I think this is a really fundamental change. And obviously there are a variety of good reasons to do so. So there's at least a better time to value proposition over on premise IM deployment. So I almost sad to be sometimes rather cumbersome and challenging and deployment.
And if you so to speak, just pick the cloud service and put the switch on this apparently is, is a better proposition, whether this becomes reality in all the cases, that is a different part of the story, but there's a potential that you can reduce the complexity of the project you're doing just need to support the SaaS applications. And I think we are, to some extent, we are the tipping point where more and more of the critical workloads in organizations move to as a service deployment models to the cloud. And the more of your critical workloads are in the cloud.
The more logic is in saying if these workloads are in the cloud, my identity management and other security services also run from the cloud. And as I said, I think we are more, we are getting closer at least to the tipping point where it just becomes logical to most of the stuff from the globe standards practices are implemented. A lot of the stuff going on there is based on standards, especially specifically when it comes to access in the Federation P and the provisioning piece, federated provision.
It's not as mature, but in the, the access part where we do a lot of Ron etc, our, this it's, it's a lot of standards here, obviously also there's the interest of reducing internal costs of it by running it as a service, which is sort of one of the standard drivers for cloud and project failure risk we already had. So that is the reason why IDAs is, is increasingly popular when we look at the IDAs access management market. So we have basically two types of vendors when we look at, at the list of vendors in there.
And so, so one, one group of these vendors are more traditional vendors from, from web access management, from, from web things and on from areas like that from identity Federation, which focused originally on the, on premise world, many of these have made changes to the product architecture, to the capabilities to make them cloud ready, and also run them in a reasonable way as a service, which might be really multitask, might be a little below multi town, but it's something which, which they did.
On the other hand, we have this cloud born vendors, which started there and said, oh, we brought a simple way to support all this SAS and I, so infrastructure as a service in environments. So for the first group, the challenge frequently is more to support really well, a broad range of cloud service, and to, to sort of appear being really cloud native. In the sense of you have all the cloud capabilities such as elasticity as, as a license model, which is really paper used and stuff like that.
The second category frequently stuffle strikes a little more when it comes to, or sometimes even not only a little more when it comes to supporting the hybrid environments. So to connect back to that group of, of environments, but at the end, there are different ways to do it. And obviously, yes, some are more cloud born. Others derive more from an on-premise world than maybe shift to the cloud. That is something you, you really need them to, to, to evaluate carefully at the end.
My perspective on that is it depends on, on the customer perspective, as long as it provides the license model that fits the customers, as long as it provides the elasticity and other features, as long as it has the functionality the customer requires it's okay. And so rest assistant perfectly cloud born multi tenant, or not might be of less relevance. If you get, for instance, more features and a better type of service fitting better to your organization.
So, but obviously what we looked at is really, it must be as a service in the way is operated and provided. That was one of the criteria to include vendors.
We also, don't obviously in such a leadership com. So when we do this leadership and I'll look at the methodology and a minute when we do such a leadership combust, we look at a variety of criteria and this is not a complete list. This is just small excerpt of criteria. So behind that, we have a questionnaire which has, it's an axle. And if you look at the axle several hundred rows, so it's a really very detailed, very, very sophisticated analyzes. We are doing here going into details on a variety of areas.
And some of these capabilities we expect to see in ADAS access management solution is that it can connect to your directory services. So you might have your users still in your MI in your standard, Microsoft active directory might have it in another type of directory service you, you need to, to integrate. And in many cases, these also service also provide their own directory. In some form, you need to be able to synchronize these identities from where they are to SaaS applications. So you need to connect to the SaaS applications, provide at least the baseline Federation capability.
And beyond that obviously enable that people can authenticate to these SA services. So one of the, the very important criteria very obviously, is, is a very flexible, very broad, very adaptive support for authentication and beyond this leadership compass, we have a couple of other leadership compasses published over the last 12 to 15 month, which focus more on consumer identity management, for instance, which focus on one of the next ones will be one around consumer authentication.
So we have also other approach go more into detail into specific use cases and sort of specific sub segments here. Authorization beyond authentication is also an important capability that these tools are at least able to provide a basic authorization capability based on roles, groups, other types of, of information, which then allowed to decide who's allowed to access, which type of service identity Federation is a very clear mask must for, for that. So a very good Porwal of, for ENT Federation service and by the way, also for authentication standards.
So all these standards around Federation and, and authentication, this is absolutely essential, both inbound Federation, where a user comes from another IDP, which might be a social login, which might be something for a business partner or whatever else, and outbound Federation. So federating to the software as a service infrastructure platform, as a service solutions, which should be connected. This is what really allows in the combination to have this single cell experience. There should be session management capabilities.
So a user session should be managed well and understood that there's a running session, which is important from, from, from, from an access control perspective. I would say even more in these days where we talk a lot about zero trust models, where, where we have more just understanding this is a really a continuous session running. There must be a very good UI for the users. It must be easy to, to use that capability. It must be easy to access success services at the end. This is probably the key success factor. If it's cumbersome to use, people will not like it on the other end.
It should also be easy to use for the administrator. Even while we automate a lot of wire rest APIs in these days. And while we do a lot of, of things, more in an automation style at the end, we still need a good UI. We still need a UI which helps us to work with them. There must be a, some auditing capabilities, some governance capabilities, which ensure that, that we, we really keep a grip on, on what is happening here that we can understand who has access, which service that we even can potentially manage exclusions.
That if you're allowed to use that service, you're not allowed to use that one. Cetera, and last, not least maybe last in the list, but first in the, in, in, in for many customers in the, the relevance that is hybrid support solution, which runs from the cloud only for the cloud might be good for some customers, but it'll fail for the majority of businesses. The majority, the real, the reality of, of it for the majority of businesses still is hybrid. And it will remain being hybrid for quite a while.
If you look at banks, insurance companies, et cetera, you have so many applications which will not move rapidly to the cloud that you definitely definitely need to support these environments. So these are some of the aspects we have been looking at, and I'll take another angle on that. Also later in, in my deck, when we look at some of the, the, the, the, the charts we are using there, the criteria for, for, for these charts. But first I wanna touch the methodology we are using when we are creating a leadership combo.
So it's a multi-step approach, which takes quite a while, which starts at our end with misunderstanding or defining the market segment. So what the first thing always is, if you want to compare something, it should be something which is relatively homogeneous market. If it's too much apples and oranges, a leadership compass or, or other things under the adequate technology, we have another one.
We will publish our first market compass product soon, which then take a somewhat leaner approach, which allows us to also look at emerging market segments, but for the monitor market segment, such as I, and I would count IDAs access management, clearly amongst the more mature market segments already, we do this leadership course we define and describe the market segment. We define the key criteria. We then analyze who are the relevant vendors. So we invite a lot of vendors. Some might decide not to participate.
We, we try our best to get as many on board as we can, but sometimes there are reasons that a vendor doesn't appear in the leadership compass even while he feels that he fits into the market segment. Sometimes he wants to be, and then afterwards, he feels, oh, maybe I'm, it's not a best choice.
Anyway, we try to get as many vendors as we can. This is part of our, our process. We do the evaluation. So we then circle on extensive questionnaire. We gather our additional information through briefings, through our ways. And as an Analyst Analyst Analyst company, we are constantly looking at the market. We are constantly talking with vendors. We are constantly talking with end users. We are doing our advisory project. So we learn a lot.
And we, we have a lot of other elements. So we, we, we at our European identity conference, we do our European identity awards year by year, where we receive a lot of proposals for projects for these awards. So we see have insight into many other projects. And based on that, and the briefing ther stuff, we then start doing, evaluating the responses and the knowledge we have got and do the rating. Then we create our leadership graphs. We create a text and we then run an extensive fact check with the vendors.
So circle back to the vendors, discuss sometimes if there have a different perspective than we have, and basically that incident, we then have a couple of dimensions we look at and amongst these dimensions and looks that one slide disappeared. Anyway, there are five product related categories, which, which we look at. One is security, obviously.
And we, we do most of our stuff we do around at anti end around cybersecurity. We also do more around AI, cetera, but security is always sort of a mandatory prerequisite of a product. So we clearly look at, is it sort of as the baseline in what we expect in security math, we look at functionality. So feature completeness, which is sometimes not that easy to, to, to achieve for a vendor, we have segments. So when it's a very mature market segment, many vendors have more or less the same capabilities.
The, the less mature segment as the, the, the larger, the differences in factuality are we look at integration. So is it a well integrated product, or is it a set of different technologies? Worst case recently acquired from others, which are hard to integrate. So is it really an integrated thing or not? When looking at, at I, the level of integration, usually it's fairly high because it's a one service you, you buy, but there are also some, some, some samples where, where you don't need a specific tool for connecting back to the hybrid environment, to the on-prem environment.
So for hybrid, you might need more than one tool. That's not the perfect integration. Even again, there could be better when this component is just the black box, which is fully managed from the cloud service, or it can be worse when you really need to set up a big fat old on premise product, which you need to integrate, connect, manage separately. We have to interoperability piece or the reportability perspective, which is about dust. This tool work well with other services, with other tools. So it's sort of the outer space of this tool. And finally, it's usability.
So how good is it to use this product? We also look at, I don't know if a separate slide, and we also look at some more vendor to some extent also product, but more vendor related things such as innovativeness, such as the, the market position, which is always a global perspective, the ecosystem. So do you have global partners, do vendors have global partners and last and least the financial strengths of when which is for, for mid to long term restaurants, clearly a significant aspect.
When I look at ecosystem and the market, the, the, the market position, as I've said, we we'd always take a global perspective. And it's also in here in that slide. And that's the second bullet point. When we look at the market leadership, this really influences very, very much our rating around market leadership. And what we really look here is how vendors sort of globally strong, or are they more whatever world famous in, in Germany or in the Netherlands?
So if, if, if you are not a sort of global player, then obviously this affects us already. Basically we end up with four categories of leadership, which is the product leadership. So functionality completedness of vision, how complete is functionality? Where are you heading? Is this really the strong offering, a really strong offering? Are you a leader in that space? We have to market leadership, as I've already said, we have innovation leadership as a third element.
So how innovative are you are the new useful features provided, which also includes really, really innovation, where things we haven't seen before, stuff like that. And all of these sort of are combined into an overall leadership perspective. And beyond that.
So aside of, of looking at whatever things like security functionality, etcetera, aside of the leadership thing prospective, you also add spider graph per vendor, which then looks at certain additional aspect such as this case of education got lost at the, at the top of the graphic at the top of the spiral authentication, the authorization capabilities, password management, session management, identity Federation, also fraud detection, which is one element of security, API security.
How so, how to deal with, with API based access beyond the standard user authentication, which gets more and more important because we have this, this change from, from browsers to app based access, etcetera. And some of the more consumer related features, because we clearly see this, that this Ida segment is evolving well beyond the traditional employee perspective we originally had when we look at the vendors, which we finally rated, and as I've said, this is something which is part of a process.
So it depends on the vendor responses on the fifth, in very rare occasions, we even have a situation where a vendor decides to skip out of the briefing of the rating afterwards, sometimes because we, he feels we were too harsh. I always say, that's a good sign. So this is the list of vendors we, we finally head in, we also have a sec segment, which is the vendors to watch segment. And there usually are also vendors which are not covered at all for different reasons because they opted out or because they didn't respond even after trying it from our N V very we very annoying.
So to speak in, in, in the way we do this. So we, we, we try it again and again, and with different context, and sometimes someone trust doesn't end up a list for whatever reason. That doesn't mean that he's not a relevant vendor. We try it next time again, but I believe we're pretty good in getting a, a very good overview. So this is then finally where we ended up with our overall leadership rating. So this is the overall leader perspective. We always have three segments, the, and get that case, the, the right hand one, this is the leaders. So the one was the red bullets.
They are rated as overall leaders, which is roughly half of the market, but it was a different sort of level of ratings. We have to challenge us that these are the ones where we see they have a really strong potential. They are moving ahead. We have the followers, which in most cases are really highly specialized vendors. They might be of targeting more. As for instance, SMB market segment. We clearly need less feature completeness than you need another segments. They might be.
When we look at, for instance, at followers in the, the, the market leadership rating, they might just be really focused on a very small local market, but still have a very good product offering or service offering. So it's, I, I always recommend, and I think that's true for, for each of these types of ratings. So don't blindly follow trust that traffic that is an indicator for an overall perspective, but you always need to understand what are your specific requirements you need to understand? Is this really the right fit, or are there other vendors, which are a better to me?
So you definitely need to take an angle and, and more rough perspective. This helps you in identifying. So who should I look at? But even then there might be someone and ask us, that's part of our business, ask us for our advisor, advice on that.
So who, who are the ones you might need for your short list, then this clearly helps you maybe for long list, but then it's going into detail reading all the 50 or 60 pages of the report. And as I've said, maybe also asking us for some additional advice. So while this is the overall perspective, we have a product leader perspective for these charts.
The, the axis, the horizontal is always the overall leadership perspective on the vertical axis. The Y axis is always that specific part of the leadership in that case. So the product leaders, which we, which we have here, so obviously the, the, the more towards the upper right edge, the more it's the combination of overall leader and leader in the segment, usually that isn't, I think it becomes apparent here to some extent correlated because product leadership influences the overall leadership, but there might be also sometimes some, be some, some outliers in that.
So we have couple of vendors here, and as I said, we also will make this slide available and also leadership compass it's available online. And also, usually through some vendors, we have innovation leaders here, which is a little bit more dispersed, a little bit more spread, because some of them are, are really more innovative maybe than, than their current position. The market reflects others might be more big than, than innovative. So this is another perspective, but I think it gives a pretty good perspective on, we have a relatively strong group of vendors at top.
We have a very close, very narrow positioned group of, of, of, of challengers in that market, which are really pushing this market forward. And then we finally have the market leaders. I think it doesn't come to a surprise that these are the companies, which are usually the most prominent and the biggest one in, in most cases, because obviously size, when we look at the global part ecosystem, cetera size has an clear, clear impact on that rating. So this is what we did around that.
As I said, this gives you some impression on what we did, whom we see in which segment there are, I believe a lot of very interesting players. There are some others, one or two also, which where we didn't get the response on time. Don't hesitate to ask us when it comes to asking. So if you have any questions, it would be the time right now to enter your questions. You can use the questions function in the go to webinar control panel, which usually is at the right side of your screen.
So while I wait for the question, so, so, and, and please, please accept that I will not comment on individual vendors here. So I, I can't comment on, on, on individual vendors. I can command on criteria and other stuff. That's what I can do.
Obviously, if you need advice on certain vendors, we can deliver, but not in public. So it looks rather quiet here. Use our research, our advice for service with our events, because these are the places where you really get the information you need. I hope it was worse for you to, to listen to this webinar, to get some insight into the leadership I access management. We also just recently published the leadership on the identity API platforms, by the way, an emerging segment, which I find of, of huge interest when, when you need more to, to code against an idea.
So when you need to code against an identity service, definitely very interesting. That will be also a coming called webinar on that short term. So look at these services. I hope you got some valuable information, hope to have you back soon in a copy and call webinar. And if there are no further questions, then thank you for your time.
